spike

Author: patrick-ogrady

consensus/src/simplex/config.rs

@@ -91,7 +91,7 @@ where
     /// Consensus messages can be signed with a cryptosystem that differs from the static
     /// participant identity keys exposed in `participants`. For example, we can authenticate peers
     /// on the network with [commonware_cryptography::ed25519] keys while signing votes with shares distributed
-    /// via [commonware_cryptography::bls12381::dkg] (which change each epoch). The scheme implementation is
+    /// via [commonware_cryptography::bls12381::dkg::feldman_desmedt] (which change each epoch). The scheme implementation is
     /// responsible for reusing the exact participant ordering carried by `participants` so that signer indices
     /// remain stable across both key spaces; if the order diverges, validators will reject votes as coming from
     /// the wrong validator.

consensus/src/simplex/mod.rs

@@ -271,7 +271,7 @@
 //!
 //! [scheme::bls12381_threshold] employs threshold cryptography (BLS12-381 threshold signatures with a `2f+1` of `3f+1` quorum)
 //! to generate succinct consensus certificates (verifiable with just the static public key). This scheme requires instantiating
-//! the shared secret via [commonware_cryptography::bls12381::dkg] and resharing whenever participants change.
+//! the shared secret via [commonware_cryptography::bls12381::dkg::feldman_desmedt] and resharing whenever participants change.
 //!
 //! Two (non-attributable) variants are provided:
 //!
@@ -296,7 +296,7 @@
 //! #### Succinct Certificates
 //!
 //! All broadcast consensus messages (`notarize(c,v)`, `nullify(v)`, `finalize(c,v)`) contain attestations (partial signatures) for a static
-//! public key (derived from a group polynomial that can be recomputed during reconfiguration using [dkg](commonware_cryptography::bls12381::dkg)).
+//! public key (derived from a group polynomial that can be recomputed during reconfiguration using [dkg](commonware_cryptography::bls12381::dkg::feldman_desmedt)).
 //! As soon as `2f+1` messages are collected, a threshold signature over `notarization(c,v)`, `nullification(v)`, and `finalization(c,v)`
 //! can be recovered, respectively. Because the public key is static, any of these certificates can be verified by an external
 //! process without following the consensus instance and/or tracking the current set of participants (as is typically required

consensus/src/simplex/scheme/bls12381_threshold/vrf.rs

@@ -883,7 +883,7 @@ mod tests {
     use commonware_codec::{Decode, Encode};
     use commonware_cryptography::{
         bls12381::{
-            dkg::{self, deal_anonymous},
+            dkg::feldman_desmedt as dkg,
             primitives::{
                 group::Scalar,
                 ops::threshold,
@@ -952,7 +952,7 @@ mod tests {
         let mut rng = test_rng();
         let participants = ed25519_participants(&mut rng, 5);
         let (polynomial, shares) =
-            deal_anonymous::<V, N3f1>(&mut rng, Default::default(), NZU32!(4));
+            dkg::deal_anonymous::<V, N3f1>(&mut rng, Default::default(), NZU32!(4));
         Scheme::<V>::signer(
             NAMESPACE,
             participants.keys().clone(),
@@ -976,7 +976,8 @@ mod tests {
     fn verifier_polynomial_threshold_must_equal_quorum<V: Variant>() {
         let mut rng = test_rng();
         let participants = ed25519_participants(&mut rng, 5);
-        let (polynomial, _) = deal_anonymous::<V, N3f1>(&mut rng, Default::default(), NZU32!(4));
+        let (polynomial, _) =
+            dkg::deal_anonymous::<V, N3f1>(&mut rng, Default::default(), NZU32!(4));
         Scheme::<V>::verifier(NAMESPACE, participants.keys().clone(), polynomial);
     }
 

cryptography/conformance.toml

@@ -18,35 +18,35 @@ hash = "ad245f64a57c96036599647eaf509937173e9de01503a9e6494f29571191ade1"
 n_cases = 65536
 hash = "ba2d888e6d1050e6a361aa79430c1bb03d90eb8e74b9715b1d7d01c35a495e1d"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<AckOrReveal<ed25519::PublicKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<AckOrReveal<ed25519::PublicKey>>"]
 n_cases = 65536
 hash = "97c266fb7821326e6333be0859025c774220c8d010e488d2fd13a743e4135f64"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<DealerLog<MinPk,ed25519::PublicKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<DealerLog<MinPk,ed25519::PublicKey>>"]
 n_cases = 65536
 hash = "ef8d69a3cbafc5e3f8f98755337acacc6609e92d3fdee0e4576481190cb421b4"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<DealerPrivMsg>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<DealerPrivMsg>"]
 n_cases = 65536
 hash = "2d443ed310b383cab74abec888d0637ab81435779e274ed7be84adc7b10e2f86"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<DealerPubMsg<MinPk>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<DealerPubMsg<MinPk>>"]
 n_cases = 65536
 hash = "0a15ca78d654be68bb78cf58cfd1da568f8f1585878f081735939f02da161b22"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<DealerResult<ed25519::PublicKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<DealerResult<ed25519::PublicKey>>"]
 n_cases = 65536
 hash = "1a05e4e910dd186bd81189d79eaf1b4c211012d07f534ddaa38ab9705d80fa62"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<Output<MinPk,ed25519::PublicKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<Output<MinPk,ed25519::PublicKey>>"]
 n_cases = 65536
 hash = "b31f32f62da530fb4861e8a46e5068e0c36ed1b509ee5bc758b6ca90a2568ad7"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<PlayerAck<ed25519::PublicKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<PlayerAck<ed25519::PublicKey>>"]
 n_cases = 65536
 hash = "0cbb8c8644dffe0be78d1307fb5034dd804921d66799c1aaec3d335b44e9616c"
 
