search

ZenGo-X / multi-party-ecdsa

Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).
GNU General Public License v3.0
966 stars 309 forks source link

Value of R remains same every time when we generates `CompletedOfflineStage` with same `s_l` #147

Closed aiyajsupra closed 2 years ago

aiyajsupra commented 2 years ago

We are using 0.7.4 release tag. We have tried to implement GG20 and we are running Offline rounds (1-6) everytime when we generate signature and it gives same R's value in signature even if we are running Offline rounds before generate signature. Attaching logs may be that can help to see an issue.

aiyajsupra commented 2 years ago 

keygen 2:{Keygen at round=1 msgs1=[0/3] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=1]}
keygen 3:{Keygen at round=1 msgs1=[0/3] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=1]}
keygen 4:{Keygen at round=1 msgs1=[0/3] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=1]}
keygen 1:{Keygen at round=2 msgs1=[None] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=2]}
keygen 2:{Keygen at round=2 msgs1=[None] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=2]}
keygen 3:{Keygen at round=2 msgs1=[None] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=2]}
keygen 4:{Keygen at round=2 msgs1=[None] msgs2=[0/3] msgs3=[0/3] msgs4=[0/3] queue=[len=2]}
keygen 1:{Keygen at round=[Final] msgs1=[None] msgs2=[None] msgs3=[None] msgs4=[None] queue=[len=6]}
keygen 2:{Keygen at round=[Final] msgs1=[None] msgs2=[None] msgs3=[None] msgs4=[None] queue=[len=6]}
keygen 3:{Keygen at round=[Final] msgs1=[None] msgs2=[None] msgs3=[None] msgs4=[None] queue=[len=6]}
keygen 4:{Keygen at round=[Final] msgs1=[None] msgs2=[None] msgs3=[None] msgs4=[None] queue=[len=6]}
Public Key:Secp256k1Point { purpose: "combine", ge: PublicKey(c302c99d9dc7b660455f2cf8dfddb83327640c6007211f973e418bcd859ab1baa716880e0d6a50a14ad4fc34e8a68ca838293fa5bcf87dc81965160a89fe13f6) }
Public Key:Secp256k1Point { purpose: "combine", ge: PublicKey(c302c99d9dc7b660455f2cf8dfddb83327640c6007211f973e418bcd859ab1baa716880e0d6a50a14ad4fc34e8a68ca838293fa5bcf87dc81965160a89fe13f6) }
Public Key:Secp256k1Point { purpose: "combine", ge: PublicKey(c302c99d9dc7b660455f2cf8dfddb83327640c6007211f973e418bcd859ab1baa716880e0d6a50a14ad4fc34e8a68ca838293fa5bcf87dc81965160a89fe13f6) }
Public Key:Secp256k1Point { purpose: "combine", ge: PublicKey(c302c99d9dc7b660455f2cf8dfddb83327640c6007211f973e418bcd859ab1baa716880e0d6a50a14ad4fc34e8a68ca838293fa5bcf87dc81965160a89fe13f6) }
0
1
2
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(5fbd1b2a697f775d8856f692a4de7c6e6cfcf7b60e26b825a93f0f47e86e91a2),
    },
    recid: 0,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(5fbd1b2a697f775d8856f692a4de7c6e6cfcf7b60e26b825a93f0f47e86e91a2),
    },
    recid: 0,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(5fbd1b2a697f775d8856f692a4de7c6e6cfcf7b60e26b825a93f0f47e86e91a2),
    },
    recid: 0,
}
==========================Another Signing===========================
0
1
2
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(4bca9616f156d26913ea06688ef48a2bbc5fd801e55f87f484fbca86ae11db59),
    },
    recid: 0,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(4bca9616f156d26913ea06688ef48a2bbc5fd801e55f87f484fbca86ae11db59),
    },
    recid: 0,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "add",
        fe: SecretKey(4bca9616f156d26913ea06688ef48a2bbc5fd801e55f87f484fbca86ae11db59),
    },
    recid: 0,
}
==========================Another Signing===========================
0
1
2
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R1, round1_msgs: [bc 0/2], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 1 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R2, round1_msgs: [gone], round2_msgs: [p2p 0/2], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 3 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R3, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [bc 0/2], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 4 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R4, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [bc 0/2], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 5 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R5, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [bc 0/2], msgs_queue: OutgoingMessages { len: 6 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: R6, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
Offline Stage: OfflineStageProgress { round: Finished, round1_msgs: [gone], round2_msgs: [gone], round3_msgs: [gone], round4_msgs: [gone], round5_msgs: [gone], msgs_queue: OutgoingMessages { len: 7 } }
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(300870f1d97ba277cdba48472fb2f66248834e980865dfa173121eedf03836e0),
    },
    recid: 1,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(300870f1d97ba277cdba48472fb2f66248834e980865dfa173121eedf03836e0),
    },
    recid: 1,
}
SignatureRecid {
    r: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(10f18e01340185215e90bf30e96df1d5f8700c6db2b5132682098f14dd7f4ba9),
    },
    s: Secp256k1Scalar {
        purpose: "from_big_int",
        fe: SecretKey(300870f1d97ba277cdba48472fb2f66248834e980865dfa173121eedf03836e0),
    },
    recid: 1,
}```
DmytroTym commented 2 years ago

It sounds pretty bad as constant R means constant k, even though it's really important that k are newly randomly generated each time. For me, R are different each time. How do you sample k?

aiyajsupra commented 2 years ago

@DmytroTym R means SignatureRecid -> r ( Secp256k1Scalar ).

Doesn't it be different with each Offline stage rounds?

DmytroTym commented 2 years ago

For sure, it has to be different. I'm just saying that if R is the same, then nonce k is probably the same for each offline signature too, which is pretty bad for security. In this library, each party's individual nonces k_i should be sampled randomly at each offline stage, so k should be random too. I.e. R being the same is pretty weird and I'm unable to reproduce it. Did you make any changes to the code, specifically related to generating k_i?

DmytroTym commented 2 years ago

If you did not make any changes to the rounds, could you please post the code that produces such output?

aiyajsupra commented 2 years ago

okay, got it now. In my case, i am using same signers which results in same k for each offline stage. Will check by changing singkeys for each offline stages.

DmytroTym commented 2 years ago

Even if signers and their keys are the same, they should still generate new k at each offline stage. If that's not the case for you, something is wrong.

aiyajsupra commented 2 years ago

You can reproduce issue by running main.rs here:- https://github.com/aiyajsupra/zengo-gg20 R remains same every time when we generate offline stage with same signers

DmytroTym commented 2 years ago

Would it be correct to say that in the run_signing method you don't change the value of the offline_output_vec vector, which is used to sign messages? You run the offline stage for each signature but use a different vector there - offline_stage_vec. Thus, offline_output_vec stays unchanged and rightfully produces the same R each time. s changes since messages that are signed are different each time. PS. Tools for simulating keygen and signing like the ones you built are already available in the library, see this test as an example of something really similar to what you've done: https://github.com/ZenGo-X/multi-party-ecdsa/blob/master/src/protocols/multi_party_ecdsa/gg_2020/state_machine/sign.rs#L743 PPS. For actual deployment of the library see tips in this issue: https://github.com/ZenGo-X/multi-party-ecdsa/issues/139

aiyajsupra commented 2 years ago

Thanks. it worked

survived commented 2 years ago

@aiyajsupra can the issue be closed? Probably the real issue here is that we don't have gg20 examples yet, but it should be addressed soon 🙂