mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
31bcc21c35
- **refactor: remove unused auth components** - **refactor: improve devbox configuration and deployment process** - **refactor: improve devnet and testnet setup** - **fix: update templ version to v0.2.778** - **refactor: rename pkl/net.matrix to pkl/matrix.net** - **refactor: migrate webapp components to nebula** - **refactor: protobuf types** - **chore: update dependencies for improved security and stability** - **feat: implement landing page and vault gateway servers** - **refactor: Migrate data models to new module structure and update related files** - **feature/1121-implement-ucan-validation** - **refactor: Replace hardcoded constants with model types in attns.go** - **feature/1121-implement-ucan-validation** - **chore: add origin Host struct and update main function to handle multiple hosts** - **build: remove unused static files from dwn module** - **build: remove unused static files from dwn module** - **refactor: Move DWN models to common package** - **refactor: move models to pkg/common** - **refactor: move vault web app assets to embed module** - **refactor: update session middleware import path** - **chore: configure port labels and auto-forwarding behavior** - **feat: enhance devcontainer configuration** - **feat: Add UCAN middleware for Echo with flexible token validation** - **feat: add JWT middleware for UCAN authentication** - **refactor: update package URI and versioning in PklProject files** - **fix: correct sonr.pkl import path** - **refactor: move JWT related code to auth package** - **feat: introduce vault configuration retrieval and management** - **refactor: Move vault components to gateway module and update file paths** - **refactor: remove Dexie and SQLite database implementations** - **feat: enhance frontend with PWA features and WASM integration** - **feat: add Devbox features and streamline Dockerfile** - **chore: update dependencies to include TigerBeetle** - **chore(deps): update go version to 1.23** - **feat: enhance devnet setup with PATH environment variable and updated PWA manifest** - **fix: upgrade tigerbeetle-go dependency and remove indirect dependency** - **feat: add PostgreSQL support to devnet and testnet deployments** - **refactor: rename keyshare cookie to token cookie** - **feat: upgrade Go version to 1.23.3 and update dependencies** - **refactor: update devnet and testnet configurations** - **feat: add IPFS configuration for devnet** - **I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration:** - **refactor: move mpc package to crypto directory** - **feat: add BIP32 support for various cryptocurrencies** - **feat: enhance ATN.pkl with additional capabilities** - **refactor: simplify smart account and vault attenuation creation** - **feat: add new capabilities to the Attenuation type** - **refactor: Rename MPC files for clarity and consistency** - **feat: add DIDKey support for cryptographic operations** - **feat: add devnet and testnet deployment configurations** - **fix: correct key derivation in bip32 package** - **refactor: rename crypto/bip32 package to crypto/accaddr** - **fix: remove duplicate indirect dependency** - **refactor: move vault package to root directory** - **refactor: update routes for gateway and vault** - **refactor: remove obsolete web configuration file** - **refactor: remove unused TigerBeetle imports and update host configuration** - **refactor: adjust styles directory path** - **feat: add broadcastTx and simulateTx functions to gateway** - **feat: add PinVault handler**
