Skip to main content

BluePallas

frost_bluepallas

Struct BluePallas 

Source 
pub struct BluePallas<M>(pub(crate) PhantomData<M>);
Expand description

The BluePallas ciphersuite, which uses the Pallas curve and Poseidon hash function.

Note that this ciphersuite is used for FROST signatures in the Mina protocol and has a lot of Mina-specific logic This library SHOULD not be treated as a general-purpose BluePallas ciphersuite, but rather as a Mina-specific implementation.

Tuple Fields§

§0: PhantomData<M>

Trait Implementations§

Source§

impl<M> Ciphersuite for BluePallas<M>
where M: ChallengeMessage,

Source§

fn pre_commitment_aggregate<'a>( signing_package: &'a SigningPackage<Self>, binding_factor_list: &'a BindingFactorList<Self>, ) -> Result<Cow<'a, SigningPackage<Self>>, Error<Self>>

This performs the same functionality as Self::pre_commitment_sign, but instead only negates commitments because the coordinator is not able to receive any nonces. Naturally, this is called by the coordinator in the crate::aggregate function.

Source§

fn pre_commitment_sign<'a>( signing_package: &'a SigningPackage<Self>, signing_nonces: &'a SigningNonces<Self>, binding_factor_list: &'a BindingFactorList<Self>, ) -> Result<(Cow<'a, SigningPackage<Self>>, Cow<'a, SigningNonces<Self>>), Error<Self>>

This functions computes the group commitment and checks whether the y-coordinate of the group commitment is even, as required by the Mina protocol. If the group commitment is not even, it negates the nonces and commitments This will be called by each individual signer during round2::sign

Source§

const ID: &'static str = CONTEXT_STRING

The ciphersuite ID string. It should be equal to the contextString in the spec. For new ciphersuites, this should be a string that identifies the ciphersuite; it’s recommended to use a similar format to the ciphersuites in the FROST spec, e.g. “FROST-RISTRETTO255-SHA512-v1”.
Source§

type Group = PallasGroup

The prime order group (or subgroup) that this ciphersuite operates over.
Source§

type HashOutput = [u8; 32]

A unique byte array of fixed length.
Source§

type SignatureSerialization = [u8; 32]

A unique byte array of fixed length that is the Group::ElementSerialization + Group::ScalarSerialization
Source§

fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar

H1 for a FROST ciphersuite. Read more
Source§

fn H2(_m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar

H2 for a FROST ciphersuite. Read more
Source§

fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar

H3 for a FROST ciphersuite. Read more
Source§

fn H4(m: &[u8]) -> Self::HashOutput

H4 for a FROST ciphersuite. Read more
Source§

fn H5(m: &[u8]) -> Self::HashOutput

H5 for a FROST ciphersuite. Read more
Source§

fn HDKG(m: &[u8]) -> Option<<<Self::Group as Group>::Field as Field>::Scalar>

Hash function for a FROST ciphersuite, used for the DKG. Read more
Source§

fn HID(m: &[u8]) -> Option<<<Self::Group as Group>::Field as Field>::Scalar>

Hash function for a FROST ciphersuite, used for deriving identifiers from strings. Read more
Source§

fn challenge( r: &Element<Self>, verifying_key: &VerifyingKey<Self>, message: &[u8], ) -> Result<Challenge<Self>, Error<Self>>

Optional. Generates the challenge as is required for Schnorr signatures. Called by [round2::sign()] and [crate::aggregate()].
§

fn single_sign<R>( signing_key: &SigningKey<Self>, rng: R, message: &[u8], ) -> Signature<Self>
where R: RngCore + CryptoRng,

Optional. Do regular (non-FROST) signing with a [SigningKey]. Called by [SigningKey::sign()]. This is not used by FROST. Can be overridden if required which is useful if FROST signing has been changed by the other Ciphersuite trait methods and regular signing should be changed accordingly to match.
§

fn verify_signature( message: &[u8], signature: &Signature<Self>, public_key: &VerifyingKey<Self>, ) -> Result<(), Error<Self>>

Optional. Verify a signature for this ciphersuite. Called by [VerifyingKey::verify()]. The default implementation uses the “cofactored” equation (it multiplies by the cofactor returned by Group::cofactor()). Read more
§

fn pre_sign<'a>( signing_package: &'a SigningPackage<Self>, signer_nonces: &'a SigningNonces<Self>, key_package: &'a KeyPackage<Self>, ) -> Result<(Cow<'a, SigningPackage<Self>>, Cow<'a, SigningNonces<Self>>, Cow<'a, KeyPackage<Self>>), Error<Self>>

