change types from coconut to ecash types
This commit is contained in:
@@ -78,6 +78,8 @@ zeroize = { workspace = true }
|
||||
nym-bandwidth-controller = { path = "../common/bandwidth-controller" }
|
||||
nym-coconut-bandwidth-contract-common = { path = "../common/cosmwasm-smart-contracts/coconut-bandwidth-contract" }
|
||||
nym-coconut-dkg-common = { path = "../common/cosmwasm-smart-contracts/coconut-dkg" }
|
||||
nym-compact-ecash = { path = "../common/nym_offline_compact_ecash" }
|
||||
nym-credentials-interface = { path = "../common/credentials-interface" }
|
||||
#nym-ephemera-common = { path = "../common/cosmwasm-smart-contracts/ephemera" }
|
||||
nym-config = { path = "../common/config" }
|
||||
cosmwasm-std = { workspace = true }
|
||||
|
||||
@@ -24,6 +24,7 @@ ecdsa = { version = "0.16", features = ["serde"] }
|
||||
nym-credentials-interface = { path = "../../common/credentials-interface" }
|
||||
nym-crypto = { path = "../../common/crypto", features = ["serde", "asymmetric"] }
|
||||
|
||||
nym-compact-ecash = { path = "../../common/nym_offline_compact_ecash" }
|
||||
nym-mixnet-contract-common = { path = "../../common/cosmwasm-smart-contracts/mixnet-contract" }
|
||||
nym-node-requests = { path = "../../nym-node/nym-node-requests", default-features = false }
|
||||
|
||||
|
||||
@@ -187,11 +187,11 @@ impl FreePassRequest {
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
pub struct VerificationKeyResponse {
|
||||
pub key: VerificationKey,
|
||||
pub key: VerificationKeyAuth,
|
||||
}
|
||||
|
||||
impl VerificationKeyResponse {
|
||||
pub fn new(key: VerificationKey) -> VerificationKeyResponse {
|
||||
pub fn new(key: VerificationKeyAuth) -> VerificationKeyResponse {
|
||||
VerificationKeyResponse { key }
|
||||
}
|
||||
}
|
||||
|
||||
+10
-10
@@ -4,10 +4,10 @@
|
||||
use crate::coconut::error::Result;
|
||||
use crate::nyxd;
|
||||
use crate::support::nyxd::ClientInner;
|
||||
use nym_coconut::VerificationKey;
|
||||
use nym_coconut_dkg_common::types::{Epoch, EpochId};
|
||||
use nym_credentials::coconut::utils::obtain_aggregate_verification_key;
|
||||
use nym_validator_client::coconut::all_coconut_api_clients;
|
||||
use nym_compact_ecash::VerificationKeyAuth;
|
||||
use nym_credentials::obtain_aggregate_verification_key;
|
||||
use nym_validator_client::coconut::all_ecash_api_clients;
|
||||
use nym_validator_client::nyxd::contract_traits::DkgQueryClient;
|
||||
use std::cmp::min;
|
||||
use std::collections::HashMap;
|
||||
@@ -18,7 +18,7 @@ use tokio::sync::RwLock;
|
||||
#[async_trait]
|
||||
pub trait APICommunicationChannel {
|
||||
async fn current_epoch(&self) -> Result<EpochId>;
|
||||
async fn aggregated_verification_key(&self, epoch_id: EpochId) -> Result<VerificationKey>;
|
||||
async fn aggregated_verification_key(&self, epoch_id: EpochId) -> Result<VerificationKeyAuth>;
|
||||
}
|
||||
|
||||
struct CachedEpoch {
|
||||
@@ -63,7 +63,7 @@ impl CachedEpoch {
|
||||
pub(crate) struct QueryCommunicationChannel {
|
||||
nyxd_client: nyxd::Client,
|
||||
|
||||
epoch_keys: RwLock<HashMap<EpochId, VerificationKey>>,
|
||||
epoch_keys: RwLock<HashMap<EpochId, VerificationKeyAuth>>,
|
||||
cached_epoch: RwLock<CachedEpoch>,
|
||||
}
|
||||
|
||||
@@ -99,18 +99,18 @@ impl APICommunicationChannel for QueryCommunicationChannel {
|
||||
return Ok(guard.current_epoch_id);
|
||||
}
|
||||
|
||||
async fn aggregated_verification_key(&self, epoch_id: EpochId) -> Result<VerificationKey> {
|
||||
