diff --git a/synedrion/src/cggmp21/protocols.rs b/synedrion/src/cggmp21/protocols.rs index 00c34946..3cf11e48 100644 --- a/synedrion/src/cggmp21/protocols.rs +++ b/synedrion/src/cggmp21/protocols.rs @@ -8,11 +8,9 @@ pub(crate) mod signing; #[cfg(test)] pub(crate) mod signing_malicious; -pub use aux_gen::{AuxGenError, AuxGenProtocol}; -pub use interactive_signing::{ - InteractiveSigningInputs, InteractiveSigningProtocol, InteractiveSigningRound1, -}; -pub use key_init::{KeyInitError, KeyInitProtocol}; -pub use key_refresh::KeyRefreshProtocol; -pub use presigning::{PresigningError, PresigningProof, PresigningProtocol}; -pub use signing::{SigningProof, SigningProtocol}; +pub use aux_gen::{AuxGen, AuxGenProtocol}; +pub use interactive_signing::{InteractiveSigning, InteractiveSigningProtocol}; +pub use key_init::{KeyInit, KeyInitProtocol}; +pub use key_refresh::{KeyRefresh, KeyRefreshProtocol}; +pub use presigning::{Presigning, PresigningProtocol}; +pub use signing::{Signing, SigningProtocol}; diff --git a/synedrion/src/cggmp21/protocols/aux_gen.rs b/synedrion/src/cggmp21/protocols/aux_gen.rs index a9d70b51..fe51ff99 100644 --- a/synedrion/src/cggmp21/protocols/aux_gen.rs +++ b/synedrion/src/cggmp21/protocols/aux_gen.rs @@ -91,68 +91,33 @@ impl ProtocolError for AuxGenError { } } -#[derive(Debug, Clone, Serialize, Deserialize)] -#[serde(bound(serialize = "PrmProof

: Serialize"))] -#[serde(bound(deserialize = "PrmProof

: for<'x> Deserialize<'x>"))] -pub struct PublicData1 { - cap_y: Point, - cap_b: SchCommitment, - paillier_pk: PublicKeyPaillier, // $N_i$ - rp_params: RPParams, // $s_i$ and $t_i$ - hat_psi: PrmProof

, - rho: BitVec, - u: BitVec, -} - #[derive(Debug, Clone)] -pub struct PublicData1Precomp { - data: PublicData1

, - paillier_pk: PublicKeyPaillierPrecomputed, - rp_params: RPParamsMod, -} - -#[derive(Debug)] -struct Context { - paillier_sk: SecretKeyPaillierPrecomputed, - y: Scalar, - tau_y: SchSecret, - data_precomp: PublicData1Precomp

, +pub struct AuxGen { my_id: I, other_ids: BTreeSet, - sid_hash: HashOutput, + phantom: PhantomData

, } -impl PublicData1

{ - fn hash(&self, sid_hash: &HashOutput, my_id: &I) -> HashOutput { - FofHasher::new_with_dst(b"Auxiliary") - .chain(sid_hash) - .chain(my_id) - .chain(self) - .finalize() +impl AuxGen { + pub fn new(my_id: I, other_ids: BTreeSet) -> Self { + Self { + my_id, + other_ids, + phantom: PhantomData, + } } } -#[derive(Debug)] -pub struct Round1 { - context: Context, -} - -pub struct AuxGenInputs { - pub other_ids: BTreeSet, -} - -impl EntryPoint for Round1 { - type Inputs = AuxGenInputs; +impl EntryPoint for AuxGen { type Protocol = AuxGenProtocol; - fn new( + fn make_round( + self, rng: &mut impl CryptoRngCore, shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { - let mut all_ids = inputs.other_ids.clone(); - all_ids.insert(id.clone()); + let mut all_ids = self.other_ids.clone(); + all_ids.insert(self.my_id.clone()); let sid_hash = FofHasher::new_with_dst(b"SID") .chain_type::

() @@ -177,7 +142,7 @@ impl EntryPoint for Round1 { // Ring-Pedersen parameters ($s$, $t$) bundled in a single object. let rp_params = RPParamsMod::random_with_secret(rng, &lambda, paillier_pk); - let aux = (&sid_hash, &id); + let aux = (&sid_hash, &self.my_id); let hat_psi = PrmProof::

::new(rng, &paillier_sk, &lambda, &rp_params, &aux); let rho = BitVec::random(rng, P::SECURITY_PARAMETER); @@ -204,25 +169,71 @@ impl EntryPoint for Round1 { y, tau_y, data_precomp, - my_id: id, - other_ids: inputs.other_ids, + my_id: self.my_id, + other_ids: self.other_ids, sid_hash, }; - Ok(BoxedRound::new_dynamic(Self { context })) + Ok(BoxedRound::new_dynamic(Round1 { context })) + } +} + +#[derive(Debug, Clone, Serialize, Deserialize)] +#[serde(bound(serialize = "PrmProof

: Serialize"))] +#[serde(bound(deserialize = "PrmProof

: for<'x> Deserialize<'x>"))] +struct PublicData1 { + cap_y: Point, + cap_b: SchCommitment, + paillier_pk: PublicKeyPaillier, // $N_i$ + rp_params: RPParams, // $s_i$ and $t_i$ + hat_psi: PrmProof

, + rho: BitVec, + u: BitVec, +} + +#[derive(Debug, Clone)] +struct PublicData1Precomp { + data: PublicData1

, + paillier_pk: PublicKeyPaillierPrecomputed, + rp_params: RPParamsMod, +} + +#[derive(Debug)] +struct Context { + paillier_sk: SecretKeyPaillierPrecomputed, + y: Scalar, + tau_y: SchSecret, + data_precomp: PublicData1Precomp

, + my_id: I, + other_ids: BTreeSet, + sid_hash: HashOutput, +} + +impl PublicData1

