Skip to content

Commit

Permalink
More slice indexing
Browse files Browse the repository at this point in the history
  • Loading branch information
@dvdplm
dvdplm committed Dec 9, 2024
1 parent 20938a7 commit 4e74fda
Show file tree
Hide file tree
Showing 2 changed files with 134 additions and 82 deletions.
128 changes: 67 additions & 61 deletions synedrion/src/cggmp21/interactive_signing.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -915,7 +915,11 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
ephemeral_scalar_share: SecretBox::new(Box::new(self.context.k)),
product_share: SecretBox::new(Box::new(P::scalar_from_signed(&self.chi))),
product_share_nonreduced: self.chi,
cap_k: self.all_cap_k[&my_id].clone(),
cap_k: self
.all_cap_k
.get(&my_id)
.ok_or_else(|| LocalError::new("m_id={my_id:?} is missing in all_cap_k"))?
.clone(),
values,
};

Expand All @@ -938,16 +942,19 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {

let cap_gamma = self.context.gamma.mul_by_generator();

for id_j in self.context.other_ids.iter() {
let r2_artefacts = &self.round2_artifacts[id_j];

for id_l in self.context.other_ids.iter().filter(|id| id != &id_j) {
let target_pk = &self.context.aux_info.public_aux[id_j].paillier_pk;
let rp = &self.context.aux_info.public_aux[id_l].rp_params;
for (id_j, (_, r2_artifacts)) in self.context.other_ids.iter().zip(self.round2_artifacts.iter()) {
let cap_c = self
.all_cap_k
.get(id_j)
.ok_or_else(|| LocalError::new("id_j={id_j:?} is missing in all_cap_k"))?;
for id_l in self.context.other_ids.iter().filter(|id| *id != id_j) {
let paux = self.public_aux(id_j)?;
let target_pk = &paux.paillier_pk;
let rp = &paux.rp_params;

Check warning on line 953 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L945-L953 

Added lines #L945 - L953 were not covered by tests

let beta = &self.round2_artifacts[id_j].beta;
let r = &self.round2_artifacts[id_j].r;
let s = &self.round2_artifacts[id_j].s;
let beta = &r2_artifacts.beta;
let r = &r2_artifacts.r;
let s = &r2_artifacts.s;

Check warning on line 957 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L955-L957 

Added lines #L955 - L957 were not covered by tests

let p_aff_g = AffGProof::<P>::new(
rng,
Expand All @@ -957,9 +964,9 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
r.to_precomputed(pk),
target_pk,
pk,
&self.all_cap_k[id_j],
&r2_artefacts.cap_d,
&r2_artefacts.cap_f,
cap_c,
&r2_artifacts.cap_d,
&r2_artifacts.cap_f,

Check warning on line 969 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L967-L969 

Added lines #L967 - L969 were not covered by tests
&cap_gamma,
rp,
&aux,
Expand All @@ -968,9 +975,9 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
assert!(p_aff_g.verify(
target_pk,
pk,
&self.all_cap_k[id_j],
&r2_artefacts.cap_d,
&r2_artefacts.cap_f,
cap_c,
&r2_artifacts.cap_d,
&r2_artifacts.cap_f,

Check warning on line 980 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L978-L980 

Added lines #L978 - L980 were not covered by tests
&cap_gamma,
rp,
&aux,
Expand All @@ -981,29 +988,30 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
}

// Mul proof

let my_id = &self.context.my_id;

Check warning on line 991 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L991 

Added line #L991 was not covered by tests
let rho = Randomizer::random(rng, pk);
let cap_h = (&self.all_cap_g[&self.context.my_id] * P::bounded_from_scalar(&self.context.k))
.mul_randomizer(&rho.to_wire());
let cap_x = self
.all_cap_k
.get(my_id)
.ok_or_else(|| LocalError::new("my_id={my_id:?} is missing in all_cap_k"))?;
let cap_y = self
.all_cap_g
.get(my_id)
.ok_or_else(|| LocalError::new("my_id={my_id:?} is missing in all_cap_g"))?;
let cap_h = (cap_y * P::bounded_from_scalar(&self.context.k)).mul_randomizer(&rho.to_wire());

Check warning on line 1001 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L993-L1001 

Added lines #L993 - L1001 were not covered by tests

let p_mul = MulProof::<P>::new(
rng,
&P::signed_from_scalar(&self.context.k),
&self.context.rho,
&rho,
pk,
&self.all_cap_k[&self.context.my_id],
&self.all_cap_g[&self.context.my_id],
cap_x,
cap_y,

Check warning on line 1010 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L1009-L1010 

Added lines #L1009 - L1010 were not covered by tests
&cap_h,
&aux,
);
assert!(p_mul.verify(
pk,
&self.all_cap_k[&self.context.my_id],
&self.all_cap_g[&self.context.my_id],
&cap_h,
&aux
));
assert!(p_mul.verify(pk, cap_x, cap_y, &cap_h, &aux));

Check warning on line 1014 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L1014 

