sonr/crypto/dkg/gennaro2p/genarro2p.go

//
// Copyright Coinbase, Inc. All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//

// Package gennaro2p wraps dkg/genarro and specializes it for the 2-party case. Simpler API, no
// distinction between broadcast and peer messages, and only counterparty messages are
// used as round inputs since self-inputs are always ignored.
package gennaro2p

import (
	"crypto/elliptic"
	"fmt"

	"github.com/pkg/errors"

	"github.com/onsonr/sonr/crypto/core/curves"
	"github.com/onsonr/sonr/crypto/dkg/gennaro"
	v1 "github.com/onsonr/sonr/crypto/sharing/v1"
)

const threshold = 2

// Participant is a DKG player that contains information needed to perform DKG rounds
// and yield a secret key share and public key when finished
type Participant struct {
	id             uint32
	counterPartyId uint32
	embedded       *gennaro.Participant
	blind          *curves.EcPoint
}

type Round1Message struct {
	Verifiers     []*v1.ShareVerifier
	SecretShare   *v1.ShamirShare
	BlindingShare *v1.ShamirShare
	Blind         *curves.EcPoint
}

type Round2Message struct {
	Verifiers []*v1.ShareVerifier
}

type DkgResult struct {
	PublicKey    *curves.EcPoint
	SecretShare  *v1.ShamirShare
	PublicShares map[uint32]*curves.EcPoint
}

// NewParticipant creates a participant ready to perform a DKG
// blind must be a generator and must be synchronized between counterparties.
// The first participant can set it to `nil` and a secure blinding factor will be
// generated.
func NewParticipant(id, counterPartyId uint32, blind *curves.EcPoint,
	scalar curves.EcScalar, curve elliptic.Curve,
) (*Participant, error) {
	// Generate blinding value, if required
	var err error
	if blind == nil {
		blind, err = newBlind(scalar, curve)
		if err != nil {
			return nil, errors.Wrap(err, "generating fresh blinding generator")
		}
	}
	p, err := gennaro.NewParticipant(id, threshold, blind, scalar, counterPartyId)
	if err != nil {
		return nil, errors.Wrap(err, "created genarro.Participant")
	}
	return &Participant{id, counterPartyId, p, blind}, nil
}

// Creates a random blinding factor (as a generator) required for pedersen's VSS
func newBlind(curveScalar curves.EcScalar, curve elliptic.Curve) (*curves.EcPoint, error) {
	rScalar, err := curveScalar.Random()
	if err != nil {
		return nil, errors.Wrap(err, "generating blinding scalar")
	}
	return curves.NewScalarBaseMult(curve, rScalar)
}

// Runs DKG round 1. If `secret` is nil, shares of a new, random signing key are generated.
// Otherwise, the existing secret shares will be refreshed but the privkey and pubkey
// will remain unchanged.
func (p *Participant) Round1(secret []byte) (*Round1Message, error) {
	// Run round 1
	bcast, p2p, err := p.embedded.Round1(secret)
	if err != nil {
		return nil, errors.Wrap(err, "calling embedded.Round1()")
	}

	// Ensure the map has the expected entry so there's no SIGSEGV when we
	// repackage it
	if p2p[p.counterPartyId] == nil {
		return nil, fmt.Errorf("round1 response for p2p[%v] is nil", p.counterPartyId)
	}

	// Package response
	return &Round1Message{
		bcast,
		p2p[p.counterPartyId].SecretShare,
		p2p[p.counterPartyId].BlindingShare,
		p.blind,
	}, nil
}

// Runs DKG round 2 using the counterparty's output from round 1.
func (p *Participant) Round2(msg *Round1Message) (*Round2Message, error) {
	// Run round 2
	bcast, err := p.embedded.Round2(
		map[uint32]gennaro.Round1Bcast{
			p.counterPartyId: msg.Verifiers,
		},
		map[uint32]*gennaro.Round1P2PSendPacket{
			p.counterPartyId: {
				SecretShare:   msg.SecretShare,
				BlindingShare: msg.BlindingShare,
			},
		})
	if err != nil {
		return nil, errors.Wrap(err, "calling embedded.Round2()")
	}

	// Package response
	return &Round2Message{bcast}, nil
}

// Completes the DKG using the counterparty's output from round 2.
func (p *Participant) Finalize(msg *Round2Message) (*DkgResult, error) {
	// Run round 3
	pk, share, err := p.embedded.Round3(
		map[uint32]gennaro.Round2Bcast{
			p.counterPartyId: msg.Verifiers,
		})
	if err != nil {
		return nil, errors.Wrap(err, "calling embedded.Round3()")
	}

