def run_secdsa(): # Aclice x1 = utils.randomnumber(ecdsa.n, inf=2) y1 = ecdsa.get_pub(x1) ka_pub, ka_priv = paillier.gen_key() # Bob x2 = utils.randomnumber(ecdsa.n, inf=2) y2 = ecdsa.get_pub(x2) kb_pub, kb_priv = paillier.gen_key() zkp = eczkp.gen_params(1024) pub = ecdsa.get_pub(x1 * x2 % ecdsa.n) # pub_a = ecdsa.point_mult(y2, x1) # pub_b = ecdsa.point_mult(y1, x2) # pem.generate_tecdsa_pem(x1, ecdsa.expand_pub(pub), y2, ka_priv, kb_pub, zkp) # pem.generate_tecdsa_pem(x2, ecdsa.expand_pub(pub), y1, kb_priv, ka_pub, zkp) # Message hash message = "hello" h = hashlib.sha256() h.update(message.encode("utf-8")) m = long(h.hexdigest(), 16) print "Message to sign: ", message print "Hash: ", m # ALICE ROUND 1 k1, z1, alpha, zeta, rr1, rr2 = alice_round_1(m, x1, y1, ka_pub, ka_priv) # BOB ROUND 1 k2, r2 = bob_round_1(alpha, zeta) # ALICE ROUND 2 r, pi = alice_round_2(alpha, zeta, r2, k1, y1, z1, x1, zkp, ka_pub, rr1, rr2) # eczkp_pem.pi_to_pem(pi) # BOB ROUND 2 mu, mup, pi2 = bob_round_2(pi, m, alpha, zeta, r, k2, x2, r2, y1, y2, ka_pub, kb_pub, zkp) # eczkp_pem.pi_to_pem2(pi2) # ALICE ROUND 3 (final) sig = alice_round_3(pi2, r, r2, y2, mup, mu, alpha, zeta, zkp, ka_priv, kb_pub) print "Signature:" print sig r, s = sig print "Sig status: ", ecdsa.verify(sig, m, pub, ecdsa.G, ecdsa.n)
def priv_to_priv(extended_priv, i): priv, chain = extended_priv if i >= 0x80000000: # Hardened k = "%x" % chain data = "00%32x%08x" % (priv, i) hmac = hashlib.pbkdf2_hmac('sha512', k, data, 100) l = binascii.hexlify(hmac) key = long(l[:64], 16) + priv % ecdsa.n c = long(l[64:], 16) return key, c else: # Not hardened k = "%x" % chain data = "00%s%08x" % (ecdsa.expand_pub(ecdsa.get_pub(priv)), i) hmac = hashlib.pbkdf2_hmac('sha512', k, data, 100) l = binascii.hexlify(hmac) key = long(l[:64], 16) + priv % ecdsa.n c = long(l[64:], 16) return key, c
def test(): # p = ecdsa.expand_pub(pub) # print(p) # rec_pub = ecdsa.recover_pub(p) # print(rec_pub == pub) # print(get(pub)) chain = ecdsa.gen_priv() # Shares p1 = ecdsa.gen_priv() pub1 = ecdsa.get_pub(p1) p2 = ecdsa.gen_priv() pub2 = ecdsa.get_pub(p2) p3 = ecdsa.gen_priv() pub3 = ecdsa.get_pub(p3) p4 = ecdsa.gen_priv() pub4 = ecdsa.get_pub(p4) skmas = ecdsa.aggregate(p1, p2, p3, p4) pkmas = ecdsa.get_pub(skmas) print(get(pkmas)) # Compute master pubkey with shares pkmas_shares = ecdsa.point_add( ecdsa.point_add(ecdsa.point_add(pub1, pub2), pub3), pub4) print(get(pkmas_shares)) i = 1 # Pubkey derivation # each one knows: # - chain code # - master pubkey # - i # - own share sha2 = hashlib.sha256() m = "%x%s%x" % (chain, ecdsa.expand_pub(pub), i) sha2.update(m) T = long(sha2.hexdigest(), 16) pki = ecdsa.point_mult(pkmas, T) # print get(pki) # Privkey derivation p11 = p1 * T p21 = p2 p31 = p3 p41 = p4 pkmas1 = ecdsa.get_pub(ecdsa.aggregate(p11, p21, p31, p41)) # print(get(pkmas1)) extended_priv = (skmas, chain) extended_pub = (pkmas, chain) ext_priv1h = priv_to_priv(extended_priv, 0x80000000) ext_priv1 = priv_to_priv(extended_priv, 0x00000001) ext_pub1 = pub_to_pub(extended_pub, 0x00000001) ext_priv2 = priv_to_priv(ext_priv1, 0x00000001) ext_pub2 = pub_to_pub(ext_pub1, 0x00000001) print(get(ecdsa.get_pub(ext_priv1[0]))) print(get(ext_pub1[0])) print(get(ecdsa.get_pub(ext_priv2[0]))) print(get(ext_pub2[0])) print("Multiplicatively") print(get(ecdsa.get_pub(p1 * p2))) print(get(ecdsa.point_mult(pub1, p2)))
def pub(self): return ecdsa.get_pub(self.secret)
def get_address(self): return get(self.get_pub()) if __name__ == "__main__": print("=== Threshold addresses ===") chain = ecdsa.gen_priv() # Shares s1 = Share(chain, True, ecdsa.gen_priv()) s2 = Share(chain, False, ecdsa.gen_priv()) s3 = Share(chain, False, ecdsa.gen_priv()) sec = (s1.secret * s2.secret * s3.secret) % ecdsa.n pub = ecdsa.get_pub(sec) add = get(pub) print "Master root public key m/ :", add s1.set_master_pub(pub) s2.set_master_pub(pub) s3.set_master_pub(pub) print "\n*** Individual addresses m/ ***" print "s1:", s1.address() print "s2:", s2.address() print "s3:", s3.address() print "\n*** Hardened derivation for one share ***" print "s1 m/44/0/1 :", get(s1.derive("m/44/0/1").master_pub) print "s1 m/44/0/1' :", get(s1.derive("m/44/0/1'").master_pub)