Refactoring to move proof generation to DKG module

azuchi · Feb 14, 2024 · 67c656c · 67c656c
1 parent 25da50e
commit 67c656c
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 9 deletions.
diff --git a/lib/frost/dkg.rb b/lib/frost/dkg.rb
@@ -23,6 +23,22 @@ def part1(identifier, min_signers, max_signers, group)
       [polynomial, Package.new(identifier, polynomial.gen_commitments, polynomial.gen_proof_of_knowledge(identifier))]
     end
 
+    # Generate proof of knowledge for secret.
+    # @param [Integer] identifier Identifier of the owner of polynomial.
+    # @param [FROST::Polynomial] polynomial Polynomial containing secret.
+    # @return [FROST::Signature]
+    def gen_proof_of_knowledge(identifier, polynomial)
+      k = SecureRandom.random_number(polynomial.group.order - 1)
+      r = polynomial.group.generator * k
+      a0 = polynomial.coefficients.first
+      a0_g = polynomial.group.generator * a0
+      msg = FROST.encode_identifier(identifier, polynomial.group) + [a0_g.to_hex + r.to_hex].pack("H*")
+      challenge = Hash.hdkg(msg, polynomial.group)
+      field = ECDSA::PrimeField.new(polynomial.group.order)
+      s = field.mod(k + a0 * challenge)
+      FROST::Signature.new(r, s)
+    end
+
     # Verify proof of knowledge for received commitment.
     # @param [FROST::DKG::Package] package Received package.
     # @return [Boolean]
@@ -33,5 +49,10 @@ def verify_proof_of_knowledge(package)
       challenge = Hash.hdkg(msg, verification_key.group)
       package.proof.r == verification_key.group.generator * package.proof.s + (verification_key * challenge).negate
     end
+
+    # Performs the second part of DKG.
+    def part2(packages)
+
+    end
   end
 end
diff --git a/lib/frost/polynomial.rb b/lib/frost/polynomial.rb
@@ -59,15 +59,7 @@ def gen_commitments
     # @param [Integer] identifier Identifier of the owner of this polynomial.
     # @return [FROST::Signature]
     def gen_proof_of_knowledge(identifier)
-      k = SecureRandom.random_number(group.order - 1)
-      r = group.generator * k
-      a0 = coefficients.first
-      a0_g = group.generator * a0
-      msg = FROST.encode_identifier(identifier, group) + [a0_g.to_hex + r.to_hex].pack("H*")
-      challenge = Hash.hdkg(msg, group)
-      field = ECDSA::PrimeField.new(group.order)
-      s = field.mod(k + a0 * challenge)
-      FROST::Signature.new(r, s)
+      FROST::DKG.gen_proof_of_knowledge(identifier, self)
     end
 
     # Generates the lagrange coefficient for the i'th participant.