	// Compute public shares
	pubShares, err := p.embedded.Round4()
	if err != nil {
		return nil, errors.Wrap(err, "calling embedded.Roun4()")
	}

	// Package response
	return &DkgResult{
		PublicKey:    pk,
		SecretShare:  share,
		PublicShares: pubShares,
	}, nil
}
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`//`
			`// Copyright Coinbase, Inc. All Rights Reserved.`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`
			`//`

			`// Package gennaro2p wraps dkg/genarro and specializes it for the 2-party case. Simpler API, no`
			`// distinction between broadcast and peer messages, and only counterparty messages are`
			`// used as round inputs since self-inputs are always ignored.`
			`package gennaro2p`

			`import (`
			`"crypto/elliptic"`
			`"fmt"`

			`"github.com/pkg/errors"`

feature/1121 implement ucan validation (#1176) - refactor: remove unused auth components - refactor: improve devbox configuration and deployment process - refactor: improve devnet and testnet setup - fix: update templ version to v0.2.778 - refactor: rename pkl/net.matrix to pkl/matrix.net - refactor: migrate webapp components to nebula - refactor: protobuf types - chore: update dependencies for improved security and stability - feat: implement landing page and vault gateway servers - refactor: Migrate data models to new module structure and update related files - feature/1121-implement-ucan-validation - refactor: Replace hardcoded constants with model types in attns.go - feature/1121-implement-ucan-validation - chore: add origin Host struct and update main function to handle multiple hosts - build: remove unused static files from dwn module - build: remove unused static files from dwn module - refactor: Move DWN models to common package - refactor: move models to pkg/common - refactor: move vault web app assets to embed module - refactor: update session middleware import path - chore: configure port labels and auto-forwarding behavior - feat: enhance devcontainer configuration - feat: Add UCAN middleware for Echo with flexible token validation - feat: add JWT middleware for UCAN authentication - refactor: update package URI and versioning in PklProject files - fix: correct sonr.pkl import path - refactor: move JWT related code to auth package - feat: introduce vault configuration retrieval and management - refactor: Move vault components to gateway module and update file paths - refactor: remove Dexie and SQLite database implementations - feat: enhance frontend with PWA features and WASM integration - feat: add Devbox features and streamline Dockerfile - chore: update dependencies to include TigerBeetle - chore(deps): update go version to 1.23 - feat: enhance devnet setup with PATH environment variable and updated PWA manifest - fix: upgrade tigerbeetle-go dependency and remove indirect dependency - feat: add PostgreSQL support to devnet and testnet deployments - refactor: rename keyshare cookie to token cookie - feat: upgrade Go version to 1.23.3 and update dependencies - refactor: update devnet and testnet configurations - feat: add IPFS configuration for devnet - I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration: - refactor: move mpc package to crypto directory - feat: add BIP32 support for various cryptocurrencies - feat: enhance ATN.pkl with additional capabilities - refactor: simplify smart account and vault attenuation creation - feat: add new capabilities to the Attenuation type - refactor: Rename MPC files for clarity and consistency - feat: add DIDKey support for cryptographic operations - feat: add devnet and testnet deployment configurations - fix: correct key derivation in bip32 package - refactor: rename crypto/bip32 package to crypto/accaddr - fix: remove duplicate indirect dependency - refactor: move vault package to root directory - refactor: update routes for gateway and vault - refactor: remove obsolete web configuration file - refactor: remove unused TigerBeetle imports and update host configuration - refactor: adjust styles directory path - feat: add broadcastTx and simulateTx functions to gateway - feat: add PinVault handler 2024-12-02 14:27:18 -05:00			`"github.com/onsonr/sonr/crypto/core/curves"`
			`"github.com/onsonr/sonr/crypto/dkg/gennaro"`
			`v1 "github.com/onsonr/sonr/crypto/sharing/v1"`
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`)`

			`const threshold = 2`

			`// Participant is a DKG player that contains information needed to perform DKG rounds`
			`// and yield a secret key share and public key when finished`
			`type Participant struct {`
			`id uint32`
			`counterPartyId uint32`
			`embedded *gennaro.Participant`
			`blind *curves.EcPoint`
			`}`