async fn aggregated_verification_key(&self, epoch_id: EpochId) -> Result<VerificationKeyAuth> {
|
||||
if let Some(vk) = self.epoch_keys.read().await.get(&epoch_id) {
|
||||
return Ok(vk.clone());
|
||||
}
|
||||
|
||||
let mut guard = self.epoch_keys.write().await;
|
||||
let coconut_api_clients = match self.nyxd_client.read().await.deref() {
|
||||
ClientInner::Query(client) => all_coconut_api_clients(client, epoch_id).await?,
|
||||
ClientInner::Signing(client) => all_coconut_api_clients(client, epoch_id).await?,
|
||||
let ecash_api_clients = match self.nyxd_client.read().await.deref() {
|
||||
ClientInner::Query(client) => all_ecash_api_clients(client, epoch_id).await?,
|
||||
ClientInner::Signing(client) => all_ecash_api_clients(client, epoch_id).await?,
|
||||
};
|
||||
|
||||
let vk = obtain_aggregate_verification_key(&coconut_api_clients)?;
|
||||
let vk = obtain_aggregate_verification_key(&ecash_api_clients)?;
|
||||
|
||||
guard.insert(epoch_id, vk.clone());
|
||||
|
||||
|
||||
@@ -475,8 +475,8 @@ pub(crate) mod tests {
|
||||
dealers_fixtures, test_rng, TestingDkgControllerBuilder,
|
||||
};
|
||||
use crate::coconut::tests::helpers::unchecked_decode_bte_key;
|
||||
use nym_coconut::{ttp_keygen, Parameters};
|
||||
use nym_coconut_dkg_common::types::DealerRegistrationDetails;
|
||||
use nym_compact_ecash::{setup::GroupParameters, ttp_keygen};
|
||||
use nym_dkg::bte::PublicKeyWithProof;
|
||||
|
||||
#[tokio::test]
|
||||
@@ -619,7 +619,7 @@ pub(crate) mod tests {
|
||||
|
||||
let epoch = 1;
|
||||
|
||||
let mut keys = ttp_keygen(&Parameters::new(4).unwrap(), 3, 4).unwrap();
|
||||
let mut keys = ttp_keygen(&GroupParameters::new(), 3, 4).unwrap();
|
||||
let coconut_keypair = KeyPair::new();
|
||||
coconut_keypair
|
||||
.set(KeyPairWithEpoch::new(keys.pop().unwrap(), epoch))
|
||||
@@ -676,7 +676,7 @@ pub(crate) mod tests {
|
||||
|
||||
let epoch = 1;
|
||||
|
||||
let mut keys = ttp_keygen(&Parameters::new(4).unwrap(), 3, 4).unwrap();
|
||||
let mut keys = ttp_keygen(&GroupParameters::new(), 3, 4).unwrap();
|
||||
let coconut_keypair = KeyPair::new();
|
||||
coconut_keypair
|
||||
.set(KeyPairWithEpoch::new(keys.pop().unwrap(), epoch - 1))
|
||||
|
||||
@@ -10,10 +10,11 @@ use crate::coconut::keys::KeyPairWithEpoch;
|
||||
use crate::coconut::state::bandwidth_credential_params;
|
||||
use cosmwasm_std::Addr;
|
||||
use log::debug;
|
||||
use nym_coconut::KeyPair as CoconutKeyPair;
|
||||
use nym_coconut::{check_vk_pairing, Base58, SecretKey, VerificationKey};
|
||||
use nym_coconut_dkg_common::event_attributes::DKG_PROPOSAL_ID;
|
||||
use nym_coconut_dkg_common::types::{DealingIndex, EpochId, NodeIndex};
|
||||
use nym_compact_ecash::scheme::keygen::SecretKeyAuth;
|
||||
use nym_compact_ecash::utils::check_vk_pairing;
|
||||
use nym_compact_ecash::{Base58, KeyPairAuth, VerificationKeyAuth};
|
||||
use nym_dkg::{
|
||||
bte::{self, decrypt_share},
|
||||
combine_shares, try_recover_verification_keys, Dealing,
|
||||
@@ -75,7 +76,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
dealer: &Addr,
|
||||
epoch_receivers: &BTreeMap<NodeIndex, bte::PublicKey>,
|
||||
raw_dealings: HashMap<DealingIndex, Vec<u8>>,
|
||||
prior_public_key: Option<VerificationKey>,
|
||||
prior_public_key: Option<VerificationKeyAuth>,
|
||||
) -> Result<Result<Vec<(DealingIndex, Dealing)>, DealerRejectionReason>, KeyDerivationError>
|
||||
{
|
||||
let threshold = self.state.threshold(epoch_id)?;
|
||||
@@ -155,7 +156,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
&self,
|
||||
epoch_id: EpochId,