{ + fn hash(&self, sid_hash: &HashOutput, my_id: &I) -> HashOutput { + FofHasher::new_with_dst(b"Auxiliary") + .chain(sid_hash) + .chain(my_id) + .chain(self) + .finalize() } } +#[derive(Debug)] +struct Round1 { + context: Context, +} + #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct Round1Message { +struct Round1Message { cap_v: HashOutput, } -pub struct Round1Payload { +struct Round1Payload { cap_v: HashOutput, } -impl Round for Round1 { +impl Round for Round1 { type Protocol = AuxGenProtocol; fn id(&self) -> RoundId { @@ -296,7 +307,7 @@ impl Round for Round1 { } #[derive(Debug)] -pub struct Round2 { +struct Round2 { context: Context, others_cap_v: BTreeMap, } @@ -304,15 +315,15 @@ pub struct Round2 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "PublicData1

: Serialize"))] #[serde(bound(deserialize = "PublicData1

: for<'x> Deserialize<'x>"))] -pub struct Round2Message { +struct Round2Message { data: PublicData1

, } -pub struct Round2Payload { +struct Round2Payload { data: PublicData1Precomp

, } -impl Round for Round2 { +impl Round for Round2 { type Protocol = AuxGenProtocol; fn id(&self) -> RoundId { @@ -414,7 +425,7 @@ impl Round for Round2 { } #[derive(Debug)] -pub struct Round3 { +struct Round3 { context: Context, rho: BitVec, others_data: BTreeMap>, @@ -431,13 +442,13 @@ pub struct Round3 { ModProof

: for<'x> Deserialize<'x>, FacProof

: for<'x> Deserialize<'x>, "))] -pub struct PublicData2 { +struct PublicData2 { psi_mod: ModProof

, // $\psi_i$, a P^{mod} for the Paillier modulus phi: FacProof

, pi: SchProof, } -impl Round3 { +impl Round3 { fn new( rng: &mut impl CryptoRngCore, context: Context, @@ -468,7 +479,7 @@ impl Round3 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "PublicData2

: Serialize"))] #[serde(bound(deserialize = "PublicData2

: for<'x> Deserialize<'x>"))] -pub struct Round3Message { +struct Round3Message { data2: PublicData2

, } @@ -617,7 +628,7 @@ mod tests { use rand_core::{OsRng, RngCore}; use secrecy::ExposeSecret; - use super::{AuxGenInputs, Round1}; + use super::AuxGen; use crate::cggmp21::TestParams; use crate::tools::Without; @@ -629,23 +640,21 @@ mod tests { .iter() .map(|signer| signer.verifying_key()) .collect::>(); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { ( signer, - AuxGenInputs { - other_ids: all_ids.clone().without(&signer.verifying_key()), - }, + AuxGen::::new( + signer.verifying_key(), + all_ids.clone().without(&signer.verifying_key()), + ), ) }) .collect::>(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let aux_infos = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/interactive_signing.rs b/synedrion/src/cggmp21/protocols/interactive_signing.rs index 1bdde1ea..617ecaa1 100644 --- a/synedrion/src/cggmp21/protocols/interactive_signing.rs +++ b/synedrion/src/cggmp21/protocols/interactive_signing.rs @@ -1,58 +1,97 @@ use core::marker::PhantomData; use manul::{ - combinators::chain::{Chained, ChainedEntryPoint, ChainedProtocol}, - protocol::PartyId, + combinators::chain::{make_chained_round, ChainedJoin, ChainedProtocol, ChainedSplit}, + protocol::{BoxedRound, EntryPoint, LocalError, PartyId, Protocol, RoundId}, }; +use rand_core::CryptoRngCore; use super::super::params::SchemeParams; use super::super::{AuxInfo, KeyShare, PresigningData}; -use super::presigning::{self, PresigningInputs}; -use super::signing::{self, SigningInputs}; +use super::presigning::{Presigning, PresigningProtocol}; +use super::signing::{Signing, SigningProtocol}; use crate::curve::{RecoverableSignature, Scalar}; -pub struct InteractiveSigning(PhantomData

); +pub type InteractiveSigningProtocol = + ChainedProtocol, SigningProtocol>; #[derive(Debug, Clone)] -pub struct InteractiveSigningInputs { - pub key_share: KeyShare, - pub aux_info: AuxInfo, - pub message: Scalar, +pub struct InteractiveSigning { + key_share: KeyShare, + aux_info: AuxInfo, + message: Scalar, } -impl<'a, P: SchemeParams, Id: PartyId> From<&'a InteractiveSigningInputs> - for PresigningInputs -{ - fn from(source: &'a InteractiveSigningInputs) -> Self { - PresigningInputs { - key_share: source.key_share.clone(), - aux_info: source.aux_info.clone(), +impl InteractiveSigning { + fn new(message: Scalar, key_share: KeyShare, aux_info: AuxInfo) -> Self { + Self { + message, + key_share, + aux_info, } } } -impl From<(InteractiveSigningInputs, PresigningData)> - for SigningInputs +impl EntryPoint for InteractiveSigning { + type Protocol = InteractiveSigningProtocol; + + fn entry_round() -> RoundId { + , SigningProtocol>>::entry_round() + } + + fn make_round( + self, + rng: &mut impl CryptoRngCore, + shared_randomness: &[u8], + ) -> Result, LocalError> { + make_chained_round(self, rng, shared_randomness) + } +} + +impl ChainedSplit, SigningProtocol> + for InteractiveSigning +where + P: SchemeParams, + I: PartyId, { - fn from(source: (InteractiveSigningInputs, PresigningData)) -> Self { - let (inputs, presigning) = source; - SigningInputs { - message: inputs.message, - key_share: inputs.key_share, - aux_info: inputs.aux_info, - presigning, - } + type EntryPoint = Presigning; + fn make_entry_point1( + self, + ) -> ( + Self::EntryPoint, + impl ChainedJoin, SigningProtocol>, + ) { + ( + Presigning::new(self.key_share.clone(), self.aux_info.clone()), + Transition { + message: self.message, + key_share: self.key_share, + aux_info: self.aux_info, + }, + ) } } -impl Chained for InteractiveSigning

