sonr/crypto/dkg/gennaro2p/genarro2p_test.go

//
// Copyright Coinbase, Inc. All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//

package gennaro2p

import (
	"crypto/elliptic"
	"fmt"
	"reflect"
	"testing"

	"github.com/btcsuite/btcd/btcec/v2"
	"github.com/stretchr/testify/require"

	"github.com/onsonr/sonr/crypto/core/curves"
	v1 "github.com/onsonr/sonr/crypto/sharing/v1"
)

var (
	curveScalar = curves.NewK256Scalar()
	curve       = btcec.S256()
)

const (
	clientId = 1
	serverId = 2
)

// Benchmark full DKG including blind selection and setup
func BenchmarkDkg(b *testing.B) {
	if testing.Short() {
		b.Skip("skipping test in short mode.")
	}

	for i := 0; i < b.N; i++ {
		_, _, err := dkg()
		require.NoError(b, err)
	}
}

// Run a DKG and reports the client/server results
func dkg() (*DkgResult, *DkgResult, error) {
	// Create client/server
	blind, _ := newBlind(curveScalar, curve)

	client, err := NewParticipant(clientId, serverId, blind, curveScalar, curve)
	if err != nil {
		return nil, nil, err
	}

	server, err := NewParticipant(serverId, clientId, blind, curveScalar, curve)
	if err != nil {
		return nil, nil, err
	}

	// R1
	clientR1, err := client.Round1(nil)
	if err != nil {
		return nil, nil, err
	}

	serverR1, err := server.Round1(nil)
	if err != nil {
		return nil, nil, err
	}

	// R2
	clientR2, err := client.Round2(serverR1)
	if err != nil {
		return nil, nil, err
	}

	serverR2, err := server.Round2(clientR1)
	if err != nil {
		return nil, nil, err
	}

	// Finalize
	clientResult, err := client.Finalize(serverR2)
	if err != nil {
		return nil, nil, err
	}

	serverResult, err := server.Finalize(clientR2)
	if err != nil {
		return nil, nil, err
	}

	return clientResult, serverResult, nil
}

// Run a full DKG and verify the absence of errors and valid results
func TestDkg(t *testing.T) {
	// Setup and ensure no errors
	clientResult, serverResult, err := dkg()
	require.NoError(t, err)
	require.NotNil(t, clientResult)
	require.NotNil(t, serverResult)

	// Now run tests
	t.Run("produce the same public key", func(t *testing.T) {
		require.Equal(t, clientResult.PublicKey, serverResult.PublicKey)
	})
	t.Run("produce identical public shares", func(t *testing.T) {
		require.True(t, reflect.DeepEqual(clientResult.PublicShares, serverResult.PublicShares))
	})
	t.Run("produce distinct secret shares", func(t *testing.T) {
		require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)
	})
	t.Run("produce distinct secret shares", func(t *testing.T) {
		require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)
	})
	t.Run("shares sum to expected public key", func(t *testing.T) {
		pubkey, err := reconstructPubkey(
			clientResult.SecretShare,
			serverResult.SecretShare,
			curve)
		require.NoError(t, err)
		require.Equal(t, serverResult.PublicKey, pubkey)
	})
}

// Reconstruct the pubkey from 2 shares
func reconstructPubkey(s1, s2 *v1.ShamirShare, curve elliptic.Curve) (*curves.EcPoint, error) {
	s, err := v1.NewShamir(2, 2, s1.Value.Field())
	if err != nil {
		return nil, err
	}

	sk, err := s.Combine(s1, s2)
	if err != nil {
		return nil, err
	}

	x, y := curve.ScalarBaseMult(sk)
	return &curves.EcPoint{
		Curve: curve,
		X:     x,
		Y:     y,
	}, nil
}

// Test blind generator helper function produces a value on the expected curve
func TestNewBlindOnCurve(t *testing.T) {
	const n = 1024
	for i := 0; i < n; i++ {
		b, err := newBlind(curveScalar, curve)
		require.NoError(t, err)
		require.NotNil(t, b)

