Core key share contains KeyInfo + transitive trust in Valid<T>

Author: survived

cggmp21-keygen/src/non_threshold.rs

@@ -12,7 +12,7 @@ use serde::{Deserialize, Serialize};
 use crate::progress::Tracer;
 use crate::{
     errors::IoError,
-    key_share::{CoreKeyShare, DirtyCoreKeyShare, Validate},
+    key_share::{CoreKeyShare, DirtyCoreKeyShare, DirtyKeyInfo, Validate},
     security_level::SecurityLevel,
     utils, ExecutionId,
 };
@@ -339,18 +339,20 @@ where
     Ok(DirtyCoreKeyShare {
         curve: Default::default(),
         i,
-        shared_public_key: decommitments
-            .iter_including_me(&my_decommitment)
-            .map(|d| d.X)
-            .sum(),
-        public_shares: decommitments
-            .iter_including_me(&my_decommitment)
-            .map(|d| d.X)
-            .collect(),
+        key_info: DirtyKeyInfo {
+            shared_public_key: decommitments
+                .iter_including_me(&my_decommitment)
+                .map(|d| d.X)
+                .sum(),
+            public_shares: decommitments
+                .iter_including_me(&my_decommitment)
+                .map(|d| d.X)
+                .collect(),
+            vss_setup: None,
+            #[cfg(feature = "hd-wallets")]
+            chain_code,
+        },
         x: x_i,
-        vss_setup: None,
-        #[cfg(feature = "hd-wallets")]
-        chain_code,
     }
     .validate()
     .map_err(|e| Bug::InvalidKeyShare(e.into_error()))?)

cggmp21-keygen/src/threshold.rs

@@ -13,7 +13,7 @@ use serde_with::serde_as;
 use crate::progress::Tracer;
 use crate::{
     errors::IoError,
-    key_share::{CoreKeyShare, DirtyCoreKeyShare, Validate, VssSetup},
+    key_share::{CoreKeyShare, DirtyCoreKeyShare, DirtyKeyInfo, Validate, VssSetup},
     security_level::SecurityLevel,
     utils, ExecutionId,
 };
@@ -424,14 +424,16 @@ where
     Ok(DirtyCoreKeyShare {
         curve: Default::default(),
         i,
-        shared_public_key: y,
-        public_shares: ys,
-        vss_setup: Some(VssSetup {
-            min_signers: t,
-            I: key_shares_indexes,
-        }),
-        #[cfg(feature = "hd-wallets")]
-        chain_code,
+        key_info: DirtyKeyInfo {
+            shared_public_key: y,
+            public_shares: ys,
+            vss_setup: Some(VssSetup {
+                min_signers: t,
+                I: key_shares_indexes,
+            }),
+            #[cfg(feature = "hd-wallets")]
+            chain_code,
+        },
         x: sigma,
     }
     .validate()

cggmp21/src/key_refresh/non_threshold.rs

@@ -20,7 +20,9 @@ use serde::{Deserialize, Serialize};
 use super::{Bug, KeyRefreshError, PregeneratedPrimes, ProtocolAborted};
 use crate::{
     errors::IoError,
-    key_share::{DirtyAuxInfo, DirtyIncompleteKeyShare, KeyShare, PartyAux, Validate},
+    key_share::{
+        DirtyAuxInfo, DirtyIncompleteKeyShare, DirtyKeyInfo, KeyShare, PartyAux, Validate,
+    },
     progress::Tracer,
     security_level::SecurityLevel,
     utils,
@@ -649,6 +651,7 @@ where
             .sum::<Point<E>>()
     });
     let X_stars = old_core_share
+        .key_info
         .public_shares
         .into_iter()
         .zip(X_sums)
@@ -657,7 +660,10 @@ where
 
     tracer.stage("Assemble new core share");
     let new_core_share: IncompleteKeyShare<E> = DirtyIncompleteKeyShare {
-        public_shares: X_stars,
+        key_info: DirtyKeyInfo {
+            public_shares: X_stars,
+            ..old_core_share.key_info
+        },
         x: SecretScalar::new(&mut x_star),
         ..old_core_share
     }

cggmp21/src/key_share.rs

@@ -14,9 +14,9 @@ use crate::security_level::SecurityLevel;
 
 #[doc(inline)]
 pub use cggmp21_keygen::key_share::{
-    CoreKeyShare as IncompleteKeyShare, DirtyCoreKeyShare as DirtyIncompleteKeyShare, HdError,
-    InvalidCoreShare as InvalidIncompleteKeyShare, Valid, Validate, ValidateError,
-    ValidateFromParts, VssSetup,
+    CoreKeyShare as IncompleteKeyShare, DirtyCoreKeyShare as DirtyIncompleteKeyShare, DirtyKeyInfo,
+    HdError, InvalidCoreShare as InvalidIncompleteKeyShare, KeyInfo, Valid, Validate,
+    ValidateError, ValidateFromParts, VssSetup,
 };
 