{ - type Inputs = InteractiveSigningInputs; - type EntryPoint1 = presigning::Round1; - type EntryPoint2 = signing::Round1; +#[derive(Debug)] +struct Transition { + message: Scalar, + key_share: KeyShare, + aux_info: AuxInfo, } -pub type InteractiveSigningProtocol = ChainedProtocol>; -pub type InteractiveSigningRound1 = ChainedEntryPoint>; +impl ChainedJoin, SigningProtocol> for Transition +where + P: SchemeParams, + I: PartyId, +{ + type EntryPoint = Signing; + fn make_entry_point2( + self, + presigning: as Protocol>::Result, + ) -> Self::EntryPoint { + Signing::new(self.message, presigning, self.key_share, self.aux_info) + } +} #[cfg(test)] mod tests { @@ -65,7 +104,7 @@ mod tests { }; use rand_core::{OsRng, RngCore}; - use super::{InteractiveSigningInputs, InteractiveSigningRound1}; + use super::InteractiveSigning; use crate::cggmp21::{AuxInfo, KeyShare, TestParams}; use crate::curve::Scalar; @@ -78,29 +117,27 @@ mod tests { .collect::>(); let ids_set = BTreeSet::from_iter(ids.clone()); - let key_shares = KeyShare::new_centralized(&mut OsRng, &ids_set, None); + let key_shares = + KeyShare::::new_centralized(&mut OsRng, &ids_set, None); let aux_infos = AuxInfo::new_centralized(&mut OsRng, &ids_set); let message = Scalar::random(&mut OsRng); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { let id = signer.verifying_key(); - let inputs = InteractiveSigningInputs { + let entry_point = InteractiveSigning::new( message, - key_share: key_shares[&id].clone(), - aux_info: aux_infos[&id].clone(), - }; - (signer, inputs) + key_shares[&id].clone(), + aux_infos[&id].clone(), + ); + (signer, entry_point) }) .collect(); - let reports = run_sync::< - InteractiveSigningRound1, - TestSessionParams, - >(&mut OsRng, inputs) - .unwrap(); + let reports = + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let signatures = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/key_init.rs b/synedrion/src/cggmp21/protocols/key_init.rs index 1d8e05af..712cb0f8 100644 --- a/synedrion/src/cggmp21/protocols/key_init.rs +++ b/synedrion/src/cggmp21/protocols/key_init.rs @@ -103,37 +103,33 @@ impl PublicData

{ } } -#[derive(Debug)] -struct Context { - other_ids: BTreeSet, +#[derive(Debug, Clone)] +pub struct KeyInit { my_id: I, - x: Scalar, - tau: SchSecret, - public_data: PublicData

, - sid_hash: HashOutput, -} - -#[derive(Debug)] -pub struct Round1 { - context: Context, + other_ids: BTreeSet, + phantom: PhantomData

, } -pub struct KeyInitInputs { - pub other_ids: BTreeSet, +impl KeyInit { + pub fn new(my_id: I, other_ids: BTreeSet) -> Self { + Self { + my_id, + other_ids, + phantom: PhantomData, + } + } } -impl EntryPoint for Round1 { - type Inputs = KeyInitInputs; +impl EntryPoint for KeyInit { type Protocol = KeyInitProtocol; - fn new( + fn make_round( + self, rng: &mut impl CryptoRngCore, shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { - let mut all_ids = inputs.other_ids.clone(); - all_ids.insert(id.clone()); + let mut all_ids = self.other_ids.clone(); + all_ids.insert(self.my_id.clone()); let sid_hash = FofHasher::new_with_dst(b"SID") .chain_type::

() @@ -160,24 +156,39 @@ impl EntryPoint for Round1 { }; let context = Context { - other_ids: inputs.other_ids, - my_id: id, + other_ids: self.other_ids, + my_id: self.my_id, x, tau, public_data, sid_hash, }; - Ok(BoxedRound::new_dynamic(Self { context })) + Ok(BoxedRound::new_dynamic(Round1 { context })) } } +#[derive(Debug)] +struct Context { + other_ids: BTreeSet, + my_id: I, + x: Scalar, + tau: SchSecret, + public_data: PublicData

, + sid_hash: HashOutput, +} + +#[derive(Debug)] +struct Round1 { + context: Context, +} + #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct Round1Message { +struct Round1Message { cap_v: HashOutput, } -pub struct Round1Payload { +struct Round1Payload { cap_v: HashOutput, } @@ -246,7 +257,7 @@ impl Round for Round1 { } #[derive(Debug)] -pub struct Round2 { +struct Round2 { context: Context, others_cap_v: BTreeMap, phantom: PhantomData

, @@ -255,11 +266,11 @@ pub struct Round2 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "PublicData

: Serialize"))] #[serde(bound(deserialize = "PublicData

: for<'x> Deserialize<'x>"))] -pub struct Round2Message { +struct Round2Message { data: PublicData

, } -pub struct Round2Payload { +struct Round2Payload { data: PublicData

, } @@ -343,7 +354,7 @@ impl Round for Round2 { } #[derive(Debug)] -pub struct Round3 { +struct Round3 { context: Context, others_data: BTreeMap>, rid: BitVec, @@ -351,7 +362,7 @@ pub struct Round3 { } #[derive(Clone, Serialize, Deserialize)] -pub struct Round3Message { +struct Round3Message { psi: SchProof, } @@ -446,7 +457,7 @@ mod tests { use rand_core::{OsRng, RngCore}; use secrecy::ExposeSecret; - use super::{KeyInitInputs, KeyInitProtocol, Round1}; + use super::{KeyInit, KeyInitProtocol}; use crate::{cggmp21::TestParams, tools::Without}; #[test] @@ -458,23 +469,21 @@ mod tests { .iter() .map(|signer| signer.verifying_key()) .collect::>(); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { ( signer, - KeyInitInputs { - other_ids: all_ids.clone().without(&signer.verifying_key()), - }, + KeyInit::::new( + signer.verifying_key(), + all_ids.clone().without(&signer.verifying_key()), + ), ) }) .collect::>(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let shares = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/key_refresh.rs b/synedrion/src/cggmp21/protocols/key_refresh.rs index 33a7f329..2c491e9b 100644 --- a/synedrion/src/cggmp21/protocols/key_refresh.rs +++ b/synedrion/src/cggmp21/protocols/key_refresh.rs @@ -100,77 +100,33 @@ impl ProtocolError for KeyRefreshError

