@bitgo-beta/sdk-lib-mpc 8.2.1-alpha.5 → 8.2.1-alpha.51
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +336 -0
- package/dist/src/curves/constant.d.ts +2 -0
- package/dist/src/curves/constant.d.ts.map +1 -0
- package/dist/src/curves/constant.js +6 -0
- package/dist/src/curves/{baseCurve.d.ts → ed25519.d.ts} +9 -7
- package/dist/src/curves/ed25519.d.ts.map +1 -0
- package/dist/src/curves/ed25519.js +72 -0
- package/dist/src/curves/ed25519Bip32HdTree.d.ts +10 -0
- package/dist/src/curves/ed25519Bip32HdTree.d.ts.map +1 -0
- package/dist/src/curves/ed25519Bip32HdTree.js +85 -0
- package/dist/src/curves/index.d.ts +6 -1
- package/dist/src/curves/index.d.ts.map +1 -1
- package/dist/src/curves/index.js +7 -2
- package/dist/src/curves/secp256k1.d.ts +3 -1
- package/dist/src/curves/secp256k1.d.ts.map +1 -1
- package/dist/src/curves/secp256k1.js +14 -7
- package/dist/src/curves/secp256k1Bip32HdTree.d.ts +8 -0
- package/dist/src/curves/secp256k1Bip32HdTree.d.ts.map +1 -0
- package/dist/src/curves/secp256k1Bip32HdTree.js +54 -0
- package/dist/src/curves/types.d.ts +36 -0
- package/dist/src/curves/types.d.ts.map +1 -0
- package/dist/src/curves/types.js +3 -0
- package/dist/src/curves/util.d.ts +2 -0
- package/dist/src/curves/util.d.ts.map +1 -0
- package/dist/src/curves/util.js +11 -0
- package/dist/src/hashCommitment.d.ts +17 -0
- package/dist/src/hashCommitment.d.ts.map +1 -0
- package/dist/src/hashCommitment.js +45 -0
- package/dist/src/index.d.ts +6 -1
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +20 -2
- package/dist/src/schnorrProof.d.ts +22 -0
- package/dist/src/schnorrProof.d.ts.map +1 -0
- package/dist/src/schnorrProof.js +62 -0
- package/dist/src/shamir/index.d.ts +3 -0
- package/dist/src/shamir/index.d.ts.map +1 -0
- package/dist/src/shamir/index.js +15 -0
- package/dist/src/shamir/shamir.d.ts +38 -0
- package/dist/src/shamir/shamir.d.ts.map +1 -0
- package/dist/src/shamir/shamir.js +136 -0
- package/dist/src/shamir/types.d.ts +5 -0
- package/dist/src/shamir/types.d.ts.map +1 -0
- package/dist/src/shamir/types.js +3 -0
- package/dist/src/tss/ecdsa/index.d.ts +3 -0
- package/dist/src/tss/ecdsa/index.d.ts.map +1 -1
- package/dist/src/tss/ecdsa/index.js +5 -2
- package/dist/src/tss/ecdsa/paillierproof.d.ts +24 -0
- package/dist/src/tss/ecdsa/paillierproof.d.ts.map +1 -0
- package/dist/src/tss/ecdsa/paillierproof.js +86 -0
- package/dist/src/tss/ecdsa/primes.d.ts +2 -0
- package/dist/src/tss/ecdsa/primes.d.ts.map +1 -0
- package/dist/src/tss/ecdsa/primes.js +1846 -0
- package/dist/src/tss/ecdsa/rangeproof.d.ts +1 -1
- package/dist/src/tss/ecdsa/rangeproof.d.ts.map +1 -1
- package/dist/src/tss/ecdsa/rangeproof.js +24 -23
- package/dist/src/tss/ecdsa/types.d.ts +71 -13
- package/dist/src/tss/ecdsa/types.d.ts.map +1 -1
- package/dist/src/tss/ecdsa/types.js +76 -14
- package/dist/src/tss/ecdsa/zkVProof.d.ts +25 -0
- package/dist/src/tss/ecdsa/zkVProof.d.ts.map +1 -0
- package/dist/src/tss/ecdsa/zkVProof.js +71 -0
- package/dist/src/types.d.ts +14 -0
- package/dist/src/types.d.ts.map +1 -0
- package/dist/src/types.js +3 -0
- package/dist/src/util.d.ts +21 -6
- package/dist/src/util.d.ts.map +1 -1
- package/dist/src/util.js +56 -14
- package/dist/tsconfig.tsbuildinfo +1 -3621
- package/package.json +4 -4
- package/dist/src/curves/baseCurve.d.ts.map +0 -1
- package/dist/src/curves/baseCurve.js +0 -6
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.Shamir = void 0;
|
|
7
|
+
const crypto_1 = __importDefault(require("crypto"));
|
|
8
|
+
const util_1 = require("../util");
|
|
9
|
+
class Shamir {
|
|
10
|
+
constructor(curve) {
|
|
11
|
+
this.curve = curve;
|
|
12
|
+
}
|
|
13
|
+
/**
|
|
14
|
+
* Perform Shamir sharing on the secret `secret` to the degree `threshold - 1` split `numShares`
|
|
15
|
+
* ways. The split secret requires `threshold` shares to be reconstructed.
|
|
16
|
+
*
|
|
17
|
+
* @param secret secret to split
|
|
18
|
+
* @param threshold share threshold required to reconstruct secret
|
|
19
|
+
* @param numShares total number of shares to split secret into
|
|
20
|
+
* @param indices optional indices which can be used while generating the shares
|
|
21
|
+
* @param salt optional salt which could be used while generating the shares
|
|
22
|
+
* @returns Dictionary containing `shares`, a dictionary where each key is an int
|
|
23
|
+
* in the range 1<=x<=numShares representing that share's free term, and `v`, an
|
|
24
|
+
* array of proofs to be shared with all participants.
|
|
25
|
+
*/
|
|
26
|
+
split(secret, threshold, numShares, indices, salt = BigInt(0)) {
|
|
27
|
+
let bigIndices;
|
|
28
|
+
if (indices) {
|
|
29
|
+
bigIndices = indices.map((i) => {
|
|
30
|
+
if (i < 1) {
|
|
31
|
+
throw new Error('Invalid value supplied for indices');
|
|
32
|
+
}
|
|
33
|
+
return BigInt(i);
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
else {
|
|
37
|
+
// make range(1, n + 1)
|
|
38
|
+
bigIndices = Array(numShares)
|
|
39
|
+
.fill(null)
|
|
40
|
+
.map((_, i) => BigInt(i + 1));
|
|
41
|
+
}
|
|
42
|
+
if (threshold < 2) {
|
|
43
|
+
throw new Error('Threshold cannot be less than two');
|
|
44
|
+
}
|
|
45
|
+
if (threshold > numShares) {
|
|
46
|
+
throw new Error('Threshold cannot be greater than the total number of shares');
|
|
47
|
+
}
|
|
48
|
+
const coefs = [];
|
|
49
|
+
const v = [];
|
|
50
|
+
for (let ind = 0; ind < threshold - 1; ind++) {
|
|
51
|
+
const coeff = util_1.clamp(util_1.bigIntFromBufferLE(crypto_1.default.createHmac('sha256', ind.toString(10)).update(util_1.bigIntToBufferLE(secret, 32)).digest()));
|
|
52
|
+
coefs.push(coeff);
|
|
53
|
+
v.unshift(this.curve.basePointMult(coeff));
|
|
54
|
+
}
|
|
55
|
+
coefs.push(secret);
|
|
56
|
+
const shares = {};
|
|
57
|
+
for (let ind = 0; ind < bigIndices.length; ind++) {
|
|
58
|
+
const x = bigIndices[ind];
|
|
59
|
+
let partial = coefs[0];
|
|
60
|
+
for (let other = 1; other < coefs.length; other++) {
|
|
61
|
+
partial = this.curve.scalarAdd(coefs[other], this.curve.scalarMult(partial, x));
|
|
62
|
+
}
|
|
63
|
+
shares[parseInt(x.toString(), 10)] = partial;
|
|
64
|
+
}
|
|
65
|
+
return { shares, v };
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* Verify a VSS share.