 /// Key share

cggmp21/src/trusted_dealer.rs

@@ -35,8 +35,8 @@ use thiserror::Error;
 
 use crate::{
     key_share::{
-        AuxInfo, DirtyAuxInfo, DirtyIncompleteKeyShare, IncompleteKeyShare, InvalidKeyShare,
-        KeyShare, PartyAux, Validate, VssSetup,
+        AuxInfo, DirtyAuxInfo, DirtyIncompleteKeyShare, DirtyKeyInfo, IncompleteKeyShare,
+        InvalidKeyShare, KeyShare, PartyAux, Validate, VssSetup,
     },
     security_level::SecurityLevel,
     utils,
@@ -211,12 +211,14 @@ impl<E: Curve, L: SecurityLevel> TrustedDealerBuilder<E, L> {
                 DirtyIncompleteKeyShare::<E> {
                     curve: Default::default(),
                     i,
-                    shared_public_key,
-                    public_shares: public_shares.clone(),
+                    key_info: DirtyKeyInfo {
+                        shared_public_key,
+                        public_shares: public_shares.clone(),
+                        vss_setup: vss_setup.clone(),
+                        #[cfg(feature = "hd-wallets")]
+                        chain_code,
+                    },
                     x: x_i,
-                    vss_setup: vss_setup.clone(),
-                    #[cfg(feature = "hd-wallets")]
-                    chain_code,
                 }
                 .validate()
                 .map_err(|err| Reason::InvalidKeyShare(err.into_error().into()))

key-share/src/lib.rs

@@ -16,13 +16,15 @@
 #![forbid(unused_crate_dependencies)]
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]
 
+use core::ops;
+
 use generic_ec::{serde::CurveName, Curve, NonZero, Point, Scalar, SecretScalar};
 use generic_ec_zkp::polynomial::lagrange_coefficient;
 
 mod utils;
 mod valid;
 
-pub use self::valid::{Valid, ValidProjection, Validate, ValidateError, ValidateFromParts};
+pub use self::valid::{Valid, Validate, ValidateError, ValidateFromParts};
 
 /// Core key share
 ///
@@ -92,6 +94,23 @@ pub struct DirtyCoreKeyShare<E: Curve> {
     pub curve: CurveName<E>,
     /// Index of local party in key generation protocol
     pub i: u16,
+    /// Public key info
+    #[cfg_attr(feature = "serde", serde(flatten))]
+    pub key_info: DirtyKeyInfo<E>,
+    /// Secret share $x_i$
+    #[cfg_attr(feature = "serde", serde(with = "As::<generic_ec::serde::Compact>"))]
+    pub x: SecretScalar<E>,
+}
+
+/// Public Key Info
+///
+/// Contains public information about the TSS key, including shared public key, commitments to
+/// secret shares and etc.
+#[derive(Clone, Debug)]
+#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
+#[cfg_attr(feature = "serde", serde(bound = ""))]
+#[cfg_attr(feature = "udigest", derive(udigest::Digestable))]
+pub struct DirtyKeyInfo<E: Curve> {
     /// Public key corresponding to shared secret key. Corresponds to _X_ in paper.
     #[cfg_attr(feature = "serde", serde(with = "As::<generic_ec::serde::Compact>"))]
     pub shared_public_key: Point<E>,
@@ -112,10 +131,8 @@ pub struct DirtyCoreKeyShare<E: Curve> {
         serde(default),
         serde(with = "As::<Option<utils::HexOrBin>>")
     )]
+    #[cfg_attr(feature = "udigest", udigest(with = utils::encoding::maybe_bytes))]
     pub chain_code: Option<slip_10::ChainCode>,
-    /// Secret share $x_i$
-    #[cfg_attr(feature = "serde", serde(with = "As::<generic_ec::serde::Compact>"))]
-    pub x: SecretScalar<E>,
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -134,42 +151,6 @@ pub struct VssSetup<E: Curve> {
     pub I: Vec<NonZero<Scalar<E>>>,
 }
 