{ } } -#[derive(Debug, Clone, Serialize, Deserialize)] -#[serde(bound(serialize = " - PrmProof

: Serialize, - "))] -#[serde(bound(deserialize = " - PrmProof

: for<'x> Deserialize<'x>, - "))] -pub struct PublicData1 { - cap_x_to_send: Vec, // $X_i^j$ where $i$ is this party's index - cap_a_to_send: Vec, // $A_i^j$ where $i$ is this party's index - cap_y: Point, - cap_b: SchCommitment, - paillier_pk: PublicKeyPaillier, // $N_i$ - rp_params: RPParams, // $s_i$ and $t_i$ - hat_psi: PrmProof

, - rho: BitVec, - u: BitVec, -} - #[derive(Debug, Clone)] -pub struct PublicData1Precomp { - data: PublicData1

, - paillier_pk: PublicKeyPaillierPrecomputed, - rp_params: RPParamsMod, -} - -#[derive(Debug)] -struct Context { - paillier_sk: SecretKeyPaillierPrecomputed, - y: Scalar, - x_to_send: BTreeMap, // $x_i^j$ where $i$ is this party's index - tau_y: SchSecret, - tau_x: BTreeMap, - data_precomp: PublicData1Precomp

, +pub struct KeyRefresh { my_id: I, other_ids: BTreeSet, - sid_hash: HashOutput, - ids_ordering: BTreeMap, + phantom: PhantomData

, } -impl PublicData1

{ - fn hash(&self, sid_hash: &HashOutput, id: &I) -> HashOutput { - FofHasher::new_with_dst(b"Auxiliary") - .chain(sid_hash) - .chain(id) - .chain(self) - .finalize() +impl KeyRefresh { + pub fn new(my_id: I, other_ids: BTreeSet) -> Self { + Self { + my_id, + other_ids, + phantom: PhantomData, + } } } -#[derive(Debug)] -pub struct Round1 { - context: Context, -} - -pub struct KeyRefreshInputs { - pub other_ids: BTreeSet, -} - -impl EntryPoint for Round1 { - type Inputs = KeyRefreshInputs; +impl EntryPoint for KeyRefresh { type Protocol = KeyRefreshProtocol; - fn new( + fn make_round( + self, rng: &mut impl CryptoRngCore, shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { - let mut all_ids = inputs.other_ids.clone(); - all_ids.insert(id.clone()); + let mut all_ids = self.other_ids.clone(); + all_ids.insert(self.my_id.clone()); let ids_ordering = all_ids .iter() @@ -212,7 +168,7 @@ impl EntryPoint for Round1 { // Ring-Pedersen parameters ($s$, $t$) bundled in a single object. let rp_params = RPParamsMod::random_with_secret(rng, &lambda, paillier_pk); - let aux = (&sid_hash, &id); + let aux = (&sid_hash, &self.my_id); let hat_psi = PrmProof::

::new(rng, &paillier_sk, &lambda, &rp_params, &aux); // The secrets share changes ($\tau_j$, not to be confused with $\tau$) @@ -252,22 +208,77 @@ impl EntryPoint for Round1 { tau_x, tau_y, data_precomp, - my_id: id, - other_ids: inputs.other_ids, + my_id: self.my_id, + other_ids: self.other_ids, sid_hash, ids_ordering, }; - Ok(BoxedRound::new_dynamic(Self { context })) + Ok(BoxedRound::new_dynamic(Round1 { context })) } } #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct Round1Message { +#[serde(bound(serialize = " + PrmProof

: Serialize, + "))] +#[serde(bound(deserialize = " + PrmProof

: for<'x> Deserialize<'x>, + "))] +struct PublicData1 { + cap_x_to_send: Vec, // $X_i^j$ where $i$ is this party's index + cap_a_to_send: Vec, // $A_i^j$ where $i$ is this party's index + cap_y: Point, + cap_b: SchCommitment, + paillier_pk: PublicKeyPaillier, // $N_i$ + rp_params: RPParams, // $s_i$ and $t_i$ + hat_psi: PrmProof

, + rho: BitVec, + u: BitVec, +} + +#[derive(Debug, Clone)] +struct PublicData1Precomp { + data: PublicData1

, + paillier_pk: PublicKeyPaillierPrecomputed, + rp_params: RPParamsMod, +} + +#[derive(Debug)] +struct Context { + paillier_sk: SecretKeyPaillierPrecomputed, + y: Scalar, + x_to_send: BTreeMap, // $x_i^j$ where $i$ is this party's index + tau_y: SchSecret, + tau_x: BTreeMap, + data_precomp: PublicData1Precomp

, + my_id: I, + other_ids: BTreeSet, + sid_hash: HashOutput, + ids_ordering: BTreeMap, +} + +impl PublicData1

{ + fn hash(&self, sid_hash: &HashOutput, id: &I) -> HashOutput { + FofHasher::new_with_dst(b"Auxiliary") + .chain(sid_hash) + .chain(id) + .chain(self) + .finalize() + } +} + +#[derive(Debug)] +struct Round1 { + context: Context, +} + +#[derive(Debug, Clone, Serialize, Deserialize)] +struct Round1Message { cap_v: HashOutput, } -pub struct Round1Payload { +struct Round1Payload { cap_v: HashOutput, } @@ -345,7 +356,7 @@ impl Round for Round1 { } #[derive(Debug)] -pub struct Round2 { +struct Round2 { context: Context, others_cap_v: BTreeMap, } @@ -353,11 +364,11 @@ pub struct Round2 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "PublicData1

: Serialize"))] #[serde(bound(deserialize = "PublicData1

: for<'x> Deserialize<'x>"))] -pub struct Round2Message { +struct Round2Message { data: PublicData1

, } -pub struct Round2Payload { +struct Round2Payload { data: PublicData1Precomp

, } @@ -469,7 +480,7 @@ impl Round for Round2 { } #[derive(Debug)] -pub struct Round3 { +struct Round3 { context: Context, rho: BitVec, others_data: BTreeMap>, @@ -488,7 +499,7 @@ pub struct Round3 { FacProof

: for<'x> Deserialize<'x>, Ciphertext: for<'x> Deserialize<'x>, "))] -pub struct PublicData2 { +struct PublicData2 { psi_mod: ModProof

