mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
31bcc21c35
- **refactor: remove unused auth components** - **refactor: improve devbox configuration and deployment process** - **refactor: improve devnet and testnet setup** - **fix: update templ version to v0.2.778** - **refactor: rename pkl/net.matrix to pkl/matrix.net** - **refactor: migrate webapp components to nebula** - **refactor: protobuf types** - **chore: update dependencies for improved security and stability** - **feat: implement landing page and vault gateway servers** - **refactor: Migrate data models to new module structure and update related files** - **feature/1121-implement-ucan-validation** - **refactor: Replace hardcoded constants with model types in attns.go** - **feature/1121-implement-ucan-validation** - **chore: add origin Host struct and update main function to handle multiple hosts** - **build: remove unused static files from dwn module** - **build: remove unused static files from dwn module** - **refactor: Move DWN models to common package** - **refactor: move models to pkg/common** - **refactor: move vault web app assets to embed module** - **refactor: update session middleware import path** - **chore: configure port labels and auto-forwarding behavior** - **feat: enhance devcontainer configuration** - **feat: Add UCAN middleware for Echo with flexible token validation** - **feat: add JWT middleware for UCAN authentication** - **refactor: update package URI and versioning in PklProject files** - **fix: correct sonr.pkl import path** - **refactor: move JWT related code to auth package** - **feat: introduce vault configuration retrieval and management** - **refactor: Move vault components to gateway module and update file paths** - **refactor: remove Dexie and SQLite database implementations** - **feat: enhance frontend with PWA features and WASM integration** - **feat: add Devbox features and streamline Dockerfile** - **chore: update dependencies to include TigerBeetle** - **chore(deps): update go version to 1.23** - **feat: enhance devnet setup with PATH environment variable and updated PWA manifest** - **fix: upgrade tigerbeetle-go dependency and remove indirect dependency** - **feat: add PostgreSQL support to devnet and testnet deployments** - **refactor: rename keyshare cookie to token cookie** - **feat: upgrade Go version to 1.23.3 and update dependencies** - **refactor: update devnet and testnet configurations** - **feat: add IPFS configuration for devnet** - **I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration:** - **refactor: move mpc package to crypto directory** - **feat: add BIP32 support for various cryptocurrencies** - **feat: enhance ATN.pkl with additional capabilities** - **refactor: simplify smart account and vault attenuation creation** - **feat: add new capabilities to the Attenuation type** - **refactor: Rename MPC files for clarity and consistency** - **feat: add DIDKey support for cryptographic operations** - **feat: add devnet and testnet deployment configurations** - **fix: correct key derivation in bip32 package** - **refactor: rename crypto/bip32 package to crypto/accaddr** - **fix: remove duplicate indirect dependency** - **refactor: move vault package to root directory** - **refactor: update routes for gateway and vault** - **refactor: remove obsolete web configuration file** - **refactor: remove unused TigerBeetle imports and update host configuration** - **refactor: adjust styles directory path** - **feat: add broadcastTx and simulateTx functions to gateway** - **feat: add PinVault handler**
182 lines
4.7 KiB
Go
Executable File
182 lines
4.7 KiB
Go
Executable File
//
|
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package frost
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/gob"
|
|
"fmt"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/onsonr/sonr/crypto/core/curves"
|
|
"github.com/onsonr/sonr/crypto/internal"
|
|
)
|
|
|
|
// Round2Bcast contains values that will be broadcast to other signers after completion of round 2.
|
|
type Round2Bcast struct {
|
|
Zi curves.Scalar
|
|
Vki curves.Point
|
|
}
|
|
|
|
func (result *Round2Bcast) Encode() ([]byte, error) {
|
|
gob.Register(result.Zi)
|
|
gob.Register(result.Vki) // just the point for now
|
|
buf := &bytes.Buffer{}
|
|
enc := gob.NewEncoder(buf)
|
|
if err := enc.Encode(result); err != nil {
|
|
return nil, errors.Wrap(err, "couldn't encode round 1 broadcast")
|
|
}
|
|
return buf.Bytes(), nil
|
|
}
|
|
|
|
func (result *Round2Bcast) Decode(input []byte) error {
|
|
buf := bytes.NewBuffer(input)
|
|
dec := gob.NewDecoder(buf)
|
|
if err := dec.Decode(result); err != nil {
|
|
return errors.Wrap(err, "couldn't encode round 1 broadcast")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SignRound2 implements FROST signing round 2.
