fix calls to renamed DKG functions; move dkg code to its own file (#49)

Author: conradoplg

src/frost/redjubjub.rs

@@ -212,86 +212,6 @@ pub mod keys {
     ///
     /// Used for verification purposes before publishing a signature.
     pub type PublicKeyPackage = frost::keys::PublicKeyPackage<J>;
-
-    pub mod dkg {
-        #![doc = include_str!("./redjubjub/dkg.md")]
-        use super::*;
-
-        /// The secret package that must be kept in memory by the participant
-        /// between the first and second parts of the DKG protocol (round 1).
-        ///
-        /// # Security
-        ///
-        /// This package MUST NOT be sent to other participants!
-        pub type Round1SecretPackage = frost::keys::dkg::Round1SecretPackage<J>;
-
-        /// The package that must be broadcast by each participant to all other participants
-        /// between the first and second parts of the DKG protocol (round 1).
-        pub type Round1Package = frost::keys::dkg::Round1Package<J>;
-
-        /// The secret package that must be kept in memory by the participant
-        /// between the second and third parts of the DKG protocol (round 2).
-        ///
-        /// # Security
-        ///
-        /// This package MUST NOT be sent to other participants!
-        pub type Round2SecretPackage = frost::keys::dkg::Round2SecretPackage<J>;
-
-        /// A package that must be sent by each participant to some other participants
-        /// in Round 2 of the DKG protocol. Note that there is one specific package
-        /// for each specific recipient, in contrast to Round 1.
-        ///
-        /// # Security
-        ///
-        /// The package must be sent on an *confidential* and *authenticated* channel.
-        pub type Round2Package = frost::keys::dkg::Round2Package<J>;
-
-        /// Performs the first part of the distributed key generation protocol
-        /// for the given participant.
-        ///
-        /// It returns the [`Round1SecretPackage`] that must be kept in memory
-        /// by the participant for the other steps, and the [`Round1Package`] that
-        /// must be sent to other participants.
-        pub fn keygen_part1<R: RngCore + CryptoRng>(
-            identifier: Identifier,
-            max_signers: u16,
-            min_signers: u16,
-            mut rng: R,
-        ) -> Result<(Round1SecretPackage, Round1Package), Error> {
-            frost::keys::dkg::keygen_part1(identifier, max_signers, min_signers, &mut rng)
-        }
-
-        /// Performs the second part of the distributed key generation protocol
-        /// for the participant holding the given [`Round1SecretPackage`],
-        /// given the received [`Round1Package`]s received from the other participants.
-        ///
-        /// It returns the [`Round2SecretPackage`] that must be kept in memory
-        /// by the participant for the final step, and the [`Round2Package`]s that
-        /// must be sent to other participants.
-        pub fn keygen_part2(
-            secret_package: Round1SecretPackage,
-            round1_packages: &[Round1Package],
-        ) -> Result<(Round2SecretPackage, Vec<Round2Package>), Error> {
-            frost::keys::dkg::keygen_part2(secret_package, round1_packages)
-        }
-
-        /// Performs the third and final part of the distributed key generation protocol
-        /// for the participant holding the given [`Round2SecretPackage`],
-        /// given the received [`Round1Package`]s and [`Round2Package`]s received from
-        /// the other participants.
-        ///
-        /// It returns the [`KeyPackage`] that has the long-lived key share for the
-        /// participant, and the [`PublicKeyPackage`]s that has public information
-        /// about all participants; both of which are required to compute FROST
-        /// signatures.
-        pub fn keygen_part3(
-            round2_secret_package: &Round2SecretPackage,
-            round1_packages: &[Round1Package],
-            round2_packages: &[Round2Package],
-        ) -> Result<(KeyPackage, PublicKeyPackage), Error> {
-            frost::keys::dkg::keygen_part3(round2_secret_package, round1_packages, round2_packages)
-        }
-    }
 }
 