, // $\psi_i$, a P^{mod} for the Paillier modulus phi: FacProof

, pi: SchProof, @@ -527,11 +538,11 @@ impl Round3 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "PublicData2

: Serialize"))] #[serde(bound(deserialize = "PublicData2

: for<'x> Deserialize<'x>"))] -pub struct Round3Message { +struct Round3Message { data2: PublicData2

, } -pub struct Round3Payload { +struct Round3Payload { x: Scalar, // $x_j^i$, a secret share change received from the party $j$ } @@ -764,7 +775,7 @@ mod tests { use rand_core::{OsRng, RngCore}; use secrecy::ExposeSecret; - use super::{KeyRefreshInputs, Round1}; + use super::KeyRefresh; use crate::tools::Without; use crate::{cggmp21::TestParams, curve::Scalar}; @@ -776,23 +787,21 @@ mod tests { .iter() .map(|signer| signer.verifying_key()) .collect::>(); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { ( signer, - KeyRefreshInputs { - other_ids: all_ids.clone().without(&signer.verifying_key()), - }, + KeyRefresh::::new( + signer.verifying_key(), + all_ids.clone().without(&signer.verifying_key()), + ), ) }) .collect::>(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let results = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/presigning.rs b/synedrion/src/cggmp21/protocols/presigning.rs index d180bc31..e5e15bf8 100644 --- a/synedrion/src/cggmp21/protocols/presigning.rs +++ b/synedrion/src/cggmp21/protocols/presigning.rs @@ -102,43 +102,32 @@ pub struct PresigningProof { dec_proofs: Vec<(I, DecProof

)>, } -#[derive(Debug)] -struct Context { - ssid_hash: HashOutput, - my_id: I, - other_ids: BTreeSet, +pub struct Presigning { key_share: KeyShare, - aux_info: AuxInfoPrecomputed, - k: Scalar, - gamma: Scalar, - rho: RandomizerMod, - nu: RandomizerMod, + aux_info: AuxInfo, } -#[derive(Debug)] -pub struct Round1 { - context: Context, - cap_k: CiphertextMod, - cap_g: CiphertextMod, -} - -pub struct PresigningInputs { - pub key_share: KeyShare, - pub aux_info: AuxInfo, +impl Presigning { + pub fn new(key_share: KeyShare, aux_info: AuxInfo) -> Self { + // TODO: check that both are consistent + Self { + key_share, + aux_info, + } + } } -impl EntryPoint for Round1 { - type Inputs = PresigningInputs; +impl EntryPoint for Presigning { type Protocol = PresigningProtocol; - fn new( + fn make_round( + self, rng: &mut impl CryptoRngCore, shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { - let key_share = inputs.key_share; - let aux_info = inputs.aux_info; + let key_share = self.key_share; + let aux_info = self.aux_info; + let id = key_share.owner().clone(); let other_ids = key_share .public_shares @@ -176,7 +165,7 @@ impl EntryPoint for Round1 { let cap_k = CiphertextMod::new_with_randomizer(pk, &P::uint_from_scalar(&k), &rho.retrieve()); - Ok(BoxedRound::new_dynamic(Self { + Ok(BoxedRound::new_dynamic(Round1 { context: Context { ssid_hash, my_id: id, @@ -194,10 +183,30 @@ impl EntryPoint for Round1 { } } +#[derive(Debug)] +struct Context { + ssid_hash: HashOutput, + my_id: I, + other_ids: BTreeSet, + key_share: KeyShare, + aux_info: AuxInfoPrecomputed, + k: Scalar, + gamma: Scalar, + rho: RandomizerMod, + nu: RandomizerMod, +} + +#[derive(Debug)] +struct Round1 { + context: Context, + cap_k: CiphertextMod, + cap_g: CiphertextMod, +} + #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "Ciphertext: Serialize"))] #[serde(bound(deserialize = "Ciphertext: for<'x> Deserialize<'x>"))] -pub struct Round1BroadcastMessage { +struct Round1BroadcastMessage { cap_k: Ciphertext, cap_g: Ciphertext, } @@ -205,11 +214,11 @@ pub struct Round1BroadcastMessage { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "EncProof

: Serialize"))] #[serde(bound(deserialize = "EncProof

: for<'x> Deserialize<'x>"))] -pub struct Round1DirectMessage { +struct Round1DirectMessage { psi0: EncProof

, } -pub struct Round1Payload { +struct Round1Payload { cap_k: Ciphertext, cap_g: Ciphertext, } @@ -354,7 +363,7 @@ impl Round for Round1 { } #[derive(Debug)] -pub struct Round2 { +struct Round2 { context: Context, all_cap_k: BTreeMap>, all_cap_g: BTreeMap>, @@ -371,7 +380,7 @@ pub struct Round2 { AffGProof

: for<'x> Deserialize<'x>, LogStarProof

: for<'x> Deserialize<'x>, "))] -pub struct Round2Message { +struct Round2Message { cap_gamma: Point, cap_d: Ciphertext, hat_cap_d: Ciphertext, @@ -383,7 +392,7 @@ pub struct Round2Message { } #[derive(Debug, Clone)] -pub struct Round2Artifact { +struct Round2Artifact { beta: SecretBox::Uint>>, hat_beta: SecretBox::Uint>>, r: Randomizer, @@ -396,7 +405,7 @@ pub struct Round2Artifact { hat_cap_f: CiphertextMod, } -pub struct Round2Payload { +struct Round2Payload { cap_gamma: Point, alpha: Signed<::Uint>, hat_alpha: Signed<::Uint>, @@ -691,7 +700,7 @@ impl Round for Round2 { } #[derive(Debug)] -pub struct Round3 { +struct Round3 { context: Context, delta: Signed<::Uint>, chi: Signed<::Uint>, @@ -707,13 +716,13 @@ pub struct Round3 { #[derive(Clone, Serialize, Deserialize)] #[serde(bound(serialize = "LogStarProof

: Serialize"))] #[serde(bound(deserialize = "LogStarProof

: for<'x> Deserialize<'x>"))] -pub struct Round3Message { +struct Round3Message { delta: Scalar, cap_delta: Point, psi_pprime: LogStarProof