Added line #L1014 was not covered by tests

// Dec proof

Expand Down Expand Up @@ -1032,16 +1040,10 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
pk,
&scalar_delta,
&ciphertext,
&self.context.aux_info.public_aux[id_j].rp_params,
&self.public_aux(id_j)?.rp_params,

Check warning on line 1043 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L1043 

Added line #L1043 was not covered by tests
&aux,
);
assert!(p_dec.verify(
pk,
&scalar_delta,
&ciphertext,
&self.context.aux_info.public_aux[id_j].rp_params,
&aux
));
assert!(p_dec.verify(pk, &scalar_delta, &ciphertext, &self.public_aux(id_j)?.rp_params, &aux));

Check warning on line 1046 in synedrion/src/cggmp21/interactive_signing.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/interactive_signing.rs#L1046 

Added line #L1046 was not covered by tests
dec_proofs.push((id_j.clone(), p_dec));
}

Expand Down Expand Up @@ -1073,6 +1075,21 @@ where
sigma,
}
}
fn public_aux(&self, i: &I) -> Result<&PublicAuxInfoPrecomputed<P>, LocalError> {
self.context
.aux_info
.public_aux
.get(i)
.ok_or_else(|| LocalError::new("Missing public_aux for party Id {i:?}"))
}

fn public_shares(&self, i: &I) -> Result<&Point, LocalError> {
self.context
.key_share
.public_shares
.get(i)
.ok_or_else(|| LocalError::new("Missing public_aux for party Id {i:?}"))
}
}

#[derive(Clone, Serialize, Deserialize)]
Expand Down Expand Up @@ -1165,15 +1182,15 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {
let mut aff_g_proofs = Vec::new();

for id_j in self.context.other_ids.iter() {
for id_l in self.context.other_ids.iter().filter(|id| id != &id_j) {
let target_pk = &self.context.aux_info.public_aux[id_j].paillier_pk;
let rp = &self.context.aux_info.public_aux[id_l].rp_params;
for id_l in self.context.other_ids.iter().filter(|id| *id != id_j) {
let target_pk = &self.public_aux(id_j)?.paillier_pk;
let rp = &self.public_aux(id_l)?.rp_params;

let values = self
.presigning
.values
.get(id_j)
.ok_or_else(|| LocalError::new(format!("Missing presigning values for {id_j:?}")))?;
.ok_or_else(|| LocalError::new("Missing presigning values for {id_j:?}"))?;

let p_aff_g = AffGProof::<P>::new(
rng,
Expand All @@ -1186,7 +1203,7 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {
&values.cap_k,
&values.hat_cap_d,
&values.hat_cap_f,
&self.context.key_share.public_shares[&my_id],
self.public_shares(&my_id)?,
rp,
&aux,
);
Expand All @@ -1197,7 +1214,7 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {
&values.cap_k,
&values.hat_cap_d,
&values.hat_cap_f,
&self.context.key_share.public_shares[&my_id],
self.public_shares(&my_id)?,
rp,
&aux,
));
Expand All @@ -1209,7 +1226,7 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {
// mul* proofs

let x = &self.context.key_share.secret_share;
let cap_x = self.context.key_share.public_shares[&my_id];
let cap_x = self.public_shares(&my_id)?;

let rho = Randomizer::random(rng, pk);
let hat_cap_h =
Expand All @@ -1220,26 +1237,20 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {
let mut mul_star_proofs = Vec::new();

for id_l in self.context.other_ids.iter() {
let paux = self.public_aux(id_l)?;
let p_mul = MulStarProof::<P>::new(
rng,
&P::signed_from_scalar(x.expose_secret()),
&rho,
pk,
&self.presigning.cap_k,
&hat_cap_h,
&cap_x,
&self.context.aux_info.public_aux[id_l].rp_params,
cap_x,
&paux.rp_params,
&aux,
);

assert!(p_mul.verify(
pk,
&self.presigning.cap_k,
&hat_cap_h,
&cap_x,
&self.context.aux_info.public_aux[id_l].rp_params,
&aux,
));
assert!(p_mul.verify(pk, &self.presigning.cap_k, &hat_cap_h, cap_x, &paux.rp_params, &aux,));

mul_star_proofs.push((id_l.clone(), p_mul));
}
Expand Down Expand Up @@ -1270,23 +1281,18 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round4<P, I> {

let mut dec_proofs = Vec::new();
for id_l in self.context.other_ids.iter() {
let paux = self.public_aux(id_l)?;
let p_dec = DecProof::<P>::new(
rng,
&s_part_nonreduced,
&rho,
pk,
&self.sigma,
&ciphertext,
&self.context.aux_info.public_aux[id_l].rp_params,
&paux.rp_params,
&aux,
);
assert!(p_dec.verify(
pk,
&self.sigma,
&ciphertext,
&self.context.aux_info.public_aux[id_l].rp_params,
&aux,
));
assert!(p_dec.verify(pk, &self.sigma, &ciphertext, &paux.rp_params, &aux,));
dec_proofs.push((id_l.clone(), p_dec));
}

Expand Down
88 changes: 67 additions & 21 deletions synedrion/src/cggmp21/key_refresh.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -599,19 +599,39 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {

let phi = FacProof::new(rng, &self.context.paillier_sk, &data.rp_params, &aux);

let destination_idx = self.context.ids_ordering[destination];
let destination_idx = *self
.context
.ids_ordering
.get(destination)
.ok_or_else(|| LocalError::new("destination={destination:?} is missing in ids_ordering"))?;

let x_secret = self.context.x_to_send[destination];
let x_public = self.context.data_precomp.data.cap_x_to_send[destination_idx];
let ciphertext = Ciphertext::new(rng, &data.paillier_pk, &P::uint_from_scalar(&x_secret));
let x_secret = self
.context
.x_to_send
.get(destination)
.ok_or_else(|| LocalError::new("destination={destination} is missing in x_to_send"))?;
let x_public = self
.context
.data_precomp
.data
.cap_x_to_send
.get(destination_idx)
.ok_or_else(|| LocalError::new("destination_idx={destination_idx} is missing in cap_x_to_send"))?;
let ciphertext = Ciphertext::new(rng, &data.paillier_pk, &P::uint_from_scalar(x_secret));
let proof_secret = self
.context
.tau_x
.get(destination)
.ok_or_else(|| LocalError::new("destination_idx={destination_idx} is missing in tau_x"))?;
let commitment = self
.context
.data_precomp
.data
.cap_a_to_send
.get(destination_idx)
.ok_or_else(|| LocalError::new("destination_idx={destination_idx} is missing in cap_a_to_send"))?;

let psi_sch = SchProof::new(
&self.context.tau_x[destination],
&x_secret,
&self.context.data_precomp.data.cap_a_to_send[destination_idx],
&x_public,
&aux,
);
let psi_sch = SchProof::new(proof_secret, x_secret, commitment, x_public, &aux);

let data2 = PublicData2 {
psi_mod: self.psi_mod.clone(),
Expand Down Expand Up @@ -650,9 +670,19 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {

let x = P::scalar_from_uint(&enc_x.decrypt(&self.context.paillier_sk));

let my_idx = self.context.ids_ordering[&self.context.my_id];

if x.mul_by_generator() != sender_data.data.cap_x_to_send[my_idx] {
let my_idx = *self
.context
.ids_ordering
.get(&self.context.my_id)
.ok_or_else(|| LocalError::new(format!("my_id={:?} is missing in ids_ordering", self.context.my_id)))?;

if x.mul_by_generator()
!= *sender_data
.data
.cap_x_to_send
.get(my_idx)
.ok_or_else(|| LocalError::new("my_idx={my_idx} is missing in cap_x_to_send"))?
{
let mu = enc_x.derive_randomizer(&self.context.paillier_sk);
return Err(ReceiveError::protocol(KeyRefreshError(
KeyRefreshErrorEnum::Round3MismatchedSecret {
Expand Down Expand Up @@ -692,8 +722,16 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
}

if !direct_message.data2.psi_sch.verify(
&sender_data.data.cap_a_to_send[my_idx],
&sender_data.data.cap_x_to_send[my_idx],
sender_data
.data
.cap_a_to_send
.get(my_idx)
.ok_or_else(|| LocalError::new("my_idx={my_idx} is missing in cap_a_to_send"))?,
sender_data
.data
.cap_x_to_send
.get(my_idx)
.ok_or_else(|| LocalError::new("my_idx={my_idx} is missing in cap_a_to_send"))?,
&aux,
) {
return Err(ReceiveError::protocol(KeyRefreshError(KeyRefreshErrorEnum::Round3(
Expand All @@ -717,7 +755,11 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
.collect::<BTreeMap<_, _>>();

// The combined secret share change
let x_star = others_x.values().sum::<Scalar>() + self.context.x_to_send[&self.context.my_id];
let x_star =
others_x.values().sum::<Scalar>()
+ *self.context.x_to_send.get(&self.context.my_id).ok_or_else(|| {
LocalError::new(format!("my_id={:?} is missing in x_to_send", self.context.my_id))

Check warning on line 761 in synedrion/src/cggmp21/key_refresh.rs

View check run for this annotation

Codecov / codecov/patch

synedrion/src/cggmp21/key_refresh.rs#L761 

Added line #L761 was not covered by tests
})?;

let my_id = self.context.my_id.clone();
let mut all_ids = self.context.other_ids;
Expand All @@ -731,12 +773,16 @@ impl<P: SchemeParams, I: PartyId> Round<I> for Round3<P, I> {
.iter()
.enumerate()
.map(|(idx, id)| {
(
Ok((
id.clone(),
all_data.values().map(|data| data.data.cap_x_to_send[idx]).sum(),
)
all_data
.values()
.map(|data| data.data.cap_x_to_send.get(idx))
.sum::<Option<Point>>()
.ok_or_else(|| LocalError::new("idx={idx} is missing in cap_x_to_send"))?,
))
})
.collect();
.collect::<Result<_, _>>()?;

let public_aux = all_data
.into_iter()
Expand Down

0 comments on commit 4e74fda

Please sign in to comment.