Skip to content

Commit 9543b20

Browse files
nickfarrownickfarrow
committed
Fix keygen_id
Signed-off-by: nickfarrow <[email protected]>
1 parent 5c842e3 commit 9543b20

File tree

1 file changed

+12
-10
lines changed

1 file changed

+12
-10
lines changed

schnorr_fun/src/frost.rs

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ use secp256kfun::{
2121
derive_nonce,
2222
digest::{generic_array::typenum::U32, Digest},
2323
g,
24-
hash::HashAdd,
24+
hash::{HashAdd, Tagged},
2525
marker::*,
2626
nonce::{AddTag, NonceGen},
2727
rand_core, s, Point, Scalar, G,
@@ -35,12 +35,12 @@ pub struct Frost<H, NG: AddTag> {
3535
keygen_id_hash: H,
3636
}
3737

38-
impl<H: Clone, NG: AddTag + Clone> Frost<H, NG> {
38+
impl<H: Tagged, NG: AddTag + Clone> Frost<H, NG> {
3939
/// Generate a new Frost context from a Schnorr context.
4040
pub fn new(schnorr: Schnorr<H, NG>) -> Self {
4141
Self {
4242
schnorr: schnorr.clone(),
43-
keygen_id_hash: schnorr.challenge_hash,
43+
keygen_id_hash: H::default().tagged(b"frost/keygenid"),
4444
}
4545
}
4646
}
@@ -173,7 +173,7 @@ impl<Z> PointPoly<Z> {
173173
#[derive(Clone, Debug)]
174174
pub struct KeyGen {
175175
point_polys: Vec<PointPoly>,
176-
keygen_id: Scalar,
176+
keygen_id: [u8; 32],
177177
frost_key: FrostKey,
178178
}
179179

@@ -342,7 +342,7 @@ impl<H: Digest<OutputSize = U32> + Clone, NG: AddTag + NonceGen> Frost<H, NG> {
342342
let key_pair = self.schnorr.new_keypair(scalar_poly.0[0].clone());
343343
let pop = self.schnorr.sign(
344344
&key_pair,
345-
Message::<Public>::plain("frost-pop", &KeyGen.keygen_id.to_bytes()),
345+
Message::<Public>::plain("frost-pop", &KeyGen.keygen_id),
346346
);
347347

348348
let shares = (1..=KeyGen.point_polys.len())
@@ -364,7 +364,7 @@ impl<H: Digest<OutputSize = U32> + Clone, NG: AddTag> Frost<H, NG> {
364364

365365
self.schnorr.verify(
366366
&even_poly_point,
367-
Message::<Public>::plain("frost-pop", &KeyGen.keygen_id.to_bytes()),
367+
Message::<Public>::plain("frost-pop", &KeyGen.keygen_id),
368368
&pop,
369369
)
370370
}
@@ -381,8 +381,8 @@ impl<H: Digest<OutputSize = U32> + Clone, NG: AddTag> Frost<H, NG> {
381381
///
382382
/// Returns a KeyGen
383383
pub fn new_keygen(&self, point_polys: Vec<PointPoly>) -> Result<KeyGen, NewKeyGenError> {
384+
let len_first_poly = point_polys[0].poly_len();
384385
{
385-
let len_first_poly = point_polys[0].poly_len();
386386
if let Some((i, _)) = point_polys
387387
.iter()
388388
.enumerate()
@@ -406,12 +406,14 @@ impl<H: Digest<OutputSize = U32> + Clone, NG: AddTag> Frost<H, NG> {
406406
.into_point_with_even_y();
407407

408408
let mut keygen_hash = self.keygen_id_hash.clone();
409-
for poly in point_polys.clone() {
409+
keygen_hash.update((len_first_poly as u32).to_be_bytes());
410+
keygen_hash.update((point_polys.len() as u32).to_be_bytes());
411+
for poly in &point_polys {
410412
for point in poly.0.iter() {
411-
keygen_hash = keygen_hash.add(point);
413+
keygen_hash.update(point.to_bytes());
412414
}
413415
}
414-
let keygen_id = Scalar::from_hash(keygen_hash);
416+
let keygen_id = keygen_hash.finalize().into();
415417

416418
let verification_shares = (1..=point_polys.len())
417419
.map(|i| joint_poly.eval(i as u32).normalize().mark::<NonZero>())

0 commit comments

Comments
 (0)