 /// FROST(Jubjub, BLAKE2b-512) Round 1 functionality and types.

src/frost/redjubjub/dkg.md

@@ -9,12 +9,12 @@ a `u16`. The process in which these identifiers are allocated is up to the appli
 The distributed key generation process has 3 parts, with 2 communication rounds
 between them, in which each participant needs to send a "package" to every other
 participant. In the first round, each participant sends the same package
-(a [`Round1Package`]) to every other. In the second round, each receiver gets
-their own package (a [`Round2Package`]).
+(a [`round1::Package`]) to every other. In the second round, each receiver gets
+their own package (a [`round2::Package`]).
 
-Between part 1 and 2, each participant needs to hold onto a [`Round1SecretPackage`]
+Between part 1 and 2, each participant needs to hold onto a [`round1::SecretPackage`]
 that MUST be kept secret. Between part 2 and 3, each participant needs to hold
-onto a [`Round2SecretPackage`].
+onto a [`round2::SecretPackage`].
 
 After the third part, each participant will get a [`KeyPackage`] with their
 long-term secret share that must be kept secret, and a [`PublicKeyPackage`]
@@ -53,7 +53,7 @@ let mut received_round1_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (secret_package, round1_package) = frost::keys::dkg::keygen_part1(
+    let (secret_package, round1_package) = frost::keys::dkg::part1(
         participant_identifier,
         max_signers,
         min_signers,
@@ -99,7 +99,7 @@ let mut received_round2_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (round2_secret_package, round2_packages) = frost::keys::dkg::keygen_part2(
+    let (round2_secret_package, round2_packages) = frost::keys::dkg::part2(
         round1_secret_packages
             .remove(&participant_identifier)
             .unwrap(),
@@ -142,7 +142,7 @@ let mut pubkey_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (key_package, pubkey_package_for_participant) = frost::keys::dkg::keygen_part3(
+    let (key_package, pubkey_package_for_participant) = frost::keys::dkg::part3(
         &round2_secret_packages[&participant_identifier],
         &received_round1_packages[&participant_identifier],
         &received_round2_packages[&participant_identifier],

src/frost/redjubjub/keys/dkg.rs

@@ -0,0 +1,87 @@
+#![doc = include_str!("../dkg.md")]
+use super::*;
+
+/// DKG Round 1 structures.
+pub mod round1 {
+    use super::*;
+
+    /// The secret package that must be kept in memory by the participant
+    /// between the first and second parts of the DKG protocol (round 1).
+    ///
+    /// # Security
+    ///
+    /// This package MUST NOT be sent to other participants!
+    pub type SecretPackage = frost::keys::dkg::round1::SecretPackage<J>;
+
+    /// The package that must be broadcast by each participant to all other participants
+    /// between the first and second parts of the DKG protocol (round 1).
+    pub type Package = frost::keys::dkg::round1::Package<J>;
+}
+
+/// DKG Round 2 structures.
+pub mod round2 {
+    use super::*;
+
+    /// The secret package that must be kept in memory by the participant
+    /// between the second and third parts of the DKG protocol (round 2).
+    ///
+    /// # Security
+    ///
+    /// This package MUST NOT be sent to other participants!
+    pub type SecretPackage = frost::keys::dkg::round2::SecretPackage<J>;
+
+    /// A package that must be sent by each participant to some other participants
+    /// in Round 2 of the DKG protocol. Note that there is one specific package
+    /// for each specific recipient, in contrast to Round 1.
+    ///
+    /// # Security
+    ///
+    /// The package must be sent on an *confidential* and *authenticated* channel.
+    pub type Package = frost::keys::dkg::round2::Package<J>;
+}
+
+/// Performs the first part of the distributed key generation protocol
+/// for the given participant.
+///
+/// It returns the [`round1::SecretPackage`] that must be kept in memory
+/// by the participant for the other steps, and the [`round1::Package`] that
+/// must be sent to other participants.
+pub fn part1<R: RngCore + CryptoRng>(
+    identifier: Identifier,
+    max_signers: u16,
+    min_signers: u16,
+    mut rng: R,
+) -> Result<(round1::SecretPackage, round1::Package), Error> {
+    frost::keys::dkg::part1(identifier, max_signers, min_signers, &mut rng)
+}
+
+/// Performs the second part of the distributed key generation protocol
+/// for the participant holding the given [`round1::SecretPackage`],
+/// given the received [`round1::Package`]s received from the other participants.
+///
+/// It returns the [`round2::SecretPackage`] that must be kept in memory
+/// by the participant for the final step, and the [`round2::Package`]s that
+/// must be sent to other participants.
+pub fn part2(
+    secret_package: round1::SecretPackage,
+    round1_packages: &[round1::Package],
+) -> Result<(round2::SecretPackage, Vec<round2::Package>), Error> {
+    frost::keys::dkg::part2(secret_package, round1_packages)
+}
+
+/// Performs the third and final part of the distributed key generation protocol
+/// for the participant holding the given [`round2::SecretPackage`],
+/// given the received [`round1::Package`]s and [`round2::Package`]s received from
+/// the other participants.
+///
+/// It returns the [`KeyPackage`] that has the long-lived key share for the
+/// participant, and the [`PublicKeyPackage`]s that has public information
+/// about all participants; both of which are required to compute FROST
+/// signatures.
+pub fn part3(
+    round2_secret_package: &round2::SecretPackage,
+    round1_packages: &[round1::Package],
+    round2_packages: &[round2::Package],
+) -> Result<(KeyPackage, PublicKeyPackage), Error> {
+    frost::keys::dkg::part3(round2_secret_package, round1_packages, round2_packages)
+}