			`type Round1Message struct {`
			`Verifiers []*v1.ShareVerifier`
			`SecretShare *v1.ShamirShare`
			`BlindingShare *v1.ShamirShare`
			`Blind *curves.EcPoint`
			`}`

			`type Round2Message struct {`
			`Verifiers []*v1.ShareVerifier`
			`}`

			`type DkgResult struct {`
			`PublicKey *curves.EcPoint`
			`SecretShare *v1.ShamirShare`
			`PublicShares map[uint32]*curves.EcPoint`
			`}`

			`// NewParticipant creates a participant ready to perform a DKG`
			`// blind must be a generator and must be synchronized between counterparties.`
			// The first participant can set it to `nil` and a secure blinding factor will be
			`// generated.`
			`func NewParticipant(id, counterPartyId uint32, blind *curves.EcPoint,`
			`scalar curves.EcScalar, curve elliptic.Curve,`
			`) (*Participant, error) {`
			`// Generate blinding value, if required`
			`var err error`
			`if blind == nil {`
			`blind, err = newBlind(scalar, curve)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "generating fresh blinding generator")`
			`}`
			`}`
			`p, err := gennaro.NewParticipant(id, threshold, blind, scalar, counterPartyId)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "created genarro.Participant")`
			`}`
			`return &Participant{id, counterPartyId, p, blind}, nil`
			`}`

			`// Creates a random blinding factor (as a generator) required for pedersen's VSS`
			`func newBlind(curveScalar curves.EcScalar, curve elliptic.Curve) (*curves.EcPoint, error) {`
			`rScalar, err := curveScalar.Random()`
			`if err != nil {`
			`return nil, errors.Wrap(err, "generating blinding scalar")`
			`}`
			`return curves.NewScalarBaseMult(curve, rScalar)`
			`}`

			// Runs DKG round 1. If `secret` is nil, shares of a new, random signing key are generated.
			`// Otherwise, the existing secret shares will be refreshed but the privkey and pubkey`
			`// will remain unchanged.`
			`func (p Participant) Round1(secret []byte) (Round1Message, error) {`
			`// Run round 1`
			`bcast, p2p, err := p.embedded.Round1(secret)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "calling embedded.Round1()")`
			`}`

			`// Ensure the map has the expected entry so there's no SIGSEGV when we`
			`// repackage it`
			`if p2p[p.counterPartyId] == nil {`
			`return nil, fmt.Errorf("round1 response for p2p[%v] is nil", p.counterPartyId)`
			`}`

			`// Package response`
			`return &Round1Message{`
			`bcast,`
			`p2p[p.counterPartyId].SecretShare,`
			`p2p[p.counterPartyId].BlindingShare,`
			`p.blind,`
			`}, nil`
			`}`

			`// Runs DKG round 2 using the counterparty's output from round 1.`
			`func (p Participant) Round2(msg Round1Message) (*Round2Message, error) {`
			`// Run round 2`
			`bcast, err := p.embedded.Round2(`
			`map[uint32]gennaro.Round1Bcast{`
			`p.counterPartyId: msg.Verifiers,`
			`},`
			`map[uint32]*gennaro.Round1P2PSendPacket{`
			`p.counterPartyId: {`
			`SecretShare: msg.SecretShare,`
			`BlindingShare: msg.BlindingShare,`
			`},`
			`})`
			`if err != nil {`
			`return nil, errors.Wrap(err, "calling embedded.Round2()")`
			`}`

			`// Package response`
			`return &Round2Message{bcast}, nil`
			`}`

			`// Completes the DKG using the counterparty's output from round 2.`
			`func (p Participant) Finalize(msg Round2Message) (*DkgResult, error) {`
			`// Run round 3`
			`pk, share, err := p.embedded.Round3(`
			`map[uint32]gennaro.Round2Bcast{`
			`p.counterPartyId: msg.Verifiers,`
			`})`
			`if err != nil {`
			`return nil, errors.Wrap(err, "calling embedded.Round3()")`
			`}`

			`// Compute public shares`
			`pubShares, err := p.embedded.Round4()`
			`if err != nil {`
			`return nil, errors.Wrap(err, "calling embedded.Roun4()")`
			`}`

			`// Package response`
			`return &DkgResult{`
			`PublicKey: pk,`
			`SecretShare: share,`
			`PublicShares: pubShares,`
			`}, nil`
			`}`