, } -pub struct Round3Payload { +struct Round3Payload { delta: Scalar, cap_delta: Point, } @@ -992,7 +1001,7 @@ mod tests { use rand_core::{OsRng, RngCore}; use secrecy::ExposeSecret; - use super::{PresigningInputs, PresigningProtocol, Round1}; + use super::Presigning; use crate::cggmp21::{AuxInfo, KeyShare, TestParams}; use crate::curve::Scalar; use crate::tools::Without; @@ -1006,26 +1015,21 @@ mod tests { .collect::>(); let ids_set = BTreeSet::from_iter(ids.clone()); - let key_shares = KeyShare::new_centralized(&mut OsRng, &ids_set, None); + let key_shares = + KeyShare::::new_centralized(&mut OsRng, &ids_set, None); let aux_infos = AuxInfo::new_centralized(&mut OsRng, &ids_set); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { let id = signer.verifying_key(); - let inputs = PresigningInputs { - key_share: key_shares[&id].clone(), - aux_info: aux_infos[&id].clone(), - }; - (signer, inputs) + let entry_point = Presigning::new(key_shares[&id].clone(), aux_infos[&id].clone()); + (signer, entry_point) }) .collect(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let presigning_datas = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/signing.rs b/synedrion/src/cggmp21/protocols/signing.rs index e85e834c..f6dbae82 100644 --- a/synedrion/src/cggmp21/protocols/signing.rs +++ b/synedrion/src/cggmp21/protocols/signing.rs @@ -99,36 +99,40 @@ pub struct SigningProof { dec_proofs: Vec<(I, DecProof

)>, } -#[derive(Debug)] -pub struct Round1 { - ssid_hash: HashOutput, - r: Scalar, - sigma: Scalar, - inputs: SigningInputs, - aux_info: AuxInfoPrecomputed, - other_ids: BTreeSet, - my_id: I, +#[derive(Debug, Clone)] +pub struct Signing { + message: Scalar, + presigning: PresigningData, + key_share: KeyShare, + aux_info: AuxInfo, } -#[derive(Debug, Clone)] -pub struct SigningInputs { - pub message: Scalar, - pub presigning: PresigningData, - pub key_share: KeyShare, - pub aux_info: AuxInfo, +impl Signing { + pub fn new( + message: Scalar, + presigning: PresigningData, + key_share: KeyShare, + aux_info: AuxInfo, + ) -> Self { + Self { + message, + presigning, + key_share, + aux_info, + } + } } -impl EntryPoint for Round1 { - type Inputs = SigningInputs; +impl EntryPoint for Signing { type Protocol = SigningProtocol; - fn new( + fn make_round( + self, _rng: &mut impl CryptoRngCore, shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { - let other_ids = inputs + let id = self.key_share.owner().clone(); + let other_ids = self .key_share .public_shares .keys() @@ -142,31 +146,42 @@ impl EntryPoint for Round1 { let ssid_hash = FofHasher::new_with_dst(b"ShareSetID") .chain_type::

() .chain(&shared_randomness) - .chain(&inputs.key_share.public_shares) - .chain(&inputs.aux_info.public_aux) + .chain(&self.key_share.public_shares) + .chain(&self.aux_info.public_aux) .finalize(); - let r = inputs.presigning.nonce; - let sigma = inputs.presigning.ephemeral_scalar_share.expose_secret() * &inputs.message - + r * inputs.presigning.product_share.expose_secret(); - Ok(BoxedRound::new_dynamic(Self { + let r = self.presigning.nonce; + let sigma = self.presigning.ephemeral_scalar_share.expose_secret() * &self.message + + r * self.presigning.product_share.expose_secret(); + Ok(BoxedRound::new_dynamic(Round1 { ssid_hash, r, sigma, - aux_info: inputs.aux_info.clone().to_precomputed(), - inputs, + aux_info: self.aux_info.clone().to_precomputed(), + inputs: self, other_ids, my_id: id, })) } } +#[derive(Debug)] +struct Round1 { + ssid_hash: HashOutput, + r: Scalar, + sigma: Scalar, + inputs: Signing, + aux_info: AuxInfoPrecomputed, + other_ids: BTreeSet, + my_id: I, +} + #[derive(Clone, Serialize, Deserialize)] -pub struct Round1Message { +pub(super) struct Round1Message { pub(crate) sigma: Scalar, } -pub struct Round1Payload { +struct Round1Payload { sigma: Scalar, } @@ -397,7 +412,7 @@ mod tests { }; use rand_core::{OsRng, RngCore}; - use super::{Round1, SigningInputs}; + use super::Signing; use crate::cggmp21::{AuxInfo, KeyShare, PresigningData, TestParams}; use crate::curve::Scalar; use crate::tools::Without; @@ -411,32 +426,30 @@ mod tests { .collect::>(); let ids_set = BTreeSet::from_iter(ids.clone()); - let key_shares = KeyShare::new_centralized(&mut OsRng, &ids_set, None); + let key_shares = + KeyShare::::new_centralized(&mut OsRng, &ids_set, None); let aux_infos = AuxInfo::new_centralized(&mut OsRng, &ids_set); let presigning_datas = PresigningData::new_centralized(&mut OsRng, &key_shares, &aux_infos); let message = Scalar::random(&mut OsRng); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { let id = signer.verifying_key(); - let inputs = SigningInputs { + let entry_point = Signing::new( message, - presigning: presigning_datas[&id].clone(), - key_share: key_shares[&id].clone(), - aux_info: aux_infos[&id].clone(), - }; - (signer, inputs) + presigning_datas[&id].clone(), + key_shares[&id].clone(), + aux_infos[&id].clone(), + ); + (signer, entry_point) }) .collect(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let signatures = reports .into_iter() diff --git a/synedrion/src/cggmp21/protocols/signing_malicious.rs b/synedrion/src/cggmp21/protocols/signing_malicious.rs index 38861282..17e18e1c 100644 --- a/synedrion/src/cggmp21/protocols/signing_malicious.rs +++ b/synedrion/src/cggmp21/protocols/signing_malicious.rs @@ -3,7 +3,7 @@ use core::marker::PhantomData; use k256::ecdsa::{signature::hazmat::PrehashVerifier, VerifyingKey}; use manul::{ - combinators::misbehave::{Misbehaving, MisbehavingEntryPoint, MisbehavingInputs}, + combinators::misbehave::{Misbehaving, MisbehavingEntryPoint}, protocol::{ Artifact, BoxedRound, Deserializer, DirectMessage, EntryPoint, LocalError, NormalBroadcast, PartyId, ProtocolMessagePart, RoundId, Serializer, @@ -14,7 +14,7 @@ use manul::{ use rand_core::{CryptoRngCore, OsRng, RngCore}; use super::super::SchemeParams; -use super::signing::{Round1, Round1Message, SigningInputs}; +use super::signing::{Round1Message, Signing}; use crate::cggmp21::{AuxInfo, KeyShare, PresigningData, TestParams}; use crate::curve::{RecoverableSignature, Scalar}; use crate::tools::Without; @@ -24,10 +24,10 @@ enum Behavior { InvalidSigma, } -struct MaliciousSigningProtocol

