sonr/crypto/sharing/v1/ed25519_pedersen_test.go

//
// Copyright Coinbase, Inc. All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//

package v1

import (
	"crypto/sha512"
	"math/big"
	"testing"

	"filippo.io/edwards25519"
	"github.com/stretchr/testify/require"

	core "github.com/onsonr/sonr/crypto/core/curves"
	"github.com/onsonr/sonr/crypto/internal"
)

var (
	ed25519BasePoint    = &core.EcPoint{Curve: Ed25519(), X: Ed25519().Gx, Y: Ed25519().Gy}
	testPointEd25519, _ = core.NewScalarBaseMult(Ed25519(), big.NewInt(2222))
)

func TestEd25519PedersenSplitInvalidArgs(t *testing.T) {
	_, err := NewPedersen(0, 0, nil)
	require.NotNil(t, err)
	_, err = NewPedersen(3, 2, nil)
	require.NotNil(t, err)
	_, err = NewPedersen(1, 10, nil)
	require.NotNil(t, err)
	_, err = NewPedersen(2, 3, nil)
	require.NotNil(t, err)
	scheme, err := NewPedersen(2, 3, ed25519BasePoint)
	require.Nil(t, err)
	require.NotNil(t, scheme)
	_, err = scheme.Split([]byte{})
	require.NotNil(t, err)
	// test that split doesn't work on secrets bigger than the modulus
	_, err = scheme.Split([]byte{0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65})
	require.NotNil(t, err)
}

func TestEd25519PedersenCombineNoShares(t *testing.T) {
	scheme, err := NewPedersen(2, 3, ed25519BasePoint)
	require.Nil(t, err)
	require.NotNil(t, scheme)
	_, err = scheme.Combine()
	require.NotNil(t, err)
}

func TestEd25519PedersenCombineDuplicateShare(t *testing.T) {
	scheme, err := NewPedersen(2, 3, ed25519BasePoint)
	require.Nil(t, err)
	require.NotNil(t, scheme)
	_, err = scheme.Combine([]*ShamirShare{
		{
			Identifier: 1,
			Value:      field.NewElement(big.NewInt(3)),
		},
		{
			Identifier: 1,
			Value:      field.NewElement(big.NewInt(3)),
		},
	}...)
	require.NotNil(t, err)
}

func TestEd25519PedersenCombineBadIdentifier(t *testing.T) {
	scheme, err := NewPedersen(2, 3, ed25519BasePoint)
	require.Nil(t, err)
	require.NotNil(t, scheme)
	shares := []*ShamirShare{
		{
			Identifier: 0,
			Value:      field.NewElement(big.NewInt(3)),
		},
		{
			Identifier: 2,
			Value:      field.NewElement(big.NewInt(3)),
		},
	}
	_, err = scheme.Combine(shares...)
	require.NotNil(t, err)
	shares[0] = &ShamirShare{
		Identifier: 4,
		Value:      field.NewElement(big.NewInt(3)),
	}
	_, err = scheme.Combine(shares...)
	require.Error(t, err)
}

func TestEd25519PedersenCombineSingle(t *testing.T) {
	scheme, err := NewPedersen(2, 3, testPointEd25519)
	require.Nil(t, err)
	require.NotNil(t, scheme)

	hBytes := sha512.Sum512([]byte("test"))
	var arr [32]byte
	copy(arr[:], hBytes[:])
	sc, err := edwards25519.NewScalar().SetBytesWithClamping(arr[:])
	require.Nil(t, err)
	result, err := scheme.Split(internal.ReverseScalarBytes(sc.Bytes()))
	require.Nil(t, err)
	require.NotNil(t, result)
	for i, s := range result.SecretShares {
		ok, err := scheme.Verify(s, result.BlindingShares[i], result.BlindedVerifiers)
		require.Nil(t, err)
		require.True(t, ok)
	}
	secret, err := scheme.Combine(result.SecretShares...)
	require.Nil(t, err)
	require.Equal(t, internal.ReverseScalarBytes(secret), sc.Bytes())
}

