Add mock dkg (#736)

MystenLabs · Feb 28, 2024 · 812767c · 812767c
1 parent a6ff7df
commit 812767c
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 1 deletion.
diff --git a/fastcrypto-tbls/src/lib.rs b/fastcrypto-tbls/src/lib.rs
@@ -14,6 +14,7 @@
 pub mod dkg;
 pub mod dl_verification;
 pub mod ecies;
+pub mod mocked_dkg;
 pub mod nizk;
 pub mod nodes;
 pub mod polynomial;

diff --git a/fastcrypto-tbls/src/mocked_dkg.rs b/fastcrypto-tbls/src/mocked_dkg.rs
@@ -0,0 +1,36 @@
+// Copyright (c) 2022, Mysten Labs, Inc.
+// SPDX-License-Identifier: Apache-2.0
+
+use crate::dkg::Output;
+use crate::nodes::{Nodes, PartyId};
+use crate::polynomial::PrivatePoly;
+use fastcrypto::groups::GroupElement;
+use serde::Serialize;
+
+/// Emulates the output of an insecure DKG protocol.
+pub fn generate_mocked_output<G: GroupElement + Serialize, EG: GroupElement + Serialize>(
+    nodes: Nodes<EG>,
+    t: u32,
+    full_private_key: u128,
+    party: PartyId,
+) -> Output<G, EG> {
+    let mut coefficients: Vec<G::ScalarType> = (0..t)
+        .map(|i| G::ScalarType::from((i + 1) as u128))
+        .collect();
+    *coefficients.get_mut(0).unwrap() = G::ScalarType::from(full_private_key);
+
+    let poly = PrivatePoly::<G::ScalarType>::from(coefficients);
+    let vss_pk = poly.commit();
+
+    let shares = nodes
+        .share_ids_of(party)
+        .iter()
+        .map(|sid| poly.eval(*sid))
+        .collect();
+
+    Output {
+        nodes,
+        vss_pk,
+        shares: Some(shares),
+    }
+}
diff --git a/fastcrypto-tbls/src/tests/dkg_tests.rs b/fastcrypto-tbls/src/tests/dkg_tests.rs
@@ -1,10 +1,12 @@
 // Copyright (c) 2022, Mysten Labs, Inc.
 // SPDX-License-Identifier: Apache-2.0
 
-use crate::dkg::{Message, Party, ProcessedMessage};
+use crate::dkg::{Message, Output, Party, ProcessedMessage};
 use crate::ecies;
 use crate::ecies::{MultiRecipientEncryption, PublicKey};
+use crate::mocked_dkg::generate_mocked_output;
 use crate::nodes::{Node, Nodes, PartyId};
+use crate::polynomial::Poly;
 use crate::random_oracle::RandomOracle;
 use crate::tbls::ThresholdBls;
 use crate::types::ThresholdBls12381MinSig;
@@ -570,3 +572,36 @@ fn create_message_generates_valid_message() {
     assert_eq!(msg.encrypted_shares.len(), 4);
     assert_eq!(msg.vss_pk.degree(), 2);
 }
+
+#[test]
+fn test_mock() {
+    let (_, nodes) = gen_keys_and_nodes(4);
+    let sk = 321;
+    let t: u32 = 6;
+    let p0: Output<G, EG> = generate_mocked_output(nodes.clone(), 5, sk, 0);
+    let p1: Output<G, EG> = generate_mocked_output(nodes.clone(), 5, sk, 1);
+    let p2: Output<G, EG> = generate_mocked_output(nodes.clone(), 5, sk, 2);
+    let p3: Output<G, EG> = generate_mocked_output(nodes.clone(), 5, sk, 3);
+
+    assert_eq!(p0.vss_pk, p1.vss_pk);
+    assert_eq!(p0.vss_pk, p2.vss_pk);
+    assert_eq!(p0.vss_pk, p3.vss_pk);
+
+    let shares = p0
+        .shares
+        .unwrap()
+        .iter()
+        .chain(p1.shares.unwrap().iter())
+        .chain(p2.shares.unwrap().iter())
+        .chain(p3.shares.unwrap().iter())
+        .cloned()
+        .collect::<Vec<_>>();
+
+    let shares = shares.iter().take(t as usize);
+
+    let recovered_sk = Poly::<
+        <fastcrypto::groups::bls12381::G2Element as fastcrypto::groups::GroupElement>::ScalarType,
+    >::recover_c0(t, shares.into_iter())
+    .unwrap();
+    assert_eq!(recovered_sk, sk.into());
+}