-["commonware_cryptography::bls12381::dkg::test::conformance::CodecConformance<SignedDealerLog<MinPk,ed25519::PrivateKey>>"]
+["commonware_cryptography::bls12381::dkg::feldman_desmedt::test::conformance::CodecConformance<SignedDealerLog<MinPk,ed25519::PrivateKey>>"]
 n_cases = 65536
 hash = "fca94fb3b0df54a6a34edfbb8aeef28490262daf97870e12f869aee6cf7f7e67"
 

cryptography/fuzz/Cargo.toml

@@ -140,8 +140,8 @@ doc = false
 bench = false
 
 [[bin]]
-name = "bls12381_golden_dkg"
-path = "fuzz_targets/bls12381_golden_dkg.rs"
+name = "bls12381_dkg_golden"
+path = "fuzz_targets/bls12381_dkg_golden.rs"
 test = false
 doc = false
 bench = false

cryptography/fuzz/fuzz_targets/bls12381_dkg.rs

@@ -2,7 +2,7 @@
 
 use arbitrary::Arbitrary;
 use commonware_cryptography::bls12381::{
-    dkg::FuzzPlan,
+    dkg::feldman_desmedt::FuzzPlan,
     primitives::variant::{MinPk, MinSig},
 };
 use libfuzzer_sys::fuzz_target;

…fuzz/fuzz_targets/bls12381_golden_dkg.rs …fuzz/fuzz_targets/bls12381_dkg_golden.rscryptography/fuzz/fuzz_targets/bls12381_golden_dkg.rs renamed to cryptography/fuzz/fuzz_targets/bls12381_dkg_golden.rs cryptography/fuzz/fuzz_targets/bls12381_golden_dkg.rs renamed to cryptography/fuzz/fuzz_targets/bls12381_dkg_golden.rs

@@ -1,7 +1,7 @@
 #![no_main]
 
 use arbitrary::Arbitrary;
-use commonware_cryptography::bls12381::golden_dkg::{FuzzPlan, Setup};
+use commonware_cryptography::bls12381::dkg::golden::{FuzzPlan, Setup};
 use commonware_parallel::Sequential;
 use libfuzzer_sys::fuzz_target;
 use std::{num::NonZeroU32, sync::LazyLock};

cryptography/src/bls12381/benches/bench.rs

@@ -8,7 +8,6 @@ mod combine_public_keys;
 mod combine_signatures;
 mod dkg;
 mod evaluate_point;
-mod golden_dkg;
 mod hash_to_curve;
 mod msm;
 mod scheme_batch_verify_same_message;
@@ -24,8 +23,8 @@ mod tle_encrypt;
 
 criterion_main!(
     batch_to_affine::benches,
-    dkg::benches,
-    golden_dkg::benches,
+    dkg::golden::benches,
+    dkg::feldman_desmedt::benches,
     hash_to_curve::benches,
     threshold_recover::benches,
     combine_public_keys::benches,

