-
Notifications
You must be signed in to change notification settings - Fork 0
/
frost.go
166 lines (136 loc) · 4.07 KB
/
frost.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
package mpcfrost
import (
"errors"
"github.com/valli0x/signature-escrow/network"
"github.com/taurusgroup/multi-party-sig/pkg/math/curve"
"github.com/taurusgroup/multi-party-sig/pkg/party"
"github.com/taurusgroup/multi-party-sig/pkg/protocol"
"github.com/taurusgroup/multi-party-sig/pkg/taproot"
"github.com/taurusgroup/multi-party-sig/protocols/frost"
)
func FrostKeygen(id party.ID, ids party.IDSlice, threshold int, n network.Network) (*frost.Config, error) {
h, err := protocol.NewMultiHandler(frost.Keygen(curve.Secp256k1{}, id, ids, threshold), nil)
if err != nil {
return nil, err
}
network.HandlerLoop(id, h, n)
r, err := h.Result()
if err != nil {
return nil, err
}
return r.(*frost.Config), nil
}
func FrostSign(c *frost.Config, id party.ID, m []byte, signers party.IDSlice, n network.Network) error {
h, err := protocol.NewMultiHandler(frost.Sign(c, signers, m), nil)
if err != nil {
return err
}
network.HandlerLoop(id, h, n)
r, err := h.Result()
if err != nil {
return err
}
signature := r.(frost.Signature)
if !signature.Verify(c.PublicKey, m) {
return errors.New("failed to verify frost signature")
}
return nil
}
func FrostKeygenTaproot(id party.ID, ids party.IDSlice, threshold int, n network.Network) (*frost.TaprootConfig, error) {
h, err := protocol.NewMultiHandler(frost.KeygenTaproot(id, ids, threshold), nil)
if err != nil {
return nil, err
}
network.HandlerLoop(id, h, n)
r, err := h.Result()
if err != nil {
return nil, err
}
return r.(*frost.TaprootConfig), nil
}
func FrostSignTaproot(c *frost.TaprootConfig, m []byte, signers party.IDSlice, n network.Network) (taproot.Signature, error) {
h, err := protocol.NewMultiHandler(frost.SignTaproot(c, signers, m), nil)
if err != nil {
return nil, err
}
network.HandlerLoop(c.ID, h, n)
r, err := h.Result()
if err != nil {
return nil, err
}
signature := r.(taproot.Signature)
if !c.PublicKey.Verify(signature, m) {
return nil, errors.New("failed to verify frost signature")
}
return signature, nil
}
/*
incompelete signature:
send a message: round 2, from: a, to , protocol: frost/sign-threshold-taproot
accept: a message: round 2, from: b, to , protocol: frost/sign-threshold-taproot
send a message: round 3, from: a, to , protocol: frost/sign-threshold-taproot
complete signature:
accept: a message: round 3, from: b, to , protocol: frost/sign-threshold-taproot
*/
// incomplete signature
func FrostSignTaprootInc(c *frost.TaprootConfig, m []byte, signers party.IDSlice, n network.Network) error {
h, err := protocol.NewMultiHandler(frost.SignTaproot(c, signers, m), nil)
if err != nil {
return err
}
// send round2
round2, ok := <-h.Listen()
if !ok {
return errors.New("failed to getting incomplete signature, send round2")
}
n.Send(round2)
// accept round2
round2, ok = <-n.Next()
if !ok {
return errors.New("failed to getting incomplete signature, accept round2")
}
h.Accept(round2)
// send round3
round3, ok := <-h.Listen()
if !ok {
return errors.New("failed to getting incomplete signature, send round3")
}
n.Send(round3)
return nil
}
func FrostSignTaprootCoSign(c *frost.TaprootConfig, incSig *protocol.Message, m []byte, signers party.IDSlice, n network.Network) (taproot.Signature, error) {
h, err := protocol.NewMultiHandler(frost.SignTaproot(c, signers, m), nil)
if err != nil {
return nil, err
}
// send round2
round2, ok := <-h.Listen()
if !ok {
return nil, errors.New("failed to getting incomplete signature, send round2")
}
n.Send(round2)
// accept round2
round2, ok = <-n.Next()
if !ok {
return nil, errors.New("failed to getting incomplete signature, accept round2")
}
h.Accept(round2)
// skip own round3
<-h.Listen()
// accept round3
round3, ok := <-n.Next()
if !ok {
return nil, errors.New("failed to getting incomplete signature, accept round3")
}
h.Accept(round3)
// getting complete signature
r, err := h.Result()
if err != nil {
return nil, err
}
signature := r.(taproot.Signature)
if !c.PublicKey.Verify(signature, m) {
return nil, errors.New("failed to verify frost signature")
}
return signature, nil
}