redjubjub icon indicating copy to clipboard operation
redjubjub copied to clipboard

Published 20 hours ago verified publisher icon ZcashFoundation

Share commitments should be vectors

Open upbqdn opened this issue 3 years ago • 0 comments

Description

The field share_commitment https://github.com/ZcashFoundation/redjubjub/blob/3db05e29f7d9e6a62420b928e83b126b75ee8a44/src/messages.rs#L189 should contain a vector of commitments instead of just one commitment.

In our tests, we also consider only the zeroth commitment, which is a commitment to the shared secret, and we don't consider the remaining commitments: https://github.com/ZcashFoundation/redjubjub/blob/3db05e29f7d9e6a62420b928e83b126b75ee8a44/src/messages/tests/integration.rs#L783

Rationale

The field share_commitment, as defined above, should represent the struct ShareCommitment in the FROST implementation: https://github.com/ZcashFoundation/redjubjub/blob/3db05e29f7d9e6a62420b928e83b126b75ee8a44/src/frost.rs#L93

The struct ShareCommitment is a vector, and represents a public commitment C⃗i as defined in step 3, Round 1 of Figure 1 of the FROST paper. This public commitment contains commitments to the individual coefficients of the secret polynomial.

upbqdn avatar Aug 09 '21 11:08 upbqdn