cryptography/src/bls12381/benches/dkg.rs

@@ -1,182 +1,2 @@
-use commonware_cryptography::{
-    bls12381::{
-        dkg::{deal, Dealer, Info, Logs, Player},
-        primitives::variant::MinSig,
-    },
-    ed25519::{Batch, PrivateKey, PublicKey},
-    Signer as _,
-};
-use commonware_math::algebra::Random;
-use commonware_parallel::{Rayon, Sequential};
-use commonware_utils::{ordered::Set, Faults, N3f1, NZUsize, TryCollect};
-use criterion::{criterion_group, BatchSize, Criterion};
-use rand::{rngs::StdRng, SeedableRng};
-use rand_core::CryptoRngCore;
-use std::{collections::BTreeMap, hint::black_box};
-
-type V = MinSig;
-
-struct Bench {
-    info: Info<V, PublicKey>,
-    me: PrivateKey,
-    logs: Logs<V, PublicKey, N3f1>,
-}
-
-impl Bench {
-    fn new(mut rng: impl CryptoRngCore, reshare: bool, n: u32) -> Self {
-        let private_keys = (0..n)
-            .map(|_| PrivateKey::random(&mut rng))
-            .collect::<Vec<_>>();
-        let me = private_keys.first().unwrap().clone();
-        let me_pk = me.public_key();
-        let dealers = private_keys
-            .iter()
-            .map(|sk| sk.public_key())
-            .try_collect::<Set<_>>()
-            .unwrap();
-
-        let (output, shares) = if reshare {
-            let (o, s) =
-                deal::<V, PublicKey, N3f1>(&mut rng, Default::default(), dealers.clone()).unwrap();
-            (Some(o), Some(s))
-        } else {
-            (None, None)
-        };
-        let players = dealers.clone();
-        let info = Info::new::<N3f1>(
-            b"_COMMONWARE_CRYPTOGRAPHY_BLS12381_DKG_BENCH",
-            0,
-            output,
-            Default::default(),
-            dealers,
-            players,
-        )
-        .unwrap();
-
-        // Create player state for every participant
-        let mut player_states = private_keys
-            .iter()
-            .filter_map(|sk| {
-                let pk = sk.public_key();
-                if pk == me_pk {
-                    return None;
-                }
-                Some((
-                    pk,
-                    Player::<MinSig, PrivateKey>::new(info.clone(), sk.clone()).unwrap(),
-                ))
-            })
-            .collect::<BTreeMap<_, _>>();
-
-        let mut logs = Logs::<V, PublicKey, N3f1>::new(info.clone());
-        for sk in private_keys {
-            let pk = sk.public_key();
-            let (mut dealer, pub_msg, priv_msgs) = Dealer::start::<N3f1>(
-                &mut rng,
-                info.clone(),
-                sk,
-                shares
-                    .as_ref()
-                    .and_then(|shares| shares.get_value(&pk).cloned()),
-            )
-            .unwrap();
-            for (target_pk, priv_msg) in priv_msgs {
-                // The only missing player should be ourselves.
-                if let Some(player) = player_states.get_mut(&target_pk) {
-                    if let Some(ack) =
-                        player.dealer_message::<N3f1>(pk.clone(), pub_msg.clone(), priv_msg)
-                    {
-                        dealer.receive_player_ack(target_pk.clone(), ack).unwrap();
-                    }
-                }
-            }
-            logs.record(pk, dealer.finalize::<N3f1>().check(&info).unwrap().1);
-        }
-
-        Self { info, me, logs }
-    }
-
-    fn pre_finalize(&self) -> (Player<V, PrivateKey>, Logs<V, PublicKey, N3f1>) {
-        (
-            Player::<MinSig, PrivateKey>::new(self.info.clone(), self.me.clone()).unwrap(),
-            self.logs.clone(),
-        )
-    }
-}
-
-// Configure contributors based on context
-cfg_if::cfg_if! {
-    if #[cfg(full_bench)] {
-        const CONTRIBUTORS: &[u32] = &[5, 10, 20, 50, 100, 250, 500];
-        const CONCURRENCY: &[usize] = &[1, 4, 8];
-    } else {
-        const CONTRIBUTORS: &[u32] = &[5, 10, 20, 50];
-        const CONCURRENCY: &[usize] = &[1];
-    }
-}
-
-fn bench_dkg(c: &mut Criterion, reshare: bool) {
-    let suffix = if reshare {
-        "_reshare_recovery"
-    } else {
-        "_recovery"
-    };
-    let mut rng = StdRng::seed_from_u64(0);
-    for &n in CONTRIBUTORS {
-        let t = N3f1::quorum(n);
-        let bench = Bench::new(&mut rng, reshare, n);
-        for &concurrency in CONCURRENCY {
-            let strategy = Rayon::new(NZUsize!(concurrency)).unwrap();
-            c.bench_function(
-                &format!(
-                    "{}{}/n={} t={} conc={}",
-                    module_path!(),
-                    suffix,
-                    n,
-                    t,
-                    concurrency,
-                ),
-                |b| {
-                    b.iter_batched(
-                        || bench.pre_finalize(),
-                        |(player, logs)| {
-                            let mut finalize_rng = StdRng::seed_from_u64(0);
-                            if concurrency > 1 {
-                                black_box(
-                                    player
-                                        .finalize::<N3f1, Batch>(&mut finalize_rng, logs, &strategy)
-                                        .unwrap(),
-                                );
-                            } else {
-                                black_box(
-                                    player
-                                        .finalize::<N3f1, Batch>(
-                                            &mut finalize_rng,
-                                            logs,
-                                            &Sequential,
-                                        )
-                                        .unwrap(),
-                                );
-                            }
-                        },
-                        BatchSize::SmallInput,
-                    );
-                },
-            );
-        }
-    }
-}
-
-fn bench_dkg_recovery(c: &mut Criterion) {
-    bench_dkg(c, false);
-}
-
-fn bench_dkg_reshare_recovery(c: &mut Criterion) {
-    bench_dkg(c, true);
-}
-
-criterion_group! {
-    name = benches;
-    config = Criterion::default().sample_size(10);
-    targets = bench_dkg_recovery, bench_dkg_reshare_recovery
-}
+pub mod feldman_desmedt;
+pub mod golden;