187 lines
6.4 KiB
Go
Executable File
187 lines
6.4 KiB
Go
Executable File
//
|
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package refresh_test
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
"golang.org/x/crypto/sha3"
|
|
|
|
"github.com/onsonr/sonr/crypto/core/curves"
|
|
"github.com/onsonr/sonr/crypto/ot/extension/kos"
|
|
"github.com/onsonr/sonr/crypto/tecdsa/dklsv1/dkg"
|
|
"github.com/onsonr/sonr/crypto/tecdsa/dklsv1/refresh"
|
|
"github.com/onsonr/sonr/crypto/tecdsa/dklsv1/sign"
|
|
)
|
|
|
|
func performDKG(t *testing.T, curve *curves.Curve) (*dkg.Alice, *dkg.Bob) {
|
|
t.Helper()
|
|
|
|
alice := dkg.NewAlice(curve)
|
|
bob := dkg.NewBob(curve)
|
|
|
|
seed, err := bob.Round1GenerateRandomSeed()
|
|
require.NoError(t, err)
|
|
round3Output, err := alice.Round2CommitToProof(seed)
|
|
require.NoError(t, err)
|
|
proof, err := bob.Round3SchnorrProve(round3Output)
|
|
require.NoError(t, err)
|
|
proof, err = alice.Round4VerifyAndReveal(proof)
|
|
require.NoError(t, err)
|
|
proof, err = bob.Round5DecommitmentAndStartOt(proof)
|
|
require.NoError(t, err)
|
|
compressedReceiversMaskedChoice, err := alice.Round6DkgRound2Ot(proof)
|
|
require.NoError(t, err)
|
|
challenge, err := bob.Round7DkgRound3Ot(compressedReceiversMaskedChoice)
|
|
require.NoError(t, err)
|
|
challengeResponse, err := alice.Round8DkgRound4Ot(challenge)
|
|
require.NoError(t, err)
|
|
challengeOpenings, err := bob.Round9DkgRound5Ot(challengeResponse)
|
|
require.NoError(t, err)
|
|
err = alice.Round10DkgRound6Ot(challengeOpenings)
|
|
require.NoError(t, err)
|
|
|
|
return alice, bob
|
|
}
|
|
|
|
func performRefresh(t *testing.T, curve *curves.Curve, aliceSecretKeyShare, bobSecretKeyShare curves.Scalar) (*refresh.Alice, *refresh.Bob) {
|
|
t.Helper()
|
|
alice := refresh.NewAlice(curve, &dkg.AliceOutput{SecretKeyShare: aliceSecretKeyShare})
|
|
bob := refresh.NewBob(curve, &dkg.BobOutput{SecretKeyShare: bobSecretKeyShare})
|
|
|
|
round1Output := alice.Round1RefreshGenerateSeed()
|
|
require.False(t, round1Output.IsZero())
|
|
round2Output, err := bob.Round2RefreshProduceSeedAndMultiplyAndStartOT(round1Output)
|
|
require.NoError(t, err)
|
|
round3Output, err := alice.Round3RefreshMultiplyRound2Ot(round2Output)
|
|
require.NoError(t, err)
|
|
round4Output, err := bob.Round4RefreshRound3Ot(round3Output)
|
|
require.NoError(t, err)
|
|
round5Output, err := alice.Round5RefreshRound4Ot(round4Output)
|
|
require.NoError(t, err)
|
|
round6Output, err := bob.Round6RefreshRound5Ot(round5Output)
|
|
require.NoError(t, err)
|
|
err = alice.Round7DkgRound6Ot(round6Output)
|
|
require.NoError(t, err)
|
|
return alice, bob
|
|
}
|
|
|
|
func Test_RefreshLeadsToTheSamePublicKeyButDifferentPrivateMaterial(t *testing.T) {
|
|
t.Parallel()
|
|
curveInstances := []*curves.Curve{
|
|
curves.K256(),
|
|
curves.P256(),
|
|
}
|
|
for _, curve := range curveInstances {
|
|
boundCurve := curve
|
|
t.Run(fmt.Sprintf("testing refresh for curve %s", boundCurve.Name), func(tt *testing.T) {
|
|
tt.Parallel()
|
|
alice, bob := performDKG(tt, boundCurve)
|
|
|
|
publicKey := alice.Output().PublicKey
|
|
require.True(tt, publicKey.Equal(bob.Output().PublicKey))
|
|
|
|
aliceRefreshed, bobRefreshed := performRefresh(tt, boundCurve, alice.Output().SecretKeyShare, bob.Output().SecretKeyShare)
|
|
|
|
require.NotEqual(tt, aliceRefreshed.Output().SecretKeyShare, alice.Output().SecretKeyShare)
|
|
