// Copyright 2018 The dexon-consensus-core Authors
// This file is part of the dexon-consensus-core library.
//
// The dexon-consensus-core library is free software: you can redistribute it
// and/or modify it under the terms of the GNU Lesser General Public License as
// published by the Free Software Foundation, either version 3 of the License,
// or (at your option) any later version.
//
// The dexon-consensus-core library is distributed in the hope that it will be
// useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
// General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the dexon-consensus-core library. If not, see
// <http://www.gnu.org/licenses/>.
package core
import (
"testing"
"github.com/stretchr/testify/suite"
"github.com/dexon-foundation/dexon-consensus-core/core/test"
"github.com/dexon-foundation/dexon-consensus-core/core/types"
"github.com/dexon-foundation/dexon-consensus-core/crypto"
"github.com/dexon-foundation/dexon-consensus-core/crypto/dkg"
"github.com/dexon-foundation/dexon-consensus-core/crypto/eth"
)
type DKGTSIGProtocolTestSuite struct {
suite.Suite
vIDs types.ValidatorIDs
dkgIDs map[types.ValidatorID]dkg.ID
prvKeys map[types.ValidatorID]crypto.PrivateKey
}
type testDKGReceiver struct {
s *DKGTSIGProtocolTestSuite
prvKey crypto.PrivateKey
complaints map[types.ValidatorID]*types.DKGComplaint
mpk *types.DKGMasterPublicKey
prvShare map[types.ValidatorID]*types.DKGPrivateShare
}
func newTestDKGReceiver(
s *DKGTSIGProtocolTestSuite, prvKey crypto.PrivateKey) *testDKGReceiver {
return &testDKGReceiver{
s: s,
prvKey: prvKey,
complaints: make(map[types.ValidatorID]*types.DKGComplaint),
prvShare: make(map[types.ValidatorID]*types.DKGPrivateShare),
}
}
func (r *testDKGReceiver) ProposeDKGComplaint(complaint *types.DKGComplaint) {
var err error
complaint.Signature, err = r.prvKey.Sign(hashDKGComplaint(complaint))
r.s.Require().NoError(err)
r.complaints[complaint.PrivateShare.ProposerID] = complaint
}
func (r *testDKGReceiver) ProposeDKGMasterPublicKey(
mpk *types.DKGMasterPublicKey) {
var err error
mpk.Signature, err = r.prvKey.Sign(hashDKGMasterPublicKey(mpk))
r.s.Require().NoError(err)
r.mpk = mpk
}
func (r *testDKGReceiver) ProposeDKGPrivateShare(
to types.ValidatorID, prv *types.DKGPrivateShare) {
var err error
prv.Signature, err = r.prvKey.Sign(hashDKGPrivateShare(prv))
r.s.Require().NoError(err)
r.prvShare[to] = prv
}
func (s *DKGTSIGProtocolTestSuite) setupDKGParticipants(n int) {
s.vIDs = make(types.ValidatorIDs, 0, n)
s.prvKeys = make(map[types.ValidatorID]crypto.PrivateKey, n)
s.dkgIDs = make(map[types.ValidatorID]dkg.ID)
ids := make(dkg.IDs, 0, n)
for i := 0; i < n; i++ {
prvKey, err := eth.NewPrivateKey()
s.Require().NoError(err)
vID := types.NewValidatorID(prvKey.PublicKey())
s.vIDs = append(s.vIDs, vID)
s.prvKeys[vID] = prvKey
id := dkg.NewID(vID.Hash[:])
ids = append(ids, id)
s.dkgIDs[vID] = id
}
}
func (s *DKGTSIGProtocolTestSuite) newProtocols(k, n int, round uint64) (
map[types.ValidatorID]*testDKGReceiver, map[types.ValidatorID]*dkgProtocol) {
s.setupDKGParticipants(n)
receivers := make(map[types.ValidatorID]*testDKGReceiver, n)
protocols := make(map[types.ValidatorID]*dkgProtocol, n)
for _, vID := range s.vIDs {
receivers[vID] = newTestDKGReceiver(s, s.prvKeys[vID])
protocols[vID] = newDKGProtocol(
vID,
receivers[vID],
round,
k,
eth.SigToPub,
)
s.Require().NotNil(receivers[vID].mpk)
}
return receivers, protocols
}
// TestDKGTSIGProtocol will test the entire DKG+TISG protocol including
// exchanging private shares, recovering share secret, creating partial sign and
// recovering threshold signature.
