Assert that t <= n/2 and modify the test and docs accordingly

ZenGo-X · Nov 2, 2021 · 9425c29 · 9425c29
1 parent dc7e937
commit 9425c29
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -15,7 +15,7 @@ Rushing adversary is a common assumption in Multiparty Computation (MPC). In FS-
 in this write-up we show how by adjusting FS-DKG to key rotation for threshold ecdsa the above shortcomings are avoided.
 
 ## Our Model
-We use standard proactive security assumptions. The protocol will be run by $n$ parties. We assume honest majority, that is, number of corruptions is $t<n/2$. The adversary is malicious, and rushing. 
+We use standard proactive security assumptions. The protocol will be run by $n$ parties. We assume honest majority, that is, number of corruptions is $t<=n/2$. The adversary is malicious, and rushing.
 For communication, the parties have access to a broadcast channel (can be implemented via a bulletin board).
 For threshold ECDSA, we focus on [GG20](https://eprint.iacr.org/2020/540.pdf) protocol, currently considered state of the art and most widely deployed threshold ecdsa scheme (e.g. [multi-party-ecdsa](https://github.com/ZenGo-X/multi-party-ecdsa), [tss-lib](https://github.com/binance-chain/tss-lib)). 
 

diff --git a/src/lib.rs b/src/lib.rs
@@ -3,7 +3,7 @@
 //! FS-DKR is a protocol for rotation of threshold ECDSA keys.
 //!
 //! We use standard proactive security assumptions. The protocol will be run
-//! by $n$ parties. We assume honest majority, that is, number of corruptions is $t<n/2$.
+//! by $n$ parties. We assume honest majority, that is, number of corruptions is $t<=n/2$.
 //! The adversary is malicious, and rushing. For communication, the parties have access
 //! to a broadcast channel (can be implemented via a bulletin board). For threshold ECDSA,
 //! we focus on GG20 protocol, currently considered state of the art and most widely deployed

diff --git a/src/refresh_message.rs b/src/refresh_message.rs
@@ -40,6 +40,7 @@ impl<P> RefreshMessage<P> {
         P: ECPoint + Clone + Zeroize,
         P::Scalar: PartialEq + Clone + Debug + Zeroize,
     {
+        assert!(local_key.t <= local_key.n / 2);
         let secret = local_key.keys_linear.x_i.clone();
         // secret share old key
         let (vss_scheme, secret_shares) =

diff --git a/src/test.rs b/src/test.rs
@@ -28,7 +28,7 @@ mod tests {
     fn test1() {
         //simulate keygen
         let t = 3;
-        let n = 5;
+        let n = 6;
         let mut keys = simulate_keygen(t, n);
 
         let old_keys = keys.clone();