forked from taurusgroup/multi-party-sig
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sign.go
82 lines (72 loc) · 2.53 KB
/
sign.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package sign
import (
"errors"
"fmt"
"github.com/MixinNetwork/multi-party-sig/common/round"
"github.com/MixinNetwork/multi-party-sig/common/types"
"github.com/MixinNetwork/multi-party-sig/pkg/math/curve"
"github.com/MixinNetwork/multi-party-sig/pkg/math/polynomial"
"github.com/MixinNetwork/multi-party-sig/pkg/paillier"
"github.com/MixinNetwork/multi-party-sig/pkg/party"
"github.com/MixinNetwork/multi-party-sig/pkg/pedersen"
"github.com/MixinNetwork/multi-party-sig/pkg/pool"
"github.com/MixinNetwork/multi-party-sig/pkg/protocol"
"github.com/MixinNetwork/multi-party-sig/protocols/cmp/config"
)
// protocolSignID for the "3 round" variant using echo broadcast.
const (
protocolSignID = "cmp/sign"
protocolSignRounds round.Number = 5
)
func StartSign(config *config.Config, signers []party.ID, message []byte, pl *pool.Pool) protocol.StartFunc {
return func(sessionID []byte) (round.Session, error) {
group := config.Group
// this could be used to indicate a pre-signature later on
if len(message) == 0 {
return nil, errors.New("sign.Create: message is nil")
}
info := round.Info{
ProtocolID: protocolSignID,
FinalRoundNumber: protocolSignRounds,
SelfID: config.ID,
PartyIDs: signers,
Threshold: config.Threshold,
Group: config.Group,
}
helper, err := round.NewSession(info, sessionID, pl, config, types.SigningMessage(message))
if err != nil {
return nil, fmt.Errorf("sign.Create: %w", err)
}
if !config.CanSign(helper.PartyIDs()) {
return nil, errors.New("sign.Create: signers is not a valid signing subset")
}
// Scale public data
T := helper.N()
ECDSA := make(map[party.ID]curve.Point, T)
Paillier := make(map[party.ID]*paillier.PublicKey, T)
Pedersen := make(map[party.ID]*pedersen.Parameters, T)
PublicKey := group.NewPoint()
lagrange := polynomial.Lagrange(group, signers)
// Scale own secret
SecretECDSA := group.NewScalar().Set(lagrange[config.ID]).Mul(config.ECDSA)
SecretPaillier := config.Paillier
for _, j := range helper.PartyIDs() {
public := config.Public[j]
// scale public key share
ECDSA[j] = lagrange[j].Act(public.ECDSA)
Paillier[j] = public.Paillier
Pedersen[j] = public.Pedersen
PublicKey = PublicKey.Add(ECDSA[j])
}
return &round1{
Helper: helper,
PublicKey: PublicKey,
SecretECDSA: SecretECDSA,
SecretPaillier: SecretPaillier,
Paillier: Paillier,
Pedersen: Pedersen,
ECDSA: ECDSA,
Message: message,
}, nil
}
}