This is not complete.

examples/gg20_sign_client.rs

@@ -301,6 +301,9 @@ fn main() {
         index: (party_num_int - 1) as usize,
         sign_keys: res_stage1.sign_keys.clone(),
         s_ttag: signers_vec.len(),
+        m_a:,
+        e_k:,
+        h1_h2_N_tilde_vec:,
     };
     let res_stage5 = sign_stage5(&input_stage5).expect("Sign Stage 5 failed.");
     assert!(broadcast(

src/protocols/multi_party_ecdsa/gg_2020/orchestrate.rs

@@ -404,11 +404,16 @@ pub struct SignStage5Input {
     pub index: usize,
     pub sign_keys: SignKeys,
     pub s_ttag: usize,
+    pub m_a: (MessageA, BigInt),
+    pub e_k: EncryptionKey,
+    pub h1_h2_N_tilde_vec: DLogStatement,
 }
+use crate::utilities::zk_pdl_with_slack::{PDLwSlackProof, PDLwSlackStatement, PDLwSlackWitness};
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct SignStage5Result {
     pub R: GE,
     pub R_dash: GE,
+    pub phase5_proof: PDLwSlackProof,
 }
 pub fn sign_stage5(input: &SignStage5Input) -> Result<SignStage5Result, ErrorType> {
     let b_proof_vec = (0..input.s_ttag - 1)
@@ -428,18 +433,28 @@ pub fn sign_stage5(input: &SignStage5Input) -> Result<SignStage5Result, ErrorTyp
 
     let Rvec_i = check_Rvec_i.unwrap();
     let Rdash_vec_i = Rvec_i * input.sign_keys.k_i;
+    let proof = LocalSignature::phase5_proof_pdl(
+        &Rdash_vec_i,
+        &Rvec_i,
+        &input.m_a.0.c,
+        &input.e_k,
+        &input.sign_keys.k_i,
+        &input.m_a.1,
+        &input.h1_h2_N_tilde_vec,
+    );
+
     Ok(SignStage5Result {
         R: Rvec_i,
         R_dash: Rdash_vec_i,
+        phase5_proof: proof,
     })
 }
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct SignStage6Input {
     pub R_dash_vec: Vec<GE>,
-    pub R: GE,
-    pub m_a: MessageA,
-    pub randomness: BigInt,
-    pub e_k: EncryptionKey,
+    pub R_vec: Vec<GE>,
+    pub m_a_vec: Vec<MessageA>,
+    pub e_k_vec: Vec<EncryptionKey>,
     pub k_i: FE,
     pub h1_h2_N_tilde_vec: Vec<DLogStatement>,
     pub s: Vec<usize>,
@@ -448,40 +463,32 @@ pub struct SignStage6Input {
     pub message_bn: BigInt,
     pub sigma: FE,
     pub ysum: GE,
+    pub phase5_proof_vec: Vec<PDLwSlackProof>,
 }
 
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct SignStage6Result {
     pub local_sig: LocalSignature,
 }
 pub fn sign_stage6(input: &SignStage6Input) -> Result<SignStage6Result, ErrorType> {
-    let mut proof_vec = vec![];
     for j in 0..input.s.len() - 1 {
+        if j == input.index {
+            continue;
+        }
         let ind = if j < input.index { j } else { j + 1 };
-        let proof = LocalSignature::phase5_proof_pdl(
+        let phase5_verify_zk = LocalSignature::phase5_verify_pdl(
+            &input.phase5_proof_vec,
             &input.R_dash_vec[input.index],
-            &input.R,
-            &input.m_a.c,
-            &input.e_k,
-            &input.k_i,
-            &input.randomness,
-            &input.h1_h2_N_tilde_vec[input.s[ind]],
+            &input.R_vec[input.index],
+            &input.m_a_vec[input.index].c,
+            &input.e_k_vec[input.s[ind]],
+            &input.h1_h2_N_tilde_vec[..],
+            &input.s,
+            input.index,
         );
-
-        proof_vec.push(proof);
-    }
-    let phase5_verify_zk = LocalSignature::phase5_verify_pdl(
-        &proof_vec,
-        &input.R_dash_vec[input.index],
-        &input.R,
-        &input.m_a.c,
-        &input.e_k,
-        &input.h1_h2_N_tilde_vec[..],
-        &input.s,
-        input.index,
-    );
-    if phase5_verify_zk.is_err() {
-        return Err(phase5_verify_zk.err().unwrap());
+        if phase5_verify_zk.is_err() {
+            return Err(phase5_verify_zk.err().unwrap());
+        }
     }
 
