issues
search
dfns
/
cggmp21
State-of-art threshold ECDSA in Rust
Apache License 2.0
41
stars
6
forks
source link
Add methods to precompute data to `PartyAux`
#62
Closed
survived
closed
9 months ago
github-actions[bot]
commented
9 months ago
Benchmark Result
Benchmarks
```text RUST_TESTS_SEED=46b8d13edf1690b7fe1c064afa3093f70e445cb8994202f9724661e17573f037 n = 3 Non-threshold DKG Protocol Performance: - Protocol took 638.61µs to complete In particular: - Setup: 4.70µs - Setup networking: 4.20µs (89.4%) - Unstaged: 500.00ns (10.6%) - Round 1: 168.30µs - Compute execution id: 300.00ns (0.2%) - Sample x_i, rid_i: 75.70µs (45.0%) - Sample schnorr commitment: 66.50µs (39.5%) - Commit to public data: 25.40µs (15.1%) - Unstaged: 400.00ns (0.2%) - Round 2: 4.10µs - Hash received msgs (reliability check): 3.90µs (95.1%) - Unstaged: 200.00ns (4.9%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 300.00ns (75.0%) - Unstaged: 100.00ns (25.0%) - Round 4: 59.50µs - Validate decommitments: 56.50µs (95.0%) - Calculate challege rid: 2.30µs (3.9%) - Prove knowledge of `x_i`: 400.00ns (0.7%) - Unstaged: 300.00ns (0.5%) - Round 5: 401.61µs - Validate schnorr proofs: 400.91µs (99.8%) - Unstaged: 700.00ns (0.2%) Threshold DKG Protocol Performance: - Protocol took 1.43ms to complete In particular: - Setup: 3.70µs - Setup networking: 3.60µs (97.3%) - Unstaged: 100.00ns (2.7%) - Round 1: 229.31µs - Compute execution id: 200.00ns (0.1%) - Sample rid_i, schnorr commitment, polynomial: 200.70µs (87.5%) - Commit to public data: 28.00µs (12.2%) - Unstaged: 400.00ns (0.2%) - Round 2: 4.10µs - Hash received msgs (reliability check): 3.90µs (95.1%) - Unstaged: 200.00ns (4.9%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 200.00ns (50.0%) - Unstaged: 200.00ns (50.0%) - Round 4: 890.52µs - Validate decommitments: 55.10µs (6.2%) - Validate data size: 400.00ns (0.0%) - Validate Feldmann VSS: 399.31µs (44.8%) - Compute rid: 400.00ns (0.0%) - Compute Ys: 402.01µs (45.1%) - Compute sigma: 400.00ns (0.0%) - Calculate challenge: 32.30µs (3.6%) - Prove knowledge of `sigma_i`: 300.00ns (0.0%) - Unstaged: 300.00ns (0.0%) - Round 5: 301.51µs - Validate schnorr proofs: 296.91µs (98.5%) - Derive resulting public key and other data: 1.60µs (0.5%) - Unstaged: 3.00µs (1.0%) Auxiliary data generation protocol Protocol Performance: - Protocol took 10.96s to complete In particular: - Setup: 8.00µs - Retrieve auxiliary data: 400.00ns (5.0%) - Setup networking: 6.50µs (81.2%) - Precompute execution id and shared state: 1.00µs (12.5%) - Unstaged: 100.00ns (1.2%) - Round 1: 1.33s - Retrieve primes (p and q): 100.00ns (0.0%) - Compute paillier decryption key (N): 5.80µs (0.0%) - Generate auxiliary params r, λ, t, s: 10.66ms (0.8%) - Prove Πprm (ψˆ_i): 1.32s (99.1%) - Sample random bytes: 2.50µs (0.0%) - Compute hash commitment and sample decommitment: 1.01ms (0.1%) - Unstaged: 400.00ns (0.0%) - Round 2: 4.40µs - Hash received msgs (reliability check): 4.10µs (93.2%) - Unstaged: 300.00ns (6.8%) - Round 3: 800.00ns - Assert other parties hashed messages (reliability check): 200.00ns (25.0%) - Unstaged: 600.00ns (75.0%) - Round 4: 6.77s - Validate round 1 decommitments: 1.99ms (0.0%) - Validate П_prm (ψ_i): 2.61s (38.6%) - Add together shared random bytes: 4.70µs (0.0%) - Compute П_mod (ψ_i): 3.96s (58.4%) - Assemble security params for П_fac (ф_i): 8.00µs (0.0%) - Compute