diff --git a/packages/wasm-mps/src/lib.rs b/packages/wasm-mps/src/lib.rs index 1ff5f44088c..898a7a2482e 100644 --- a/packages/wasm-mps/src/lib.rs +++ b/packages/wasm-mps/src/lib.rs @@ -3,7 +3,10 @@ mod mps { use multi_party_schnorr::{ - common::traits::Round, + common::{ + ser::Serializable, + traits::{GroupElem, Round, ScalarReduce}, + }, curve25519_dalek::EdwardsPoint, keygen::{ KeygenMsg1, KeygenMsg2, KeygenParty, Keyshare, R0 as DkgR0, R1 as DkgR1, R2 as DkgR2, @@ -13,6 +16,7 @@ mod mps { PartialSign, SignerParty, R0 as DsgR0, R1 as DsgR1, R2 as DsgR2, }, }; + use serde::{Deserialize, Serialize}; use std::sync::Arc; use thiserror::Error; @@ -33,38 +37,68 @@ mod mps { } /// Internal DKG state used for round 1. - #[derive(serde::Serialize, serde::Deserialize)] - struct DkgStateR1 { + #[derive(Serialize, Deserialize)] + struct DkgStateR1 + where + G: GroupElem, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { pub msg: KeygenMsg1, - pub party: KeygenParty, EdwardsPoint>, + + #[serde(bound( + serialize = "KeygenParty, G>: Serialize", + deserialize = "KeygenParty, G>: Deserialize<'de>" + ))] + pub party: KeygenParty, G>, } /// Internal DKG state used for round 2. - #[derive(serde::Serialize, serde::Deserialize)] - struct DkgStateR2 { - pub msg: KeygenMsg2, - pub party: KeygenParty, + #[derive(Serialize, Deserialize)] + struct DkgStateR2 + where + G: GroupElem, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { + pub msg: KeygenMsg2, + + #[serde(bound( + serialize = "KeygenParty: Serialize", + deserialize = "KeygenParty: Deserialize<'de>" + ))] + pub party: KeygenParty, } /// Internal DSG state used for round 1. - #[derive(serde::Serialize, serde::Deserialize)] - struct DsgStateR1 { + #[derive(Serialize, Deserialize)] + struct DsgStateR1 + where + G: GroupElem, + G::Scalar: Serializable, + { pub msg: SignMsg1, - pub party: SignerParty, EdwardsPoint>, + pub party: SignerParty, G>, } /// Internal DSG state used for round 2. - #[derive(serde::Serialize, serde::Deserialize)] - struct DsgStateR2 { - pub msg: SignMsg2, - pub party: SignerParty, EdwardsPoint>, + #[derive(Serialize, Deserialize)] + struct DsgStateR2 + where + G: GroupElem, + G::Scalar: Serializable, + { + pub msg: SignMsg2, + pub party: SignerParty, G>, } /// Internal DSG state used for round 3. - #[derive(serde::Serialize, serde::Deserialize)] - struct DsgStateR3 { - pub msg: SignMsg3, - pub party: PartialSign, + #[derive(Serialize, Deserialize)] + struct DsgStateR3 + where + G: GroupElem, + G::Scalar: Serializable, + { + pub msg: SignMsg3, + pub party: PartialSign, } /// Result from processing that includes a public messages for other @@ -80,17 +114,16 @@ mod mps { pub pk: [u8; 32], } - /// Process round 0 of DKG protocol. - /// party_id: Party identifier / index. - /// decryption_key: Private Curve25519 key. - /// encryption_keys: Public Curve25519 keys of other parties. - /// seed: PRNG seed for entropy. - pub fn dkg_round0_process( + fn internal_dkg_round0_process( party_id: u8, decryption_key: &[u8; 32], encryption_keys: &[Vec; 2], seed: &[u8; 32], - ) -> Result { + ) -> Result + where + G: GroupElem + Serialize, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { if party_id >= 3 { return Err(MpsError::InvalidInput); } @@ -119,7 +152,7 @@ mod mps { public_keys.push((party_id, secret_key.public_key())); // Create KeygenParty - let p0 = KeygenParty::::new( + let p0 = KeygenParty::::new( 2, // threshold 