[in progress] Update Presigning and Signing

synedrion/src/cggmp21.rs

@@ -16,8 +16,8 @@ mod key_refresh;
 mod params;
 mod sigma;
 
-#[cfg(test)]
-mod signing_malicious;
+//#[cfg(test)]
+//mod signing_malicious;
 
 #[cfg(test)]
 mod key_init_tests;

synedrion/src/cggmp21/conversion.rs

@@ -63,35 +63,6 @@ pub(crate) fn scalar_from_signed<P: SchemeParams>(
     }
 }
 
-/// Converts a wide integer to the associated curve scalar type.
-pub(crate) fn scalar_from_wide_uint<P: SchemeParams>(value: &<P::Paillier as PaillierParams>::WideUint) -> Scalar {
-    let r = *value % P::CURVE_ORDER_WIDE;
-
-    let repr = r.to_be_bytes();
-    let uint_len = repr.as_ref().len();
-    let scalar_len = Scalar::repr_len();
-
-    // Can unwrap here since the value is within the Scalar range
-    Scalar::try_from_be_bytes(
-        repr.as_ref()
-            .get(uint_len - scalar_len..)
-            .expect("WideUint is assumed to be bigger than Scalar"),
-    )
-    .expect("the value was reduced modulo curve order, so it's a valid curve scalar")
-}
-
-/// Converts a `PublicSigned`-wrapped wide integer to the associated curve scalar type.
-pub(crate) fn scalar_from_wide_signed<P: SchemeParams>(
-    value: &PublicSigned<<P::Paillier as PaillierParams>::WideUint>,
-) -> Scalar {
-    let abs_value = scalar_from_wide_uint::<P>(&value.abs());
-    if value.is_negative() {
-        -abs_value
-    } else {
-        abs_value
-    }
-}
-
 /// Converts a secret-wrapped uint to a secret-wrapped [`Scalar`], reducing the value modulo curve order.
 fn secret_scalar_from_uint<P: SchemeParams>(value: &Secret<<P::Paillier as PaillierParams>::Uint>) -> Secret<Scalar> {
     let r = value % &P::CURVE_ORDER;

synedrion/src/cggmp21/entities.rs

@@ -14,11 +14,9 @@ use crate::{
     cggmp21::SchemeParams,
     curve::{secret_split, Point, Scalar},
     paillier::{
-        Ciphertext, PaillierParams, PublicKeyPaillier, PublicKeyPaillierWire, RPParams, RPParamsWire, Randomizer,
-        SecretKeyPaillier, SecretKeyPaillierWire,
+        PublicKeyPaillier, PublicKeyPaillierWire, RPParams, RPParamsWire, SecretKeyPaillier, SecretKeyPaillierWire,
     },
     tools::Secret,
-    uint::SecretSigned,
 };
 
 /// The result of the KeyInit protocol.
@@ -86,39 +84,6 @@ pub struct KeyShareChange<P: SchemeParams, I: Ord> {
     pub(crate) phantom: PhantomData<P>,
 }
 
-/// The result of the Presigning protocol.
-#[derive(Debug, Clone)]
-pub(crate) struct PresigningData<P: SchemeParams, I> {
-    pub(crate) nonce: Scalar, // x-coordinate of $R$
-    /// An additive share of the ephemeral scalar.
-    pub(crate) ephemeral_scalar_share: Secret<Scalar>, // $k_i$
-    /// An additive share of `k * x` where `x` is the secret key.
-    pub(crate) product_share: Secret<Scalar>,
-
-    // Values generated during presigning,
-    // kept in case we need to generate a proof of correctness.
-    pub(crate) product_share_nonreduced: SecretSigned<<P::Paillier as PaillierParams>::Uint>,
-
-    // $K_i$.
-    pub(crate) cap_k: Ciphertext<P::Paillier>,
-
-    // The values for $j$, $j != i$.
-    pub(crate) values: BTreeMap<I, PresigningValues<P>>,
-}
-
-#[derive(Debug, Clone)]
-pub(crate) struct PresigningValues<P: SchemeParams> {
-    pub(crate) hat_beta: SecretSigned<<P::Paillier as PaillierParams>::Uint>,
-    pub(crate) hat_r: Randomizer<P::Paillier>,
-    pub(crate) hat_s: Randomizer<P::Paillier>,
-    pub(crate) cap_k: Ciphertext<P::Paillier>,
-    /// Received $\hat{D}_{i,j}$.
-    pub(crate) hat_cap_d_received: Ciphertext<P::Paillier>,
-    /// Sent $\hat{D}_{j,i}$.
-    pub(crate) hat_cap_d: Ciphertext<P::Paillier>,
-    pub(crate) hat_cap_f: Ciphertext<P::Paillier>,
-}
-
 impl<P: SchemeParams, I: Clone + Ord + Debug> KeyShare<P, I> {
     pub(crate) fn new(
         owner: I,