@@ -363,7 +363,7 @@ where
363363 . map_err ( SigningError :: ReceiveMessage ) ?;
364364 self . tracer . msgs_received ( ) ;
365365
366- // Ensure reliability of round1a: broadcast hash(ciphertexts)
366+ // Step 1. Ensure reliability of round1a: broadcast hash(ciphertexts)
367367 self . tracer . stage ( "Hash received msgs (reliability check)" ) ;
368368 let ciphertexts_hash = ciphertexts
369369 . iter_including_me ( & MsgRound1a {
@@ -383,7 +383,7 @@ where
383383 . map_err ( SigningError :: SendError ) ?;
384384 self . tracer . msg_sent ( ) ;
385385
386- // Step 1 . Verify proofs
386+ // Step 2 . Verify proofs
387387 self . tracer . stage ( "Verify ψ0 proofs" ) ;
388388 {
389389 let mut faulty_parties = vec ! [ ] ;
@@ -414,29 +414,7 @@ where
414414 }
415415 }
416416
417- // Ensure reliability of round1a: receive hash(ciphertexts) from others
418- {
419- self . tracer . receive_msgs ( ) ;
420- let round1a_hashes = rounds
421- . complete ( round1a_sync)
422- . await
423- . map_err ( SigningError :: ReceiveMessage ) ?;
424- self . tracer . msgs_received ( ) ;
425- self . tracer
426- . stage ( "Assert other parties hashed messages (reliability check)" ) ;
427- let parties_have_different_hashes = round1a_hashes
428- . into_iter_indexed ( )
429- . filter ( |( _j, _msg_id, hash) | hash. 0 != ciphertexts_hash)
430- . map ( |( j, msg_id, _) | ( j, msg_id) )
431- . collect :: < Vec < _ > > ( ) ;
432- if !parties_have_different_hashes. is_empty ( ) {
433- return Err (
434- SigningAborted :: Round1aNotReliable ( parties_have_different_hashes) . into ( ) ,
435- ) ;
436- }
437- }
438-
439- // Step 2
417+ // Step 3
440418 let Γ_i = Point :: generator ( ) * & y_i;
441419 let J = BigNumber :: one ( ) << ( L :: ELL_PRIME + 1 ) ;
442420
@@ -589,7 +567,29 @@ where
589567 // Round 3
590568 self . tracer . round_begins ( ) ;
591569
592- // Step 1
570+ // Step 1. Ensure reliability of round1a: receive hash(ciphertexts) from others
571+ {
572+ self . tracer . receive_msgs ( ) ;
573+ let round1a_hashes = rounds
574+ . complete ( round1a_sync)
575+ . await
576+ . map_err ( SigningError :: ReceiveMessage ) ?;
577+ self . tracer . msgs_received ( ) ;
578+ self . tracer
579+ . stage ( "Assert other parties hashed messages (reliability check)" ) ;
580+ let parties_have_different_hashes = round1a_hashes
581+ . into_iter_indexed ( )
582+ . filter ( |( _j, _msg_id, hash) | hash. 0 != ciphertexts_hash)
583+ . map ( |( j, msg_id, _) | ( j, msg_id) )
584+ . collect :: < Vec < _ > > ( ) ;
585+ if !parties_have_different_hashes. is_empty ( ) {
586+ return Err (
587+ SigningAborted :: Round1aNotReliable ( parties_have_different_hashes) . into ( ) ,
588+ ) ;
589+ }
590+ }
591+
592+ // Step 2
593593 self . tracer . receive_msgs ( ) ;
594594 let round2_msgs = rounds
595595 . complete ( round2)
@@ -607,69 +607,56 @@ where
607607 let enc_j = encryption_key_from_n ( & aux_j. N ) ;
608608
609609 self . tracer . stage ( "Validate ψ" ) ;
610- let ψ_invalid = {
611- let data = π_aff:: Data {