3, // total parties party_id, @@ -147,15 +180,30 @@ mod mps { }) } - /// Process round 1 of DKG protocol. - /// round1_messages: Public messages from other parties. - /// state: Private state result from from round 0. - pub fn dkg_round1_process( + /// Process round 0 of DKG protocol for Ed25519. + /// party_id: Party identifier / index. + /// decryption_key: Private Curve25519 key. + /// encryption_keys: Public Curve25519 keys of other parties. + /// seed: PRNG seed for entropy. + pub fn ed25519_dkg_round0_process( + party_id: u8, + decryption_key: &[u8; 32], + encryption_keys: &[Vec; 2], + seed: &[u8; 32], + ) -> Result { + internal_dkg_round0_process::(party_id, decryption_key, encryption_keys, seed) + } + + fn internal_dkg_round1_process( round1_messages: &[Vec; 2], state: &[u8], - ) -> Result { + ) -> Result + where + G: GroupElem + Serialize, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { // Parse state - let state: DkgStateR1 = + let state: DkgStateR1 = bincode::deserialize(state).map_err(|_| MpsError::DeserializationError)?; // Parse messages @@ -183,21 +231,32 @@ mod mps { }) } - /// Process round 2 of DKG protocol. - /// round2_messages: Public messages from other parties. - /// state: Private state result from round 1. - pub fn dkg_round2_process( + /// Process round 1 of DKG protocol. + /// round1_messages: Public messages from other parties. + /// state: Private state result from from round 0. + pub fn ed25519_dkg_round1_process( + round1_messages: &[Vec; 2], + state: &[u8], + ) -> Result { + internal_dkg_round1_process::(round1_messages, state) + } + + fn internal_dkg_round2_process( round2_messages: &[Vec; 2], state: &[u8], - ) -> Result { + ) -> Result<(Keyshare, G), MpsError> + where + G: GroupElem + Serialize + for<'de> Deserialize<'de>, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { // Deserialize round2 messages from other parties - let i0_msg2: KeygenMsg2 = bincode::deserialize(round2_messages[0].as_slice()) + let i0_msg2: KeygenMsg2 = bincode::deserialize(round2_messages[0].as_slice()) .map_err(|_| MpsError::DeserializationError)?; - let i1_msg2: KeygenMsg2 = bincode::deserialize(round2_messages[1].as_slice()) + let i1_msg2: KeygenMsg2 = bincode::deserialize(round2_messages[1].as_slice()) .map_err(|_| MpsError::DeserializationError)?; // Deserialize state - let state: DkgStateR2 = + let state: DkgStateR2 = bincode::deserialize(state).map_err(|_| MpsError::DeserializationError)?; // Generate share @@ -206,9 +265,40 @@ mod mps { .process(vec![i0_msg2, i1_msg2, state.msg.clone()]) .map_err(|_| MpsError::ProtocolError)?; + Ok((share.clone(), share.public_key)) + } + + /// Process round 2 of DKG protocol. + /// round2_messages: Public messages from other parties. + /// state: Private state result from round 1. + pub fn ed25519_dkg_round2_process( + round2_messages: &[Vec; 2], + state: &[u8], + ) -> Result { + let (share, pk) = internal_dkg_round2_process::(round2_messages, state)?; Ok(Share { share: bincode::serialize(&share).map_err(|_| MpsError::SerializationError)?, - pk: share.public_key.compress().to_bytes(), + pk: pk.compress().to_bytes(), + }) + } + + fn internal_dsg_round0_process(p0: SignerParty) -> Result + where + G: GroupElem + Serialize, + G::Scalar: Serializable, + { + // Generate message + let (p1, msg1) = p0.process(()).map_err(|_| MpsError::ProtocolError)?; + + // Create the state for storage between rounds + let state = DsgStateR1 { + msg: msg1.clone(), + party: p1, + }; + + Ok(MsgState { + msg: bincode::serialize(&msg1).map_err(|_| MpsError::SerializationError)?, + state: bincode::serialize(&state).map_err(|_| MpsError::SerializationError)?, }) } @@ -216,7 +306,7 @@ mod mps { /// share: Signing share from DKG. /// derivation_path: Key derivation path. /// message: Message to sign. - pub fn dsg_round0_process( + pub fn ed25519_dsg_round0_process( share: &[u8], derivation_path: String, message: &[u8], @@ -235,27 +325,19 @@ mod mps { &mut rand::thread_rng(), ); - // Generate message - let (p1, msg1) = p0.process(()).map_err(|_| MpsError::ProtocolError)?; - - // Create the state for storage between rounds - let state = DsgStateR1 { - msg: msg1.clone(), - party: p1, - }; - - Ok(MsgState { - msg: bincode::serialize(&msg1).map_err(|_| MpsError::SerializationError)?, - state: bincode::serialize(&state).map_err(|_| MpsError::SerializationError)?, - }) + internal_dsg_round0_process(p0) } - /// Process round 1 of DSG protocol. - /// round1_messages: Public messages from other parties. - /// state: Private state result from round 0. - pub fn dsg_round1_process(round1_message: &[u8], state: &[u8]) -> Result { + fn internal_dsg_round1_process( + round1_message: &[u8], + state: &[u8], + ) -> Result + where + G: GroupElem + Serialize + for<'de> Deserialize<'de>, + G::Scalar: ScalarReduce<[u8; 32]> + Serializable, + { // Parse state - let state: DsgStateR1 = + let state: DsgStateR1 = bincode::deserialize(state).map_err(|_| MpsError::DeserializationError)?; // Parse messages @@ -281,12 +363,25 @@ mod mps { }) } + /// Process round 1 of DSG protocol. + /// round1_messages: Public messages from other parties. + /// state: Private state result from round 0. + pub fn ed25519_dsg_round1_process( + round1_message: &[u8], + state: &[u8], + ) -> Result { + internal_dsg_round1_process::(round1_message, state) + } + /// Process round 2 of DSG protocol. /// round2_messages: Public messages from other parties. /// state: Private state result from round 1. - pub fn dsg_round2_process(round2_message: &[u8], state: &[u8]) -> Result { + pub fn ed25519_dsg_round2_process( + round2_message: &[u8], + state: &[u8], + ) -> Result { // Parse state - let state: DsgStateR2 = + let state: DsgStateR2 = bincode::deserialize(state).map_err(|_| MpsError::DeserializationError)?; // Parse messages @@ -318,9 +413,12 @@ mod mps { /// Process round 3 of DSG protocol. /// round3_messages: Public messages from other parties. /// state: Private state result from round 2. - pub fn dsg_round3_process(round3_message: &[u8], state: &[u8]) -> Result, MpsError> { + pub fn ed25519_dsg_round3_process( + round3_message: &[u8], + state: &[u8], + ) -> Result, MpsError> { // Parse state - let state: DsgStateR3 = + let state: DsgStateR3 = bincode::deserialize(state).map_err(|_| MpsError::DeserializationError)?; // Parse messages @@ -347,7 +445,7 @@ mod tests { /// Test full DGK protocol. #[test] - fn test_dkg() { + fn test_ed25519_dkg() { // Generate key pairs and seeds for all parties let mut prv_keys = Vec::new(); let mut pub_keys = Vec::new(); @@ -362,7 +460,7 @@ mod tests { } // Parties generate their round 0 messages - let p0_0 = mps::dkg_round0_process( + let p0_0 = mps::ed25519_dkg_round0_process( 0, &prv_keys[0].to_bytes(), &[ @@ -372,7 +470,7 @@ mod tests { &seeds[0], ) .unwrap(); - let p1_0 = mps::dkg_round0_process( + let p1_0 = mps::ed25519_dkg_round0_process( 1, &prv_keys[1].to_bytes(), &[ @@ -382,7 +480,7 @@ mod tests { &seeds[1], ) .unwrap(); - let p2_0 = mps::dkg_round0_process( + let p2_0 = mps::ed25519_dkg_round0_process( 2, &prv_keys[2].to_bytes(), &[ @@ -394,26 +492,38 @@ mod tests { .unwrap(); // Parties generate their round 1 messages - let p0_1 = - mps::dkg_round1_process(&[p1_0.msg.clone(), p2_0.msg.clone()], p0_0.state.as_slice()) - .unwrap(); - let p1_1 = - mps::dkg_round1_process(&[p0_0.msg.clone(), p2_0.msg.clone()], p1_0.state.as_slice()) - .unwrap(); - let p2_1 = - mps::dkg_round1_process(&[p0_0.msg.clone(), p1_0.msg.clone()], p2_0.state.as_slice()) - .unwrap(); + let p0_1 = mps::ed25519_dkg_round1_process( + &[p1_0.msg.clone(), p2_0.msg.clone()], + p0_0.state.as_slice(), + ) + .unwrap(); + let p1_1 = mps::ed25519_dkg_round1_process( + &[p0_0.msg.clone(), p2_0.msg.clone()], + p1_0.state.as_slice(), + ) + .unwrap(); + let p2_1 = mps::ed25519_dkg_round1_process( + &[p0_0.msg.clone(), p1_0.msg.clone()], + p2_0.state.as_slice(), + ) + .unwrap(); // Parties generate their key shares - let p0_share = - mps::dkg_round2_process(&[p1_1.msg.clone(), p2_1.msg.clone()], p0_1.state.as_slice()) - .unwrap(); - let p1_share = - mps::dkg_round2_process(&[p0_1.msg.clone(), p2_1.msg.clone()], p1_1.state.as_slice()) - .unwrap(); - let p2_share = - mps::dkg_round2_process(&[p0_1.msg.clone(), p1_1.msg.clone()], p2_1.state.as_slice()) - .unwrap(); + let p0_share = mps::ed25519_dkg_round2_process( + &[p1_1.msg.clone(), p2_1.msg.clone()], + p0_1.state.as_slice(), + ) + .unwrap(); + let p1_share = mps::ed25519_dkg_round2_process( + &[p0_1.msg.clone(), p2_1.msg.clone()], + p1_1.state.as_slice(), + ) + .unwrap(); + let p2_share = mps::ed25519_dkg_round2_process( + &[p0_1.msg.clone(), p1_1.msg.clone()], + p2_1.state.as_slice(), + ) + .unwrap(); // Assert generated public keys are equal assert_eq!( @@ -428,7 +538,7 @@ mod tests { /// Test full DSG protocol. #[test] - fn test_dsg() { + fn test_ed25519_dsg() { // Generate signing shares let mut prv_keys = Vec::new(); let mut pub_keys = Vec::new(); @@ -443,7 +553,7 @@ mod tests { } // Parties generate their round 0 messages - let dkg_p0_0 = mps::dkg_round0_process( + let dkg_p0_0 = mps::ed25519_dkg_round0_process( 0, &prv_keys[0].to_bytes(), &[ @@ -453,7 +563,7 @@ mod tests { &seeds[0], ) .unwrap(); - let dkg_p1_0 = mps::dkg_round0_process( + let dkg_p1_0 = mps::ed25519_dkg_round0_process( 1, &prv_keys[1].to_bytes(), &[ @@ -463,7 +573,7 @@ mod tests { &seeds[1], ) .unwrap(); - let dkg_p2_0 = mps::dkg_round0_process( + let dkg_p2_0 = mps::ed25519_dkg_round0_process( 2, &prv_keys[2].to_bytes(), &[ @@ -475,29 +585,29 @@ mod tests { .unwrap(); // Parties generate their round 1 messages - let dkg_p0_1 = mps::dkg_round1_process( + let dkg_p0_1 = mps::ed25519_dkg_round1_process( &[dkg_p1_0.msg.clone(), dkg_p2_0.msg.clone()], dkg_p0_0.state.as_slice(), ) .unwrap(); - let dkg_p1_1 = mps::dkg_round1_process( + let dkg_p1_1 = mps::ed25519_dkg_round1_process( &[dkg_p0_0.msg.clone(), dkg_p2_0.msg.clone()], dkg_p1_0.state.as_slice(), ) .unwrap(); - let dkg_p2_1 = mps::dkg_round1_process( + let dkg_p2_1 = mps::ed25519_dkg_round1_process( &[dkg_p0_0.msg.clone(), dkg_p1_0.msg.clone()], dkg_p2_0.state.as_slice(), ) .unwrap(); // Parties generate their key shares - let dkg_p0_share = mps::dkg_round2_process( + let dkg_p0_share = mps::ed25519_dkg_round2_process( &[dkg_p1_1.msg.clone(), dkg_p2_1.msg.clone()], dkg_p0_1.state.as_slice(), ) .unwrap(); - let