П_fac (ф_i^j): 196.50ms (2.9%) - Unstaged: 1.10µs (0.0%) - Round 5: 2.86s - Validate ψ_j (П_mod): 2.67s (93.1%) - Validate ф_j (П_fac): 197.61ms (6.9%) - Assemble auxiliary info: 188.60µs (0.0%) - Unstaged: 800.00ns (0.0%) Signing protocol Protocol Performance: - Protocol took 1.83s to complete In particular: - Setup: 108.70µs - Map t-out-of-n protocol to t-out-of-t: 9.70µs (8.9%) - Retrieve auxiliary data: 93.50µs (86.0%) - Precompute execution id and security params: 700.00ns (0.6%) - Setup networking: 4.60µs (4.2%) - Unstaged: 200.00ns (0.2%) - Round 1: 136.35ms - Generate local ephemeral secrets (k_i, y_i, p_i, v_i): 78.60µs (0.1%) - Encrypt G_i and K_i: 42.18ms (30.9%) - Prove ψ0_j: 94.09ms (69.0%) - Unstaged: 2.70µs (0.0%) - Round 2: 77.90µs - Hash received msgs (reliability check): 77.70µs (99.7%) - Unstaged: 200.00ns (0.3%) - Round 3: 924.95ms - Assert other parties hashed messages (reliability check): 600.00ns (0.0%) - Verify psi0 proofs: 106.42ms (11.5%) - Sample random r, hat_r, s, hat_s, beta, hat_beta: 55.90µs (0.0%) - Encrypt D_ji: 81.52ms (8.8%) - Encrypt F_ji: 41.02ms (4.4%) - Encrypt hat_D_ji: 81.58ms (8.8%) - Encrypt hat_F_ji: 41.01ms (4.4%) - Prove psi_ji: 239.95ms (25.9%) - Prove psiˆ_ji: 239.97ms (25.9%) - Prove psi_prime_ji : 93.43ms (10.1%) - Unstaged: 2.10µs (0.0%) - Round 4: 662.54ms - Retrieve auxiliary data: 4.70µs (0.0%) - Validate psi: 190.03ms (28.7%) - Validate hat_psi: 189.21ms (28.6%) - Validate psi_prime: 106.41ms (16.1%) - Compute Gamma, Delta_i, delta_i, chi_i: 83.16ms (12.6%) - Prove psi_prime_prime: 93.72ms (14.1%) - Unstaged: 500.00ns (0.0%) - Presig output: 106.35ms - Validate psi_prime_prime: 106.20ms (99.9%) - Calculate presignature: 154.80µs (0.1%) - Unstaged: 600.00ns (0.0%) - Partial signing: 10.90µs - Signature reconstruction: 224.60µs ```
Benchmark Result
Benchmarks
```text RUST_TESTS_SEED=46b8d13edf1690b7fe1c064afa3093f70e445cb8994202f9724661e17573f037 n = 3 Non-threshold DKG Protocol Performance: - Protocol took 638.61µs to complete In particular: - Setup: 4.70µs - Setup networking: 4.20µs (89.4%) - Unstaged: 500.00ns (10.6%) - Round 1: 168.30µs - Compute execution id: 300.00ns (0.2%) - Sample x_i, rid_i: 75.70µs (45.0%) - Sample schnorr commitment: 66.50µs (39.5%) - Commit to public data: 25.40µs (15.1%) - Unstaged: 400.00ns (0.2%) - Round 2: 4.10µs - Hash received msgs (reliability check): 3.90µs (95.1%) - Unstaged: 200.00ns (4.9%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 300.00ns (75.0%) - Unstaged: 100.00ns (25.0%) - Round 4: 59.50µs - Validate decommitments: 56.50µs (95.0%) - Calculate challege rid: 2.30µs (3.9%) - Prove knowledge of `x_i`: 400.00ns (0.7%) - Unstaged: 300.00ns (0.5%) - Round 5: 401.61µs - Validate schnorr proofs: 400.91µs (99.8%) - Unstaged: 700.00ns (0.2%) Threshold DKG Protocol Performance: - Protocol took 1.43ms to complete In particular: - Setup: 3.70µs - Setup networking: 3.60µs (97.3%) - Unstaged: 100.00ns (2.7%) - Round 1: 229.31µs - Compute execution id: 200.00ns (0.1%) - Sample rid_i, schnorr commitment, polynomial: 200.70µs (87.5%) - Commit to public data: 28.00µs (12.2%) - Unstaged: 400.00ns (0.2%) - Round 2: 4.10µs - Hash received msgs (reliability check): 3.90µs (95.1%) - Unstaged: 200.00ns (4.9%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 200.00ns (50.0%) - Unstaged: 200.00ns (50.0%) - Round 4: 890.52µs - Validate decommitments: 