610+ let ψ_invalid = π_aff:: non_interactive:: verify (
611+ parties_shared_state. clone ( ) ,
612+ & aux_i. into ( ) ,
613+ & π_aff:: Data {
612614 key0 : enc_i. clone ( ) ,
613615 key1 : enc_j. clone ( ) ,
614- // c: msg.D.clone(),
615- // d: K_i.clone(),
616616 c : K_i . clone ( ) ,
617617 d : msg. D . clone ( ) ,
618618 y : msg. F . clone ( ) ,
619619 x : msg. Γ ,
620- } ;
621- π_aff:: non_interactive:: verify (
622- parties_shared_state. clone ( ) ,
623- & aux_i. into ( ) ,
624- & data,
625- & msg. ψ . 0 ,
626- & security_params. π_aff ,
627- & msg. ψ . 1 ,
628- )
629- . err ( )
630- } ;
620+ } ,
621+ & msg. ψ . 0 ,
622+ & security_params. π_aff ,
623+ & msg. ψ . 1 ,
624+ )
625+ . err ( ) ;
631626
632627 self . tracer . stage ( "Validate ψˆ" ) ;
633- let ψˆ_invalid = {
634- let data = π_aff:: Data {
628+ let ψˆ_invalid = π_aff:: non_interactive:: verify (
629+ parties_shared_state. clone ( ) ,
630+ & aux_i. into ( ) ,
631+ & π_aff:: Data {
635632 key0 : enc_i. clone ( ) ,
636633 key1 : enc_j. clone ( ) ,
637- // c: msg.Dˆ.clone(),
638- // d: K_i.clone(),
639634 c : K_i . clone ( ) ,
640635 d : msg. Dˆ . clone ( ) ,
641636 y : msg. Fˆ . clone ( ) ,
642637 x : X_j ,
643- } ;
644- π_aff:: non_interactive:: verify (
645- parties_shared_state. clone ( ) ,
646- & aux_i. into ( ) ,
647- & data,
648- & msg. ψˆ . 0 ,
649- & security_params. π_aff ,
650- & msg. ψˆ . 1 ,
651- )
652- . err ( )
653- } ;
638+ } ,
639+ & msg. ψˆ . 0 ,
640+ & security_params. π_aff ,
641+ & msg. ψˆ . 1 ,
642+ )
643+ . err ( ) ;
654644
655645 self . tracer . stage ( "Validate ψ_prime" ) ;
656- let ψ_prime_invalid = {
657- let data = π_log:: Data {
646+ let ψ_prime_invalid = π_log:: non_interactive:: verify (
647+ parties_shared_state. clone ( ) ,
648+ & aux_i. into ( ) ,
649+ & π_log:: Data {
658650 key0 : enc_j. clone ( ) ,
659651 c : ciphertexts. G . clone ( ) ,
660652 x : msg. Γ ,
661653 g : Point :: < E > :: generator ( ) . to_point ( ) ,
662- } ;
663- π_log:: non_interactive:: verify (
664- parties_shared_state. clone ( ) ,
665- & aux_i. into ( ) ,
666- & data,
667- & msg. ψ_prime . 0 ,
668- & security_params. π_log ,
669- & msg. ψ_prime . 1 ,
670- )
671- . err ( )
672- } ;
654+ } ,
655+ & msg. ψ_prime . 0 ,
656+ & security_params. π_log ,
657+ & msg. ψ_prime . 1 ,
658+ )
659+ . err ( ) ;
673660
674661 if ψ_invalid. is_some ( ) || ψˆ_invalid. is_some ( ) || ψ_prime_invalid. is_some ( ) {
675662 faulty_parties. push ( (
@@ -685,13 +672,9 @@ where
685672 return Err ( SigningAborted :: InvalidΨ ( faulty_parties) . into ( ) ) ;
686673 }
687674
688- // Step 2
675+ // Step 3
689676 self . tracer . stage ( "Compute Γ, Delta_i, delta_i, chi_i" ) ;
690- let Γ = Γ_i
691- + round2_msgs
692- . iter_indexed ( )
693- . map ( |( _, _, msg) | msg. Γ )
694- . sum :: < Point < E > > ( ) ;
677+ let Γ = Γ_i + round2_msgs. iter ( ) . map ( |msg| msg. Γ ) . sum :: < Point < E > > ( ) ;
695678 let Delta_i = Γ * & k_i;
696679
697680 let α_sum =
0 commit comments