Skip to content

Commit 37e12bf

Browse files
survivedsurvived
committed
Update docs
1 parent 6ed8917 commit 37e12bf

File tree

5 files changed

+50
-4
lines changed

5 files changed

+50
-4
lines changed

Makefile

+3-3
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
.PHONY: docs docs-open docs-private readme readme-check
22

33
docs:
4-
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --no-deps
4+
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --all-features --no-deps
55

66
docs-open:
7-
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --no-deps --open
7+
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --all-features --no-deps --open
88

99
docs-private:
10-
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --no-deps --document-private-items
10+
RUSTDOCFLAGS="--html-in-header katex-header.html --cfg docsrs" cargo +nightly doc --all-features --no-deps --document-private-items
1111

1212
readme:
1313
cargo readme -i src/lib.rs -r cggmp21/ -t ../docs/README.tpl --no-indent-headings \

README.md

+17
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ This crate implements:
1313
* 3+1 rounds threshold and non-threshold signing
1414
* Auxiliary info generation protocol
1515
* Key refresh for non-threshold keys
16+
* HD-wallets support based on [slip10] standard (compatible with [bip32]) \
17+
Requires `hd-wallets` feature
1618

1719
We also provide auxiliary tools like:
1820
* Secret key reconstruction (exporting key from TSS)
@@ -142,6 +144,19 @@ Alternatively, you can generate presignature and use it to sign data:
142144
**Never reuse presignatures!** If you use the same presignature to sign two different messages,
143145
it leaks private key to anyone who can observe the signatures.
144146

147+
## HD wallets support
148+
Library supports non-hardened deterministic key derivation based on [slip10] standard (compatible
149+
with [bip32]). It allows signers to generate a master key once, and then use it to instantaneously
150+
derive as many child keys as needed. Child key derivation takes place within signing protocol
151+
practically at no cost.
152+
153+
In order to use HD wallets, `hd-wallets` feature must be enabled. Then, a master key needs to be
154+
generated by running a regular key generation protocol with `hd_wallet`(keygen::GenericKeygenBuilder::hd_wallet)
155+
set to `true`.
156+
157+
When master key is generated, you can issue a signature for child key by setting
158+
derivation path in the signing.
159+
145160
## SPOF code: Key Import and Export
146161
CGGMP21 protocol is designed to avoid Single Point of Failure by guaranteeing that attacker would
147162
need to compromise threshold amount of nodes to obtain a secret key. However, some use-cases may
@@ -165,6 +180,8 @@ they are all documented in [the spec].
165180
[CGGMP21]: https://ia.cr/2021/060
166181
[the spec]: https://dfns.github.io/cggmp21/cggmp21-spec.pdf
167182
[security guidelines]: #security-guidelines
183+
[slip10]: https://github.com/satoshilabs/slips/blob/master/slip-0010.md
184+
[bip32]: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
168185

169186
## Timing attacks
170187
Timing attacks are type of side-channel attacks that leak sensitive information through duration of

cggmp21/Cargo.toml

+1-1
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ serde = { version = "1", features = ["derive", "rc"] }
3232
serde_with = { version = "2" }
3333
hex = { version = "0.4", default-features = false, features = ["serde"] }
3434

35-
slip-10 = { git = "https://github.com/dfns/slip-10", branch = "m", optional = true }
35+
slip-10 = { git = "https://github.com/dfns/slip-10", branch = "m", optional = true, features = ["std"] }
3636

3737
[dev-dependencies]
3838
round-based = { version = "0.2", features = ["derive", "dev"] }

cggmp21/src/lib.rs

+17
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@
1313
//! * 3+1 rounds threshold and non-threshold signing
1414
//! * Auxiliary info generation protocol
1515
//! * Key refresh for non-threshold keys
16+
//! * HD-wallets support based on [slip10] standard (compatible with [bip32]) \
17+
//! Requires `hd-wallets` feature
1618
//!
1719
//! We also provide auxiliary tools like:
1820
//! * [Secret key reconstruction](crate::key_share::reconstruct_secret_key) (exporting key from TSS)
@@ -185,6 +187,19 @@
185187
//! **Never reuse presignatures!** If you use the same presignature to sign two different messages,
186188
//! it leaks private key to anyone who can observe the signatures.
187189
//!
190+
//! ## HD wallets support
191+
//! Library supports non-hardened deterministic key derivation based on [slip10] standard (compatible
192+
//! with [bip32]). It allows signers to generate a master key once, and then use it to instantaneously
193+
//! derive as many child keys as needed. Child key derivation takes place within signing protocol
194+
//! practically at no cost.
195+
//!
196+
//! In order to use HD wallets, `hd-wallets` feature must be enabled. Then, a master key needs to be
197+
//! generated by running a regular key generation protocol with [`hd_wallet`](keygen::GenericKeygenBuilder::hd_wallet)
198+
//! set to `true`.
199+
//!
200+
//! When master key is generated, you can issue a signature for child key by setting
201+
//! [derivation path](signing::SigningBuilder::set_derivation_path) in the signing.
202+
//!
188203
//! ## SPOF code: Key Import and Export
189204
//! CGGMP21 protocol is designed to avoid Single Point of Failure by guaranteeing that attacker would
190205
//! need to compromise threshold amount of nodes to obtain a secret key. However, some use-cases may
@@ -208,6 +223,8 @@
208223
//! [CGGMP21]: https://ia.cr/2021/060
209224
//! [the spec]: https://dfns.github.io/cggmp21/cggmp21-spec.pdf
210225
//! [security guidelines]: #security-guidelines
226+
//! [slip10]: https://github.com/satoshilabs/slips/blob/master/slip-0010.md
227+
//! [bip32]: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
211228
//!
212229
//! ## Timing attacks
213230
//! Timing attacks are type of side-channel attacks that leak sensitive information through duration of

cggmp21/src/signing.rs

+12
Original file line numberDiff line numberDiff line change
@@ -292,6 +292,18 @@ where
292292
}
293293

294294
/// Specifies HD derivation path
295+
///
296+
/// ## Example
297+
/// Set derivation path to m/1/999
298+
///
299+
/// ```rust,no_run
300+
/// # let eid = cggmp21::ExecutionId::new(b"protocol nonce");
301+
/// # let (i, parties_indexes_at_keygen, key_share): (u16, Vec<u16>, cggmp21::KeyShare<cggmp21::supported_curves::Secp256k1>)
302+
/// # = unimplemented!();
303+
/// cggmp21::signing(eid, i, &parties_indexes_at_keygen, &key_share)
304+
/// .set_derivation_path([1, 999])?
305+
/// # ; Ok::<_, Box<dyn std::error::Error>>(())
306+
/// ```
295307
#[cfg(feature = "hd-wallets")]
296308
pub fn set_derivation_path<Index>(
297309
mut self,

0 commit comments

Comments
 (0)