func TestEd25519PedersenAllCombinations(t *testing.T) {
	scheme, err := NewPedersen(3, 5, testPointEd25519)
	require.Nil(t, err)
	require.NotNil(t, scheme)

	secret := []byte("test")
	result, err := scheme.Split(secret)
	for i, s := range result.SecretShares {
		ok, err := scheme.Verify(s, result.BlindingShares[i], result.BlindedVerifiers)
		require.Nil(t, err)
		require.True(t, ok)
	}
	require.Nil(t, err)
	require.NotNil(t, result)
	// There are 5*4*3 possible combinations
	for i := 0; i < 5; i++ {
		for j := 0; j < 5; j++ {
			if i == j {
				continue
			}
			for k := 0; k < 5; k++ {
				if i == k || j == k {
					continue
				}

				rSecret, err := scheme.Combine(result.SecretShares[i], result.SecretShares[j], result.SecretShares[k])
				require.Nil(t, err)
				require.NotNil(t, rSecret)
				require.Equal(t, rSecret, secret)

				bSecret, err := scheme.Combine(result.BlindingShares[i], result.BlindingShares[j], result.BlindingShares[k])
				require.Nil(t, err)
				require.NotNil(t, bSecret)
				require.Equal(t, bSecret, result.Blinding.Bytes())
			}
		}
	}
}
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`//`
			`// Copyright Coinbase, Inc. All Rights Reserved.`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`
			`//`

			`package v1`

			`import (`
			`"crypto/sha512"`
			`"math/big"`
			`"testing"`

			`"filippo.io/edwards25519"`
			`"github.com/stretchr/testify/require"`

feature/1220 origin handle exists method (#1241) * feat: add docs and CI workflow for publishing to onsonr.dev * (refactor): Move hway,motr executables to their own repos * feat: simplify devnet and testnet configurations * refactor: update import path for didcrypto package * docs(networks): Add README with project overview, architecture, and community links * refactor: Move network configurations to deploy directory * build: update golang version to 1.23 * refactor: move logger interface to appropriate package * refactor: Move devnet configuration to networks/devnet * chore: improve release process with date variable * (chore): Move Crypto Library * refactor: improve code structure and readability in DID module * feat: integrate Trunk CI checks * ci: optimize CI workflow by removing redundant build jobs --------- Co-authored-by: Darp Alakun <i@prad.nu> 2025-01-06 12:06:10 -05:00			`core "github.com/onsonr/sonr/crypto/core/curves"`
			`"github.com/onsonr/sonr/crypto/internal"`
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`)`

			`var (`
			`ed25519BasePoint = &core.EcPoint{Curve: Ed25519(), X: Ed25519().Gx, Y: Ed25519().Gy}`
			`testPointEd25519, _ = core.NewScalarBaseMult(Ed25519(), big.NewInt(2222))`
			`)`

			`func TestEd25519PedersenSplitInvalidArgs(t *testing.T) {`
			`_, err := NewPedersen(0, 0, nil)`
			`require.NotNil(t, err)`
			`_, err = NewPedersen(3, 2, nil)`
			`require.NotNil(t, err)`
			`_, err = NewPedersen(1, 10, nil)`
			`require.NotNil(t, err)`
			`_, err = NewPedersen(2, 3, nil)`
			`require.NotNil(t, err)`
			`scheme, err := NewPedersen(2, 3, ed25519BasePoint)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`
			`_, err = scheme.Split([]byte{})`
			`require.NotNil(t, err)`
			`// test that split doesn't work on secrets bigger than the modulus`
			`_, err = scheme.Split([]byte{0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65})`
			`require.NotNil(t, err)`
			`}`

			`func TestEd25519PedersenCombineNoShares(t *testing.T) {`
			`scheme, err := NewPedersen(2, 3, ed25519BasePoint)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`
			`_, err = scheme.Combine()`
			`require.NotNil(t, err)`
			`}`

			`func TestEd25519PedersenCombineDuplicateShare(t *testing.T) {`
			`scheme, err := NewPedersen(2, 3, ed25519BasePoint)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`
			`_, err = scheme.Combine([]*ShamirShare{`
			`{`
			`Identifier: 1,`
			`Value: field.NewElement(big.NewInt(3)),`
			`},`
			`{`
			`Identifier: 1,`
			`Value: field.NewElement(big.NewInt(3)),`
			`},`
			`}...)`
			`require.NotNil(t, err)`
			`}`

			`func TestEd25519PedersenCombineBadIdentifier(t *testing.T) {`
			`scheme, err := NewPedersen(2, 3, ed25519BasePoint)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`
			`shares := []*ShamirShare{`
			`{`
			`Identifier: 0,`
			`Value: field.NewElement(big.NewInt(3)),`
			`},`
			`{`
			`Identifier: 2,`
			`Value: field.NewElement(big.NewInt(3)),`
			`},`
			`}`
			`_, err = scheme.Combine(shares...)`
			`require.NotNil(t, err)`
			`shares[0] = &ShamirShare{`
			`Identifier: 4,`
			`Value: field.NewElement(big.NewInt(3)),`
			`}`
			`_, err = scheme.Combine(shares...)`
			`require.Error(t, err)`
			`}`

			`func TestEd25519PedersenCombineSingle(t *testing.T) {`
			`scheme, err := NewPedersen(2, 3, testPointEd25519)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`

			`hBytes := sha512.Sum512([]byte("test"))`
			`var arr [32]byte`
			`copy(arr[:], hBytes[:])`
			`sc, err := edwards25519.NewScalar().SetBytesWithClamping(arr[:])`
			`require.Nil(t, err)`
			`result, err := scheme.Split(internal.ReverseScalarBytes(sc.Bytes()))`
			`require.Nil(t, err)`
			`require.NotNil(t, result)`
			`for i, s := range result.SecretShares {`
			`ok, err := scheme.Verify(s, result.BlindingShares[i], result.BlindedVerifiers)`
			`require.Nil(t, err)`
			`require.True(t, ok)`
			`}`
			`secret, err := scheme.Combine(result.SecretShares...)`
			`require.Nil(t, err)`
			`require.Equal(t, internal.ReverseScalarBytes(secret), sc.Bytes())`
			`}`

			`func TestEd25519PedersenAllCombinations(t *testing.T) {`
			`scheme, err := NewPedersen(3, 5, testPointEd25519)`
			`require.Nil(t, err)`
			`require.NotNil(t, scheme)`

			`secret := []byte("test")`
			`result, err := scheme.Split(secret)`
			`for i, s := range result.SecretShares {`
			`ok, err := scheme.Verify(s, result.BlindingShares[i], result.BlindedVerifiers)`
			`require.Nil(t, err)`
			`require.True(t, ok)`
			`}`
			`require.Nil(t, err)`
			`require.NotNil(t, result)`
			`// There are 543 possible combinations`
			`for i := 0; i < 5; i++ {`
			`for j := 0; j < 5; j++ {`
			`if i == j {`
			`continue`
			`}`
			`for k := 0; k < 5; k++ {`
			`if i == k \|\| j == k {`
			`continue`
			`}`

			`rSecret, err := scheme.Combine(result.SecretShares[i], result.SecretShares[j], result.SecretShares[k])`
			`require.Nil(t, err)`
			`require.NotNil(t, rSecret)`
			`require.Equal(t, rSecret, secret)`

			`bSecret, err := scheme.Combine(result.BlindingShares[i], result.BlindingShares[j], result.BlindingShares[k])`
			`require.Nil(t, err)`
			`require.NotNil(t, bSecret)`
			`require.Equal(t, bSecret, result.Blinding.Bytes())`
			`}`
			`}`
			`}`
			`}`