|
|
69
|
+
*
|
|
70
|
+
* @param u Secret share received from other party.
|
|
71
|
+
* @param v Verification values received from other party.
|
|
72
|
+
* @param index Verifier's index.
|
|
73
|
+
* @returns True on success; otherwise throws Error.
|
|
74
|
+
*/
|
|
75
|
+
verify(u, v, index) {
|
|
76
|
+
if (v.length < 2) {
|
|
77
|
+
throw new Error('Threshold cannot be less than two');
|
|
78
|
+
}
|
|
79
|
+
if (index < 1) {
|
|
80
|
+
throw new Error('Invalid value supplied for index');
|
|
81
|
+
}
|
|
82
|
+
const i = BigInt(index);
|
|
83
|
+
let x = v[0];
|
|
84
|
+
let t = BigInt(1);
|
|
85
|
+
for (const vsj of v.slice(1)) {
|
|
86
|
+
t = this.curve.scalarMult(t, i);
|
|
87
|
+
const vjt = this.curve.pointMultiply(vsj, t);
|
|
88
|
+
x = this.curve.pointAdd(x, vjt);
|
|
89
|
+
}
|
|
90
|
+
const sigmaG = this.curve.basePointMult(u);
|
|
91
|
+
if (x !== sigmaG) {
|
|
92
|
+
throw new Error('Could not verify share');
|
|
93
|
+
}
|
|
94
|
+
return true;
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Reconstitute a secret from a dictionary of shares. The number of shares must
|
|
98
|
+
* be equal to `t` to reconstitute the original secret.
|
|
99
|
+
*
|
|
100
|
+
* @param shares dictionary of shares. each key is the free term of the share
|
|
101
|
+
* @returns secret
|
|
102
|
+
*/
|
|
103
|
+
combine(shares) {
|
|
104
|
+
try {
|
|
105
|
+
let s = BigInt(0);
|
|
106
|
+
for (const i in shares) {
|
|
107
|
+
const yi = shares[i];
|
|
108
|
+
const xi = BigInt(i);
|
|
109
|
+
let num = BigInt(1);
|
|
110
|
+
let denum = BigInt(1);
|
|
111
|
+
for (const j in shares) {
|
|
112
|
+
const xj = BigInt(j);
|
|
113
|
+
if (xi !== xj) {
|
|
114
|
+
num = this.curve.scalarMult(num, xj);
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
for (const j in shares) {
|
|
118
|
+
const xj = BigInt(j);
|
|
119
|
+
if (xi !== xj) {
|
|
120
|
+
denum = this.curve.scalarMult(denum, this.curve.scalarSub(xj, xi));
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
const inverted = this.curve.scalarInvert(denum);
|
|
124
|
+
const innerMultiplied = this.curve.scalarMult(num, inverted);
|
|
125
|
+
const multiplied = this.curve.scalarMult(innerMultiplied, yi);
|
|
126
|
+
s = this.curve.scalarAdd(multiplied, s);
|
|
127
|
+
}
|
|
128
|
+
return s;
|
|
129
|
+
}
|
|
130
|
+
catch (error) {
|
|
131
|
+
throw new Error('Failed to combine Shamir shares , ' + error);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
exports.Shamir = Shamir;
|
|
136
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2hhbWlyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3NoYW1pci9zaGFtaXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsb0RBQTRCO0FBRzVCLGtDQUFzRTtBQUV0RSxNQUFhLE1BQU07SUFHakIsWUFBWSxLQUFnQjtRQUMxQixJQUFJLENBQUMsS0FBSyxHQUFHLEtBQUssQ0FBQztJQUNyQixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7OztPQVlHO0lBQ0gsS0FBSyxDQUFDLE1BQWMsRUFBRSxTQUFpQixFQUFFLFNBQWlCLEVBQUUsT0FBdUIsRUFBRSxJQUFJLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUNuRyxJQUFJLFVBQXlCLENBQUM7UUFDOUIsSUFBSSxPQUFPLEVBQUU7WUFDWCxVQUFVLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO2dCQUM3QixJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUU7b0JBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO2lCQUN2RDtnQkFDRCxPQUFPLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUNuQixDQUFDLENBQUMsQ0FBQztTQUNKO2FBQU07WUFDTCx1QkFBdUI7WUFDdkIsVUFBVSxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUM7aUJBQzFCLElBQUksQ0FBQyxJQUFJLENBQUM7aUJBQ1YsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQ2pDO1FBQ0QsSUFBSSxTQUFTLEdBQUcsQ0FBQyxFQUFFO1lBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMsbUNBQW1DLENBQUMsQ0FBQztTQUN0RDtRQUVELElBQUksU0FBUyxHQUFHLFNBQVMsRUFBRTtZQUN6QixNQUFNLElBQUksS0FBSyxDQUFDLDZEQUE2RCxDQUFDLENBQUM7U0FDaEY7UUFFRCxNQUFNLEtBQUssR0FBYSxFQUFFLENBQUM7UUFDM0IsTUFBTSxDQUFDLEdBQWtCLEVBQUUsQ0FBQztRQUM1QixLQUFLLElBQUksR0FBRyxHQUFHLENBQUMsRUFBRSxHQUFHLEdBQUcsU0FBUyxHQUFHLENBQUMsRUFBRSxHQUFHLEVBQUUsRUFBRTtZQUM1QyxNQUFNLEtBQUssR0FBRyxZQUFLLENBQ2pCLHlCQUFrQixDQUFDLGdCQUFNLENBQUMsVUFBVSxDQUFDLFFBQVEsRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLHVCQUFnQixDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQ2hILENBQUM7WUFDRixLQUFLLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQ2xCLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztTQUM1QztRQUNELEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFbkIsTUFBTSxNQUFNLEdBQTJCLEVBQUUsQ0FBQztRQUMxQyxLQUFLLElBQUksR0FBRyxHQUFHLENBQUMsRUFBRSxHQUFHLEdBQUcsVUFBVSxDQUFDLE1BQU0sRUFBRSxHQUFHLEVBQUUsRUFBRTtZQUNoRCxNQUFNLENBQUMsR0FBRyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDMUIsSUFBSSxPQUFPLEdBQUcsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ3ZCLEtBQUssSUFBSSxLQUFLLEdBQUcsQ0FBQyxFQUFFLEtBQUssR0FBRyxLQUFLLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxFQUFFO2dCQUNqRCxPQUFPLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDO2FBQ2pGO1lBQ0QsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsR0FBRyxPQUFPLENBQUM7U0FDOUM7UUFDRCxPQUFPLEVBQUUsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsTUFBTSxDQUFDLENBQVMsRUFBRSxDQUFnQixFQUFFLEtBQWE7UUFDL0MsSUFBSSxDQUFDLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtZQUNoQixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7U0FDdEQ7UUFDRCxJQUFJLEtBQUssR0FBRyxDQUFDLEVBQUU7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLGtDQUFrQyxDQUFDLENBQUM7U0FDckQ7UUFDRCxNQUFNLENBQUMsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDeEIsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2IsSUFBSSxDQUFDLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xCLEtBQUssTUFBTSxHQUFHLElBQUksQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsRUFBRTtZQUM1QixDQUFDLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBQ2hDLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsYUFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQztZQUM3QyxDQUFDLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1NBQ2pDO1FBQ0QsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDM0MsSUFBSSxDQUFDLEtBQUssTUFBTSxFQUFFO1lBQ2hCLE1BQU0sSUFBSSxLQUFLLENBQUMsd0JBQXdCLENBQUMsQ0FBQztTQUMzQztRQUNELE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILE9BQU8sQ0FBQyxNQUE4QjtRQUNwQyxJQUFJO1lBQ0YsSUFBSSxDQUFDLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ2xCLEtBQUssTUFBTSxDQUFDLElBQUksTUFBTSxFQUFFO2dCQUN0QixNQUFNLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3JCLE1BQU0sRUFBRSxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDckIsSUFBSSxHQUFHLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNwQixJQUFJLEtBQUssR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBRXRCLEtBQUssTUFBTSxDQUFDLElBQUksTUFBTSxFQUFFO29CQUN0QixNQUFNLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7b0JBQ3JCLElBQUksRUFBRSxLQUFLLEVBQUUsRUFBRTt3QkFDYixHQUFHLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxDQUFDO3FCQUN0QztpQkFDRjtnQkFDRCxLQUFLLE1BQU0sQ0FBQyxJQUFJLE1BQU0sRUFBRTtvQkFDdEIsTUFBTSxFQUFFLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO29CQUNyQixJQUFJLEVBQUUsS0FBSyxFQUFFLEVBQUU7d0JBQ2IsS0FBSyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQztxQkFDcEU7aUJBQ0Y7Z0JBQ0QsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ2hELE1BQU0sZUFBZSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLEdBQUcsRUFBRSxRQUFRLENBQUMsQ0FBQztnQkFDN0QsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsZUFBZSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUM5RCxDQUFDLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsVUFBVSxFQUFFLENBQUMsQ0FBQyxDQUFDO2FBQ3pDO1lBQ0QsT0FBTyxDQUFDLENBQUM7U0FDVjtRQUFDLE9BQU8sS0FBSyxFQUFFO1lBQ2QsTUFBTSxJQUFJLEtBQUssQ0FBQyxvQ0FBb0MsR0FBRyxLQUFLLENBQUMsQ0FBQztTQUMvRDtJQUNILENBQUM7Q0FDRjtBQXRJRCx3QkFzSUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgY3J5cHRvIGZyb20gJ2NyeXB0byc7XG5pbXBvcnQgeyBCYXNlQ3VydmUgfSBmcm9tICcuLi9jdXJ2ZXMnO1xuaW1wb3J0IHsgU3BsaXRTZWNyZXQgfSBmcm9tICcuL3R5cGVzJztcbmltcG9ydCB7IGJpZ0ludEZyb21CdWZmZXJMRSwgYmlnSW50VG9CdWZmZXJMRSwgY2xhbXAgfSBmcm9tICcuLi91dGlsJztcblxuZXhwb3J0IGNsYXNzIFNoYW1pciB7XG4gIGN1cnZlOiBCYXNlQ3VydmU7XG5cbiAgY29uc3RydWN0b3IoY3VydmU6IEJhc2VDdXJ2ZSkge1xuICAgIHRoaXMuY3VydmUgPSBjdXJ2ZTtcbiAgfVxuXG4gIC8qKlxuICAgKiBQZXJmb3JtIFNoYW1pciBzaGFyaW5nIG9uIHRoZSBzZWNyZXQgYHNlY3JldGAgdG8gdGhlIGRlZ3JlZSBgdGhyZXNob2xkIC0gMWAgc3BsaXQgYG51bVNoYXJlc2BcbiAgICogd2F5cy4gVGhlIHNwbGl0IHNlY3JldCByZXF1aXJlcyBgdGhyZXNob2xkYCBzaGFyZXMgdG8gYmUgcmVjb25zdHJ1Y3RlZC5cbiAgICpcbiAgICogQHBhcmFtIHNlY3JldCBzZWNyZXQgdG8gc3BsaXRcbiAgICogQHBhcmFtIHRocmVzaG9sZCBzaGFyZSB0aHJlc2hvbGQgcmVxdWlyZWQgdG8gcmVjb25zdHJ1Y3Qgc2VjcmV0XG4gICAqIEBwYXJhbSBudW1TaGFyZXMgdG90YWwgbnVtYmVyIG9mIHNoYXJlcyB0byBzcGxpdCBzZWNyZXQgaW50b1xuICAgKiBAcGFyYW0gaW5kaWNlcyBvcHRpb25hbCBpbmRpY2VzIHdoaWNoIGNhbiBiZSB1c2VkIHdoaWxlIGdlbmVyYXRpbmcgdGhlIHNoYXJlc1xuICAgKiBAcGFyYW0gc2FsdCBvcHRpb25hbCBzYWx0IHdoaWNoIGNvdWxkIGJlIHVzZWQgd2hpbGUgZ2VuZXJhdGluZyB0aGUgc2hhcmVzXG4gICAqIEByZXR1cm5zIERpY3Rpb25hcnkgY29udGFpbmluZyBgc2hhcmVzYCwgYSBkaWN0aW9uYXJ5IHdoZXJlIGVhY2gga2V5IGlzIGFuIGludFxuICAgKiBpbiB0aGUgcmFuZ2UgMTw9eDw9bnVtU2hhcmVzIHJlcHJlc2VudGluZyB0aGF0IHNoYXJlJ3MgZnJlZSB0ZXJtLCBhbmQgYHZgLCBhblxuICAgKiBhcnJheSBvZiBwcm9vZnMgdG8gYmUgc2hhcmVkIHdpdGggYWxsIHBhcnRpY2lwYW50cy5cbiAgICovXG4gIHNwbGl0KHNlY3JldDogYmlnaW50LCB0aHJlc2hvbGQ6IG51bWJlciwgbnVtU2hhcmVzOiBudW1iZXIsIGluZGljZXM/OiBBcnJheTxudW1iZXI+LCBzYWx0ID0gQmlnSW50KDApKTogU3BsaXRTZWNyZXQge1xuICAgIGxldCBiaWdJbmRpY2VzOiBBcnJheTxiaWdpbnQ+O1xuICAgIGlmIChpbmRpY2VzKSB7XG4gICAgICBiaWdJbmRpY2VzID0gaW5kaWNlcy5tYXAoKGkpID0+IHtcbiAgICAgICAgaWYgKGkgPCAxKSB7XG4gICAgICAgICAgdGhyb3cgbmV3IEVycm9yKCdJbnZhbGlkIHZhbHVlIHN1cHBsaWVkIGZvciBpbmRpY2VzJyk7XG4gICAgICAgIH1cbiAgICAgICAgcmV0dXJuIEJpZ0ludChpKTtcbiAgICAgIH0pO1xuICAgIH0gZWxzZSB7XG4gICAgICAvLyBtYWtlIHJhbmdlKDEsIG4gKyAxKVxuICAgICAgYmlnSW5kaWNlcyA9IEFycmF5KG51bVNoYXJlcylcbiAgICAgICAgLmZpbGwobnVsbClcbiAgICAgICAgLm1hcCgoXywgaSkgPT4gQmlnSW50KGkgKyAxKSk7XG4gICAgfVxuICAgIGlmICh0aHJlc2hvbGQgPCAyKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1RocmVzaG9sZCBjYW5ub3QgYmUgbGVzcyB0aGFuIHR3bycpO1xuICAgIH1cblxuICAgIGlmICh0aHJlc2hvbGQgPiBudW1TaGFyZXMpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignVGhyZXNob2xkIGNhbm5vdCBiZSBncmVhdGVyIHRoYW4gdGhlIHRvdGFsIG51bWJlciBvZiBzaGFyZXMnKTtcbiAgICB9XG5cbiAgICBjb25zdCBjb2VmczogYmlnaW50W10gPSBbXTtcbiAgICBjb25zdCB2OiBBcnJheTxiaWdpbnQ+ID0gW107XG4gICAgZm9yIChsZXQgaW5kID0gMDsgaW5kIDwgdGhyZXNob2xkIC0gMTsgaW5kKyspIHtcbiAgICAgIGNvbnN0IGNvZWZmID0gY2xhbXAoXG4gICAgICAgIGJpZ0ludEZyb21CdWZmZXJMRShjcnlwdG8uY3JlYXRlSG1hYygnc2hhMjU2JywgaW5kLnRvU3RyaW5nKDEwKSkudXBkYXRlKGJpZ0ludFRvQnVmZmVyTEUoc2VjcmV0LCAzMikpLmRpZ2VzdCgpKVxuICAgICAgKTtcbiAgICAgIGNvZWZzLnB1c2goY29lZmYpO1xuICAgICAgdi51bnNoaWZ0KHRoaXMuY3VydmUuYmFzZVBvaW50TXVsdChjb2VmZikpO1xuICAgIH1cbiAgICBjb2Vmcy5wdXNoKHNlY3JldCk7XG5cbiAgICBjb25zdCBzaGFyZXM6IFJlY29yZDxudW1iZXIsIGJpZ2ludD4gPSB7fTtcbiAgICBmb3IgKGxldCBpbmQgPSAwOyBpbmQgPCBiaWdJbmRpY2VzLmxlbmd0aDsgaW5kKyspIHtcbiAgICAgIGNvbnN0IHggPSBiaWdJbmRpY2VzW2luZF07XG4gICAgICBsZXQgcGFydGlhbCA9IGNvZWZzWzBdO1xuICAgICAgZm9yIChsZXQgb3RoZXIgPSAxOyBvdGhlciA8IGNvZWZzLmxlbmd0aDsgb3RoZXIrKykge1xuICAgICAgICBwYXJ0aWFsID0gdGhpcy5jdXJ2ZS5zY2FsYXJBZGQoY29lZnNbb3RoZXJdLCB0aGlzLmN1cnZlLnNjYWxhck11bHQocGFydGlhbCwgeCkpO1xuICAgICAgfVxuICAgICAgc2hhcmVzW3BhcnNlSW50KHgudG9TdHJpbmcoKSwgMTApXSA9IHBhcnRpYWw7XG4gICAgfVxuICAgIHJldHVybiB7IHNoYXJlcywgdiB9O1xuICB9XG5cbiAgLyoqXG4gICAqIFZlcmlmeSBhIFZTUyBzaGFyZS5cbiAgICpcbiAgICogQHBhcmFtIHUgU2VjcmV0IHNoYXJlIHJlY2VpdmVkIGZyb20gb3RoZXIgcGFydHkuXG4gICAqIEBwYXJhbSB2IFZlcmlmaWNhdGlvbiB2YWx1ZXMgcmVjZWl2ZWQgZnJvbSBvdGhlciBwYXJ0eS5cbiAgICogQHBhcmFtIGluZGV4IFZlcmlmaWVyJ3MgaW5kZXguXG4gICAqIEByZXR1cm5zIFRydWUgb24gc3VjY2Vzczsgb3RoZXJ3aXNlIHRocm93cyBFcnJvci5cbiAgICovXG4gIHZlcmlmeSh1OiBiaWdpbnQsIHY6IEFycmF5PGJpZ2ludD4sIGluZGV4OiBudW1iZXIpOiBib29sZWFuIHtcbiAgICBpZiAodi5sZW5ndGggPCAyKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1RocmVzaG9sZCBjYW5ub3QgYmUgbGVzcyB0aGFuIHR3bycpO1xuICAgIH1cbiAgICBpZiAoaW5kZXggPCAxKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ0ludmFsaWQgdmFsdWUgc3VwcGxpZWQgZm9yIGluZGV4Jyk7XG4gICAgfVxuICAgIGNvbnN0IGkgPSBCaWdJbnQoaW5kZXgpO1xuICAgIGxldCB4ID0gdlswXTtcbiAgICBsZXQgdCA9IEJpZ0ludCgxKTtcbiAgICBmb3IgKGNvbnN0IHZzaiBvZiB2LnNsaWNlKDEpKSB7XG4gICAgICB0ID0gdGhpcy5jdXJ2ZS5zY2FsYXJNdWx0KHQsIGkpO1xuICAgICAgY29uc3Qgdmp0ID0gdGhpcy5jdXJ2ZS5wb2ludE11bHRpcGx5KHZzaiwgdCk7XG4gICAgICB4ID0gdGhpcy5jdXJ2ZS5wb2ludEFkZCh4LCB2anQpO1xuICAgIH1cbiAgICBjb25zdCBzaWdtYUcgPSB0aGlzLmN1cnZlLmJhc2VQb2ludE11bHQodSk7XG4gICAgaWYgKHggIT09IHNpZ21hRykge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCdDb3VsZCBub3QgdmVyaWZ5IHNoYXJlJyk7XG4gICAgfVxuICAgIHJldHVybiB0cnVlO1xuICB9XG5cbiAgLyoqXG4gICAqIFJlY29uc3RpdHV0ZSBhIHNlY3JldCBmcm9tIGEgZGljdGlvbmFyeSBvZiBzaGFyZXMuIFRoZSBudW1iZXIgb2Ygc2hhcmVzIG11c3RcbiAgICogYmUgZXF1YWwgdG8gYHRgIHRvIHJlY29uc3RpdHV0ZSB0aGUgb3JpZ2luYWwgc2VjcmV0LlxuICAgKlxuICAgKiBAcGFyYW0gc2hhcmVzIGRpY3Rpb25hcnkgb2Ygc2hhcmVzLiBlYWNoIGtleSBpcyB0aGUgZnJlZSB0ZXJtIG9mIHRoZSBzaGFyZVxuICAgKiBAcmV0dXJucyBzZWNyZXRcbiAgICovXG4gIGNvbWJpbmUoc2hhcmVzOiBSZWNvcmQ8bnVtYmVyLCBiaWdpbnQ+KTogYmlnaW50IHtcbiAgICB0cnkge1xuICAgICAgbGV0IHMgPSBCaWdJbnQoMCk7XG4gICAgICBmb3IgKGNvbnN0IGkgaW4gc2hhcmVzKSB7XG4gICAgICAgIGNvbnN0IHlpID0gc2hhcmVzW2ldO1xuICAgICAgICBjb25zdCB4aSA9IEJpZ0ludChpKTtcbiAgICAgICAgbGV0IG51bSA9IEJpZ0ludCgxKTtcbiAgICAgICAgbGV0IGRlbnVtID0gQmlnSW50KDEpO1xuXG4gICAgICAgIGZvciAoY29uc3QgaiBpbiBzaGFyZXMpIHtcbiAgICAgICAgICBjb25zdCB4aiA9IEJpZ0ludChqKTtcbiAgICAgICAgICBpZiAoeGkgIT09IHhqKSB7XG4gICAgICAgICAgICBudW0gPSB0aGlzLmN1cnZlLnNjYWxhck11bHQobnVtLCB4aik7XG4gICAgICAgICAgfVxuICAgICAgICB9XG4gICAgICAgIGZvciAoY29uc3QgaiBpbiBzaGFyZXMpIHtcbiAgICAgICAgICBjb25zdCB4aiA9IEJpZ0ludChqKTtcbiAgICAgICAgICBpZiAoeGkgIT09IHhqKSB7XG4gICAgICAgICAgICBkZW51bSA9IHRoaXMuY3VydmUuc2NhbGFyTXVsdChkZW51bSwgdGhpcy5jdXJ2ZS5zY2FsYXJTdWIoeGosIHhpKSk7XG4gICAgICAgICAgfVxuICAgICAgICB9XG4gICAgICAgIGNvbnN0IGludmVydGVkID0gdGhpcy5jdXJ2ZS5zY2FsYXJJbnZlcnQoZGVudW0pO1xuICAgICAgICBjb25zdCBpbm5lck11bHRpcGxpZWQgPSB0aGlzLmN1cnZlLnNjYWxhck11bHQobnVtLCBpbnZlcnRlZCk7XG4gICAgICAgIGNvbnN0IG11bHRpcGxpZWQgPSB0aGlzLmN1cnZlLnNjYWxhck11bHQoaW5uZXJNdWx0aXBsaWVkLCB5aSk7XG4gICAgICAgIHMgPSB0aGlzLmN1cnZlLnNjYWxhckFkZChtdWx0aXBsaWVkLCBzKTtcbiAgICAgIH1cbiAgICAgIHJldHVybiBzO1xuICAgIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ0ZhaWxlZCB0byBjb21iaW5lIFNoYW1pciBzaGFyZXMgLCAnICsgZXJyb3IpO1xuICAgIH1cbiAgfVxufVxuIl19
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/shamir/types.ts"],"names":[],"mappings":"AAAA,oBAAY,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,CAAC,EAAE,MAAM,EAAE,CAAC;CACb,CAAC"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2hhbWlyL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgdHlwZSBTcGxpdFNlY3JldCA9IHtcbiAgc2hhcmVzOiBSZWNvcmQ8bnVtYmVyLCBiaWdpbnQ+O1xuICB2OiBiaWdpbnRbXTtcbn07XG4iXX0=
|
|
@@ -1,3 +1,6 @@
|
|
|
1
1
|
export * as EcdsaTypes from './types';
|
|
2
2
|
export * as EcdsaRangeProof from './rangeproof';
|
|
3
|
+
export * as EcdsaPaillierProof from './paillierproof';
|
|
4
|
+
export * as EcdsaZkVProof from './zkVProof';
|
|
5
|
+
export declare const minModulusBitLength = 3072;
|
|
3
6
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/tss/ecdsa/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,SAAS,CAAC;AACtC,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/tss/ecdsa/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,SAAS,CAAC;AACtC,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,kBAAkB,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,aAAa,MAAM,YAAY,CAAC;AAE5C,eAAO,MAAM,mBAAmB,OAAO,CAAC"}
|
|
@@ -19,7 +19,10 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
19
19
|
return result;
|
|
20
20
|
};
|
|
21
21
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
22
|
-
exports.EcdsaRangeProof = exports.EcdsaTypes = void 0;
|
|
22
|
+
exports.minModulusBitLength = exports.EcdsaZkVProof = exports.EcdsaPaillierProof = exports.EcdsaRangeProof = exports.EcdsaTypes = void 0;
|
|
23
23
|
exports.EcdsaTypes = __importStar(require("./types"));
|
|
24
24
|
exports.EcdsaRangeProof = __importStar(require("./rangeproof"));
|
|
25
|
-
|
|
25
|
+
exports.EcdsaPaillierProof = __importStar(require("./paillierproof"));
|
|
26
|
+
exports.EcdsaZkVProof = __importStar(require("./zkVProof"));
|
|
27
|
+
exports.minModulusBitLength = 3072;
|
|
28
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvdHNzL2VjZHNhL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzREFBc0M7QUFDdEMsZ0VBQWdEO0FBQ2hELHNFQUFzRDtBQUN0RCw0REFBNEM7QUFFL0IsUUFBQSxtQkFBbUIsR0FBRyxJQUFJLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgKiBhcyBFY2RzYVR5cGVzIGZyb20gJy4vdHlwZXMnO1xuZXhwb3J0ICogYXMgRWNkc2FSYW5nZVByb29mIGZyb20gJy4vcmFuZ2Vwcm9vZic7XG5leHBvcnQgKiBhcyBFY2RzYVBhaWxsaWVyUHJvb2YgZnJvbSAnLi9wYWlsbGllcnByb29mJztcbmV4cG9ydCAqIGFzIEVjZHNhWmtWUHJvb2YgZnJvbSAnLi96a1ZQcm9vZic7XG5cbmV4cG9ydCBjb25zdCBtaW5Nb2R1bHVzQml0TGVuZ3RoID0gMzA3MjtcbiJdfQ==
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
export declare const alpha = 319567;
|
|
2
|
+
export declare const m: number;
|
|
3
|
+
/**
|
|
4
|
+
* Generate a set of challenges $p$ for a given paillier public key modulus $n$.
|
|
5
|
+
* @param n - paillier public key modulus
|
|
6
|
+
* @returns {Promise<Array<bigint>>} - array of challenges $p_i$
|
|
7
|
+
*/
|
|
8
|
+
export declare function generateP(n: bigint): Promise<Array<bigint>>;
|
|
9
|
+
/**
|
|
10
|
+
* Generate a set of proofs $sigma$ for a given set of challenges $p$ using the paillier public key modulus $n$ and the private key $\lambda$.
|
|
11
|
+
* @param n - paillier public key modulus $n$
|
|
12
|
+
* @param lambda - private key $\lambda, which is the $\euler(N) = (p-1)(q-1)$
|
|
13
|
+
* @param p - array of challenges $p$
|
|
14
|
+
* @returns {Promise<Array<bigint>>} - array of proofs $\sigma$
|
|
15
|
+
*/
|
|
16
|
+
export declare function prove(n: bigint, lambda: bigint, p: Array<bigint>): bigint[];
|
|
17
|
+
/**
|
|
18
|
+
* Verify a set of proofs $\sigma$ on the modulus $n$ using the challenges $p$ that were provided to the prover to generate the proofs.
|
|
19
|
+
* @param n - paillier public key modulus $n$
|
|
20
|
+
* @param p - array of challenges $p$
|
|
21
|
+
* @param sigma - array of proofs $\sigma$
|
|
22
|
+
*/
|
|
23
|
+
export declare function verify(n: bigint, p: Array<bigint>, sigma: Array<bigint>): boolean;
|
|
24
|
+
//# sourceMappingURL=paillierproof.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"paillierproof.d.ts","sourceRoot":"","sources":["../../../../src/tss/ecdsa/paillierproof.ts"],"names":[],"mappings":"AAWA,eAAO,MAAM,KAAK,SAAS,CAAC;AAC5B,eAAO,MAAM,CAAC,QAAkC,CAAC;AAEjD;;;;GAIG;AACH,wBAAsB,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CASjE;AAED;;;;;;GAMG;AACH,wBAAgB,KAAK,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE,CAM3E;AAED;;;;;GAKG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,GAAG,OAAO,CAkCjF"}
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.verify = exports.prove = exports.generateP = exports.m = exports.alpha = void 0;
|
|
4
|
+
const bigint_crypto_utils_1 = require("bigint-crypto-utils");
|
|
5
|
+
const bigint_mod_arith_1 = require("bigint-mod-arith");
|
|
6
|
+
const util_1 = require("../../util");
|
|
7
|
+
const index_1 = require("./index");
|
|
8
|
+
const primes_1 = require("./primes");
|
|
9
|
+
// Security parameters.
|
|
10
|
+
const k = 128;
|
|
11
|
+
// eprint.iacr.org/2018/057.pdf#page6 section 5
|
|
12
|
+
// https://github.com/BitGo/BitGoJS/pull/3502#discussion_r1203070392
|
|
13
|
+
exports.alpha = 319567;
|
|
14
|
+
exports.m = Math.ceil(k / Math.log2(exports.alpha));
|
|
15
|
+
/**
|
|
16
|
+
* Generate a set of challenges $p$ for a given paillier public key modulus $n$.
|
|
17
|
+
* @param n - paillier public key modulus
|
|
18
|
+
* @returns {Promise<Array<bigint>>} - array of challenges $p_i$
|
|
19
|
+
*/
|
|
20
|
+
async function generateP(n) {
|
|
21
|
+
if (bigint_crypto_utils_1.bitLength(n) < index_1.minModulusBitLength) {
|
|
22
|
+
throw new Error(`modulus n must have a bit length larger than or equal to ${index_1.minModulusBitLength}`);
|
|
23
|
+
}
|
|
24
|
+
return Promise.all(Array(exports.m)
|
|
25
|
+
.fill(null)
|
|
26
|
+
.map(() => util_1.randomPositiveCoPrimeLessThan(n)));
|
|
27
|
+
}
|
|
28
|
+
exports.generateP = generateP;
|
|
29
|
+
/**
|
|
30
|
+
* Generate a set of proofs $sigma$ for a given set of challenges $p$ using the paillier public key modulus $n$ and the private key $\lambda$.
|
|
31
|
+
* @param n - paillier public key modulus $n$
|
|
32
|
+
* @param lambda - private key $\lambda, which is the $\euler(N) = (p-1)(q-1)$
|
|
33
|
+
* @param p - array of challenges $p$
|
|
34
|
+
* @returns {Promise<Array<bigint>>} - array of proofs $\sigma$
|
|
35
|
+
*/
|
|
36
|
+
function prove(n, lambda, p) {
|
|
37
|
+
if (!p.every((p_i) => p_i > 0)) {
|
|
38
|
+
throw new Error('All paillier challenge values must be positive.');
|
|
39
|
+
}
|
|
40
|
+
const n_inv = bigint_mod_arith_1.modInv(n, lambda);
|
|
41
|
+
return p.map((p_i) => bigint_mod_arith_1.modPow(p_i, n_inv, n));
|
|
42
|
+
}
|
|
43
|
+
exports.prove = prove;
|
|
44
|
+
/**
|
|
45
|
+
* Verify a set of proofs $\sigma$ on the modulus $n$ using the challenges $p$ that were provided to the prover to generate the proofs.
|
|
46
|
+
* @param n - paillier public key modulus $n$
|
|
47
|
+
* @param p - array of challenges $p$
|
|
48
|
+
* @param sigma - array of proofs $\sigma$
|
|
49
|
+
*/
|
|
50
|
+
function verify(n, p, sigma) {
|
|
51
|
+
if (!p.every((p_i) => p_i > 0)) {
|
|
52
|
+
throw new Error('All paillier challenge values must be positive.');
|
|
53
|
+
}
|
|
54
|
+
if (!sigma.every((sigma_i) => sigma_i > 0)) {
|
|
55
|
+
throw new Error('All paillier challenge proof values must be positive.');
|
|
56
|
+
}
|
|
57
|
+
// a) Check that $N$ is a positive integer and is not divisible by all
|
|
58
|
+
// the primes less than $\alpha$.
|
|
59
|
+
if (n <= 0) {
|
|
60
|
+
return false;
|
|
61
|
+
}
|
|
62
|
+
if (exports.alpha !== 319567) {
|
|
63
|
+
throw new Error('unsupported alpha value');
|
|
64
|
+
}
|
|
65
|
+
for (const prime of primes_1.primesSmallerThan319567) {
|
|
66
|
+
if (n % BigInt(prime) === BigInt(0)) {
|
|
67
|
+
return false;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
// b) Check that $\sigma_i$ is a positive integer $i = 1...m$.
|
|
71
|
+
if (sigma.length !== exports.m) {
|
|
72
|
+
return false;
|
|
73
|
+
}
|
|
74
|
+
if (!sigma.every((sigma_i) => sigma_i > 0)) {
|
|
75
|
+
return false;
|
|
76
|
+
}
|
|
77
|
+
// c) Verify that $p_i = \sigma_i^N \mod N$ for $i = 1...m$.
