diff --git a/draft-irtf-cfrg-frost.md b/draft-irtf-cfrg-frost.md index 83dea377..a1ce770b 100644 --- a/draft-irtf-cfrg-frost.md +++ b/draft-irtf-cfrg-frost.md @@ -408,9 +408,29 @@ interpolation, defined as follows. ## List Operations {#dep-encoding} -This section describes a helper function for extracting signer participant -identifiers from a commitment list. It also describes a helper function -for extracting a given participant's binding factor from a list. +This section describes helper functions that work on lists of values produced +during the FROST protocol. The following function encodes a list of signer +commitments into a bytestring for use in the FROST protocol. + +~~~ + Inputs: + - commitment_list = [(i, hiding_nonce_commitment_i, binding_nonce_commitment_i), ...], + a list of commitments issued by each signer, where each element in the list + indicates the signer identifier i and their two commitment Element values + (hiding_nonce_commitment_i, binding_nonce_commitment_i). This list MUST be sorted + in ascending order by signer identifier. + + Outputs: A byte string containing the serialized representation of commitment_list + + def encode_group_commitment_list(commitment_list): + encoded_group_commitment = nil + for (identifier, hiding_nonce_commitment, binding_nonce_commitment) in commitment_list: + encoded_commitment = encode_uint16(identifier) || + G.SerializeElement(hiding_nonce_commitment) || + G.SerializeElement(binding_nonce_commitment) + encoded_group_commitment = encoded_group_commitment || encoded_commitment + return encoded_group_commitment +~~~ The following function is used to extract participant identifiers from a commitment list. @@ -472,12 +492,12 @@ on the signer commitment list and message to be signed. def compute_binding_factors(commitment_list, msg): msg_hash = H3(msg) + encoded_commitment_hash = H3(encode_group_commitment_list(commitment_list)) + rho_input_prefix = msg_hash || encoded_commitment_hash + binding_factor_list = [] for (identifier, hiding_nonce_commitment, binding_nonce_commitment) in commitment_list: - encoded_commitment = encode_uint16(identifier) || - G.SerializeElement(hiding_nonce_commitment) || - G.SerializeElement(binding_nonce_commitment) - rho_input = encoded_commitment + msg_hash + rho_input = rho_input_prefix || encode_uint16(identifier) binding_factor = H1(rho_input) binding_factor_list.append((identifier, binding_factor)) return binding_factor_list @@ -1388,48 +1408,48 @@ bdea643a9a02 participants: 1,3 // Signer round one outputs -S1 hiding_nonce: 424fb678c3cd26ae86813ed1e22f9074b2dec6b0fb39d748101a -9434d6c4c60a -S1 binding_nonce: 49c957d98fec37b81a491fcbc3b16af925d393d734acc765446 -574bc7b453109 -S1 hiding_nonce_commitment: 6ca4bc3e03fa91bd15ec29993bc0582779c1d0c60 -2c3141b22ea76abf9384290 -S1 binding_nonce_commitment: 03dc2bc626fc5fa41168dee456ec17bac8673691 -e27547c534a559c3d4d7fc6b -S1 binding_factor_input: 00016ca4bc3e03fa91bd15ec29993bc0582779c1d0c6 -02c3141b22ea76abf938429003dc2bc626fc5fa41168dee456ec17bac8673691e2754 -7c534a559c3d4d7fc6bee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f88 -19a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f -50028a8ff -S1 binding_factor: 1af00d46730628637df21dd56023489d6691468b2515c28c22 -052abc63e4d405 -S3 hiding_nonce: bcca3084a26538abd5326825f7a1203907c09ae7d12160810c4c -8254aac02e03 -S3 binding_nonce: 9063464ee91ee0981f0073783c7ca1590ed6b1cb7382bad842f -6a5a4dc7ba607 -S3 hiding_nonce_commitment: 7786dc3db9823b1b2c81d71957d2464302ffc5b31 -e586f9e754385e7d216a2d1 -S3 binding_nonce_commitment: 21b0c507a779f3288c74506838e8f084cd378eab -4b66ce185fe842a2262ac899 -S3 binding_factor_input: 00037786dc3db9823b1b2c81d71957d2464302ffc5b3 -1e586f9e754385e7d216a2d121b0c507a779f3288c74506838e8f084cd378eab4b66c -e185fe842a2262ac899ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f88 -19a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f -50028a8ff -S3 binding_factor: 7702669b34a9534bce0e73ed97c3d002433d969f4ee70c4a30 -c6f56e661efb0e +S1 hiding_nonce: d9aad97e1a1127bb87702ce8d81d8c07c7cbca89e784868d8e38 +76ff6b459700 +S1 binding_nonce: 5063be2774520d08a5ccd7f1213fb1179a5fa292bf13bc91cb2 +8e7bd4d4a690c +S1 hiding_nonce_commitment: 33fc1eacb8d168e54ab811320196b7715a9918461 +e1e00c3688e503ace1628d5 +S1 binding_nonce_commitment: b32d41ce5a230b459de8c49b0619cb5fbde46690 +752ec94ef05aa1f8647301df +S1 binding_factor_input: ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e +473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8 +e6f57f50028a8ff7b5e7b0a8efad964ba83310b56607920b6c3c979e38e583aa9d02a +df541c58ea92a259b5c8a184d0a7c5ea978e42a8ff84608c38cbb22475bd54858c4ff +d524e0001 +S1 binding_factor: a523eba59830d1b5dbe6914e954862c5396b979bcd258fe323 +e324335db81101 +S3 hiding_nonce: 86961f3a429ac0c5696f49e6d796817ff653f83c07f34e9e1f4d +4c8c515b7900 +S3 binding_nonce: 72225ec11c1315d9f1ea0e78b1160ed95800fadd0191d23fd2f +2c90ac96cb307 +S3 hiding_nonce_commitment: 493651312d26af93d2bc5b92eeecc12f1d6da9e18 +4911e0943ebeb5ec59d3926 +S3 binding_nonce_commitment: 8dae85381a582288c934741defbcaeba7a1b944e +3a2df0aa0ac96aec4431c690 +S3 binding_factor_input: ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e +473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8 +e6f57f50028a8ff7b5e7b0a8efad964ba83310b56607920b6c3c979e38e583aa9d02a +df541c58ea92a259b5c8a184d0a7c5ea978e42a8ff84608c38cbb22475bd54858c4ff +d524e0003 +S3 binding_factor: c900ec81622c4b4b756139607357c1bf531df1a3b055304af2 +15278aadb84b02 // Round two parameters participants: 1,3 // Signer round two outputs -S1 sig_share: 95bac1faca14c3f85d9f3b5d515009a2db7715cdafaa414bb5d271a -2f1300c0c -S3 sig_share: 636280b4886b8120e2aeffd6637f82e64a4616c1b65682bb4a68863 -5c4bd3107 +S1 sig_share: caae171b83bff0c2c6f56a1276892918ba228146f6344b85d2ec6ef +eb6f16d0d +S3 sig_share: ea6fdbf61683cf5f1f742e1b91583f0f667f0369efd2e33399b96d5 +a3ff0300d -sig: ad05ed58d78f26dba585d4e452b099126f733bc35c698210ce8590691582e387 -0b494c52391d32c169b14391d6d5ac7326be2b8e6601c406003bf8d7b5ee3d03 +sig: 5da10008c13c04dd72328ba8e0f72b63cad43c3bf4b7eaada1c78225afbd977e +c74afdb47fdfadca0fcda18a28e8891220a284afe5072fb96ba6dc58f6e19e0a ~~~ ## FROST(Ed448, SHAKE256) @@ -1459,60 +1479,60 @@ S3 signer_share: 00db7a8146f995db0a7cf844ed89d8e94c2b5f259378ff66e39d participants: 1,3 // Signer round one outputs -S1 hiding_nonce: d1c4212b1b0987135b686fc1e0c26d464609e3b2cb0363f4ce81 -676d9798c10161775894edae39f91731083a8751b754ce7faa9b51bd3c1800 -S1 binding_nonce: c1f429e6b853dfefac16acebba0691916b5e41ea62122a7d565 -b16c98069202f6e18cba21790f26a351253ce03ff41556435ac7a1ce6960d00 -S1 hiding_nonce_commitment: cc1cb80545250515c06b5b5c2ae124973a232d7bf -74fd2b3d4f9ba0505b67ee3eee3f10b1c8a739b5eedd49158e0b4a1789ec3b4aef2f6 -4280 -S1 binding_nonce_commitment: 5d0766016f294cc27af4a94a1f6f0c1e4074377d -7850133fa6e56ee6073e47fe0e3e0b9af5a8a4c24d179f2711702d9232557e72e7f04 -9ec00 -S1 binding_factor_input: 0001cc1cb80545250515c06b5b5c2ae124973a232d7b -f74fd2b3d4f9ba0505b67ee3eee3f10b1c8a739b5eedd49158e0b4a1789ec3b4aef2f -642805d0766016f294cc27af4a94a1f6f0c1e4074377d7850133fa6e56ee6073e47fe -0e3e0b9af5a8a4c24d179f2711702d9232557e72e7f049ec00b54ff7255705a71ee29 -25e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d -757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fb -a3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c2318 -45 -S1 binding_factor: 2648c00456a49c45068225a53daf4141c49d94f24c91baa0c4 -709b929652b678533533da023bc86546d2bf27103401069e82e7d76e45d80700 -S3 hiding_nonce: 27c798a453fdc42aee7302b02140622fe17a99aa57f61dc5f9ce -0e55cf64034cfe41954d8e4d4bc46bad25b67058e9d8de87cee9dcea340f00 -S3 binding_nonce: 2fdf07df954ce0378e47551841db9826e8ceec79c083f4e1e70 -5d1f14824784dc82dade69b01065e9483d8c6cc577afa15c60484fe670e0500 -S3 hiding_nonce_commitment: 7f4e108990f82c411317c5e1f945b46e3c115a52c -60e57a360fbc69c3101ca4b3151b855f7c28574ce2e6a4150fcb351d50bb81fec3d03 -f500 -S3 binding_nonce_commitment: ac79cf898abd0896a1468944f40b38cfb82cb191 -c737681d0b8b2d1a6bebb559ae0221cda231238caf603e2ee85658bc28782083ecd3a -ab900 -S3 binding_factor_input: 00037f4e108990f82c411317c5e1f945b46e3c115a52 -c60e57a360fbc69c3101ca4b3151b855f7c28574ce2e6a4150fcb351d50bb81fec3d0 -3f500ac79cf898abd0896a1468944f40b38cfb82cb191c737681d0b8b2d1a6bebb559 -ae0221cda231238caf603e2ee85658bc28782083ecd3aab900b54ff7255705a71ee29 -25e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d -757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fb -a3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c2318 -45 -S3 binding_factor: b165cef8a42b605d192930206ffcdf48cf242e968340c9e13f -58962be27bccb2af4d674e67c3e97ff719ba87216565544edb1f862c18433e00 +S1 hiding_nonce: a7fa56e3dc9935845e58275131eeda30d648432cba7ec3e3c522 +dea613962439cdbd016cd78d54eb72ba8ec4e1b4e6cb41d3afb55a28f40300 +S1 binding_nonce: 66480d4125faf4033babeee514f0b8d26118618ad05d6e3f8e6 +4ea7082249b460c9eee5259f6ca6d1036db968923a89534b679c6ec96181b00 +S1 hiding_nonce_commitment: b4b449e692a233b7661da0dbe4c337dd1c8c8369f +c0786d6d1537ab371bb8afc4e59812de18300aef79b26920696c180e2f78f96bfb0d9 +1100 +S1 binding_nonce_commitment: 705e18f4f601754c700ef93591fb24af5d3ca0c8 +052a890de5aa2dc9231903b5d0d8a56c0dfe5b3c66e94b8615f705e7a5086fe93c020 +b5600 +S1 binding_factor_input: b54ff7255705a71ee2925e4a3e30e41aed489a579d55 +95e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818 +e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf +75cf2662b00225b502961f98d8c9ff937de0b24c231845c16de964d8b11ffe861c657 +afc6656a15d98dc9e6df3d2371d0fd2e0d990ad977470d0a371c1510accd90bb9fe51 +4da13c4c2d97488a7980cb7ea47ac5124ec710faa8692c009794b7c7a9e29b8cc5ea4 +cd9418c853676e55971349c313f84b902c1a112a0ecdbecb5fb6030ad874161ff7c00 +01 +S1 binding_factor: 63e240eeaa6d10b99561d7eb813fd4164f3cde8eeffcf2c973 +c9de583ea075e471efbeb949af4fb11e7659bfacbd67eba4d9aa58c653190f00 +S3 hiding_nonce: 6341f043b08f518d5f12ce4d699e3827e0ad7a8f2a4bcdcee64f +afe99dfbbe4187a01ebdf967a3503bbd84af24e0af93b078ab8d1cda533c00 +S3 binding_nonce: 1716d9dc1e4c97553708f2ebc65039a50d00919a68940afd660 +f31d1939e6e5f4a88631693f1acb2e737feff2bef7b0cdb1d3baae603272900 +S3 hiding_nonce_commitment: 8dd1e8cf1e0330bbcdeced3e8e325e48bba2b0caf +34185a53bd8227f1c96be778681164417a582d39f1bea23a8dfe5a9e0a96d3dbbf8ee +6180 +S3 binding_nonce_commitment: 58df1966884f46af333e26b6c1cace2720e2bd70 +39a21b1b8483e28974237bcea8c5649cfe460e821afc94021d0b686029681a1148cd3 +f0e00 +S3 binding_factor_input: b54ff7255705a71ee2925e4a3e30e41aed489a579d55 +95e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818 +e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf +75cf2662b00225b502961f98d8c9ff937de0b24c231845c16de964d8b11ffe861c657 +afc6656a15d98dc9e6df3d2371d0fd2e0d990ad977470d0a371c1510accd90bb9fe51 +4da13c4c2d97488a7980cb7ea47ac5124ec710faa8692c009794b7c7a9e29b8cc5ea4 +cd9418c853676e55971349c313f84b902c1a112a0ecdbecb5fb6030ad874161ff7c00 +03 +S3 binding_factor: bb8b3d669199e180628a91097a03422c12103b2f34c7931f98 +0accb20574a506d8cf966c444fcf5fd5bbfbc6943440aa981ef6fb070fad0600 // Round two parameters participants: 1,3 // Signer round two outputs -S1 sig_share: c0c5055e6429cf24c60fd19cb7e887caed243db821f81fc899a30f2 -dae833bf6c373acb0a0dbd9d7d3bd3de36e1b33b21ea9c19dce74d23b00 -S3 sig_share: 495e6971b5ab6bf800860296eeb8e0caa4a8b2137f390b53366bb97 -432dbf0fc07b315fa9df67eda1417720fc98f9325340d7fb8fe708a2f00 - -sig: 6d244abe9f23024c58b1962baec45a0cce035d7a73034ca39642ed58df8dd444 -f8f2a3e08b187645fecdd93fbd151af076e608b976206bbe8016df16248712c2f9710 -60ea533dffb730297191d5756dc56e6eafe24e15e2cf3cb26c2aa3ed258b2e8d4aff2 -37abc6d752b64056cde55c2b00 +S1 sig_share: a2697f5e866a4b61651f16df4105b80a47365294522dbfa26ed9f8b +cb66954dec45326f5645590f2e0a8664e8870c053ec8ba5a58526a42f00 +S3 sig_share: 1bce211bc3a8ccd27721c091bc426f422314f70b0bde3f4c45bfad2 +48e57643f68983bcba53e6c500bbb4d19de4b5320e44a757c8997042c00 + +sig: 60cf90055083501d04f38c133c01f121444a6c6889745363555cea964285d5eb +bdb25690cdff9ca96a28b10bab68aa721b0fca9288a7efbe80caf248ceb6509f1088b +110e38b85ba2bda1373f11330b02aca74dc6445c1b81d2dec61c00a94fc42ec63b467 +66bc1374d0d61a220fbea81b00 ~~~ ## FROST(ristretto255, SHA-512) @@ -1542,48 +1562,48 @@ S3 signer_share: f17e505f0e2581c6acfe54d3846a622834b5e7b50cad9a2109a9 participants: 1,3 // Signer round one outputs -S1 hiding_nonce: 82fd8f26f0b5f86d93d3da8162c23641aa1b16ab803be1a4d850 -0f143b592605 -S1 binding_nonce: c9ee2f764434e263808722a3cb9886b7ce25ade80ce00bac4ac -4d9548ac2450a -S1 hiding_nonce_commitment: c4f0ea06e07ee8e41bd3de3a63dc77f40d65a7ede -329263db410eb0e455c9a7a -S1 binding_nonce_commitment: c2ab142e4c2572aea1dcd0044e864544c49874b2 -e39ed5f969b6133372a23643 -S1 binding_factor_input: 0001c4f0ea06e07ee8e41bd3de3a63dc77f40d65a7ed -e329263db410eb0e455c9a7ac2ab142e4c2572aea1dcd0044e864544c49874b2e39ed -5f969b6133372a23643678630bf982c566949d7f22d2aefb94f252c664216d332f34e -2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf2 -0c2734043 -S1 binding_factor: 1bed7e23dbe3066085a132da86ccf1e58291cec6571249cd4f -16a053c8409b04 -S3 hiding_nonce: d2478a9a47594005cb6de147f4c98b92b5e27e157fddb37ef122 -a75dfd7b8e06 -S3 binding_nonce: 5f2193dc5f3e5537fba742786fec22e18e40b059e50d6ef2e31 -60a3faf11dd0e -S3 hiding_nonce_commitment: 9a543be2b522d20a9d7e920388bb32f954bcfc695 -d145736de09f09646c6ae4c -S3 binding_nonce_commitment: debe73bc386b4dba161d72fa46ecc86765d6ff36 -27cfe07d56891d21399f1e4c -S3 binding_factor_input: 00039a543be2b522d20a9d7e920388bb32f954bcfc69 -5d145736de09f09646c6ae4cdebe73bc386b4dba161d72fa46ecc86765d6ff3627cfe -07d56891d21399f1e4c678630bf982c566949d7f22d2aefb94f252c664216d332f34e -2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf2 -0c2734043 -S3 binding_factor: f611130beed6aa69de48fc1c05e7a005c7d5232b2852fe721a -1d711c35a28600 +S1 hiding_nonce: eb0dc12ae7b746d36e3f2de46ce3833a05b9d4af5434eeb8cafa +efda76906d00 +S1 binding_nonce: 491e91aa9df514ef598d5e0c7c5cdd088fbde4965b96069d546 +c0f04f1822b03 +S1 hiding_nonce_commitment: c6fe28df6a13f2ea80a911dd7a284e4b185bc8d3e +3102adaf88807a5e3d3813c +S1 binding_nonce_commitment: a413722bcfc71ba044bb2846b814401e60fed6b2 +fc5bfb25f5a49e63474b7011 +S1 binding_factor_input: 678630bf982c566949d7f22d2aefb94f252c664216d3 +32f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6 +b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c846 +1a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d5 +22e750001 +S1 binding_factor: 2e81f15e28874f517b6d2023291e49000f71f998852b484aae +f945000478ea05 +S3 hiding_nonce: abd12b8e6f255ee1e540eab029003a6e956567617720f61115f0 +941615892209 +S3 binding_nonce: 218e22625f93f262f025bd2d13c46ba722aa29fe585ceed66ff +442d98fe4e509 +S3 hiding_nonce_commitment: 5450c4c98c3fc6bb579bded17fcdc23073d2ecfb7 +61e3f9433cbc991e1496068 +S3 binding_nonce_commitment: 0ae0cf608fcba285ec1f6c84c955572c91a4fafc +c1f1120f4f30b25e40fbcc0a +S3 binding_factor_input: 678630bf982c566949d7f22d2aefb94f252c664216d3 +32f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6 +b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c846 +1a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d5 +22e750003 +S3 binding_factor: 240d5257c68e377c1994481081a8a4c4362b9e82e523088c30 +d91f8c2811890e // Round two parameters participants: 1,3 // Signer round two outputs -S1 sig_share: 2aeac152cff93a82233c1ac6bece654af750f75c47cd5c87fcf6109 -a562c8903 -S3 sig_share: a9487edfb9349f792693278fa9f8abd57c2caaac4f901fb03da8534 -c56574303 +S1 sig_share: efae3a83437fa8cd96194aacc56a7eb841630c280da99e7764a81d1 +340323306 +S3 sig_share: 96ddc4582e45eabce46f07b9e9375f8b49d35d1510fd34ac02b1e79 +d6100a602 -sig: a6fa7f7553307cfa36e55a705a2e59f808a1bcda888efcf4f26ba0c4080cc400 -d3324032892edafb49cf415568c71120747da109975d7c373a9f64e6ac83cc06 +sig: 7ec584cef9a383afb43883b73bcaa6313afe878bd5fe75a608311b866a76ec67 +858cffdb71c4928a7b895165afa2dd438b366a3d1da6d323675905b1a132d908 ~~~ ## FROST(P-256, SHA-256) @@ -1613,44 +1633,42 @@ b2d53c09d928 participants: 1,3 // Signer round one outputs -S1 hiding_nonce: e1bec1511c502e6b6866ef35469dac6df913efa8042a70b39aa6 -494307d6ee41 -S1 binding_nonce: 55682738caade073b207abdec93014bc111bc5d6a8977f3a24d -f58bebf650894 -S1 hiding_nonce_commitment: 0257ea635b11b63eb125ed1c983082a406e0185e5 -df6bd4c2a708f7d4b1ffe72d2 -S1 binding_nonce_commitment: 03aec5dfcd35c5ad7a7242552efe9c45878a0b2f -3f576b8f60fa172d380881f040 -S1 binding_factor_input: 00010257ea635b11b63eb125ed1c983082a406e0185e -5df6bd4c2a708f7d4b1ffe72d203aec5dfcd35c5ad7a7242552efe9c45878a0b2f3f5 -76b8f60fa172d380881f0407a753fed12531fbcd151e1d84702927c39063e780e91c0 -1f02bd11b60d7632bf -S1 binding_factor: 846723bf0898010ebb3d0a0c193c682a22946bb99c9551f5e3 -a0c29008aa8891 -S3 hiding_nonce: a284c689cd1d8ec33dcfe840d18ba0ddcbb69571744116912d7a -5c20631ea003 -S3 binding_nonce: 9f3ca4297e01ce82a5c7301a8fc39e6ec0588087483c912e269 -92f0d00009f0b -S3 hiding_nonce_commitment: 02fc8fe2f5d1bfa6b027ff1184c57cc7b880e050f -bf370a4e23d17eb3b249f45d9 -S3 binding_nonce_commitment: 02288d41169a97462b323dd61658eb134f8dd802 -af7d1932f602f2532afd9d1903 -S3 binding_factor_input: 000302fc8fe2f5d1bfa6b027ff1184c57cc7b880e050 -fbf370a4e23d17eb3b249f45d902288d41169a97462b323dd61658eb134f8dd802af7 -d1932f602f2532afd9d19037a753fed12531fbcd151e1d84702927c39063e780e91c0 -1f02bd11b60d7632bf -S3 binding_factor: 739b96f69c0ec5fbe05c2f5191ec349f835d9a38f8cf1a5632 -87b3547540c4b0 +S1 hiding_nonce: 33a519cf070a166f9ef41a798d03423743f3e7d0b0efd5d0d963 +773c4c53205e +S1 binding_nonce: 307d208d0c5728f323ae374f1ebd7f14a1a49b77d9d4bc1eab2 +22218a17765ff +S1 hiding_nonce_commitment: 021e5c8b286dc859314eb1c0a2024a2077ad49b60 +3112dd7bfaf326591d3fab332 +S1 binding_nonce_commitment: 039431f230cf2bd90ad556a7f3d6b5a5686efd19 +4c863356628d7296c2a3fa5900 +S1 binding_factor_input: 7a753fed12531fbcd151e1d84702927c39063e780e91 +c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75 +d195b82160f43ea0001 +S1 binding_factor: 71f09a2c4a1fc2f7a1379102809b4ac3247837c532cc5cf091 +3782496c515655 +S3 hiding_nonce: a614eadb972dc37b88aeceb6e899903f3104742d13f379a0e014 +541decbea4a4 +S3 binding_nonce: e509791018504c5bb87edaf0f44761cc840888507c4cd802379 +71d78e65f70f2 +S3 hiding_nonce_commitment: 0282308b1a22eb8efa13d4655f795f1cbf6525d88 +63ac0d60c4e164b7436d41778 +S3 binding_nonce_commitment: 036549bda4158ec5f76611275360a57e6ad5007d +6c072462feb42c8f2a25ec94ea +S3 binding_factor_input: 7a753fed12531fbcd151e1d84702927c39063e780e91 +c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75 +d195b82160f43ea0003 +S3 binding_factor: 57a1061da0837cc0cd7e901a1d33f46efa18af9c3e6468cca8 +8edd2d4a16e78d // Round two parameters participants: 1,3 // Signer round two outputs -S1 sig_share: 38f57b8c861a9eb03eeeb381bae58f0f7fce6f0d0da431a0ae58a00 -a760aadf4 -S3 sig_share: e4f1da04a879bd5b23c51662c22cbd71a80129db5e387895c769727 -a15176556 +S1 sig_share: 61e8b9c474df2e66ad19fd80a6e6cec1c6fe43c0a1cffd2d1c28299 +e93e1bbdb +S3 sig_share: 9651d355ca1dea2557ba1f73e38a9f4ff1f1afc565323ef27f88a9d +14df8370e -sig: 02b72e3a186d719efb18f4341d7b5d983f782d31c57f884a5fe79040d30ddd39 -381de755922e945c0a62b3c9e47d124c816ae89e3ac4c50bb1820847c18ebeedf9 +sig: 02dfba781e17b830229ae4ed22ebe402873683d9dfd945d01762217fb3172c2a +71f83a8d1a3efd188c04d41cf48a716e11b8eff38607023c1f9bb0d36fe1d9f2e9 ~~~ diff --git a/poc/frost-ed25519-sha512.json b/poc/frost-ed25519-sha512.json index 8799d26a..5e6d6794 100644 --- a/poc/frost-ed25519-sha512.json +++ b/poc/frost-ed25519-sha512.json @@ -27,20 +27,20 @@ "participants": "1,3", "signers": { "1": { - "hiding_nonce": "424fb678c3cd26ae86813ed1e22f9074b2dec6b0fb39d748101a9434d6c4c60a", - "binding_nonce": "49c957d98fec37b81a491fcbc3b16af925d393d734acc765446574bc7b453109", - "hiding_nonce_commitment": "6ca4bc3e03fa91bd15ec29993bc0582779c1d0c602c3141b22ea76abf9384290", - "binding_nonce_commitment": "03dc2bc626fc5fa41168dee456ec17bac8673691e27547c534a559c3d4d7fc6b", - "binding_factor_input": "00016ca4bc3e03fa91bd15ec29993bc0582779c1d0c602c3141b22ea76abf938429003dc2bc626fc5fa41168dee456ec17bac8673691e27547c534a559c3d4d7fc6bee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff", - "binding_factor": "1af00d46730628637df21dd56023489d6691468b2515c28c22052abc63e4d405" + "hiding_nonce": "d9aad97e1a1127bb87702ce8d81d8c07c7cbca89e784868d8e3876ff6b459700", + "binding_nonce": "5063be2774520d08a5ccd7f1213fb1179a5fa292bf13bc91cb28e7bd4d4a690c", + "hiding_nonce_commitment": "33fc1eacb8d168e54ab811320196b7715a9918461e1e00c3688e503ace1628d5", + "binding_nonce_commitment": "b32d41ce5a230b459de8c49b0619cb5fbde46690752ec94ef05aa1f8647301df", + "binding_factor_input": "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff7b5e7b0a8efad964ba83310b56607920b6c3c979e38e583aa9d02adf541c58ea92a259b5c8a184d0a7c5ea978e42a8ff84608c38cbb22475bd54858c4ffd524e0001", + "binding_factor": "a523eba59830d1b5dbe6914e954862c5396b979bcd258fe323e324335db81101" }, "3": { - "hiding_nonce": "bcca3084a26538abd5326825f7a1203907c09ae7d12160810c4c8254aac02e03", - "binding_nonce": "9063464ee91ee0981f0073783c7ca1590ed6b1cb7382bad842f6a5a4dc7ba607", - "hiding_nonce_commitment": "7786dc3db9823b1b2c81d71957d2464302ffc5b31e586f9e754385e7d216a2d1", - "binding_nonce_commitment": "21b0c507a779f3288c74506838e8f084cd378eab4b66ce185fe842a2262ac899", - "binding_factor_input": "00037786dc3db9823b1b2c81d71957d2464302ffc5b31e586f9e754385e7d216a2d121b0c507a779f3288c74506838e8f084cd378eab4b66ce185fe842a2262ac899ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff", - "binding_factor": "7702669b34a9534bce0e73ed97c3d002433d969f4ee70c4a30c6f56e661efb0e" + "hiding_nonce": "86961f3a429ac0c5696f49e6d796817ff653f83c07f34e9e1f4d4c8c515b7900", + "binding_nonce": "72225ec11c1315d9f1ea0e78b1160ed95800fadd0191d23fd2f2c90ac96cb307", + "hiding_nonce_commitment": "493651312d26af93d2bc5b92eeecc12f1d6da9e184911e0943ebeb5ec59d3926", + "binding_nonce_commitment": "8dae85381a582288c934741defbcaeba7a1b944e3a2df0aa0ac96aec4431c690", + "binding_factor_input": "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff7b5e7b0a8efad964ba83310b56607920b6c3c979e38e583aa9d02adf541c58ea92a259b5c8a184d0a7c5ea978e42a8ff84608c38cbb22475bd54858c4ffd524e0003", + "binding_factor": "c900ec81622c4b4b756139607357c1bf531df1a3b055304af215278aadb84b02" } } }, @@ -48,14 +48,14 @@ "participants": "1,3", "signers": { "1": { - "sig_share": "95bac1faca14c3f85d9f3b5d515009a2db7715cdafaa414bb5d271a2f1300c0c" + "sig_share": "caae171b83bff0c2c6f56a1276892918ba228146f6344b85d2ec6efeb6f16d0d" }, "3": { - "sig_share": "636280b4886b8120e2aeffd6637f82e64a4616c1b65682bb4a688635c4bd3107" + "sig_share": "ea6fdbf61683cf5f1f742e1b91583f0f667f0369efd2e33399b96d5a3ff0300d" } } }, "final_output": { - "sig": "ad05ed58d78f26dba585d4e452b099126f733bc35c698210ce8590691582e3870b494c52391d32c169b14391d6d5ac7326be2b8e6601c406003bf8d7b5ee3d03" + "sig": "5da10008c13c04dd72328ba8e0f72b63cad43c3bf4b7eaada1c78225afbd977ec74afdb47fdfadca0fcda18a28e8891220a284afe5072fb96ba6dc58f6e19e0a" } } \ No newline at end of file diff --git a/poc/frost-ed448-shake256.json b/poc/frost-ed448-shake256.json index eb0d51d7..4f21b162 100644 --- a/poc/frost-ed448-shake256.json +++ b/poc/frost-ed448-shake256.json @@ -27,20 +27,20 @@ "participants": "1,3", "signers": { "1": { - "hiding_nonce": "d1c4212b1b0987135b686fc1e0c26d464609e3b2cb0363f4ce81676d9798c10161775894edae39f91731083a8751b754ce7faa9b51bd3c1800", - "binding_nonce": "c1f429e6b853dfefac16acebba0691916b5e41ea62122a7d565b16c98069202f6e18cba21790f26a351253ce03ff41556435ac7a1ce6960d00", - "hiding_nonce_commitment": "cc1cb80545250515c06b5b5c2ae124973a232d7bf74fd2b3d4f9ba0505b67ee3eee3f10b1c8a739b5eedd49158e0b4a1789ec3b4aef2f64280", - "binding_nonce_commitment": "5d0766016f294cc27af4a94a1f6f0c1e4074377d7850133fa6e56ee6073e47fe0e3e0b9af5a8a4c24d179f2711702d9232557e72e7f049ec00", - "binding_factor_input": "0001cc1cb80545250515c06b5b5c2ae124973a232d7bf74fd2b3d4f9ba0505b67ee3eee3f10b1c8a739b5eedd49158e0b4a1789ec3b4aef2f642805d0766016f294cc27af4a94a1f6f0c1e4074377d7850133fa6e56ee6073e47fe0e3e0b9af5a8a4c24d179f2711702d9232557e72e7f049ec00b54ff7255705a71ee2925e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c231845", - "binding_factor": "2648c00456a49c45068225a53daf4141c49d94f24c91baa0c4709b929652b678533533da023bc86546d2bf27103401069e82e7d76e45d80700" + "hiding_nonce": "a7fa56e3dc9935845e58275131eeda30d648432cba7ec3e3c522dea613962439cdbd016cd78d54eb72ba8ec4e1b4e6cb41d3afb55a28f40300", + "binding_nonce": "66480d4125faf4033babeee514f0b8d26118618ad05d6e3f8e64ea7082249b460c9eee5259f6ca6d1036db968923a89534b679c6ec96181b00", + "hiding_nonce_commitment": "b4b449e692a233b7661da0dbe4c337dd1c8c8369fc0786d6d1537ab371bb8afc4e59812de18300aef79b26920696c180e2f78f96bfb0d91100", + "binding_nonce_commitment": "705e18f4f601754c700ef93591fb24af5d3ca0c8052a890de5aa2dc9231903b5d0d8a56c0dfe5b3c66e94b8615f705e7a5086fe93c020b5600", + "binding_factor_input": "b54ff7255705a71ee2925e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c231845c16de964d8b11ffe861c657afc6656a15d98dc9e6df3d2371d0fd2e0d990ad977470d0a371c1510accd90bb9fe514da13c4c2d97488a7980cb7ea47ac5124ec710faa8692c009794b7c7a9e29b8cc5ea4cd9418c853676e55971349c313f84b902c1a112a0ecdbecb5fb6030ad874161ff7c0001", + "binding_factor": "63e240eeaa6d10b99561d7eb813fd4164f3cde8eeffcf2c973c9de583ea075e471efbeb949af4fb11e7659bfacbd67eba4d9aa58c653190f00" }, "3": { - "hiding_nonce": "27c798a453fdc42aee7302b02140622fe17a99aa57f61dc5f9ce0e55cf64034cfe41954d8e4d4bc46bad25b67058e9d8de87cee9dcea340f00", - "binding_nonce": "2fdf07df954ce0378e47551841db9826e8ceec79c083f4e1e705d1f14824784dc82dade69b01065e9483d8c6cc577afa15c60484fe670e0500", - "hiding_nonce_commitment": "7f4e108990f82c411317c5e1f945b46e3c115a52c60e57a360fbc69c3101ca4b3151b855f7c28574ce2e6a4150fcb351d50bb81fec3d03f500", - "binding_nonce_commitment": "ac79cf898abd0896a1468944f40b38cfb82cb191c737681d0b8b2d1a6bebb559ae0221cda231238caf603e2ee85658bc28782083ecd3aab900", - "binding_factor_input": "00037f4e108990f82c411317c5e1f945b46e3c115a52c60e57a360fbc69c3101ca4b3151b855f7c28574ce2e6a4150fcb351d50bb81fec3d03f500ac79cf898abd0896a1468944f40b38cfb82cb191c737681d0b8b2d1a6bebb559ae0221cda231238caf603e2ee85658bc28782083ecd3aab900b54ff7255705a71ee2925e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c231845", - "binding_factor": "b165cef8a42b605d192930206ffcdf48cf242e968340c9e13f58962be27bccb2af4d674e67c3e97ff719ba87216565544edb1f862c18433e00" + "hiding_nonce": "6341f043b08f518d5f12ce4d699e3827e0ad7a8f2a4bcdcee64fafe99dfbbe4187a01ebdf967a3503bbd84af24e0af93b078ab8d1cda533c00", + "binding_nonce": "1716d9dc1e4c97553708f2ebc65039a50d00919a68940afd660f31d1939e6e5f4a88631693f1acb2e737feff2bef7b0cdb1d3baae603272900", + "hiding_nonce_commitment": "8dd1e8cf1e0330bbcdeced3e8e325e48bba2b0caf34185a53bd8227f1c96be778681164417a582d39f1bea23a8dfe5a9e0a96d3dbbf8ee6180", + "binding_nonce_commitment": "58df1966884f46af333e26b6c1cace2720e2bd7039a21b1b8483e28974237bcea8c5649cfe460e821afc94021d0b686029681a1148cd3f0e00", + "binding_factor_input": "b54ff7255705a71ee2925e4a3e30e41aed489a579d5595e0df13e32e1e4dd202a7c7f68b31d6418d9845eb4d757adda6ab189e1bb340db818e5b3bc725d992faf63e9b0500db10517fe09d3f566fba3a80e46a403e0c7d41548fbf75cf2662b00225b502961f98d8c9ff937de0b24c231845c16de964d8b11ffe861c657afc6656a15d98dc9e6df3d2371d0fd2e0d990ad977470d0a371c1510accd90bb9fe514da13c4c2d97488a7980cb7ea47ac5124ec710faa8692c009794b7c7a9e29b8cc5ea4cd9418c853676e55971349c313f84b902c1a112a0ecdbecb5fb6030ad874161ff7c0003", + "binding_factor": "bb8b3d669199e180628a91097a03422c12103b2f34c7931f980accb20574a506d8cf966c444fcf5fd5bbfbc6943440aa981ef6fb070fad0600" } } }, @@ -48,14 +48,14 @@ "participants": "1,3", "signers": { "1": { - "sig_share": "c0c5055e6429cf24c60fd19cb7e887caed243db821f81fc899a30f2dae833bf6c373acb0a0dbd9d7d3bd3de36e1b33b21ea9c19dce74d23b00" + "sig_share": "a2697f5e866a4b61651f16df4105b80a47365294522dbfa26ed9f8bcb66954dec45326f5645590f2e0a8664e8870c053ec8ba5a58526a42f00" }, "3": { - "sig_share": "495e6971b5ab6bf800860296eeb8e0caa4a8b2137f390b53366bb97432dbf0fc07b315fa9df67eda1417720fc98f9325340d7fb8fe708a2f00" + "sig_share": "1bce211bc3a8ccd27721c091bc426f422314f70b0bde3f4c45bfad248e57643f68983bcba53e6c500bbb4d19de4b5320e44a757c8997042c00" } } }, "final_output": { - "sig": "6d244abe9f23024c58b1962baec45a0cce035d7a73034ca39642ed58df8dd444f8f2a3e08b187645fecdd93fbd151af076e608b976206bbe8016df16248712c2f971060ea533dffb730297191d5756dc56e6eafe24e15e2cf3cb26c2aa3ed258b2e8d4aff237abc6d752b64056cde55c2b00" + "sig": "60cf90055083501d04f38c133c01f121444a6c6889745363555cea964285d5ebbdb25690cdff9ca96a28b10bab68aa721b0fca9288a7efbe80caf248ceb6509f1088b110e38b85ba2bda1373f11330b02aca74dc6445c1b81d2dec61c00a94fc42ec63b46766bc1374d0d61a220fbea81b00" } } \ No newline at end of file diff --git a/poc/frost-p256-sha256.json b/poc/frost-p256-sha256.json index 2cc5fe08..5e8e00ab 100644 --- a/poc/frost-p256-sha256.json +++ b/poc/frost-p256-sha256.json @@ -27,20 +27,20 @@ "participants": "1,3", "signers": { "1": { - "hiding_nonce": "e1bec1511c502e6b6866ef35469dac6df913efa8042a70b39aa6494307d6ee41", - "binding_nonce": "55682738caade073b207abdec93014bc111bc5d6a8977f3a24df58bebf650894", - "hiding_nonce_commitment": "0257ea635b11b63eb125ed1c983082a406e0185e5df6bd4c2a708f7d4b1ffe72d2", - "binding_nonce_commitment": "03aec5dfcd35c5ad7a7242552efe9c45878a0b2f3f576b8f60fa172d380881f040", - "binding_factor_input": "00010257ea635b11b63eb125ed1c983082a406e0185e5df6bd4c2a708f7d4b1ffe72d203aec5dfcd35c5ad7a7242552efe9c45878a0b2f3f576b8f60fa172d380881f0407a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf", - "binding_factor": "846723bf0898010ebb3d0a0c193c682a22946bb99c9551f5e3a0c29008aa8891" + "hiding_nonce": "33a519cf070a166f9ef41a798d03423743f3e7d0b0efd5d0d963773c4c53205e", + "binding_nonce": "307d208d0c5728f323ae374f1ebd7f14a1a49b77d9d4bc1eab222218a17765ff", + "hiding_nonce_commitment": "021e5c8b286dc859314eb1c0a2024a2077ad49b603112dd7bfaf326591d3fab332", + "binding_nonce_commitment": "039431f230cf2bd90ad556a7f3d6b5a5686efd194c863356628d7296c2a3fa5900", + "binding_factor_input": "7a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75d195b82160f43ea0001", + "binding_factor": "71f09a2c4a1fc2f7a1379102809b4ac3247837c532cc5cf0913782496c515655" }, "3": { - "hiding_nonce": "a284c689cd1d8ec33dcfe840d18ba0ddcbb69571744116912d7a5c20631ea003", - "binding_nonce": "9f3ca4297e01ce82a5c7301a8fc39e6ec0588087483c912e26992f0d00009f0b", - "hiding_nonce_commitment": "02fc8fe2f5d1bfa6b027ff1184c57cc7b880e050fbf370a4e23d17eb3b249f45d9", - "binding_nonce_commitment": "02288d41169a97462b323dd61658eb134f8dd802af7d1932f602f2532afd9d1903", - "binding_factor_input": "000302fc8fe2f5d1bfa6b027ff1184c57cc7b880e050fbf370a4e23d17eb3b249f45d902288d41169a97462b323dd61658eb134f8dd802af7d1932f602f2532afd9d19037a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf", - "binding_factor": "739b96f69c0ec5fbe05c2f5191ec349f835d9a38f8cf1a563287b3547540c4b0" + "hiding_nonce": "a614eadb972dc37b88aeceb6e899903f3104742d13f379a0e014541decbea4a4", + "binding_nonce": "e509791018504c5bb87edaf0f44761cc840888507c4cd80237971d78e65f70f2", + "hiding_nonce_commitment": "0282308b1a22eb8efa13d4655f795f1cbf6525d8863ac0d60c4e164b7436d41778", + "binding_nonce_commitment": "036549bda4158ec5f76611275360a57e6ad5007d6c072462feb42c8f2a25ec94ea", + "binding_factor_input": "7a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75d195b82160f43ea0003", + "binding_factor": "57a1061da0837cc0cd7e901a1d33f46efa18af9c3e6468cca88edd2d4a16e78d" } } }, @@ -48,14 +48,14 @@ "participants": "1,3", "signers": { "1": { - "sig_share": "38f57b8c861a9eb03eeeb381bae58f0f7fce6f0d0da431a0ae58a00a760aadf4" + "sig_share": "61e8b9c474df2e66ad19fd80a6e6cec1c6fe43c0a1cffd2d1c28299e93e1bbdb" }, "3": { - "sig_share": "e4f1da04a879bd5b23c51662c22cbd71a80129db5e387895c769727a15176556" + "sig_share": "9651d355ca1dea2557ba1f73e38a9f4ff1f1afc565323ef27f88a9d14df8370e" } } }, "final_output": { - "sig": "02b72e3a186d719efb18f4341d7b5d983f782d31c57f884a5fe79040d30ddd39381de755922e945c0a62b3c9e47d124c816ae89e3ac4c50bb1820847c18ebeedf9" + "sig": "02dfba781e17b830229ae4ed22ebe402873683d9dfd945d01762217fb3172c2a71f83a8d1a3efd188c04d41cf48a716e11b8eff38607023c1f9bb0d36fe1d9f2e9" } } \ No newline at end of file diff --git a/poc/frost-ristretto255-sha512.json b/poc/frost-ristretto255-sha512.json index e4b405ac..04727ea2 100644 --- a/poc/frost-ristretto255-sha512.json +++ b/poc/frost-ristretto255-sha512.json @@ -27,20 +27,20 @@ "participants": "1,3", "signers": { "1": { - "hiding_nonce": "82fd8f26f0b5f86d93d3da8162c23641aa1b16ab803be1a4d8500f143b592605", - "binding_nonce": "c9ee2f764434e263808722a3cb9886b7ce25ade80ce00bac4ac4d9548ac2450a", - "hiding_nonce_commitment": "c4f0ea06e07ee8e41bd3de3a63dc77f40d65a7ede329263db410eb0e455c9a7a", - "binding_nonce_commitment": "c2ab142e4c2572aea1dcd0044e864544c49874b2e39ed5f969b6133372a23643", - "binding_factor_input": "0001c4f0ea06e07ee8e41bd3de3a63dc77f40d65a7ede329263db410eb0e455c9a7ac2ab142e4c2572aea1dcd0044e864544c49874b2e39ed5f969b6133372a23643678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043", - "binding_factor": "1bed7e23dbe3066085a132da86ccf1e58291cec6571249cd4f16a053c8409b04" + "hiding_nonce": "eb0dc12ae7b746d36e3f2de46ce3833a05b9d4af5434eeb8cafaefda76906d00", + "binding_nonce": "491e91aa9df514ef598d5e0c7c5cdd088fbde4965b96069d546c0f04f1822b03", + "hiding_nonce_commitment": "c6fe28df6a13f2ea80a911dd7a284e4b185bc8d3e3102adaf88807a5e3d3813c", + "binding_nonce_commitment": "a413722bcfc71ba044bb2846b814401e60fed6b2fc5bfb25f5a49e63474b7011", + "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750001", + "binding_factor": "2e81f15e28874f517b6d2023291e49000f71f998852b484aaef945000478ea05" }, "3": { - "hiding_nonce": "d2478a9a47594005cb6de147f4c98b92b5e27e157fddb37ef122a75dfd7b8e06", - "binding_nonce": "5f2193dc5f3e5537fba742786fec22e18e40b059e50d6ef2e3160a3faf11dd0e", - "hiding_nonce_commitment": "9a543be2b522d20a9d7e920388bb32f954bcfc695d145736de09f09646c6ae4c", - "binding_nonce_commitment": "debe73bc386b4dba161d72fa46ecc86765d6ff3627cfe07d56891d21399f1e4c", - "binding_factor_input": "00039a543be2b522d20a9d7e920388bb32f954bcfc695d145736de09f09646c6ae4cdebe73bc386b4dba161d72fa46ecc86765d6ff3627cfe07d56891d21399f1e4c678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043", - "binding_factor": "f611130beed6aa69de48fc1c05e7a005c7d5232b2852fe721a1d711c35a28600" + "hiding_nonce": "abd12b8e6f255ee1e540eab029003a6e956567617720f61115f0941615892209", + "binding_nonce": "218e22625f93f262f025bd2d13c46ba722aa29fe585ceed66ff442d98fe4e509", + "hiding_nonce_commitment": "5450c4c98c3fc6bb579bded17fcdc23073d2ecfb761e3f9433cbc991e1496068", + "binding_nonce_commitment": "0ae0cf608fcba285ec1f6c84c955572c91a4fafcc1f1120f4f30b25e40fbcc0a", + "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750003", + "binding_factor": "240d5257c68e377c1994481081a8a4c4362b9e82e523088c30d91f8c2811890e" } } }, @@ -48,14 +48,14 @@ "participants": "1,3", "signers": { "1": { - "sig_share": "2aeac152cff93a82233c1ac6bece654af750f75c47cd5c87fcf6109a562c8903" + "sig_share": "efae3a83437fa8cd96194aacc56a7eb841630c280da99e7764a81d1340323306" }, "3": { - "sig_share": "a9487edfb9349f792693278fa9f8abd57c2caaac4f901fb03da8534c56574303" + "sig_share": "96ddc4582e45eabce46f07b9e9375f8b49d35d1510fd34ac02b1e79d6100a602" } } }, "final_output": { - "sig": "a6fa7f7553307cfa36e55a705a2e59f808a1bcda888efcf4f26ba0c4080cc400d3324032892edafb49cf415568c71120747da109975d7c373a9f64e6ac83cc06" + "sig": "7ec584cef9a383afb43883b73bcaa6313afe878bd5fe75a608311b866a76ec67858cffdb71c4928a7b895165afa2dd438b366a3d1da6d323675905b1a132d908" } } \ No newline at end of file diff --git a/poc/frost.sage b/poc/frost.sage index cc0ae6c8..5fa15a48 100644 --- a/poc/frost.sage +++ b/poc/frost.sage @@ -136,18 +136,26 @@ class Signature(object): def encode(self): return self.G.serialize(self.R) + self.G.serialize_scalar(self.z) +def encode_group_commitment_list(G, commitment_list): + B_es = [I2OSP(i, 2) + G.serialize(D) + G.serialize(E) for (i, D, E) in commitment_list] + B_e = B_es[0] + for i, v in enumerate(B_es): + if i > 0: + B_e = B_e + v + return B_e + def compute_binding_factors(G, H, commitment_list, msg): - def binding_factor(commitment): - (i, D, E) = commitment - return I2OSP(i, 2) + G.serialize(D) + G.serialize(E) + msg_hash = H.H3(msg) + encoded_commitment_hash = H.H3(encode_group_commitment_list(G, commitment_list)) + rho_input_prefix = msg_hash + encoded_commitment_hash + binding_factors = {} rho_inputs = {} - msg_hash = H.H3(msg) - for _, commitment in enumerate(commitment_list): - rho_input = binding_factor(commitment) + msg_hash - factor = H.H1(rho_input) - rho_inputs[commitment[0]] = rho_input - binding_factors[commitment[0]] = factor + for _, (i, D, E) in enumerate(commitment_list): + rho_input = rho_input_prefix + I2OSP(i, 2) + binding_factor = H.H1(rho_input) + rho_inputs[i] = rho_input + binding_factors[i] = binding_factor return binding_factors, rho_inputs def compute_group_commitment(G, commitment_list, binding_factors):