// All participants are good people in this test.
func (s *DKGTSIGProtocolTestSuite) TestDKGTSIGProtocol() {
k := 3
n := 10
round := uint64(1)
gov, err := test.NewGovernance(5, 100)
s.Require().NoError(err)
receivers, protocols := s.newProtocols(k, n, round)
for _, receiver := range receivers {
gov.AddDKGMasterPublicKey(receiver.mpk)
}
for _, protocol := range protocols {
s.Require().NoError(
protocol.processMasterPublicKeys(gov.DKGMasterPublicKeys(round)))
}
for _, receiver := range receivers {
s.Require().Len(receiver.prvShare, n)
for vID, prvShare := range receiver.prvShare {
s.Require().NoError(protocols[vID].processPrivateShare(prvShare))
}
}
for _, protocol := range protocols {
protocol.proposeNackComplaints()
}
for _, recv := range receivers {
s.Require().Len(recv.complaints, 0)
}
// DKG is fininished.
gpk, err := newDKGGroupPublicKey(round,
gov.DKGMasterPublicKeys(round), gov.DKGComplaints(round),
k, eth.SigToPub,
)
s.Require().NoError(err)
s.Require().Len(gpk.qualifyIDs, n)
qualifyIDs := make(map[dkg.ID]struct{}, len(gpk.qualifyIDs))
for _, id := range gpk.qualifyIDs {
qualifyIDs[id] = struct{}{}
}
shareSecrets := make(
map[types.ValidatorID]*dkgShareSecret, len(qualifyIDs))
for vID, protocol := range protocols {
_, exist := qualifyIDs[s.dkgIDs[vID]]
s.Require().True(exist)
var err error
shareSecrets[vID], err = protocol.recoverShareSecret(gpk.qualifyIDs)
s.Require().NoError(err)
}
tsig := newTSigProtocol(gpk)
msgHash := crypto.Keccak256Hash([]byte("🏖🍹"))
for vID, shareSecret := range shareSecrets {
psig := &types.DKGPartialSignature{
ProposerID: vID,
Round: round,
PartialSignature: shareSecret.sign(msgHash),
}
var err error
psig.Signature, err = s.prvKeys[vID].Sign(hashDKGPartialSignature(psig))
s.Require().NoError(err)
s.Require().NoError(tsig.processPartialSignature(msgHash, psig))
if len(tsig.sigs) > k {
break
}
}
sig, err := tsig.signature()
s.Require().NoError(err)
s.True(gpk.verifySignature(msgHash, sig))
}
func (s *DKGTSIGProtocolTestSuite) TestNackComplaint() {
k := 3
n := 10
round := uint64(1)
gov, err := test.NewGovernance(5, 100)
s.Require().NoError(err)
receivers, protocols := s.newProtocols(k, n, round)
byzantineID := s.vIDs[0]
for _, receiver := range receivers {
gov.AddDKGMasterPublicKey(receiver.mpk)
}
for _, protocol := range protocols {
s.Require().NoError(
protocol.processMasterPublicKeys(gov.DKGMasterPublicKeys(round)))
}
for senderID, receiver := range receivers {
s.Require().Len(receiver.prvShare, n)
if senderID == byzantineID {
continue
}
for vID, prvShare := range receiver.prvShare {
s.Require().NoError(protocols[vID].processPrivateShare(prvShare))
}
}
for _, protocol := range protocols {
protocol.proposeNackComplaints()
}
for _, recv := range receivers {
complaint, exist := recv.complaints[byzantineID]
s.Require().True(exist)
s.True(verifyDKGComplaintSignature(complaint, eth.SigToPub))
}
}
func TestDKGTSIGProtocol(t *testing.T) {
suite.Run(t, new(DKGTSIGProtocolTestSuite))
}