Optional. Pre-process [round2::sign()] inputs. The default implementation returns them as-is. Cow is used so implementations can choose to return the same passed reference or a modified clone.
§

fn pre_aggregate<'a>( signing_package: &'a SigningPackage<Self>, signature_shares: &'a BTreeMap<Identifier<Self>, SignatureShare<Self>>, public_key_package: &'a PublicKeyPackage<Self>, ) -> Result<(Cow<'a, SigningPackage<Self>>, Cow<'a, BTreeMap<Identifier<Self>, SignatureShare<Self>>>, Cow<'a, PublicKeyPackage<Self>>), Error<Self>>

Optional. Pre-process [crate::aggregate()] and [crate::verify_signature_share()] inputs. In the latter case, “dummy” container BTreeMap and PublicKeyPackage are passed with the relevant values (PublicKeyPackage.min_signers will be None). The default implementation returns them as-is. Cow is used so implementations can choose to return the same passed reference or a modified clone.
§

fn pre_verify<'a>( msg: &'a [u8], signature: &'a Signature<Self>, public_key: &'a VerifyingKey<Self>, ) -> Result<(Cow<'a, [u8]>, Cow<'a, Signature<Self>>, Cow<'a, VerifyingKey<Self>>), Error<Self>>

Optional. Pre-process [VerifyingKey::verify()] inputs. The default implementation returns them as-is. Cow is used so implementations can choose to return the same passed reference or a modified clone.
§

fn generate_nonce<R>( rng: &mut R, ) -> (<<Self::Group as Group>::Field as Field>::Scalar, <Self::Group as Group>::Element)
where R: RngCore + CryptoRng,

Optional. Generate a nonce and a commitment to it. Used by [SigningKey] for regular (non-FROST) signing and internally by the DKG to generate proof-of-knowledge signatures.
§

fn compute_signature_share( _group_commitment: &GroupCommitment<Self>, signer_nonces: &SigningNonces<Self>, binding_factor: BindingFactor<Self>, lambda_i: <<Self::Group as Group>::Field as Field>::Scalar, key_package: &KeyPackage<Self>, challenge: Challenge<Self>, ) -> SignatureShare<Self>

Optional. Compute the signature share for a particular signer on a given challenge. Called by [round2::sign()].
§

fn verify_share( _group_commitment: &GroupCommitment<Self>, signature_share: &SignatureShare<Self>, identifier: Identifier<Self>, group_commitment_share: &GroupCommitmentShare<Self>, verifying_share: &VerifyingShare<Self>, lambda_i: <<Self::Group as Group>::Field as Field>::Scalar, challenge: &Challenge<Self>, ) -> Result<(), Error<Self>>

Optional. Verify a signing share. Called by [crate::aggregate()] if cheater detection is enabled.
§

fn serialize_signature( signature: &Signature<Self>, ) -> Result<Vec<u8>, Error<Self>>

Optional. Converts a signature to its Ciphersuite::SignatureSerialization in bytes. Read more
§

fn deserialize_signature(bytes: &[u8]) -> Result<Signature<Self>, Error<Self>>

Optional. Converts bytes as Ciphersuite::SignatureSerialization into a Signature<C>. Read more
§

fn post_dkg( key_package: KeyPackage<Self>, public_key_package: PublicKeyPackage<Self>, ) -> Result<(KeyPackage<Self>, PublicKeyPackage<Self>), Error<Self>>

Post-process the output of the DKG for a given participant.
§

fn post_generate( secret_shares: BTreeMap<Identifier<Self>, SecretShare<Self>>, public_key_package: PublicKeyPackage<Self>, ) -> Result<(BTreeMap<Identifier<Self>, SecretShare<Self>>, PublicKeyPackage<Self>), Error<Self>>

Post-process the output of the key generation for a participant.
Source§

impl<M> Clone for BluePallas<M>

Source§

fn clone(&self) -> Self

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<M: Debug> Debug for BluePallas<M>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<M: PartialEq> PartialEq for BluePallas<M>

Source§

fn eq(&self, other: &BluePallas<M>) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<M> Copy for BluePallas<M>

Source§

impl<M: Eq> Eq for BluePallas<M>

Source§

impl<M> StructuralPartialEq for BluePallas<M>

Auto Trait Implementations§

§

impl<M> Freeze for BluePallas<M>

§

impl<M> RefUnwindSafe for BluePallas<M>
where M: RefUnwindSafe,

§

impl<M> Send for BluePallas<M>
where M: Send,

§

impl<M> Sync for BluePallas<M>
where M: Sync,

§

impl<M> Unpin for BluePallas<M>
where M: Unpin,

§

impl<M> UnsafeUnpin for BluePallas<M>

§

impl<M> UnwindSafe for BluePallas<M>
where M: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> Conv for T

§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<T> FmtForward for T

§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> Pipe for T
where T: ?Sized,

§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
§

impl<T> Tap for T

§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
§

impl<T> TryConv for T

§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V