55.10µs (6.2%) - Validate data size: 400.00ns (0.0%) - Validate Feldmann VSS: 399.31µs (44.8%) - Compute rid: 400.00ns (0.0%) - Compute Ys: 402.01µs (45.1%) - Compute sigma: 400.00ns (0.0%) - Calculate challenge: 32.30µs (3.6%) - Prove knowledge of `sigma_i`: 300.00ns (0.0%) - Unstaged: 300.00ns (0.0%) - Round 5: 301.51µs - Validate schnorr proofs: 296.91µs (98.5%) - Derive resulting public key and other data: 1.60µs (0.5%) - Unstaged: 3.00µs (1.0%) Auxiliary data generation protocol Protocol Performance: - Protocol took 10.96s to complete In particular: - Setup: 8.00µs - Retrieve auxiliary data: 400.00ns (5.0%) - Setup networking: 6.50µs (81.2%) - Precompute execution id and shared state: 1.00µs (12.5%) - Unstaged: 100.00ns (1.2%) - Round 1: 1.33s - Retrieve primes (p and q): 100.00ns (0.0%) - Compute paillier decryption key (N): 5.80µs (0.0%) - Generate auxiliary params r, λ, t, s: 10.66ms (0.8%) - Prove Πprm (ψˆ_i): 1.32s (99.1%) - Sample random bytes: 2.50µs (0.0%) - Compute hash commitment and sample decommitment: 1.01ms (0.1%) - Unstaged: 400.00ns (0.0%) - Round 2: 4.40µs - Hash received msgs (reliability check): 4.10µs (93.2%) - Unstaged: 300.00ns (6.8%) - Round 3: 800.00ns - Assert other parties hashed messages (reliability check): 200.00ns (25.0%) - Unstaged: 600.00ns (75.0%) - Round 4: 6.77s - Validate round 1 decommitments: 1.99ms (0.0%) - Validate П_prm (ψ_i): 2.61s (38.6%) - Add together shared random bytes: 4.70µs (0.0%) - Compute П_mod (ψ_i): 3.96s (58.4%) - Assemble security params for П_fac (ф_i): 8.00µs (0.0%) - Compute П_fac (ф_i^j): 196.50ms (2.9%) - Unstaged: 1.10µs (0.0%) - Round 5: 2.86s - Validate ψ_j (П_mod): 2.67s (93.1%) - Validate ф_j (П_fac): 197.61ms (6.9%) - Assemble auxiliary info: 188.60µs (0.0%) - Unstaged: 800.00ns (0.0%) Signing protocol Protocol Performance: - Protocol took 1.83s to complete In particular: - Setup: 108.70µs - Map t-out-of-n protocol to t-out-of-t: 9.70µs (8.9%) - Retrieve auxiliary data: 93.50µs (86.0%) - Precompute execution id and security params: 700.00ns (0.6%) - Setup networking: 4.60µs (4.2%) - Unstaged: 200.00ns (0.2%) - Round 1: 136.35ms - Generate local ephemeral secrets (k_i, y_i, p_i, v_i): 78.60µs (0.1%) - Encrypt G_i and K_i: 42.18ms (30.9%) - Prove ψ0_j: 94.09ms (69.0%) - Unstaged: 2.70µs (0.0%) - Round 2: 77.90µs - Hash received msgs (reliability check): 77.70µs (99.7%) - Unstaged: 200.00ns (0.3%) - Round 3: 924.95ms - Assert other parties hashed messages (reliability check): 600.00ns (0.0%) - Verify psi0 proofs: 106.42ms (11.5%) - Sample random r, hat_r, s, hat_s, beta, hat_beta: 55.90µs (0.0%) - Encrypt D_ji: 81.52ms (8.8%) - Encrypt F_ji: 41.02ms (4.4%) - Encrypt hat_D_ji: 81.58ms (8.8%) - Encrypt hat_F_ji: 41.01ms (4.4%) - Prove psi_ji: 239.95ms (25.9%) - Prove psiˆ_ji: 239.97ms (25.9%) - Prove psi_prime_ji : 93.43ms (10.1%) - Unstaged: 2.10µs (0.0%) - Round 4: 662.54ms - Retrieve auxiliary data: 4.70µs (0.0%) - Validate psi: 190.03ms (28.7%) - Validate hat_psi: 189.21ms (28.6%) - Validate psi_prime: 106.41ms (16.1%) - Compute Gamma, Delta_i, delta_i, chi_i: 83.16ms (12.6%) - Prove psi_prime_prime: 93.72ms (14.1%) - Unstaged: 500.00ns (0.0%) - Presig output: 106.35ms - Validate psi_prime_prime: 106.20ms (99.9%) - Calculate presignature: 154.80µs (0.1%) - Unstaged: 600.00ns (0.0%) - Partial signing: 10.90µs - Signature reconstruction: 224.60µs ```