(PhantomData

); +struct MaliciousSigningOverride

(PhantomData

); -impl Misbehaving for MaliciousSigningProtocol

{ - type EntryPoint = Round1; +impl Misbehaving for MaliciousSigningOverride

{ + type EntryPoint = Signing; fn modify_normal_broadcast( rng: &mut impl CryptoRngCore, @@ -53,8 +53,7 @@ impl Misbehaving for MaliciousSignin } } -type MaliciousSigningEntryPoint = - MisbehavingEntryPoint>; +type MaliciousSigning = MisbehavingEntryPoint>; #[test] fn execute_signing() { @@ -65,40 +64,36 @@ fn execute_signing() { .collect::>(); let ids_set = BTreeSet::from_iter(ids.clone()); - let key_shares = KeyShare::new_centralized(&mut OsRng, &ids_set, None); + let key_shares = + KeyShare::::new_centralized(&mut OsRng, &ids_set, None); let aux_infos = AuxInfo::new_centralized(&mut OsRng, &ids_set); let presigning_datas = PresigningData::new_centralized(&mut OsRng, &key_shares, &aux_infos); let message = Scalar::random(&mut OsRng); - let inputs = signers + let entry_points = signers .into_iter() .map(|signer| { let id = signer.verifying_key(); - let signing_inputs = SigningInputs { + let signing = Signing::new( message, - presigning: presigning_datas[&id].clone(), - key_share: key_shares[&id].clone(), - aux_info: aux_infos[&id].clone(), + presigning_datas[&id].clone(), + key_shares[&id].clone(), + aux_infos[&id].clone(), + ); + let behavior = if id == ids[0] { + Some(Behavior::InvalidSigma) + } else { + None }; - let inputs = MisbehavingInputs { - inner_inputs: signing_inputs, - behavior: if id == ids[0] { - Some(Behavior::InvalidSigma) - } else { - None - }, - }; - (signer, inputs) + let entry_points = MaliciousSigning::new(signing, behavior); + (signer, entry_points) }) .collect(); - let mut reports = run_sync::< - MaliciousSigningEntryPoint, - TestSessionParams, - >(&mut OsRng, inputs) - .unwrap(); + let mut reports = + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let report0 = reports.remove(&ids[0]).unwrap(); let report1 = reports.remove(&ids[1]).unwrap(); diff --git a/synedrion/src/www02.rs b/synedrion/src/www02.rs index bf0b8dbb..cd3eab3c 100644 --- a/synedrion/src/www02.rs +++ b/synedrion/src/www02.rs @@ -2,4 +2,4 @@ mod entities; pub(crate) mod key_resharing; pub use entities::{DeriveChildKey, ThresholdKeyShare}; -pub use key_resharing::{KeyResharingInputs, KeyResharingProtocol, NewHolder, OldHolder}; +pub use key_resharing::{KeyResharing, KeyResharingProtocol, NewHolder, OldHolder}; diff --git a/synedrion/src/www02/key_resharing.rs b/synedrion/src/www02/key_resharing.rs index 20cfe4a9..de94cae6 100644 --- a/synedrion/src/www02/key_resharing.rs +++ b/synedrion/src/www02/key_resharing.rs @@ -101,98 +101,91 @@ pub struct NewHolder { } /// Inputs for the Key Resharing protocol. -#[derive(Clone)] -pub struct KeyResharingInputs { +#[derive(Debug, Clone)] +pub struct KeyResharing { + id: I, /// Old share data if the node holds it, or `None`. - pub old_holder: Option>, + old_holder: Option>, /// New share data if the node is one of the new holders, or `None`. - pub new_holder: Option>, + new_holder: Option>, /// The new holders of the shares. - pub new_holders: BTreeSet, + new_holders: BTreeSet, /// The new threshold. - pub new_threshold: usize, -} - -#[derive(Debug)] -struct OldHolderData { - share_id: ShareId, - polynomial: Polynomial, - public_polynomial: PublicPolynomial, -} - -#[derive(Debug)] -struct NewHolderData { - inputs: NewHolder, + new_threshold: usize, } -#[derive(Debug)] -pub struct Round1 { - old_holder: Option, - new_holder: Option>, - new_share_ids: BTreeMap, - new_threshold: usize, - my_id: I, - message_destinations: BTreeSet, - expecting_messages_from: BTreeSet, - echo_round_participation: EchoRoundParticipation, - phantom: PhantomData