		// Valid point?
		require.True(t, b.IsOnCurve() && b.IsValid())
		require.True(t, b.IsValid())
		require.False(t, b.IsIdentity())
		require.False(t, b.IsBasePoint())
	}
}

func TestNewBlindProvidesDistinctPoints(t *testing.T) {
	const n = 1024
	seen := make(map[string]bool, n)
	// seen := make(map[core.EcPoint]bool, n)

	for i := 0; i < n; i++ {
		b, err := newBlind(curveScalar, curve)
		require.NoError(t, err)

		// serialize so the point is hashable
		txt := fmt.Sprintf("%#v", b)

		// We shouldn't see the same point twice
		ok := seen[txt]
		require.False(t, ok)

		// store
		seen[txt] = true
	}
}
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`//`
			`// Copyright Coinbase, Inc. All Rights Reserved.`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`
			`//`

			`package gennaro2p`

			`import (`
			`"crypto/elliptic"`
			`"fmt"`
			`"reflect"`
			`"testing"`

			`"github.com/btcsuite/btcd/btcec/v2"`
			`"github.com/stretchr/testify/require"`

feature/1121 implement ucan validation (#1176) - refactor: remove unused auth components - refactor: improve devbox configuration and deployment process - refactor: improve devnet and testnet setup - fix: update templ version to v0.2.778 - refactor: rename pkl/net.matrix to pkl/matrix.net - refactor: migrate webapp components to nebula - refactor: protobuf types - chore: update dependencies for improved security and stability - feat: implement landing page and vault gateway servers - refactor: Migrate data models to new module structure and update related files - feature/1121-implement-ucan-validation - refactor: Replace hardcoded constants with model types in attns.go - feature/1121-implement-ucan-validation - chore: add origin Host struct and update main function to handle multiple hosts - build: remove unused static files from dwn module - build: remove unused static files from dwn module - refactor: Move DWN models to common package - refactor: move models to pkg/common - refactor: move vault web app assets to embed module - refactor: update session middleware import path - chore: configure port labels and auto-forwarding behavior - feat: enhance devcontainer configuration - feat: Add UCAN middleware for Echo with flexible token validation - feat: add JWT middleware for UCAN authentication - refactor: update package URI and versioning in PklProject files - fix: correct sonr.pkl import path - refactor: move JWT related code to auth package - feat: introduce vault configuration retrieval and management - refactor: Move vault components to gateway module and update file paths - refactor: remove Dexie and SQLite database implementations - feat: enhance frontend with PWA features and WASM integration - feat: add Devbox features and streamline Dockerfile - chore: update dependencies to include TigerBeetle - chore(deps): update go version to 1.23 - feat: enhance devnet setup with PATH environment variable and updated PWA manifest - fix: upgrade tigerbeetle-go dependency and remove indirect dependency - feat: add PostgreSQL support to devnet and testnet deployments - refactor: rename keyshare cookie to token cookie - feat: upgrade Go version to 1.23.3 and update dependencies - refactor: update devnet and testnet configurations - feat: add IPFS configuration for devnet - I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration: - refactor: move mpc package to crypto directory - feat: add BIP32 support for various cryptocurrencies - feat: enhance ATN.pkl with additional capabilities - refactor: simplify smart account and vault attenuation creation - feat: add new capabilities to the Attenuation type - refactor: Rename MPC files for clarity and consistency - feat: add DIDKey support for cryptographic operations - feat: add devnet and testnet deployment configurations - fix: correct key derivation in bip32 package - refactor: rename crypto/bip32 package to crypto/accaddr - fix: remove duplicate indirect dependency - refactor: move vault package to root directory - refactor: update routes for gateway and vault - refactor: remove obsolete web configuration file - refactor: remove unused TigerBeetle imports and update host configuration - refactor: adjust styles directory path - feat: add broadcastTx and simulateTx functions to gateway - feat: add PinVault handler 2024-12-02 14:27:18 -05:00			`"github.com/onsonr/sonr/crypto/core/curves"`
			`v1 "github.com/onsonr/sonr/crypto/sharing/v1"`
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`)`

			`var (`
			`curveScalar = curves.NewK256Scalar()`
			`curve = btcec.S256()`
			`)`

