aboutsummaryrefslogtreecommitdiffstats
path: root/DKG+TSIG-Protocol.md
blob: 3b8033f35d61b70928e96616f858d59f31c63f1a (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

DEXON DKG+TSIG Protocol
===========================
### Parameter
* λ = One gossip time
* Signature = [BLS](https://en.wikipedia.org/wiki/Boneh%E2%80%93Lynn%E2%80%93Shacham)
* Curve = CurveFp382_2
* t = <img src="https://latex.codecogs.com/svg.latex?\inline%20\frac{1}{3}n+1" />

Phase 1 ID Registration 
-------
### @ T < 0

Each validator registers its ID with stack.

Phase 2 Secret Key Share Exchange
-------
### @ T = 0
Each validator `i` generates `n` (`n` = # of ID registered in phase 1) secret key shares (`SK_i,0, SK_i,1, ..., SK_i,n`) of order `t` and the secret key share is sent to the corresponding validator (`SK_i,j` is sent to validator `j`) via a secure channel.

Each validator `i` broadcasts the master public key (`MPK_i = {MPK_i,0, MPK_i,1, ..., MPK_i,t}`) of order `t` associated with the secret key shares.

Phase 3 Complaint
-------
### @ T = (0, λ)
Each validator `i` calculates public key shares (`PK_0,i, PK_1,i, ..., PK_n,i`) using corresponding master public key (`PK_j,i = F(MPK_j, i)`).

Each validator `i` verifies if the secret key share `SK_i,j` is associated with the public key share of validator `j`, `PK_i,j`. If the verification fails, `i` broadcast complaint of `j`, `CMP_i,j`.

Phase 4 Rebroadcast Complaint
-------
### @ T = (λ, 2λ)
If `CMP_i,j` is received for first time, broadcast received `CMP_i,j`.

Phase 5 Sign with CSK
-------
### @ T = 3λ
If there are more than `t` complaints to validator `j` (<img src="https://latex.codecogs.com/svg.latex?\inline%20\sum_{i}%20CMP_{i,j}%20>%20t" /> (`i` : for all validator `i`)), then `j` is marked as **Disqualified**.

Each validator `i` determines the combined secret key, <img src="https://latex.codecogs.com/svg.latex?\inline%20CSK_{i}%20=%20\sum_{k}%20SK_{k,i}" /> (`k`: validator `k` is not marked as **Disqualified**)

Each validator `i` sign the message with `CSK_i` and broadcast the partial signature, `PSign_i`.

Each validator `i` determines the combined public key of validator `j`, <img src="https://latex.codecogs.com/svg.latex?\inline%20CPK_{j}%20=%20\sum_{k}%20PK_{k,j}" /> (`k`: validator `k` is not marked as **Disqualified**)

Phase 6 TSIG
-------
### @ T = (3λ, +inf)
If validator `i` is not **Disqualified**, verify `PSign_i` with `CPK_i`.

Collect more than `t` valid `PSign_i` and recover TSIG, `TSIG`.

Phase 7 Verify TSIG
-------
Determines the group public key, <img src="https://latex.codecogs.com/svg.latex?\inline%20GPK%20=%20\sum_{k}%20MPK_{k,0}" /> (`k`: validator `k` is not marked as **Disqualified**)

Verify `TSIG` with `GPK`.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 04:11:25 +0800