dkg_p2_share = mps::dkg_round2_process( + let dkg_p2_share = mps::ed25519_dkg_round2_process( &[dkg_p0_1.msg.clone(), dkg_p1_1.msg.clone()], dkg_p2_1.state.as_slice(), ) @@ -508,27 +618,35 @@ mod tests { // Process DSG round 0 let dsg_p0_0 = - mps::dsg_round0_process(dkg_p0_share.share.as_slice(), "m".to_string(), msg).unwrap(); + mps::ed25519_dsg_round0_process(dkg_p0_share.share.as_slice(), "m".to_string(), msg) + .unwrap(); let dsg_p2_0 = - mps::dsg_round0_process(dkg_p2_share.share.as_slice(), "m".to_string(), msg).unwrap(); + mps::ed25519_dsg_round0_process(dkg_p2_share.share.as_slice(), "m".to_string(), msg) + .unwrap(); // Process DSG round 1 let dsg_p0_1 = - mps::dsg_round1_process(dsg_p2_0.msg.as_slice(), dsg_p0_0.state.as_slice()).unwrap(); + mps::ed25519_dsg_round1_process(dsg_p2_0.msg.as_slice(), dsg_p0_0.state.as_slice()) + .unwrap(); let dsg_p2_1 = - mps::dsg_round1_process(dsg_p0_0.msg.as_slice(), dsg_p2_0.state.as_slice()).unwrap(); + mps::ed25519_dsg_round1_process(dsg_p0_0.msg.as_slice(), dsg_p2_0.state.as_slice()) + .unwrap(); // Process DSG round 2 let dsg_p0_2 = - mps::dsg_round2_process(dsg_p2_1.msg.as_slice(), dsg_p0_1.state.as_slice()).unwrap(); + mps::ed25519_dsg_round2_process(dsg_p2_1.msg.as_slice(), dsg_p0_1.state.as_slice()) + .unwrap(); let dsg_p2_2 = - mps::dsg_round2_process(dsg_p0_1.msg.as_slice(), dsg_p2_1.state.as_slice()).unwrap(); + mps::ed25519_dsg_round2_process(dsg_p0_1.msg.as_slice(), dsg_p2_1.state.as_slice()) + .unwrap(); // Process DSG round 3 let dsg_p0_sig = - mps::dsg_round3_process(dsg_p2_2.msg.as_slice(), dsg_p0_2.state.as_slice()).unwrap(); + mps::ed25519_dsg_round3_process(dsg_p2_2.msg.as_slice(), dsg_p0_2.state.as_slice()) + .unwrap(); let dsg_p2_sig = - mps::dsg_round3_process(dsg_p0_2.msg.as_slice(), dsg_p2_2.state.as_slice()).unwrap(); + mps::ed25519_dsg_round3_process(dsg_p0_2.msg.as_slice(), dsg_p2_2.state.as_slice()) + .unwrap(); assert_eq!( dsg_p2_sig, dsg_p0_sig, @@ -617,7 +735,7 @@ impl MsgShare { } #[wasm_bindgen] -pub fn dkg_round0_process( +pub fn ed25519_dkg_round0_process( party_id: u8, decryption_key: &[u8], encryption_keys: Array, @@ -627,7 +745,7 @@ pub fn dkg_round0_process( .try_into() .map_err(|_| "Deserialization Error")?; let seed_32: [u8; 32] = seed[..32].try_into().map_err(|_| "Deserialization Error")?; - let result = mps::dkg_round0_process( + let result = mps::ed25519_dkg_round0_process( party_id, &decryption_key_32, &[ @@ -645,8 +763,11 @@ pub fn dkg_round0_process( } #[wasm_bindgen] -pub fn dkg_round1_process(round1_messages: Array, state: &[u8]) -> Result { - let result = mps::dkg_round1_process( +pub fn ed25519_dkg_round1_process( + round1_messages: Array, + state: &[u8], +) -> Result { + let result = mps::ed25519_dkg_round1_process( &[ js_sys::Uint8Array::from(round1_messages.get(0)).to_vec(), js_sys::Uint8Array::from(round1_messages.get(1)).to_vec(), @@ -662,8 +783,8 @@ pub fn dkg_round1_process(round1_messages: Array, state: &[u8]) -> Result Result { - let result = mps::dkg_round2_process( +pub fn ed25519_dkg_round2_process(round2_messages: Array, state: &[u8]) -> Result { + let result = mps::ed25519_dkg_round2_process( &[ js_sys::Uint8Array::from(round2_messages.get(0)).to_vec(), js_sys::Uint8Array::from(round2_messages.get(1)).to_vec(), @@ -679,13 +800,13 @@ pub fn dkg_round2_process(round2_messages: Array, state: &[u8]) -> Result Result { - let result = - mps::dsg_round0_process(share, derivation_path, message).map_err(|e| e.to_string())?; + let result = mps::ed25519_dsg_round0_process(share, derivation_path, message) + .map_err(|e| e.to_string())?; Ok(MsgState { msg: result.msg, @@ -694,8 +815,9 @@ pub fn dsg_round0_process( } #[wasm_bindgen] -pub fn dsg_round1_process(round1_message: &[u8], state: &[u8]) -> Result { - let result = mps::dsg_round1_process(round1_message, state).map_err(|e| e.to_string())?; +pub fn ed25519_dsg_round1_process(round1_message: &[u8], state: &[u8]) -> Result { + let result = + mps::ed25519_dsg_round1_process(round1_message, state).map_err(|e| e.to_string())?; Ok(MsgState { msg: result.msg, @@ -704,8 +826,9 @@ pub fn dsg_round1_process(round1_message: &[u8], state: &[u8]) -> Result Result { - let result = mps::dsg_round2_process(round2_message, state).map_err(|e| e.to_string())?; +pub fn ed25519_dsg_round2_process(round2_message: &[u8], state: &[u8]) -> Result { + let result = + mps::ed25519_dsg_round2_process(round2_message, state).map_err(|e| e.to_string())?; Ok(MsgState { msg: result.msg, @@ -714,8 +837,9 @@ pub fn dsg_round2_process(round2_message: &[u8], state: &[u8]) -> Result Result, String> { - let result = mps::dsg_round3_process(round2_message, state).map_err(|e| e.to_string())?; +pub fn ed25519_dsg_round3_process(round2_message: &[u8], state: &[u8]) -> Result, String> { + let result = + mps::ed25519_dsg_round3_process(round2_message, state).map_err(|e| e.to_string())?; Ok(result.to_vec()) } diff --git a/packages/wasm-mps/test/mps.ts b/packages/wasm-mps/test/mps.ts index 5b9a3b2412e..bf46129523f 100644 --- a/packages/wasm-mps/test/mps.ts +++ b/packages/wasm-mps/test/mps.ts @@ -21,8 +21,8 @@ describe("mps", function () { describe("dkg", function () { it("performs round 0", function () { - for (let i = 0; i < 3; i++) { - mps.dkg_round0_process( + for (let i = 0; i < keypairs.length; i++) { + mps.ed25519_dkg_round0_process( i, keypairs[i].privateKey, otherIndices[i].map((i) => keypairs[i].publicKey), @@ -35,7 +35,7 @@ describe("mps", function () { before("performs round 0", function () { results1 = [0, 1, 2].map((i) => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( i, keypairs[i].privateKey, otherIndices[i].map((i) => keypairs[i].publicKey), @@ -45,8 +45,8 @@ describe("mps", function () { }); it("performs round 1", function () { - for (let i = 0; i < 3; i++) { - mps.dkg_round1_process( + for (let i = 0; i < results1.length; i++) { + mps.ed25519_dkg_round1_process( otherIndices[i].map((i) => results1[i].msg), results1[i].state, ); @@ -57,7 +57,7 @@ describe("mps", function () { before("performs round 1", function () { results2 = [0, 1, 2].map((i) => - mps.dkg_round1_process( + mps.ed25519_dkg_round1_process( otherIndices[i].map((i) => results1[i].msg), results1[i].state, ), @@ -66,7 +66,7 @@ describe("mps", function () { it("performs round 2", function () { const results3 = [0, 1, 2].map((i) => - mps.dkg_round2_process( + mps.ed25519_dkg_round2_process( otherIndices[i].map((i) => results2[i].msg), results2[i].state, ), @@ -89,7 +89,7 @@ describe("mps", function () { describe("round0_process", function () { it("does not panic on bad party size", function () { shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( "255", Buffer.alloc(32), [Buffer.alloc(32), Buffer.alloc(32)], @@ -100,7 +100,7 @@ describe("mps", function () { it("does not panic on bad