jeffallen
commented
5 years ago This draft is expired and no longer interesting to implement.
Closed jeffallen closed 5 years ago
jeffallen
commented
5 years ago This draft is expired and no longer interesting to implement.
This draft describes COSI: https://tools.ietf.org/html/draft-ford-cfrg-cosi-00
sign/cosi/cosi.go must implement the draft (and the draft might need to be updated to explain things like how many bytes are appended to R || s when the number of public keys is not a multiple of 8, and that the mask is little endian)
In the internet draft, the mask is an exception mask, indicating which keys are missing from the signature ("For each participant i who is present in N but not in M set the i-th bit of Z to 1") but in sign/cosi, the mask seems to be an inclusion mask.
The current docs for SetMask say: // SetMask sets the participation bitmask according to the given byte slice // interpreted in little-endian order, i.e., bits 0-7 of byte 0 correspond to // cosigners 0-7, bits 0-7 of byte 1 correspond to cosigners 8-15, etc.