|
|
78
|
+
for (let i = 0; i < exports.m; i++) {
|
|
79
|
+
if (p[i] !== bigint_mod_arith_1.modPow(sigma[i], n, n)) {
|
|
80
|
+
return false;
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
return true;
|
|
84
|
+
}
|
|
85
|
+
exports.verify = verify;
|
|
86
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFpbGxpZXJwcm9vZi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy90c3MvZWNkc2EvcGFpbGxpZXJwcm9vZi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2REFBZ0Q7QUFDaEQsdURBQWtEO0FBRWxELHFDQUEyRDtBQUMzRCxtQ0FBOEM7QUFDOUMscUNBQW1EO0FBRW5ELHVCQUF1QjtBQUN2QixNQUFNLENBQUMsR0FBRyxHQUFHLENBQUM7QUFDZCwrQ0FBK0M7QUFDL0Msb0VBQW9FO0FBQ3ZELFFBQUEsS0FBSyxHQUFHLE1BQU0sQ0FBQztBQUNmLFFBQUEsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsYUFBSyxDQUFDLENBQUMsQ0FBQztBQUVqRDs7OztHQUlHO0FBQ0ksS0FBSyxVQUFVLFNBQVMsQ0FBQyxDQUFTO0lBQ3ZDLElBQUksK0JBQVMsQ0FBQyxDQUFDLENBQUMsR0FBRywyQkFBbUIsRUFBRTtRQUN0QyxNQUFNLElBQUksS0FBSyxDQUFDLDREQUE0RCwyQkFBbUIsRUFBRSxDQUFDLENBQUM7S0FDcEc7SUFDRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLEtBQUssQ0FBQyxTQUFDLENBQUM7U0FDTCxJQUFJLENBQUMsSUFBSSxDQUFDO1NBQ1YsR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDLG9DQUE2QixDQUFDLENBQUMsQ0FBQyxDQUFDLENBQy9DLENBQUM7QUFDSixDQUFDO0FBVEQsOEJBU0M7QUFFRDs7Ozs7O0dBTUc7QUFDSCxTQUFnQixLQUFLLENBQUMsQ0FBUyxFQUFFLE1BQWMsRUFBRSxDQUFnQjtJQUMvRCxJQUFJLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsR0FBRyxHQUFHLENBQUMsQ0FBQyxFQUFFO1FBQzlCLE1BQU0sSUFBSSxLQUFLLENBQUMsaURBQWlELENBQUMsQ0FBQztLQUNwRTtJQUNELE1BQU0sS0FBSyxHQUFHLHlCQUFNLENBQUMsQ0FBQyxFQUFFLE1BQU0sQ0FBQyxDQUFDO0lBQ2hDLE9BQU8sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMseUJBQU0sQ0FBQyxHQUFHLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7QUFDL0MsQ0FBQztBQU5ELHNCQU1DO0FBRUQ7Ozs7O0dBS0c7QUFDSCxTQUFnQixNQUFNLENBQUMsQ0FBUyxFQUFFLENBQWdCLEVBQUUsS0FBb0I7SUFDdEUsSUFBSSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsRUFBRTtRQUM5QixNQUFNLElBQUksS0FBSyxDQUFDLGlEQUFpRCxDQUFDLENBQUM7S0FDcEU7SUFDRCxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsT0FBTyxHQUFHLENBQUMsQ0FBQyxFQUFFO1FBQzFDLE1BQU0sSUFBSSxLQUFLLENBQUMsdURBQXVELENBQUMsQ0FBQztLQUMxRTtJQUNELHNFQUFzRTtJQUN0RSxpQ0FBaUM7SUFDakMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFO1FBQ1YsT0FBTyxLQUFLLENBQUM7S0FDZDtJQUNELElBQUksYUFBSyxLQUFLLE1BQU0sRUFBRTtRQUNwQixNQUFNLElBQUksS0FBSyxDQUFDLHlCQUF5QixDQUFDLENBQUM7S0FDNUM7SUFDRCxLQUFLLE1BQU0sS0FBSyxJQUFJLGdDQUF1QixFQUFFO1FBQzNDLElBQUksQ0FBQyxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxNQUFNLENBQUMsQ0FBQyxDQUFDLEVBQUU7WUFDbkMsT0FBTyxLQUFLLENBQUM7U0FDZDtLQUNGO0lBQ0QsOERBQThEO0lBQzlELElBQUksS0FBSyxDQUFDLE1BQU0sS0FBSyxTQUFDLEVBQUU7UUFDdEIsT0FBTyxLQUFLLENBQUM7S0FDZDtJQUNELElBQUksQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxDQUFDLEVBQUU7UUFDMUMsT0FBTyxLQUFLLENBQUM7S0FDZDtJQUNELDREQUE0RDtJQUM1RCxLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsU0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFO1FBQzFCLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLHlCQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRTtZQUNuQyxPQUFPLEtBQUssQ0FBQztTQUNkO0tBQ0Y7SUFDRCxPQUFPLElBQUksQ0FBQztBQUNkLENBQUM7QUFsQ0Qsd0JBa0NDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgYml0TGVuZ3RoIH0gZnJvbSAnYmlnaW50LWNyeXB0by11dGlscyc7XG5pbXBvcnQgeyBtb2RJbnYsIG1vZFBvdyB9IGZyb20gJ2JpZ2ludC1tb2QtYXJpdGgnO1xuXG5pbXBvcnQgeyByYW5kb21Qb3NpdGl2ZUNvUHJpbWVMZXNzVGhhbiB9IGZyb20gJy4uLy4uL3V0aWwnO1xuaW1wb3J0IHsgbWluTW9kdWx1c0JpdExlbmd0aCB9IGZyb20gJy4vaW5kZXgnO1xuaW1wb3J0IHsgcHJpbWVzU21hbGxlclRoYW4zMTk1NjcgfSBmcm9tICcuL3ByaW1lcyc7XG5cbi8vIFNlY3VyaXR5IHBhcmFtZXRlcnMuXG5jb25zdCBrID0gMTI4O1xuLy8gZXByaW50LmlhY3Iub3JnLzIwMTgvMDU3LnBkZiNwYWdlNiBzZWN0aW9uIDVcbi8vIGh0dHBzOi8vZ2l0aHViLmNvbS9CaXRHby9CaXRHb0pTL3B1bGwvMzUwMiNkaXNjdXNzaW9uX3IxMjAzMDcwMzkyXG5leHBvcnQgY29uc3QgYWxwaGEgPSAzMTk1Njc7XG5leHBvcnQgY29uc3QgbSA9IE1hdGguY2VpbChrIC8gTWF0aC5sb2cyKGFscGhhKSk7XG5cbi8qKlxuICogR2VuZXJhdGUgYSBzZXQgb2YgY2hhbGxlbmdlcyAkcCQgZm9yIGEgZ2l2ZW4gcGFpbGxpZXIgcHVibGljIGtleSBtb2R1bHVzICRuJC5cbiAqIEBwYXJhbSBuIC0gcGFpbGxpZXIgcHVibGljIGtleSBtb2R1bHVzXG4gKiBAcmV0dXJucyB7UHJvbWlzZTxBcnJheTxiaWdpbnQ+Pn0gLSBhcnJheSBvZiBjaGFsbGVuZ2VzICRwX2kkXG4gKi9cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBnZW5lcmF0ZVAobjogYmlnaW50KTogUHJvbWlzZTxBcnJheTxiaWdpbnQ+PiB7XG4gIGlmIChiaXRMZW5ndGgobikgPCBtaW5Nb2R1bHVzQml0TGVuZ3RoKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBtb2R1bHVzIG4gbXVzdCBoYXZlIGEgYml0IGxlbmd0aCBsYXJnZXIgdGhhbiBvciBlcXVhbCB0byAke21pbk1vZHVsdXNCaXRMZW5ndGh9YCk7XG4gIH1cbiAgcmV0dXJuIFByb21pc2UuYWxsKFxuICAgIEFycmF5KG0pXG4gICAgICAuZmlsbChudWxsKVxuICAgICAgLm1hcCgoKSA9PiByYW5kb21Qb3NpdGl2ZUNvUHJpbWVMZXNzVGhhbihuKSlcbiAgKTtcbn1cblxuLyoqXG4gKiBHZW5lcmF0ZSBhIHNldCBvZiBwcm9vZnMgJHNpZ21hJCBmb3IgYSBnaXZlbiBzZXQgb2YgY2hhbGxlbmdlcyAkcCQgdXNpbmcgdGhlIHBhaWxsaWVyIHB1YmxpYyBrZXkgbW9kdWx1cyAkbiQgYW5kIHRoZSBwcml2YXRlIGtleSAkXFxsYW1iZGEkLlxuICogQHBhcmFtIG4gLSBwYWlsbGllciBwdWJsaWMga2V5IG1vZHVsdXMgJG4kXG4gKiBAcGFyYW0gbGFtYmRhIC0gcHJpdmF0ZSBrZXkgJFxcbGFtYmRhLCAgd2hpY2ggaXMgdGhlICRcXGV1bGVyKE4pID0gKHAtMSkocS0xKSRcbiAqIEBwYXJhbSBwIC0gYXJyYXkgb2YgY2hhbGxlbmdlcyAkcCRcbiAqIEByZXR1cm5zIHtQcm9taXNlPEFycmF5PGJpZ2ludD4+fSAtIGFycmF5IG9mIHByb29mcyAkXFxzaWdtYSRcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHByb3ZlKG46IGJpZ2ludCwgbGFtYmRhOiBiaWdpbnQsIHA6IEFycmF5PGJpZ2ludD4pOiBiaWdpbnRbXSB7XG4gIGlmICghcC5ldmVyeSgocF9pKSA9PiBwX2kgPiAwKSkge1xuICAgIHRocm93IG5ldyBFcnJvcignQWxsIHBhaWxsaWVyIGNoYWxsZW5nZSB2YWx1ZXMgbXVzdCBiZSBwb3NpdGl2ZS4nKTtcbiAgfVxuICBjb25zdCBuX2ludiA9IG1vZEludihuLCBsYW1iZGEpO1xuICByZXR1cm4gcC5tYXAoKHBfaSkgPT4gbW9kUG93KHBfaSwgbl9pbnYsIG4pKTtcbn1cblxuLyoqXG4gKiBWZXJpZnkgYSBzZXQgb2YgcHJvb2ZzICRcXHNpZ21hJCBvbiB0aGUgbW9kdWx1cyAkbiQgdXNpbmcgdGhlIGNoYWxsZW5nZXMgJHAkIHRoYXQgd2VyZSBwcm92aWRlZCB0byB0aGUgcHJvdmVyIHRvIGdlbmVyYXRlIHRoZSBwcm9vZnMuXG4gKiBAcGFyYW0gbiAtIHBhaWxsaWVyIHB1YmxpYyBrZXkgbW9kdWx1cyAkbiRcbiAqIEBwYXJhbSBwIC0gYXJyYXkgb2YgY2hhbGxlbmdlcyAkcCRcbiAqIEBwYXJhbSBzaWdtYSAtIGFycmF5IG9mIHByb29mcyAkXFxzaWdtYSRcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHZlcmlmeShuOiBiaWdpbnQsIHA6IEFycmF5PGJpZ2ludD4sIHNpZ21hOiBBcnJheTxiaWdpbnQ+KTogYm9vbGVhbiB7XG4gIGlmICghcC5ldmVyeSgocF9pKSA9PiBwX2kgPiAwKSkge1xuICAgIHRocm93IG5ldyBFcnJvcignQWxsIHBhaWxsaWVyIGNoYWxsZW5nZSB2YWx1ZXMgbXVzdCBiZSBwb3NpdGl2ZS4nKTtcbiAgfVxuICBpZiAoIXNpZ21hLmV2ZXJ5KChzaWdtYV9pKSA9PiBzaWdtYV9pID4gMCkpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoJ0FsbCBwYWlsbGllciBjaGFsbGVuZ2UgcHJvb2YgdmFsdWVzIG11c3QgYmUgcG9zaXRpdmUuJyk7XG4gIH1cbiAgLy8gYSkgQ2hlY2sgdGhhdCAkTiQgaXMgYSBwb3NpdGl2ZSBpbnRlZ2VyIGFuZCBpcyBub3QgZGl2aXNpYmxlIGJ5IGFsbFxuICAvLyB0aGUgcHJpbWVzIGxlc3MgdGhhbiAkXFxhbHBoYSQuXG4gIGlmIChuIDw9IDApIHtcbiAgICByZXR1cm4gZmFsc2U7XG4gIH1cbiAgaWYgKGFscGhhICE9PSAzMTk1NjcpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoJ3Vuc3VwcG9ydGVkIGFscGhhIHZhbHVlJyk7XG4gIH1cbiAgZm9yIChjb25zdCBwcmltZSBvZiBwcmltZXNTbWFsbGVyVGhhbjMxOTU2Nykge1xuICAgIGlmIChuICUgQmlnSW50KHByaW1lKSA9PT0gQmlnSW50KDApKSB7XG4gICAgICByZXR1cm4gZmFsc2U7XG4gICAgfVxuICB9XG4gIC8vIGIpIENoZWNrIHRoYXQgJFxcc2lnbWFfaSQgaXMgYSBwb3NpdGl2ZSBpbnRlZ2VyICRpID0gMS4uLm0kLlxuICBpZiAoc2lnbWEubGVuZ3RoICE9PSBtKSB7XG4gICAgcmV0dXJuIGZhbHNlO1xuICB9XG4gIGlmICghc2lnbWEuZXZlcnkoKHNpZ21hX2kpID0+IHNpZ21hX2kgPiAwKSkge1xuICAgIHJldHVybiBmYWxzZTtcbiAgfVxuICAvLyBjKSBWZXJpZnkgdGhhdCAkcF9pID0gXFxzaWdtYV9pXk4gXFxtb2QgTiQgZm9yICRpID0gMS4uLm0kLlxuICBmb3IgKGxldCBpID0gMDsgaSA8IG07IGkrKykge1xuICAgIGlmIChwW2ldICE9PSBtb2RQb3coc2lnbWFbaV0sIG4sIG4pKSB7XG4gICAgICByZXR1cm4gZmFsc2U7XG4gICAgfVxuICB9XG4gIHJldHVybiB0cnVlO1xufVxuIl19
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"primes.d.ts","sourceRoot":"","sources":["../../../../src/tss/ecdsa/primes.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uBAAuB,UAizDnC,CAAC"}
|