encryption key", function () { shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( 0, "encryption key", [Buffer.alloc(32), Buffer.alloc(32)], @@ -108,7 +108,7 @@ describe("mps", function () { ), ); shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( 0, Buffer.alloc(0), [Buffer.alloc(32), Buffer.alloc(32)], @@ -119,17 +119,34 @@ describe("mps", function () { it("does not panic on bad decryption keys", function () { shouldThrow(() => - mps.dkg_round0_process(0, Buffer.alloc(0), "decryption keys", crypto.randomBytes(32)), + mps.ed25519_dkg_round0_process( + 0, + Buffer.alloc(0), + "decryption keys", + crypto.randomBytes(32), + ), + ); + shouldThrow(() => + mps.ed25519_dkg_round0_process(0, Buffer.alloc(0), [], crypto.randomBytes(32)), ); - shouldThrow(() => mps.dkg_round0_process(0, Buffer.alloc(0), [], crypto.randomBytes(32))); shouldThrow(() => - mps.dkg_round0_process(0, Buffer.alloc(0), ["decryption key"], crypto.randomBytes(32)), + mps.ed25519_dkg_round0_process( + 0, + Buffer.alloc(0), + ["decryption key"], + crypto.randomBytes(32), + ), ); shouldThrow(() => - mps.dkg_round0_process(0, Buffer.alloc(0), [Buffer.alloc(0)], crypto.randomBytes(32)), + mps.ed25519_dkg_round0_process( + 0, + Buffer.alloc(0), + [Buffer.alloc(0)], + crypto.randomBytes(32), + ), ); shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( 0, Buffer.alloc(0), [Buffer.alloc(32), Buffer.alloc(0)], @@ -140,7 +157,7 @@ describe("mps", function () { it("does not panic on bad seed", function () { shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( 0, Buffer.alloc(0), [Buffer.alloc(32), Buffer.alloc(32)], @@ -148,7 +165,7 @@ describe("mps", function () { ), ); shouldThrow(() => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( 0, Buffer.alloc(0), [Buffer.alloc(32), Buffer.alloc(32)], @@ -160,32 +177,36 @@ describe("mps", function () { describe("round1_process", function () { it("does not panic on bad messages", function () { - shouldThrow(() => mps.dkg_round1_process("messages", Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round1_process([], Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round1_process(["message"], Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round1_process([Buffer.alloc(0), Buffer.alloc(1224)])); + shouldThrow(() => mps.ed25519_dkg_round1_process("messages", Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round1_process([], Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round1_process(["message"], Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round1_process([Buffer.alloc(0), Buffer.alloc(1224)])); }); it("does not panic on bad state", function () { - shouldThrow(() => mps.dkg_round1_process([Buffer.alloc(65), Buffer.alloc(65)], "state")); shouldThrow(() => - mps.dkg_round1_process([Buffer.alloc(65), Buffer.alloc(65)], Buffer.alloc(0)), + mps.ed25519_dkg_round1_process([Buffer.alloc(65), Buffer.alloc(65)], "state"), + ); + shouldThrow(() => + mps.ed25519_dkg_round1_process([Buffer.alloc(65), Buffer.alloc(65)], Buffer.alloc(0)), ); }); }); describe("round2_process", function () { it("does not panic on bad messages", function () { - shouldThrow(() => mps.dkg_round2_process("messages", Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round2_process([], Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round2_process(["message"], Buffer.alloc(1224))); - shouldThrow(() => mps.dkg_round2_process([Buffer.alloc(0), Buffer.alloc(1224)])); + shouldThrow(() => mps.ed25519_dkg_round2_process("messages", Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round2_process([], Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round2_process(["message"], Buffer.alloc(1224))); + shouldThrow(() => mps.ed25519_dkg_round2_process([Buffer.alloc(0), Buffer.alloc(1224)])); }); it("does not panic on bad state", function () { - shouldThrow(() => mps.dkg_round2_process([Buffer.alloc(65), Buffer.alloc(65)], "state")); shouldThrow(() => - mps.dkg_round2_process([Buffer.alloc(65), Buffer.alloc(65)], Buffer.alloc(0)), + mps.ed25519_dkg_round2_process([Buffer.alloc(65), Buffer.alloc(65)], "state"), + ); + shouldThrow(() => + mps.ed25519_dkg_round2_process([Buffer.alloc(65), Buffer.alloc(65)], Buffer.alloc(0)), ); }); }); @@ -198,7 +219,7 @@ describe("mps", function () { before("performs dkg", function () { const results1 = [0, 1, 2].map((i) => - mps.dkg_round0_process( + mps.ed25519_dkg_round0_process( i, keypairs[i].privateKey, otherIndices[i].map((i) => keypairs[i].publicKey), @@ -206,13 +227,13 @@ describe("mps", function () { ), ); const results2 = [0, 1, 2].map((i) => - mps.dkg_round1_process( + mps.ed25519_dkg_round1_process( otherIndices[i].map((i) => results1[i].msg), results1[i].state, ), ); shares = [0, 1, 2].map((i) => - mps.dkg_round2_process( + mps.ed25519_dkg_round2_process( otherIndices[i].map((i) => results2[i].msg), results2[i].state, ), @@ -225,19 +246,19 @@ describe("mps", function () { it("performs round 0", function () { for (const i of [0, 2]) { - mps.dsg_round0_process(shares[i].share, "m", message); + mps.ed25519_dsg_round0_process(shares[i].share, "m", message); } }); let results1: Array; before("performs round 0", function () { - results1 = [0, 2].map((i) => mps.dsg_round0_process(shares[i].share, "m", message)); + results1 = [0, 2].map((i) => mps.ed25519_dsg_round0_process(shares[i].share, "m", message)); }); it("performs round 1", function () { - for (let i = 0; i < 2; i++) { - mps.dsg_round1_process(results1[otherIndex[i]].msg, results1[i].state); + for (let i = 0; i < results1.length; i++) { + mps.ed25519_dsg_round1_process(results1[otherIndex[i]].msg, results1[i].state); } }); @@ -245,13 +266,13 @@ describe("mps", function () { before("performs round 1", function () { results2 = [0, 1].map((i) => - mps.dsg_round1_process(results1[otherIndex[i]].msg, results1[i].state), + mps.ed25519_dsg_round1_process(results1[otherIndex[i]].msg, results1[i].state), ); }); it("performs round 2", function () { - for (let i = 0; i < 2; i++) { - mps.dsg_round2_process(results2[otherIndex[i]].msg, results2[i].state); + for (let i = 0; i < results2.length; i++) { + mps.ed25519_dsg_round2_process(results2[otherIndex[i]].msg, results2[i].state); } }); @@ -259,13 +280,13 @@ describe("mps", function () { before("performs round 2", function () { results3 = [0, 1].map((i) => - mps.dsg_round2_process(results2[otherIndex[i]].msg, results2[i].state), + mps.ed25519_dsg_round2_process(results2[otherIndex[i]].msg, results2[i].state), ); }); it("performs round 3", function () { const signatures = [0, 1].map((i) => - mps.dsg_round3_process(results3[otherIndex[i]].msg, results3[i].state), + mps.ed25519_dsg_round3_process(results3[otherIndex[i]].msg, results3[i].state), ); assert(sodium.crypto_sign_verify_detached(signatures[0], message, shares[0].pk)); assert(sodium.crypto_sign_verify_detached(signatures[1], message, shares[2].pk));