Skip to content

Commit

Permalink
fix: prevent precomputed shares from being created with inapprioriate…
Browse files Browse the repository at this point in the history
… variant
  • Loading branch information
piotr-roslaniec committed Jan 19, 2024
1 parent e79b4e5 commit aebaab3
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 40 deletions.
24 changes: 8 additions & 16 deletions ferveo-wasm/examples/node/src/main.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,8 @@ const genEthAddr = (i: number) => {
return EthereumAddress.fromString(ethAddr);
};

function setupTest() {
const tau = 1;
const sharesNum = 4;
const threshold = Math.floor((sharesNum * 2) / 3);

const tau = 1;
function setupTest(sharesNum :number, threshold: number) {
const validatorKeypairs: Keypair[] = [];
const validators: Validator[] = [];
for (let i = 0; i < sharesNum; i++) {
Expand Down Expand Up @@ -63,9 +60,6 @@ function setupTest() {
const ciphertext = ferveoEncrypt(msg, aad, dkg.publicKey());

return {
tau,
sharesNum,
threshold,
validatorKeypairs,
validators,
dkg,
Expand All @@ -79,17 +73,16 @@ function setupTest() {
// This test suite replicates tests from ferveo-wasm/tests/node.rs
describe("ferveo-wasm", () => {
it("simple tdec variant", () => {
const sharesNum = 4;
const threshold = 3;
const {
tau,
sharesNum,
threshold,
validatorKeypairs,
validators,
messages,
msg,
aad,
ciphertext,
} = setupTest();
} = setupTest(sharesNum, threshold);

// Having aggregated the transcripts, the validators can now create decryption shares
const decryptionShares: DecryptionShareSimple[] = [];
Expand Down Expand Up @@ -128,17 +121,16 @@ describe("ferveo-wasm", () => {
});

it("precomputed tdec variant", () => {
const sharesNum = 4;
const threshold = sharesNum; // threshold is equal to sharesNum in precomputed variant
const {
tau,
sharesNum,
threshold,
validatorKeypairs,
validators,
messages,
msg,
aad,
ciphertext,
} = setupTest();
} = setupTest(sharesNum, threshold);

// Having aggregated the transcripts, the validators can now create decryption shares
const decryptionShares: DecryptionSharePrecomputed[] = [];
Expand Down
34 changes: 12 additions & 22 deletions ferveo-wasm/tests/node.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,6 @@ use itertools::zip_eq;
use wasm_bindgen_test::*;

type TestSetup = (
u32,
u32,
u32,
Vec<Keypair>,
Vec<Validator>,
ValidatorArray,
Expand All @@ -19,11 +16,9 @@ type TestSetup = (
Ciphertext,
);

fn setup_dkg() -> TestSetup {
let tau = 1;
let shares_num: u32 = 16;
let security_threshold = shares_num * 2 / 3;
const TAU: u32 = 0;

fn setup_dkg(shares_num: u32, security_threshold: u32) -> TestSetup {
let validator_keypairs = (0..shares_num as usize)
.map(gen_keypair)
.collect::<Vec<Keypair>>();
Expand All @@ -38,7 +33,7 @@ fn setup_dkg() -> TestSetup {
// validator, including themselves
let messages = validators.iter().map(|sender| {
let dkg = Dkg::new(
tau,
TAU,
shares_num,
security_threshold,
&validators_js,
Expand All @@ -54,7 +49,7 @@ fn setup_dkg() -> TestSetup {
// every validator can aggregate the transcripts

let mut dkg = Dkg::new(
tau,
TAU,
shares_num,
security_threshold,
&validators_js,
Expand All @@ -80,9 +75,6 @@ fn setup_dkg() -> TestSetup {
let ciphertext = ferveo_encrypt(&msg, &aad, &dkg.public_key()).unwrap();

(
tau,
shares_num,
security_threshold,
validator_keypairs,
validators,
validators_js,
Expand All @@ -95,24 +87,23 @@ fn setup_dkg() -> TestSetup {

#[wasm_bindgen_test]
fn tdec_simple() {
let shares_num = 16;
let security_threshold = 10;
let (
tau,
shares_num,
security_threshold,
validator_keypairs,
validators,
validators_js,
messages_js,
msg,
aad,
ciphertext,
) = setup_dkg();
) = setup_dkg(shares_num, security_threshold);

// Having aggregated the transcripts, the validators can now create decryption shares
let decryption_shares = zip_eq(validators, validator_keypairs)
.map(|(validator, keypair)| {
let mut dkg = Dkg::new(
tau,
TAU,
shares_num,
security_threshold,
&validators_js,
Expand Down Expand Up @@ -149,24 +140,23 @@ fn tdec_simple() {

#[wasm_bindgen_test]
fn tdec_precomputed() {
let shares_num = 16;
let security_threshold = shares_num; // Must be equal to shares_num in precomputed variant
let (
tau,
shares_num,
security_threshold,
validator_keypairs,
validators,
validators_js,
messages_js,
msg,
aad,
ciphertext,
) = setup_dkg();
) = setup_dkg(shares_num, security_threshold);

// Having aggregated the transcripts, the validators can now create decryption shares
let decryption_shares = zip_eq(validators, validator_keypairs)
.map(|(validator, keypair)| {
let mut dkg = Dkg::new(
tau,
TAU,
shares_num,
security_threshold,
&validators_js,
Expand Down
10 changes: 8 additions & 2 deletions ferveo/src/api.rs
Original file line number Diff line number Diff line change
Expand Up @@ -309,6 +309,14 @@ impl AggregatedTranscript {
aad: &[u8],
validator_keypair: &Keypair,
) -> Result<DecryptionSharePrecomputed> {
if dkg.0.dkg_params.shares_num()
!= dkg.0.dkg_params.security_threshold()
{
return Err(Error::InvalidDkgParametersForPrecomputedVariant(
dkg.0.dkg_params.shares_num(),
dkg.0.dkg_params.security_threshold(),
));
}
let domain_points: Vec<_> = dkg
.0
.domain
Expand Down Expand Up @@ -455,8 +463,6 @@ mod test_ferveo_api {
let rng = &mut StdRng::seed_from_u64(0);

// In precomputed variant, the security threshold is equal to the number of shares
// TODO: Refactor DKG constructor to not require security threshold or this case.
// Or figure out a different way to simplify the precomputed variant API.
let security_threshold = shares_num;

let (messages, validators, validator_keypairs) =
Expand Down
5 changes: 5 additions & 0 deletions ferveo/src/bindings_python.rs
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,11 @@ impl From<FerveoPythonError> for PyErr {
"{index}"
))
},
Error::InvalidDkgParametersForPrecomputedVariant(num_shares, security_threshold) => {
InvalidDkgParameters::new_err(format!(
"num_shares: {num_shares}, security_threshold: {security_threshold}"
))
},
},
_ => default(),
}
Expand Down
4 changes: 4 additions & 0 deletions ferveo/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,10 @@ pub enum Error {
/// Failed to access a share for a given share index
#[error("Invalid share index: {0}")]
InvalidShareIndex(u32),

/// Failed to produce a precomputed variant decryption share
#[error("Invalid DKG parameters for precomputed variant: number of shares {0}, threshold {1}")]
InvalidDkgParametersForPrecomputedVariant(u32, u32),
}

pub type Result<T> = std::result::Result<T, Error>;
Expand Down

0 comments on commit aebaab3

Please sign in to comment.