-/// Public Key Info
-///
-/// Contains public information about the TSS key, including shared public key, commitments to
-/// secret shares and etc.
-#[derive(Clone, Debug)]
-#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
-#[cfg_attr(feature = "serde", serde(bound = ""))]
-#[cfg_attr(feature = "udigest", derive(udigest::Digestable))]
-pub struct DirtyKeyInfo<E: Curve> {
-    /// Guard that ensures curve consistency for deseraization
-    #[cfg_attr(feature = "udigest", udigest(with = utils::encoding::curve_name))]
-    pub curve: CurveName<E>,
-    /// Public key corresponding to shared secret key. Corresponds to _X_ in paper.
-    #[cfg_attr(feature = "serde", serde(with = "As::<generic_ec::serde::Compact>"))]
-    pub shared_public_key: Point<E>,
-    /// Public shares of all signers sharing the key
-    ///
-    /// `public_shares[i]` corresponds to public share (or public commitment) of $\ith$ party.
-    #[cfg_attr(
-        feature = "serde",
-        serde(with = "As::<Vec<generic_ec::serde::Compact>>")
-    )]
-    pub public_shares: Vec<Point<E>>,
-    /// Verifiable secret sharing setup, present if key was generated using VSS scheme
-    pub vss_setup: Option<VssSetup<E>>,
-    /// Chain code associated with the key, if HD wallets support was enabled
-    #[cfg(feature = "hd-wallets")]
-    #[cfg_attr(
-        feature = "serde",
-        serde(default),
-        serde(with = "As::<Option<utils::HexOrBin>>")
-    )]
-    #[cfg_attr(feature = "udigest", udigest(with = utils::encoding::maybe_bytes))]
-    pub chain_code: Option<slip_10::ChainCode>,
-}
-
 impl<E: Curve> Validate for DirtyCoreKeyShare<E> {
     type Error = InvalidCoreShare;
 
@@ -182,12 +163,7 @@ impl<E: Curve> Validate for DirtyCoreKeyShare<E> {
             return Err(InvalidShareReason::PartySecretShareDoesntMatchPublicShare.into());
         }
 
-        match &self.vss_setup {
-            Some(vss_setup) => {
-                validate_vss_key_info(self.shared_public_key, &self.public_shares, vss_setup)?
-            }
-            None => validate_non_vss_key_info(self.shared_public_key, &self.public_shares)?,
-        }
+        self.key_info.is_valid()?;
 
         Ok(())
     }
@@ -391,34 +367,18 @@ impl<E: Curve> CoreKeyShare<E> {
     }
 }
 
-impl<E: Curve> From<&DirtyCoreKeyShare<E>> for DirtyKeyInfo<E> {
-    fn from(key_share: &DirtyCoreKeyShare<E>) -> Self {
-        DirtyKeyInfo {
-            curve: key_share.curve,
-            shared_public_key: key_share.shared_public_key,
-            public_shares: key_share.public_shares.clone(),
-            vss_setup: key_share.vss_setup.clone(),
-            #[cfg(feature = "hd-wallets")]
-            chain_code: key_share.chain_code,
-        }
+impl<E: Curve> ops::Deref for DirtyCoreKeyShare<E> {
+    type Target = DirtyKeyInfo<E>;
+    fn deref(&self) -> &Self::Target {
+        &self.key_info
     }
 }
-impl<E: Curve> From<DirtyCoreKeyShare<E>> for DirtyKeyInfo<E> {
-    fn from(key_share: DirtyCoreKeyShare<E>) -> Self {
-        DirtyKeyInfo {
-            curve: key_share.curve,
-            shared_public_key: key_share.shared_public_key,
-            public_shares: key_share.public_shares,
-            vss_setup: key_share.vss_setup,
-            #[cfg(feature = "hd-wallets")]
-            chain_code: key_share.chain_code,
-        }
+impl<E: Curve> AsRef<DirtyKeyInfo<E>> for DirtyCoreKeyShare<E> {
+    fn as_ref(&self) -> &DirtyKeyInfo<E> {
+        &self.key_info
     }
 }
 
-impl<E: Curve> ValidProjection<DirtyCoreKeyShare<E>> for DirtyKeyInfo<E> {}
-impl<E: Curve> ValidProjection<&DirtyCoreKeyShare<E>> for DirtyKeyInfo<E> {}
-
 /// Error indicating that key share is not valid
 #[derive(Debug, thiserror::Error)]
 #[error(transparent)]

key-share/src/utils.rs

@@ -12,13 +12,6 @@ use hex as _;
 
 #[cfg(feature = "udigest")]
 pub mod encoding {
-    pub fn curve_name<B: udigest::Buffer, E: generic_ec::Curve>(
-        _value: &generic_ec::serde::CurveName<E>,
-        encoder: udigest::encoding::EncodeValue<B>,
-    ) {
-        encoder.encode_leaf_value(E::CURVE_NAME)
-    }
-
     #[cfg(feature = "hd-wallets")]
     pub fn maybe_bytes<B: udigest::Buffer>(
         m: &Option<impl AsRef<[u8]>>,