You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Each already existing party broadcasts a RefreshMessage to every other party
Every party validates and constructs new secret key share from the RefreshMessage's it receives.
Main takeaway from the above section:
Existing parties and newly joining parties have different behaviors, so the state machine somehow has to account for this.
State Machine for GG '20
What is a state machine?
A system that can be in any one of a finite number of states $S = {S_1, S_2,...}$ at any given time.
Has a deterministic transition function $T: (S, M) \rightarrow S$, where $M$ is the message space $M$ of inputs to the state machine.
Contextualizing w.r.t. GG '20. The KeyGenstruct makes up the state space, message space, and transition function for each party. Let's be more specific:
The state space is the round attribute.
The message space is msgs1, msgs2,.... Note each of these is a collection of messages.
Basically things work as follows. The handle_incoming function on the StateMachine trait adds a message to a message store. Once the store is filled (a.k.a. the messages have been received from all parties), the state machine is ready to transition state via the proceed function, since it has access to the full message.
State Machine for fs-dkr
Round 0
The initial state will be an Option<LocalKey<Secp256k1>>. If this Option is None then it corresponds to a newly joining party and if it corresponds to an already existing party.
Notice here local_key is no longer an Option since every party has generated their local keys.
Round 1 -> Round 2
The transition from round 1 to round 2 entails receiving BroadcastMsgs<Option<JoinMessage>> as the messages. The proceed transition function receives these messages and:
Updates its local_key. Specifically, the JoinMessage's of the new parties contain Paillier keys so the paillier_key_vec attribute of local_key needs to be updated (for each existing party).
Each existing party broadcasts a RefreshMessage see here.
Each party receives BroadcastMsgs<Option<RefreshMessage>> does the relevant checks and updates its local_key accordingly. The final state is a new LocalKey.
Todos for implementation
Implement KeyRefresh struct:
Implement StateMachine trait for KeyRefresh struct
Implement Round0, Round1, Round2 structs.
The text was updated successfully, but these errors were encountered:
Very high level overview of fs-dkr
JoinMessage.RefreshMessageto every other partyRefreshMessage's it receives.Main takeaway from the above section:
State Machine for GG '20
What is a state machine?
Contextualizing w.r.t. GG '20. The
KeyGenstruct makes up the state space, message space, and transition function for each party. Let's be more specific:roundattribute.msgs1, msgs2,.... Note each of these is a collection of messages.proceedfunction.Basically things work as follows. The
handle_incomingfunction on theStateMachinetrait adds a message to a message store. Once the store is filled (a.k.a. the messages have been received from all parties), the state machine is ready to transition state via theproceedfunction, since it has access to the full message.State Machine for fs-dkr
Round 0
The initial state will be an
Option<LocalKey<Secp256k1>>. If thisOptionisNonethen it corresponds to a newly joining party and if it corresponds to an already existing party.Round 0 -> Round 1
The
proceedtransition from round 0 to round 1 does not entail receiving any messages. Rather the state transition works as follows:Option<JoinMessage>(see here).Noneiflocal_keyisSomeandSomeiflocal_keyisNone.The round 1 struct looks like:
Notice here
local_keyis no longer anOptionsince every party has generated their local keys.Round 1 -> Round 2
The transition from round 1 to round 2 entails receiving
BroadcastMsgs<Option<JoinMessage>>as the messages. Theproceedtransition function receives these messages and:local_key. Specifically, theJoinMessage's of the new parties containPaillierkeys so thepaillier_key_vecattribute oflocal_keyneeds to be updated (for each existing party).RefreshMessagesee here.The round 2 state looks like:
...with the updated
local_keys.Round 2 -> Final Output
Each party receives
BroadcastMsgs<Option<RefreshMessage>>does the relevant checks and updates itslocal_keyaccordingly. The final state is a newLocalKey.Todos for implementation
KeyRefreshstruct:StateMachinetrait forKeyRefreshstructRound0, Round1, Round2structs.The text was updated successfully, but these errors were encountered: