Open SK0M0R0H opened 4 years ago
Hi,
You are right, good eye! However, let me add in some context:
Gonna open up an issue for revealing the commitment. Thanks !
@SK0M0R0H Just want to flag out here that I've rewrote a new DKG library and I've put that public commitment in the clear now; it's on a fork of kyber though. https://github.com/drand/kyber/blob/master/share/dkg/structs.go#L97
@nikkolasg Thank you!
Hello! According to the original papers, a dealer of the VSS/DKG schemes has to broadcast polynomials commitments (Deal.Commitments in Kyber). In Kyber, these commitments are encrypted together with deals. So a malicious party can send different deals (given from different polynomials) to different parties. For Rabin's DKG, it will be revealed in the second phase. But in the original version, this would have been revealed in the first phase and the party would not have got into the QUAL set. Maybe I missed something, why did you change this "broadcast rule"?