|
||||
dealer: &Addr,
|
||||
) -> Result<Option<VerificationKey>, KeyDerivationError> {
|
||||
) -> Result<Option<VerificationKeyAuth>, KeyDerivationError> {
|
||||
let Some(previous_epoch) = epoch_id.checked_sub(1) else {
|
||||
return Err(KeyDerivationError::ZerothEpochResharing);
|
||||
};
|
||||
@@ -176,7 +177,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
// since this share appears as 'verified' on the chain, it means the consensus of dealers confirmed its validity
|
||||
// and thus they must have been able to parse it, so the unwrap/expect here is fine
|
||||
Ok(Some(
|
||||
VerificationKey::try_from_bs58(&share.share)
|
||||
VerificationKeyAuth::try_from_bs58(&share.share)
|
||||
.expect("failed to deserialize VERIFIED key"),
|
||||
))
|
||||
}
|
||||
@@ -424,8 +425,8 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
// SAFETY:
|
||||
// we know we had a non-empty map of dealings and thus, at the very least, we must have derived a single secret
|
||||
// (i.e. the x-element)
|
||||
let sk = SecretKey::create_from_raw(derived_x.unwrap(), derived_secrets);
|
||||
let derived_vk = sk.verification_key(bandwidth_credential_params());
|
||||
let sk = SecretKeyAuth::create_from_raw(derived_x.unwrap(), derived_secrets);
|
||||
let derived_vk = sk.verification_key(bandwidth_credential_params().grp());
|
||||
|
||||
// make the key we derived out of the decrypted shares matches the partial key
|
||||
// (cryptographically there shouldn't be any reason for the mismatch,
|
||||
@@ -436,21 +437,25 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
.derived_partials_for(receiver_index)
|
||||
.ok_or(KeyDerivationError::NoSelfPartialKey { receiver_index })?;
|
||||
|
||||
if !check_vk_pairing(bandwidth_credential_params(), &derived_partial, &derived_vk) {
|
||||
if !check_vk_pairing(
|
||||
bandwidth_credential_params().grp(),
|
||||
&derived_partial,
|
||||
&derived_vk,
|
||||
) {
|
||||
// can't do anything, we got all dealings, we derived all keys, but somehow they don't match
|
||||
error!("our derived key does not match the expected partials!");
|
||||
return Ok(Err(DerivationFailure::MismatchedPartialKey));
|
||||
}
|
||||
|
||||
Ok(Ok(KeyPairWithEpoch::new(
|
||||
CoconutKeyPair::from_keys(sk, derived_vk),
|
||||
KeyPairAuth::from_keys(sk, derived_vk),
|
||||
epoch_id,
|
||||
)))
|
||||
}
|
||||
|
||||
async fn submit_partial_verification_key(
|
||||
&self,
|
||||
key: &VerificationKey,
|
||||
key: &VerificationKeyAuth,
|
||||
resharing: bool,
|
||||
) -> Result<u64, KeyDerivationError> {
|
||||
fn extract_proposal_id_from_logs(
|
||||
@@ -558,7 +563,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
debug!("we have already generated keys for this epoch but failed to send them to the contract");
|
||||
|
||||
let proposal_id = self
|
||||
.submit_partial_verification_key(keys.keys.verification_key(), resharing)
|
||||
.submit_partial_verification_key(&keys.keys.verification_key(), resharing)
|
||||
.await?;
|
||||
Ok(Some(proposal_id))
|
||||
} else {
|
||||
@@ -657,7 +662,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
}
|
||||
|
||||
let proposal_id = self
|
||||
.submit_partial_verification_key(coconut_keypair.keys.verification_key(), resharing)
|
||||
.submit_partial_verification_key(&coconut_keypair.keys.verification_key(), resharing)
|
||||
.await?;
|
||||
|
||||
self.state.set_coconut_keypair(coconut_keypair).await;
|
||||
|
||||
@@ -6,9 +6,9 @@ use crate::coconut::error::CoconutError;
|
||||
use crate::coconut::state::bandwidth_credential_params;
|
||||
use cosmwasm_std::Addr;
|
||||
use cw3::Vote;
|
||||
use nym_coconut::{check_vk_pairing, Base58, VerificationKey};
|
||||
use nym_coconut_dkg_common::types::EpochId;
|
||||
use nym_coconut_dkg_common::verification_key::ContractVKShare;
|
||||
use nym_compact_ecash::{utils::check_vk_pairing, Base58, VerificationKeyAuth};
|
||||
use rand::{CryptoRng, RngCore};
|
||||
use std::collections::HashMap;
|
||||
use thiserror::Error;
|
||||
@@ -45,7 +45,7 @@ pub enum ShareRejectionReason {
|
||||
epoch_id: EpochId,
|
||||
owner: Addr,
|
||||
#[source]
|
||||
source: nym_coconut::CoconutError,
|
||||
source: nym_compact_ecash::error::CompactEcashError,
|
||||
},
|
||||
|
||||
#[error("did not derive partial keys for {owner} at index {receiver_index} for epoch {epoch_id} during the dealings exchange")]
|
||||
@@ -95,7 +95,7 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
};
|
||||
|
||||
// attempt to recover the underlying key from its bs58 representation
|
||||
let recovered_key = match VerificationKey::try_from_bs58(share.share) {
|
||||
let recovered_key = match VerificationKeyAuth::try_from_bs58(share.share) {
|
||||
Ok(key) => key,
|
||||
Err(source) => {
|
||||
return reject(ShareRejectionReason::MalformedKeyEncoding {
|
||||
@@ -119,7 +119,11 @@ impl<R: RngCore + CryptoRng> DkgController<R> {
|
||||
});
|
||||
};
|
||||
|
||||
if !check_vk_pairing(bandwidth_credential_params(), &self_derived, &recovered_key) {
|
||||
if !check_vk_pairing(
|
||||
bandwidth_credential_params().grp(),
|
||||
&self_derived,
|
||||
&recovered_key,
|
||||
) {
|
||||
return reject(ShareRejectionReason::InconsistentKeys {
|
||||
epoch_id,
|
||||
owner,
|
||||
|
||||
@@ -24,7 +24,7 @@ mod tests {
|
||||
derive_keypairs, exchange_dealings, finalize, init_chain, initialise_controller,
|
||||
initialise_dkg, submit_public_keys, validate_keys,
|
||||
};
|
||||
use nym_coconut::aggregate_verification_keys;
|
||||
use nym_compact_ecash::aggregate_verification_keys;
|
||||
|
||||
#[tokio::test]
|
||||
#[ignore] // expensive test
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
// Copyright 2022-2024 - Nym Technologies SA <contact@nymtech.net>
|
||||
// SPDX-License-Identifier: GPL-3.0-only
|
||||
|
||||
use nym_coconut::VerificationKey;
|
||||
use nym_coconut_dkg_common::types::EpochId;
|
||||
use nym_compact_ecash::VerificationKeyAuth;
|
||||
use nym_dkg::Scalar;
|
||||
use std::sync::atomic::{AtomicBool, Ordering};
|
||||
use std::sync::Arc;
|
||||
@@ -19,12 +19,12 @@ pub struct KeyPair {
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct KeyPairWithEpoch {
|
||||
pub(crate) keys: nym_coconut::KeyPair,
|
||||
pub(crate) keys: nym_compact_ecash::KeyPairAuth,
|
||||
pub(crate) issued_for_epoch: EpochId,
|
||||
}
|
||||
|
||||
impl KeyPairWithEpoch {
|
||||
pub(crate) fn new(keys: nym_coconut::KeyPair, issued_for_epoch: EpochId) -> Self {
|
||||
pub(crate) fn new(keys: nym_compact_ecash::KeyPairAuth, issued_for_epoch: EpochId) -> Self {
|
||||
KeyPairWithEpoch {
|
||||
keys,
|
||||
issued_for_epoch,
|
||||
@@ -64,11 +64,11 @@ impl KeyPair {
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn verification_key(&self) -> Option<RwLockReadGuard<'_, VerificationKey>> {
|
||||
RwLockReadGuard::try_map(self.get().await?, |maybe_keypair| {
|
||||
maybe_keypair.as_ref().map(|k| k.keys.verification_key())
|
||||
})
|
||||
.ok()
|
||||
pub async fn verification_key(&self) -> Option<VerificationKeyAuth> {
|
||||
self.get()
|
||||
.await?
|
||||
.as_ref()
|
||||
.map(|k| k.keys.verification_key())
|
||||
}
|
||||
|
||||
pub async fn read_keys(&self) -> RwLockReadGuard<'_, Option<KeyPairWithEpoch>> {
|
||||
|
||||
@@ -3,17 +3,17 @@
|
||||
|
||||
use crate::coconut::keys::KeyPairWithEpoch;
|
||||
use crate::coconut::state::bandwidth_credential_params;
|
||||
use nym_coconut::{CoconutError, KeyPair, SecretKey};
|
||||
use nym_coconut_dkg_common::types::EpochId;
|
||||
use nym_compact_ecash::{error::CompactEcashError, scheme::keygen::SecretKeyAuth, KeyPairAuth};
|
||||
use nym_pemstore::traits::PemStorableKey;
|
||||
use std::mem;
|
||||
|
||||
impl PemStorableKey for KeyPairWithEpoch {
|
||||
// that's not the best error for this, but it felt like an overkill to define a dedicated struct just for this purpose
|
||||
type Error = CoconutError;
|
||||
type Error = CompactEcashError;
|
||||
|
||||
fn pem_type() -> &'static str {
|
||||
"COCONUT KEY WITH EPOCH"
|
||||
"COCONUT KEY WITH EPOCH" // avoid the invalidation of already present key
|
||||
}
|
||||
|
||||
fn to_bytes(&self) -> Vec<u8> {
|
||||
@@ -24,7 +24,7 @@ impl PemStorableKey for KeyPairWithEpoch {
|
||||
|
||||
fn from_bytes(bytes: &[u8]) -> Result<Self, Self::Error> {
|
||||
if bytes.len() <= mem::size_of::<EpochId>() {
|
||||
return Err(CoconutError::Deserialization(
|
||||
return Err(CompactEcashError::Deserialization(
|
||||
"insufficient number of bytes to decode secret key with epoch id".into(),
|
||||
));
|
||||
}
|
||||
@@ -32,11 +32,11 @@ impl PemStorableKey for KeyPairWithEpoch {
|
||||
bytes[0], bytes[1], bytes[2], bytes[3], bytes[4], bytes[5], bytes[6], bytes[7],
|
||||
]);
|
||||
|
||||
let sk = SecretKey::from_bytes(&bytes[mem::size_of::<EpochId>()..])?;
|
||||
let vk = sk.verification_key(bandwidth_credential_params());
|
||||
let sk = SecretKeyAuth::from_bytes(&bytes[mem::size_of::<EpochId>()..])?;
|
||||
let vk = sk.verification_key(bandwidth_credential_params().grp());
|
||||
|
||||
Ok(KeyPairWithEpoch {
|
||||
keys: KeyPair::from_keys(sk, vk),
|
||||
keys: KeyPairAuth::from_keys(sk, vk),
|
||||
issued_for_epoch: epoch_id,
|
||||
})
|
||||
}
|
||||
|
||||
@@ -9,9 +9,9 @@ use crate::coconut::dkg::state::State;
|
||||
use crate::coconut::keys::KeyPair;
|
||||
use crate::coconut::tests::{DummyClient, SharedFakeChain};
|
||||
use cosmwasm_std::Addr;
|
||||
use nym_coconut::VerificationKey;
|
||||
use nym_coconut_dkg_common::dealer::DealerRegistrationDetails;
|
||||
use nym_coconut_dkg_common::types::{DealerDetails, EpochId};
|
||||
use nym_compact_ecash::VerificationKeyAuth;
|
||||
use nym_crypto::asymmetric::identity;
|
||||
use nym_dkg::bte::keys::KeyPair as DkgKeyPair;
|
||||
use nym_dkg::{NodeIndex, Threshold};
|
||||
@@ -276,7 +276,7 @@ impl TestingDkgController {
|
||||
Addr::unchecked(self.address().await.as_ref())
|
||||
}
|
||||
|
||||
pub(crate) async fn unchecked_coconut_vk(&self) -> VerificationKey {
|
||||
pub(crate) async fn unchecked_coconut_vk(&self) -> VerificationKeyAuth {
|
||||
self.state
|
||||
.unchecked_coconut_keypair()
|
||||
.await
|
||||
|
||||
@@ -5,7 +5,7 @@ use crate::node_status_api::models::ErrorResponse;
|
||||
use crate::status::ApiStatusState;
|
||||
use nym_api_requests::models::{ApiHealthResponse, SignerInformationResponse};
|
||||
use nym_bin_common::build_information::BinaryBuildInformationOwned;
|
||||
use nym_coconut::Base58;
|
||||
use nym_compact_ecash::Base58;
|
||||
use rocket::http::Status;
|
||||
use rocket::serde::json::Json;
|
||||
use rocket::State;
|
||||
|
||||
Reference in New Issue
Block a user