src/frost/redpallas.rs

@@ -214,86 +214,6 @@ pub mod keys {
     ///
     /// Used for verification purposes before publishing a signature.
     pub type PublicKeyPackage = frost::keys::PublicKeyPackage<P>;
-
-    pub mod dkg {
-        #![doc = include_str!("./redpallas/dkg.md")]
-        use super::*;
-
-        /// The secret package that must be kept in memory by the participant
-        /// between the first and second parts of the DKG protocol (round 1).
-        ///
-        /// # Security
-        ///
-        /// This package MUST NOT be sent to other participants!
-        pub type Round1SecretPackage = frost::keys::dkg::Round1SecretPackage<P>;
-
-        /// The package that must be broadcast by each participant to all other participants
-        /// between the first and second parts of the DKG protocol (round 1).
-        pub type Round1Package = frost::keys::dkg::Round1Package<P>;
-
-        /// The secret package that must be kept in memory by the participant
-        /// between the second and third parts of the DKG protocol (round 2).
-        ///
-        /// # Security
-        ///
-        /// This package MUST NOT be sent to other participants!
-        pub type Round2SecretPackage = frost::keys::dkg::Round2SecretPackage<P>;
-
-        /// A package that must be sent by each participant to some other participants
-        /// in Round 2 of the DKG protocol. Note that there is one specific package
-        /// for each specific recipient, in contrast to Round 1.
-        ///
-        /// # Security
-        ///
-        /// The package must be sent on an *confidential* and *authenticated* channel.
-        pub type Round2Package = frost::keys::dkg::Round2Package<P>;
-
-        /// Performs the first part of the distributed key generation protocol
-        /// for the given participant.
-        ///
-        /// It returns the [`Round1SecretPackage`] that must be kept in memory
-        /// by the participant for the other steps, and the [`Round1Package`] that
-        /// must be sent to other participants.
-        pub fn keygen_part1<R: RngCore + CryptoRng>(
-            identifier: Identifier,
-            max_signers: u16,
-            min_signers: u16,
-            mut rng: R,
-        ) -> Result<(Round1SecretPackage, Round1Package), Error> {
-            frost::keys::dkg::keygen_part1(identifier, max_signers, min_signers, &mut rng)
-        }
-
-        /// Performs the second part of the distributed key generation protocol
-        /// for the participant holding the given [`Round1SecretPackage`],
-        /// given the received [`Round1Package`]s received from the other participants.
-        ///
-        /// It returns the [`Round2SecretPackage`] that must be kept in memory
-        /// by the participant for the final step, and the [`Round2Package`]s that
-        /// must be sent to other participants.
-        pub fn keygen_part2(
-            secret_package: Round1SecretPackage,
-            round1_packages: &[Round1Package],
-        ) -> Result<(Round2SecretPackage, Vec<Round2Package>), Error> {
-            frost::keys::dkg::keygen_part2(secret_package, round1_packages)
-        }
-
-        /// Performs the third and final part of the distributed key generation protocol
-        /// for the participant holding the given [`Round2SecretPackage`],
-        /// given the received [`Round1Package`]s and [`Round2Package`]s received from
-        /// the other participants.
-        ///
-        /// It returns the [`KeyPackage`] that has the long-lived key share for the
-        /// participant, and the [`PublicKeyPackage`]s that has public information
-        /// about all participants; both of which are required to compute FROST
-        /// signatures.
-        pub fn keygen_part3(
-            round2_secret_package: &Round2SecretPackage,
-            round1_packages: &[Round1Package],
-            round2_packages: &[Round2Package],
-        ) -> Result<(KeyPackage, PublicKeyPackage), Error> {
-            frost::keys::dkg::keygen_part3(round2_secret_package, round1_packages, round2_packages)
-        }
-    }
 }
 