, +impl KeyResharing { + pub fn new( + id: I, + old_holder: Option>, + new_holder: Option>, + new_holders: BTreeSet, + new_threshold: usize, + ) -> Self { + Self { + id, + old_holder, + new_holder, + new_holders, + new_threshold, + } + } } -impl EntryPoint for Round1 { - type Inputs = KeyResharingInputs; +impl EntryPoint for KeyResharing { type Protocol = KeyResharingProtocol; - fn new( + fn make_round( + self, rng: &mut impl CryptoRngCore, _shared_randomness: &[u8], - id: I, - inputs: Self::Inputs, ) -> Result, LocalError> { + let id = self.id; + // Start new share indices from 1. - let new_share_ids = inputs + let new_share_ids = self .new_holders .iter() .enumerate() .map(|(idx, id)| (id.clone(), ShareId::new(idx + 1))) .collect(); - if inputs.old_holder.is_none() && inputs.new_holder.is_none() { + if self.old_holder.is_none() && self.new_holder.is_none() { return Err(LocalError::new( "Either old holder or new holder data must be provided", )); }; - let message_destinations = if inputs.old_holder.is_some() { + let message_destinations = if self.old_holder.is_some() { // It is possible that a party is both an old holder and a new holder. // This will be processed separately. - inputs.new_holders.clone().without(&id) + self.new_holders.clone().without(&id) } else { BTreeSet::new() }; - let expecting_messages_from = if let Some(new_holder) = inputs.new_holder.as_ref() { + let expecting_messages_from = if let Some(new_holder) = self.new_holder.as_ref() { // TODO: we only need `old_threshold` of them, but it is not supported yet in `manul`. new_holder.old_holders.clone().without(&id) } else { BTreeSet::new() }; - let echo_round_participation = - if inputs.old_holder.is_some() && !inputs.new_holder.is_some() { - EchoRoundParticipation::Send - } else if inputs.new_holder.is_some() && !inputs.old_holder.is_some() { - EchoRoundParticipation::Receive { - echo_targets: inputs.new_holders.without(&id), - } - } else { - EchoRoundParticipation::Default - }; + let echo_round_participation = if self.old_holder.is_some() && !self.new_holder.is_some() { + EchoRoundParticipation::Send + } else if self.new_holder.is_some() && !self.old_holder.is_some() { + EchoRoundParticipation::Receive { + echo_targets: self.new_holders.without(&id), + } + } else { + EchoRoundParticipation::Default + }; - let old_holder = inputs.old_holder.map(|old_holder| { + let old_holder = self.old_holder.map(|old_holder| { let polynomial = Polynomial::random( rng, old_holder.key_share.secret_share.expose_secret(), - inputs.new_threshold, + self.new_threshold, ); let public_polynomial = polynomial.public(); @@ -203,7 +196,7 @@ impl EntryPoint for Round1 { } }); - let new_holder = inputs + let new_holder = self .new_holder .map(|new_holder| NewHolderData { inputs: new_holder }); @@ -211,7 +204,7 @@ impl EntryPoint for Round1 { old_holder, new_holder, new_share_ids, - new_threshold: inputs.new_threshold, + new_threshold: self.new_threshold, my_id: id, message_destinations, expecting_messages_from, @@ -221,18 +214,43 @@ impl EntryPoint for Round1 { } } +#[derive(Debug)] +struct OldHolderData { + share_id: ShareId, + polynomial: Polynomial, + public_polynomial: PublicPolynomial, +} + +#[derive(Debug)] +struct NewHolderData { + inputs: NewHolder, +} + +#[derive(Debug)] +struct Round1 { + old_holder: Option, + new_holder: Option>, + new_share_ids: BTreeMap, + new_threshold: usize, + my_id: I, + message_destinations: BTreeSet, + expecting_messages_from: BTreeSet, + echo_round_participation: EchoRoundParticipation, + phantom: PhantomData

, +} + #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct Round1BroadcastMessage { +struct Round1BroadcastMessage { public_polynomial: PublicPolynomial, old_share_id: ShareId, } #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct Round1DirectMessage { +struct Round1DirectMessage { subshare: Scalar, } -pub struct Round1Payload { +struct Round1Payload { subshare: Scalar, public_polynomial: PublicPolynomial, old_share_id: ShareId, @@ -429,7 +447,7 @@ mod tests { use secrecy::ExposeSecret; use super::ThresholdKeyShare; - use super::{KeyResharingInputs, NewHolder, OldHolder, Round1}; + use super::{KeyResharing, NewHolder, OldHolder}; use crate::TestParams; #[test] @@ -450,63 +468,65 @@ mod tests { None, ); let old_vkey = old_key_shares[&ids[0]].verifying_key(); + let new_threshold = 2; - let party0 = KeyResharingInputs { - old_holder: Some(OldHolder { + let party0 = KeyResharing::new( + ids[0].clone(), + Some(OldHolder { key_share: old_key_shares[&ids[0]].clone(), }), - new_holder: None, - new_holders: new_holders.clone(), - new_threshold: 2, - }; + None, + new_holders.clone(), + new_threshold, + ); - let party1 = KeyResharingInputs { - old_holder: Some(OldHolder { + let party1 = KeyResharing::new( + ids[1].clone(), + Some(OldHolder { key_share: old_key_shares[&ids[1]].clone(), }), - new_holder: Some(NewHolder { + Some(NewHolder { verifying_key: old_vkey, old_threshold: 2, old_holders: old_holders.clone(), }), - new_holders: new_holders.clone(), - new_threshold: 2, - }; + new_holders.clone(), + new_threshold, + ); - let party2 = KeyResharingInputs { - old_holder: Some(OldHolder { + let party2 = KeyResharing::new( + ids[2].clone(), + Some(OldHolder { key_share: old_key_shares[&ids[2]].clone(), }), - new_holder: Some(NewHolder { + Some(NewHolder { verifying_key: old_vkey, old_threshold: 2, old_holders: old_holders.clone(), }), - new_holders: new_holders.clone(), - new_threshold: 2, - }; + new_holders.clone(), + new_threshold, + ); - let party3 = KeyResharingInputs { - old_holder: None, - new_holder: Some(NewHolder { + let party3 = KeyResharing::new( + ids[3].clone(), + None, + Some(NewHolder { verifying_key: old_vkey, old_threshold: 2, old_holders: old_holders.clone(), }), - new_holders: new_holders.clone(), - new_threshold: 2, - }; + new_holders.clone(), + new_threshold, + ); - let inputs = signers + let entry_points = signers .into_iter() .zip([party0, party1, party2, party3]) .collect::>(); let reports = - run_sync::, TestSessionParams>( - &mut OsRng, inputs, - ) - .unwrap(); + run_sync::<_, TestSessionParams>(&mut OsRng, entry_points).unwrap(); let shares = reports .into_iter()