     let phase5_check = LocalSignature::phase5_check_R_dash_sum(&input.R_dash_vec);
@@ -495,7 +502,7 @@ pub fn sign_stage6(input: &SignStage6Input) -> Result<SignStage6Result, ErrorTyp
         local_sig: LocalSignature::phase7_local_sig(
             &input.sign_key.k_i,
             &input.message_bn,
-            &input.R,
+            &input.R_vec[input.index],
             &input.sigma,
             &input.ysum,
         ),
@@ -1086,6 +1093,9 @@ mod tests {
                 index: i,
                 sign_keys: sign_keys_vec[i].clone(),
                 s_ttag: ttag,
+                m_a: m_a_vec[i].clone(),
+                e_k: keypair_result.e_vec[s[i] - 1].clone(),
+                h1_h2_N_tilde_vec: keypair_result.h1_h2_N_tilde_vec[s[i] - 1].clone(),
             };
             write_input!(
                 i as u16,
@@ -1118,12 +1128,15 @@ mod tests {
         let mut res_stage6_vec = vec![];
         for i in 0..ttag {
             let input = SignStage6Input {
+                phase5_proof_vec: result_stage5_vec
+                    .iter()
+                    .map(|a| a.phase5_proof.clone())
+                    .collect(),
                 R_dash_vec: R_dash_vec.clone(),
-                R: R_vec[i].clone(),
-                m_a: m_a_vec[i].0.clone(),
-                e_k: keypair_result.e_vec[s[i]].clone(),
+                R_vec: R_vec.clone(),
+                m_a_vec: m_a_vec.iter().map(|a| a.0.clone()).collect(),
+                e_k_vec: keypair_result.e_vec.clone(),
                 k_i: sign_keys_vec[i].k_i.clone(),
-                randomness: m_a_vec[i].1.clone(),
                 h1_h2_N_tilde_vec: keypair_result.h1_h2_N_tilde_vec.clone(),
                 index: i as usize,
                 s: s.to_vec(),

src/protocols/multi_party_ecdsa/gg_2020/state_machine/sign.rs

@@ -32,6 +32,7 @@ use thiserror::Error;
 use crate::utilities::mta::MessageA;
 
 use crate::protocols::multi_party_ecdsa::gg_2020 as gg20;
+use crate::utilities::zk_pdl_with_slack::PDLwSlackProof;
 use gg20::party_i::{LocalSignature, SignBroadcastPhase1, SignDecommitPhase1, SignatureRecid};
 use gg20::state_machine::keygen::LocalKey;
 
@@ -56,7 +57,11 @@ pub struct OfflineStage {
         Store<BroadcastMsgs<SignDecommitPhase1>>,
         Store<BroadcastMsgs<DeltaI>>,
     )>,
-    msgs4: Option<Store<BroadcastMsgs<RDash>>>,
+    msgs4: Option<(
+        Store<BroadcastMsgs<RDash>>,
+        Store<BroadcastMsgs<PDLwSlackProof>>,
+        Store<BroadcastMsgs<RVal>>,
+    )>,
     msgs_com: Option<Store<BroadcastMsgs<SignBroadcastPhase1>>>,
 
     msgs_queue: MsgQueue,
@@ -136,7 +141,13 @@ impl OfflineStage {
             .as_ref()
             .map(|(s1, s2)| s1.wants_more() || s2.wants_more())
             .unwrap_or(false);
-        let store4_wants_more = self.msgs4.as_ref().map(|s| s.wants_more()).unwrap_or(false);
+        let store4_wants_more = self
+            .msgs4
+            .as_ref()
+            .map(|(s1, s2, s3)| {
+                s1.wants_more() || s2.wants_more() || s3.wants_more()
+            })
+            .unwrap_or(false);
 
         let next_state: OfflineR;
         let try_again: bool = match replace(&mut self.round, OfflineR::Gone) {
@@ -217,12 +228,19 @@ impl OfflineStage {
                 false
             }
             OfflineR::R4(round) if !store4_wants_more && (!round.is_expensive() || may_block) => {
-                let store = self.msgs4.take().ok_or(InternalError::StoreGone)?;
-                let msgs = store
+                let (store1, store2, store3) =
+                    self.msgs4.take().ok_or(InternalError::StoreGone)?;
+                let msgs1 = store1
+                    .finish()
+                    .map_err(InternalError::RetrieveMessagesFromStore)?;
+                let msgs2 = store2
+                    .finish()
+                    .map_err(InternalError::RetrieveMessagesFromStore)?;
+                let msgs3 = store3
                     .finish()
                     .map_err(InternalError::RetrieveMessagesFromStore)?;
                 next_state = round
-                    .proceed(msgs)
+                    .proceed(msgs1, msgs2, msgs3)
                     .map(OfflineR::Finished)
                     .map_err(Error::ProceedRound)?;
                 false
@@ -383,14 +401,46 @@ impl StateMachine for OfflineStage {
                     })
                     .map_err(Error::HandleMessage)?;
             }
-            OfflineProtocolMessage(OfflineM::M4(m)) => {
-                let store = self
-                    .msgs4
-                    .as_mut()
-                    .ok_or(Error::ReceivedOutOfOrderMessage {
-                        current_round,
-                        msg_round: 4,
-                    })?;
+            OfflineProtocolMessage(OfflineM::M4A(m)) => {
+                let (store, _, _) =
+                    self.msgs4
+                        .as_mut()
+                        .ok_or(Error::ReceivedOutOfOrderMessage {
+                            current_round,
+                            msg_round: 4,
+                        })?;
+                store
+                    .push_msg(Msg {
+                        sender: msg.sender,
+                        receiver: msg.receiver,
+                        body: m,
+                    })
+                    .map_err(Error::HandleMessage)?;
+            }
+            OfflineProtocolMessage(OfflineM::M4B(m)) => {
+                let (_, store, _) =
+                    self.msgs4
+                        .as_mut()
+                        .ok_or(Error::ReceivedOutOfOrderMessage {
+                            current_round,
+                            msg_round: 4,
+                        })?;
+                store
+                    .push_msg(Msg {
+                        sender: msg.sender,
+                        receiver: msg.receiver,
+                        body: m,
+                    })
+                    .map_err(Error::HandleMessage)?;
+            }
+            OfflineProtocolMessage(OfflineM::M4C(m)) => {
+                let (_, _, store) =
+                    self.msgs4
+                        .as_mut()
+                        .ok_or(Error::ReceivedOutOfOrderMessage {
+                            current_round,
+                            msg_round: 4,
+                        })?;
                 store
                     .push_msg(Msg {
                         sender: msg.sender,
@@ -435,7 +485,13 @@ impl StateMachine for OfflineStage {
             .as_ref()
             .map(|(s1, s2)| s1.wants_more() || s2.wants_more())
             .unwrap_or(false);
-        let store4_wants_more = self.msgs4.as_ref().map(|s| s.wants_more()).unwrap_or(false);
+        let store4_wants_more = self
+            .msgs4
+            .as_ref()
+            .map(|(s1, s2, s3)| {
+                s1.wants_more() || s2.wants_more() || s3.wants_more() 
+            })
+            .unwrap_or(false);
         let store_com_wants_more = self
             .msgs_com
             .as_ref()
@@ -555,8 +611,9 @@ enum OfflineM {
     M2B((GammaI, WI)),
     M3A(SignDecommitPhase1),
     M3B(DeltaI),
-    M4(RDash),
-
+    M4A(RDash),
+    M4B(PDLwSlackProof),
+    M4C(RVal),
     MD(SignBroadcastPhase1),
 }
 
@@ -584,7 +641,9 @@ make_pushable! {
     M2B (GammaI, WI),
     M3A SignDecommitPhase1,
     M3B DeltaI,
-    M4 RDash,
+    M4A RDash,
+    M4B PDLwSlackProof,
+    M4C RVal,
     MD SignBroadcastPhase1,
 }
 

src/protocols/multi_party_ecdsa/gg_2020/state_machine/sign/fmt.rs

@@ -17,7 +17,7 @@ pub struct OfflineStageProgress {
     round1_msgs: ReceivedMessages,
     round2_msgs: (ReceivedMessages, ReceivedMessages),
     round3_msgs: (ReceivedMessages, ReceivedMessages),
-    round4_msgs: ReceivedMessages,
+    round4_msgs: (ReceivedMessages, ReceivedMessages, ReceivedMessages),
     decom_round_msgs: ReceivedMessages,
 
     msgs_queue: OutgoingMessages,
@@ -53,7 +53,11 @@ impl From<&super::OfflineStage> for OfflineStageProgress {
                 ReceivedMessages::from_broadcast(state.msgs3.as_ref().map(|s| &s.0)),
                 ReceivedMessages::from_broadcast(state.msgs3.as_ref().map(|s| &s.1)),
             ),
-            round4_msgs: ReceivedMessages::from_broadcast(state.msgs4.as_ref()),
+            round4_msgs: (
+                ReceivedMessages::from_broadcast(state.msgs4.as_ref().map(|s| &s.0)),
+                ReceivedMessages::from_broadcast(state.msgs4.as_ref().map(|s| &s.1)),
+                ReceivedMessages::from_broadcast(state.msgs4.as_ref().map(|s| &s.2)),
+             ),
             decom_round_msgs: ReceivedMessages::from_broadcast(state.msgs_com.as_ref()),
 
             msgs_queue: OutgoingMessages {