			`const (`
			`clientId = 1`
			`serverId = 2`
			`)`

			`// Benchmark full DKG including blind selection and setup`
			`func BenchmarkDkg(b *testing.B) {`
			`if testing.Short() {`
			`b.Skip("skipping test in short mode.")`
			`}`

			`for i := 0; i < b.N; i++ {`
			`_, _, err := dkg()`
			`require.NoError(b, err)`
			`}`
			`}`

			`// Run a DKG and reports the client/server results`
			`func dkg() (DkgResult, DkgResult, error) {`
			`// Create client/server`
			`blind, _ := newBlind(curveScalar, curve)`

			`client, err := NewParticipant(clientId, serverId, blind, curveScalar, curve)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`server, err := NewParticipant(serverId, clientId, blind, curveScalar, curve)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// R1`
			`clientR1, err := client.Round1(nil)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverR1, err := server.Round1(nil)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// R2`
			`clientR2, err := client.Round2(serverR1)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverR2, err := server.Round2(clientR1)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// Finalize`
			`clientResult, err := client.Finalize(serverR2)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverResult, err := server.Finalize(clientR2)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`return clientResult, serverResult, nil`
			`}`

			`// Run a full DKG and verify the absence of errors and valid results`
			`func TestDkg(t *testing.T) {`
			`// Setup and ensure no errors`
			`clientResult, serverResult, err := dkg()`
			`require.NoError(t, err)`
			`require.NotNil(t, clientResult)`
			`require.NotNil(t, serverResult)`

			`// Now run tests`
			`t.Run("produce the same public key", func(t *testing.T) {`
			`require.Equal(t, clientResult.PublicKey, serverResult.PublicKey)`
			`})`
			`t.Run("produce identical public shares", func(t *testing.T) {`
			`require.True(t, reflect.DeepEqual(clientResult.PublicShares, serverResult.PublicShares))`
			`})`
			`t.Run("produce distinct secret shares", func(t *testing.T) {`
			`require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)`
			`})`
			`t.Run("produce distinct secret shares", func(t *testing.T) {`
			`require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)`
			`})`
			`t.Run("shares sum to expected public key", func(t *testing.T) {`
			`pubkey, err := reconstructPubkey(`
			`clientResult.SecretShare,`
			`serverResult.SecretShare,`
			`curve)`
			`require.NoError(t, err)`
			`require.Equal(t, serverResult.PublicKey, pubkey)`
			`})`
			`}`

			`// Reconstruct the pubkey from 2 shares`
			`func reconstructPubkey(s1, s2 v1.ShamirShare, curve elliptic.Curve) (curves.EcPoint, error) {`
			`s, err := v1.NewShamir(2, 2, s1.Value.Field())`
			`if err != nil {`
			`return nil, err`
			`}`

			`sk, err := s.Combine(s1, s2)`
			`if err != nil {`
			`return nil, err`
			`}`

			`x, y := curve.ScalarBaseMult(sk)`
			`return &curves.EcPoint{`
			`Curve: curve,`
			`X: x,`
			`Y: y,`
			`}, nil`
			`}`

			`// Test blind generator helper function produces a value on the expected curve`
			`func TestNewBlindOnCurve(t *testing.T) {`
			`const n = 1024`
			`for i := 0; i < n; i++ {`
			`b, err := newBlind(curveScalar, curve)`
			`require.NoError(t, err)`
			`require.NotNil(t, b)`

			`// Valid point?`
			`require.True(t, b.IsOnCurve() && b.IsValid())`
			`require.True(t, b.IsValid())`
			`require.False(t, b.IsIdentity())`
			`require.False(t, b.IsBasePoint())`
			`}`
			`}`

			`func TestNewBlindProvidesDistinctPoints(t *testing.T) {`
			`const n = 1024`
			`seen := make(map[string]bool, n)`
			`// seen := make(map[core.EcPoint]bool, n)`

			`for i := 0; i < n; i++ {`
			`b, err := newBlind(curveScalar, curve)`
			`require.NoError(t, err)`

			`// serialize so the point is hashable`
			`txt := fmt.Sprintf("%#v", b)`

			`// We shouldn't see the same point twice`
			`ok := seen[txt]`
			`require.False(t, ok)`

			`// store`
			`seen[txt] = true`
			`}`
			`}`