 /// FROST(Pallas, BLAKE2b-512) Round 1 functionality and types.

src/frost/redpallas/dkg.md

@@ -9,12 +9,12 @@ a `u16`. The process in which these identifiers are allocated is up to the appli
 The distributed key generation process has 3 parts, with 2 communication rounds
 between them, in which each participant needs to send a "package" to every other
 participant. In the first round, each participant sends the same package
-(a [`Round1Package`]) to every other. In the second round, each receiver gets
-their own package (a [`Round2Package`]).
+(a [`round1::Package`]) to every other. In the second round, each receiver gets
+their own package (a [`round2::Package`]).
 
-Between part 1 and 2, each participant needs to hold onto a [`Round1SecretPackage`]
+Between part 1 and 2, each participant needs to hold onto a [`round1::SecretPackage`]
 that MUST be kept secret. Between part 2 and 3, each participant needs to hold
-onto a [`Round2SecretPackage`].
+onto a [`round2::SecretPackage`].
 
 After the third part, each participant will get a [`KeyPackage`] with their
 long-term secret share that must be kept secret, and a [`PublicKeyPackage`]
@@ -53,7 +53,7 @@ let mut received_round1_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (secret_package, round1_package) = frost::keys::dkg::keygen_part1(
+    let (secret_package, round1_package) = frost::keys::dkg::part1(
         participant_identifier,
         max_signers,
         min_signers,
@@ -99,7 +99,7 @@ let mut received_round2_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (round2_secret_package, round2_packages) = frost::keys::dkg::keygen_part2(
+    let (round2_secret_package, round2_packages) = frost::keys::dkg::part2(
         round1_secret_packages
             .remove(&participant_identifier)
             .unwrap(),
@@ -142,7 +142,7 @@ let mut pubkey_packages = HashMap::new();
 // In practice, each participant will perform this on their own environments.
 for participant_index in 1..=max_signers {
     let participant_identifier = participant_index.try_into().expect("should be nonzero");
-    let (key_package, pubkey_package_for_participant) = frost::keys::dkg::keygen_part3(
+    let (key_package, pubkey_package_for_participant) = frost::keys::dkg::part3(
         &round2_secret_packages[&participant_identifier],
         &received_round1_packages[&participant_identifier],
         &received_round2_packages[&participant_identifier],