keygen

package

v0.4.1 Latest Latest Go to latest Published: Feb 21, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/MixinNetwork/multi-party-sig

Links

Open Source Insights

Documentation ¶

Index ¶

func StartKeygenCommon(taproot bool, group curve.Curve, participants []party.ID, threshold int, ...) protocol.StartFunc
type Config
- func EmptyConfig(group curve.Curve) *Config
type TaprootConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func StartKeygenCommon ¶

func StartKeygenCommon(taproot bool, group curve.Curve, participants []party.ID, threshold int, selfID party.ID) protocol.StartFunc

Types ¶

type Config ¶

type Config struct {
	// ID is the identifier for this participant.
	ID party.ID
	// Threshold is the number of accepted corruptions while still being able to sign.
	Threshold int
	// PrivateShare is the fraction of the secret key owned by this participant.
	PrivateShare curve.Scalar
	// PublicKey is the shared public key for this consortium of signers.
	//
	// This key can be used to verify signatures produced by the consortium.
	PublicKey curve.Point
	// ChainKey is the additional randomness we've agreed upon.
	//
	// This is only ever useful if you do BIP-32 key derivation, or something similar.
	ChainKey []byte
	// VerificationShares is a map between parties and a commitment to their private share.
	//
	// This will later be used to verify the integrity of the signing protocol.
	VerificationShares *party.PointMap
}

Config contains all the information produced after key generation, from the perspective of a single participant.

When unmarshalling, EmptyResult needs to be called to set the group, before calling cbor.Unmarshal, or equivalent methods.

func EmptyConfig ¶

func EmptyConfig(group curve.Curve) *Config

EmptyConfig creates an empty Result with a specific group.

This needs to be called before unmarshalling, instead of just using new(Result). This is to allow points and scalars to be correctly unmarshalled.

func (*Config) Curve ¶

func (r *Config) Curve() curve.Curve

Curve returns the Elliptic Curve Group associated with this result.

func (*Config) Derive ¶ added in v0.3.0

func (r *Config) Derive(adjust curve.Scalar, newChainKey []byte) (*Config, error)

Derive performs an arbitrary derivation of a related key, by adding a scalar.

This can support methods like BIP32, but is more general.

Optionally, a new chain key can be passed as well.

func (*Config) DeriveChild ¶ added in v0.3.0

func (r *Config) DeriveChild(i uint32) (*Config, error)

DeriveChild adjusts the shares to represent the derived public key at a certain index.

This will panic if the group is not curve.Secp256k1 ¶

This derivation works according to BIP-32, see: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

func (*Config) MarshalBinary ¶

func (c *Config) MarshalBinary() ([]byte, error)

func (*Config) PublicPoint ¶

func (r *Config) PublicPoint() curve.Point

func (*Config) UnmarshalBinary ¶

func (c *Config) UnmarshalBinary(data []byte) error

type TaprootConfig ¶

type TaprootConfig struct {
	// ID is the identifier for this participant.
	ID party.ID
	// Threshold is the number of accepted corruptions while still being able to sign.
	Threshold int
	// PrivateShare is the fraction of the secret key owned by this participant.
	PrivateShare curve.Scalar
	// PublicKey is the shared public key for this consortium of signers.
	//
	// This key can be used to verify signatures produced by the consortium.
	PublicKey taproot.PublicKey
	// ChainKey is the additional randomness we've agreed upon.
	//
	// This is only ever useful if you do BIP-32 key derivation, or something similar.
	ChainKey []byte
	// VerificationShares is a map between parties and a commitment to their private share.
	//
	// This will later be used to verify the integrity of the signing protocol.
	VerificationShares map[party.ID]curve.Point
}

TaprootConfig is like result, but for Taproot / BIP-340 keys.

The main difference is that our public key is an actual taproot public key.

func (*TaprootConfig) Clone ¶

func (r *TaprootConfig) Clone() *TaprootConfig

Clone creates a deep clone of this struct, and all the values contained inside

func (*TaprootConfig) Derive ¶ added in v0.3.0

func (r *TaprootConfig) Derive(adjust *curve.Secp256k1Scalar, newChainKey []byte) (*TaprootConfig, error)

Derive performs an arbitrary derivation of a related key, by adding a scalar.

This can support methods like BIP32, but is more general.

Optionally, a new chain key can be passed as well.

func (*TaprootConfig) DeriveChild ¶ added in v0.3.0

func (r *TaprootConfig) DeriveChild(i uint32) (*TaprootConfig, error)

DeriveChild adjusts the shares to represent the derived public key at a certain index.

This derivation works according to BIP-32, see: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

Note that to do this derivation, we interpret the Taproot key as an "old" ECDSA key, with the y coordinate byte set to 0x02. We also only look at the x coordinate of the derived public key, making sure that the corresponding secret key matches the version of this point with an even y coordinate.

func (*TaprootConfig) MarshalBinary ¶ added in v0.1.1

func (c *TaprootConfig) MarshalBinary() ([]byte, error)

func (*TaprootConfig) UnmarshalBinary ¶ added in v0.1.1

func (c *TaprootConfig) UnmarshalBinary(data []byte) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL