Skip to content

Commit d515c34

Browse files
jesseposnerjesseposner
committed
Store aggregate share in keygen session
1 parent 00fbb97 commit d515c34

File tree

3 files changed

+8
-9
lines changed

3 files changed

+8
-9
lines changed

include/secp256k1_frost.h

+1-1
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@ typedef struct {
4141
int pk_parity;
4242
secp256k1_xonly_pubkey combined_pk;
4343
secp256k1_pubkey coeff_pk;
44+
secp256k1_frost_share agg_share;
4445
} secp256k1_frost_keygen_session;
4546

4647
SECP256K1_API int secp256k1_frost_keygen_init(
@@ -61,7 +62,6 @@ SECP256K1_API void secp256k1_frost_generate_shares(
6162
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
6263

6364
SECP256K1_API void secp256k1_frost_aggregate_shares(
64-
secp256k1_frost_share *aggregate_share,
6565
const secp256k1_frost_share *shares,
6666
const secp256k1_frost_keygen_session *session
6767
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);

src/modules/frost/main_impl.h

+2-2
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ void secp256k1_frost_generate_shares(secp256k1_frost_share *shares, secp256k1_sc
9393
}
9494
}
9595

96-
void secp256k1_frost_aggregate_shares(secp256k1_frost_share *aggregate_share, const secp256k1_frost_share *shares, const secp256k1_frost_keygen_session *session) {
96+
void secp256k1_frost_aggregate_shares(const secp256k1_frost_share *shares, const secp256k1_frost_keygen_session *session) {
9797
size_t i;
9898
secp256k1_scalar acc;
9999

@@ -103,7 +103,7 @@ void secp256k1_frost_aggregate_shares(secp256k1_frost_share *aggregate_share, co
103103
secp256k1_scalar_set_b32(&share_i, shares[i].data, NULL);
104104
secp256k1_scalar_add(&acc, &acc, &share_i);
105105
}
106-
secp256k1_scalar_get_b32(aggregate_share->data, &acc);
106+
secp256k1_scalar_get_b32((unsigned char *) session->agg_share.data, &acc);
107107
}
108108

109109
typedef struct {

src/modules/frost/tests_impl.h

+5-6
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@ void run_frost_tests(void) {
2525
secp256k1_pubkey pubcoeff[N_SIGNERS][THRESHOLD];
2626
secp256k1_pubkey pubkeys[N_SIGNERS];
2727
secp256k1_frost_share shares[N_SIGNERS][N_SIGNERS];
28-
secp256k1_frost_share agg_shares[N_SIGNERS];
2928
secp256k1_scalar l;
3029
secp256k1_scalar s1, s2;
3130
secp256k1_gej rj;
@@ -58,7 +57,7 @@ void run_frost_tests(void) {
5857
}
5958

6059
/* TODO: pull participant share from session */
61-
secp256k1_frost_aggregate_shares(&agg_shares[i], rec_shares, &sessions[i]);
60+
secp256k1_frost_aggregate_shares(rec_shares, &sessions[i]);
6261
}
6362

6463
/* Reconstruct secret */
@@ -68,7 +67,7 @@ void run_frost_tests(void) {
6867
secp256k1_scalar_clear(&s2);
6968
for (i = 0; i < THRESHOLD; i++) {
7069
secp256k1_frost_lagrange_coefficient(&l, participants, THRESHOLD, sessions[i].my_index);
71-
secp256k1_scalar_set_b32(&s1, agg_shares[i].data, NULL);
70+
secp256k1_scalar_set_b32(&s1, sessions[i].agg_share.data, NULL);
7271
secp256k1_scalar_mul(&s1, &s1, &l);
7372
secp256k1_scalar_add(&s2, &s2, &s1);
7473
}
@@ -99,7 +98,7 @@ void run_frost_tests(void) {
9998
/* TODO: use separate ID for each participant */
10099
secp256k1_testrand256(id);
101100
for (i = 0; i < THRESHOLD; i++) {
102-
secp256k1_nonce_function_frost(&k, id, agg_shares[i].data, msg, pk2, frost_algo, 9, NULL);
101+
secp256k1_nonce_function_frost(&k, id, sessions[i].agg_share.data, msg, pk2, frost_algo, 9, NULL);
103102
secp256k1_scalar_set_b32(&s1, k.data, NULL);
104103
secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &rj, &s1);
105104
secp256k1_ge_set_gej(&rp, &rj);
@@ -113,12 +112,12 @@ void run_frost_tests(void) {
113112
/* compute challenge hash */
114113
secp256k1_schnorrsig_challenge(&s2, pk2, msg, &pk1[1]);
115114

116-
secp256k1_scalar_set_b32(&s1, agg_shares[i].data, NULL);
115+
secp256k1_scalar_set_b32(&s1, sessions[i].agg_share.data, NULL);
117116
secp256k1_frost_lagrange_coefficient(&l, participants, THRESHOLD, sessions[i].my_index);
118117
secp256k1_scalar_mul(&s1, &s1, &l);
119118
secp256k1_scalar_mul(&s2, &s2, &s1);
120119
CHECK(secp256k1_xonly_pubkey_serialize(ctx, pk2, &sessions[0].combined_pk));
121-
secp256k1_nonce_function_frost(&k, id, agg_shares[i].data, msg, &pk1[1], frost_algo, 9, NULL);
120+
secp256k1_nonce_function_frost(&k, id, sessions[i].agg_share.data, msg, &pk1[1], frost_algo, 9, NULL);
122121
secp256k1_scalar_set_b32(&s1, k.data, NULL);
123122
if (sessions[0].pk_parity) {
124123
secp256k1_scalar_negate(&s1, &s1);

0 commit comments

Comments
 (0)