|
|
func (signer *Signer) SignRound2(msg []byte, round2Input map[uint32]*Round1Bcast) (*Round2Bcast, error) {
|
|
// Make sure necessary items of signer are not empty
|
|
if signer == nil || signer.curve == nil || signer.state == nil {
|
|
return nil, internal.ErrNilArguments
|
|
}
|
|
|
|
// Make sure those private d is not empty and not zero
|
|
if signer.state.smallD == nil || signer.state.smallD.IsZero() {
|
|
return nil, fmt.Errorf("empty d or d is zero")
|
|
}
|
|
|
|
// Make sure those private e is not empty and not zero
|
|
if signer.state.smallE == nil || signer.state.smallE.IsZero() {
|
|
return nil, fmt.Errorf("empty e or e is zero")
|
|
}
|
|
|
|
// Make sure msg is not empty
|
|
if len(msg) == 0 {
|
|
return nil, internal.ErrNilArguments
|
|
}
|
|
|
|
// Make sure the round number is correct
|
|
if signer.round != 2 {
|
|
return nil, internal.ErrInvalidRound
|
|
}
|
|
|
|
// Check length of round2Input
|
|
if uint32(len(round2Input)) != signer.threshold {
|
|
return nil, fmt.Errorf("Invalid length of round2Input")
|
|
}
|
|
|
|
// Step 2 - Check Dj, Ej on the curve and Store round2Input
|
|
for id, input := range round2Input {
|
|
if input == nil || input.Di == nil || input.Ei == nil {
|
|
return nil, fmt.Errorf("round2Input is nil from participant with id %d\n", id)
|
|
}
|
|
if !input.Di.IsOnCurve() || input.Di.IsIdentity() {
|
|
return nil, fmt.Errorf("commitment Di is not on the curve with id %d\n", id)
|
|
}
|
|
if !input.Ei.IsOnCurve() || input.Ei.IsIdentity() {
|
|
return nil, fmt.Errorf("commitment Ei is not on the curve with id %d\n", id)
|
|
}
|
|
}
|
|
// Store Dj, Ej for further usage.
|
|
signer.state.commitments = round2Input
|
|
|
|
// Step 3-6
|
|
R := signer.curve.NewIdentityPoint()
|
|
var ri curves.Scalar
|
|
Rs := make(map[uint32]curves.Point, signer.threshold)
|
|
for id, data := range round2Input {
|
|
// Construct the blob (j, m, {Dj, Ej})
|
|
blob := concatHashArray(id, msg, round2Input, signer.cosigners)
|
|
|
|
// Step 4 - rj = H(j,m,{Dj,Ej}_{j in [1...t]})
|
|
rj := signer.curve.Scalar.Hash(blob)
|
|
if signer.id == id {
|
|
ri = rj
|
|
}
|
|
|
|
// Step 5 - R_j = D_j + r_j*E_j
|
|
rjEj := data.Ei.Mul(rj)
|
|
Rj := rjEj.Add(data.Di)
|
|
// assign Rj
|
|
Rs[id] = Rj
|
|
|
|
// Step 6 - R = R+Rj
|
|
R = R.Add(Rj)
|
|
}
|
|
|
|
// Step 7 - c = H(m, R)
|
|
c, err := signer.challengeDeriver.DeriveChallenge(msg, signer.verificationKey, R)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Step 8 - Record c, R, Rjs
|
|
signer.state.c = c
|
|
signer.state.capRs = Rs
|
|
signer.state.sumR = R
|
|
|
|
// Step 9 - zi = di + ei*ri + Li*ski*c
|
|
Li := signer.lCoeffs[signer.id]
|
|
Liski := Li.Mul(signer.skShare)
|
|
|
|
Liskic := Liski.Mul(c)
|
|
|
|
if R.IsNegative() {
|
|
signer.state.smallE = signer.state.smallE.Neg()
|
|
signer.state.smallD = signer.state.smallD.Neg()
|
|
}
|
|
|
|
eiri := signer.state.smallE.Mul(ri)
|
|
|
|
// Compute zi = di+ei*ri+Li*ski*c
|
|
zi := Liskic.Add(eiri)
|
|
zi = zi.Add(signer.state.smallD)
|
|
|
|
// Update round number and store message
|
|
signer.round = 3
|
|
signer.state.msg = msg
|
|
|
|
// set smallD and smallE to zero since they are one-time use
|
|
signer.state.smallD = signer.curve.NewScalar()
|
|
signer.state.smallE = signer.curve.NewScalar()
|
|
|
|
// Step 10 - Broadcast zi, vki to other participants
|
|
return &Round2Bcast{
|
|
zi,
|
|
signer.vkShare,
|
|
}, nil
|
|
}
|
|
|
|
// concatHashArray puts id, msg and (Dj,Ej), j=1...t into a byte array
|
|
func concatHashArray(id uint32, msg []byte, round2Input map[uint32]*Round1Bcast, cosigners []uint32) []byte {
|
|
var blob []byte
|
|
// Append identity id
|
|
blob = append(blob, byte(id))
|
|
|
|
// Append message msg
|
|
blob = append(blob, msg...)
|
|
|
|
// Append (Dj, Ej) for all j in [1...t]
|
|
for i := 0; i < len(cosigners); i++ {
|
|
id := cosigners[i]
|
|
bytesDi := round2Input[id].Di.ToAffineCompressed()
|
|
bytesEi := round2Input[id].Ei.ToAffineCompressed()
|
|
|
|
// Following the spec, we should add each party's identity.
|
|
blob = append(blob, byte(id))
|
|
blob = append(blob, bytesDi...)
|
|
blob = append(blob, bytesEi...)
|
|
}
|
|
return blob
|
|
}
|