require.NotEqual(tt, bobRefreshed.Output().SeedOtResult, bob.Output().SecretKeyShare)
|
|
require.NotEqualValues(
|
|
tt,
|
|
aliceRefreshed.Output().SeedOtResult.OneTimePadDecryptionKey,
|
|
alice.Output().SeedOtResult.OneTimePadDecryptionKey,
|
|
)
|
|
require.NotEqualValues(
|
|
tt,
|
|
aliceRefreshed.Output().SeedOtResult.PackedRandomChoiceBits,
|
|
alice.Output().SeedOtResult.PackedRandomChoiceBits,
|
|
)
|
|
require.NotEqualValues(
|
|
tt,
|
|
aliceRefreshed.Output().SeedOtResult.RandomChoiceBits,
|
|
alice.Output().SeedOtResult.RandomChoiceBits,
|
|
)
|
|
require.NotEqualValues(
|
|
tt,
|
|
bobRefreshed.Output().SeedOtResult.OneTimePadEncryptionKeys,
|
|
bob.Output().SeedOtResult.OneTimePadEncryptionKeys,
|
|
)
|
|
|
|
pkA := boundCurve.ScalarBaseMult(aliceRefreshed.Output().SecretKeyShare)
|
|
computedPublicKeyA := pkA.Mul(bobRefreshed.Output().SecretKeyShare)
|
|
require.True(tt, computedPublicKeyA.Equal(publicKey))
|
|
|
|
pkB := boundCurve.ScalarBaseMult(bobRefreshed.Output().SecretKeyShare)
|
|
computedPublicKeyB := pkB.Mul(aliceRefreshed.Output().SecretKeyShare)
|
|
require.True(tt, computedPublicKeyB.Equal(publicKey))
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_RefreshOTIsCorrect(t *testing.T) {
|
|
t.Parallel()
|
|
curveInstances := []*curves.Curve{
|
|
curves.K256(),
|
|
curves.P256(),
|
|
}
|
|
for _, curve := range curveInstances {
|
|
boundCurve := curve
|
|
t.Run(fmt.Sprintf("testing OT correctness of key refresh for curve %s", boundCurve.Name), func(tt *testing.T) {
|
|
tt.Parallel()
|
|
alice, bob := performDKG(tt, boundCurve)
|
|
aliceRefreshed, bobRefreshed := performRefresh(tt, boundCurve, alice.Output().SecretKeyShare, bob.Output().SecretKeyShare)
|
|
for i := 0; i < kos.Kappa; i++ {
|
|
if aliceRefreshed.Output().SeedOtResult.OneTimePadDecryptionKey[i] != bobRefreshed.Output().SeedOtResult.OneTimePadEncryptionKeys[i][aliceRefreshed.Output().SeedOtResult.RandomChoiceBits[i]] {
|
|
tt.Errorf("oblivious transfer is incorrect at index i=%v", i)
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_CanSignAfterRefresh(t *testing.T) {
|
|
t.Parallel()
|
|
curveInstances := []*curves.Curve{
|
|
curves.K256(),
|
|
curves.P256(),
|
|
}
|
|
for _, curve := range curveInstances {
|
|
boundCurve := curve
|
|
t.Run(fmt.Sprintf("testing sign after refresh for curve %s", boundCurve.Name), func(tt *testing.T) {
|
|
tt.Parallel()
|
|
aliceDKG, bobDKG := performDKG(tt, boundCurve)
|
|
|
|
publicKey := aliceDKG.Output().PublicKey
|
|
require.True(tt, publicKey.Equal(bobDKG.Output().PublicKey))
|
|
|
|
aliceRefreshed, bobRefreshed := performRefresh(tt, boundCurve, aliceDKG.Output().SecretKeyShare, bobDKG.Output().SecretKeyShare)
|
|
|
|
alice := sign.NewAlice(boundCurve, sha3.New256(), &dkg.AliceOutput{
|
|
SeedOtResult: aliceRefreshed.Output().SeedOtResult,
|
|
SecretKeyShare: aliceRefreshed.Output().SecretKeyShare,
|
|
PublicKey: publicKey,
|
|
})
|
|
bob := sign.NewBob(boundCurve, sha3.New256(), &dkg.BobOutput{
|
|
SeedOtResult: bobRefreshed.Output().SeedOtResult,
|
|
SecretKeyShare: bobRefreshed.Output().SecretKeyShare,
|
|
PublicKey: publicKey,
|
|
})
|
|
|
|
message := []byte("A message.")
|
|
seed, err := alice.Round1GenerateRandomSeed()
|
|
require.NoError(tt, err)
|
|
round3Output, err := bob.Round2Initialize(seed)
|
|
require.NoError(tt, err)
|
|
round4Output, err := alice.Round3Sign(message, round3Output)
|
|
require.NoError(tt, err)
|
|
err = bob.Round4Final(message, round4Output)
|
|
require.NoError(tt, err, "curve: %s", boundCurve.Name)
|
|
})
|
|
}
|
|
}
|