def fail_round_3(guardians: List[Guardian],
mediator: KeyCeremonyMediator) -> GuardianPair:
"""Perform Round 3 including verifying backups but fail a single backup"""
failing_guardian_pair = GuardianPair(guardians[0].id, guardians[1].id)
for guardian in guardians:
for other_guardian in guardians:
verifications = []
if guardian.id is not other_guardian.id:
verification = guardian.verify_election_partial_key_backup(
other_guardian.id)
if (verification.owner_id is failing_guardian_pair.owner_id
and verification.designated_id is
failing_guardian_pair.designated_id):
verification = ElectionPartialKeyVerification(
failing_guardian_pair.owner_id,
failing_guardian_pair.designated_id,
failing_guardian_pair.designated_id,
False,
)
verifications.append(verification)
mediator.receive_backup_verifications(verifications)
return failing_guardian_pair
def test_partial_key_backup_verification_failure(self):
"""
In this case, the recipient guardian does not correctly verify the sent key backup.
This failed verificaton requires the sender create a challenge and a new verifier
aka another guardian must verify this challenge.
"""
# Arrange
mediator = KeyCeremonyMediator("mediator_challenge", CEREMONY_DETAILS)
KeyCeremonyHelper.perform_round_1(GUARDIANS, mediator)
KeyCeremonyHelper.perform_round_2(GUARDIANS, mediator)
# Round 3 - Guardians only
verification1 = GUARDIAN_1.verify_election_partial_key_backup(
GUARDIAN_2_ID, identity_auxiliary_decrypt)
# Act
failed_verification2 = ElectionPartialKeyVerification(
GUARDIAN_1_ID,
GUARDIAN_2_ID,
GUARDIAN_2_ID,
False,
)
mediator.receive_backup_verifications(
[verification1, failed_verification2])
state = mediator.get_verification_state()
# Assert
self.assertTrue(state.all_sent)
self.assertFalse(state.all_verified)
self.assertIsNone(mediator.publish_joint_key())
self.assertEqual(len(state.failed_verifications), 1)
self.assertEqual(state.failed_verifications[0],
GuardianPair(GUARDIAN_1_ID, GUARDIAN_2_ID))
# Act
challenge = GUARDIAN_1.publish_election_backup_challenge(GUARDIAN_2_ID)
mediator.verify_challenge(challenge)
new_state = mediator.get_verification_state()
all_verified = mediator.all_backups_verified()
joint_key = mediator.publish_joint_key()
# Assert
self.assertTrue(new_state.all_sent)
self.assertTrue(new_state.all_verified)
self.assertEqual(len(new_state.failed_verifications), 0)
self.assertTrue(all_verified)
self.assertIsNotNone(joint_key)
def _guardian_challenges(self, guardian_ids: List[GUARDIAN_ID]):
key_owner_id = guardian_ids[0]
original_verification = self.received_verifications[key_owner_id][0]
failed_verification = ElectionPartialKeyVerification(
original_verification.owner_id,
original_verification.designated_id,
original_verification.verifier_id,
False,
)
designated_id = original_verification.designated_id
# If backup failed to be verified
self.assertFalse(failed_verification.verified)
# Key Owner generate challenge
designated_backup = [
backup
for backup in self.sent_backups[key_owner_id]
if backup.designated_id == designated_id
][0]
self.assertIsNotNone(designated_backup)
election_key_pair = self.election_key_pairs[key_owner_id]
challenge = generate_election_partial_key_challenge(
designated_backup, election_key_pair.polynomial
)
# Get a mediator to verify who is not the owner or originally designated guardian who previously verified
new_verifier_id = "mediator_id"
# New verifier verifies challenge
verification = verify_election_partial_key_challenge(
new_verifier_id,
challenge,
)
self.assertIsNotNone(verification)
self.assertNotEqual(key_owner_id, verification.verifier_id)
self.assertNotEqual(designated_id, verification.verifier_id)
self.assertTrue(verification.verified)
self.received_verifications[key_owner_id][0] = verification
def test_partial_key_backup_verification_failure(self):
"""
In this case, the recipient guardian does not correctly verify the sent key backup.
This failed verificaton requires the sender create a challenge and a new verifier aka another guardian must verify this challenge.
"""
# Arrange
mediator = KeyCeremonyMediator(CEREMONY_DETAILS)
mediator.confirm_presence_of_guardian(GUARDIAN_1.share_public_keys())
mediator.confirm_presence_of_guardian(GUARDIAN_2.share_public_keys())
mediator.receive_election_partial_key_backup(
GUARDIAN_1.share_election_partial_key_backup(GUARDIAN_2_ID))
mediator.receive_election_partial_key_backup(
GUARDIAN_2.share_election_partial_key_backup(GUARDIAN_1_ID))
GUARDIAN_1.save_election_partial_key_backup(
mediator.share_election_partial_key_backups_to_guardian(
GUARDIAN_1_ID)[0])
GUARDIAN_2.save_election_partial_key_backup(
mediator.share_election_partial_key_backups_to_guardian(
GUARDIAN_2_ID)[0])
verification1 = GUARDIAN_1.verify_election_partial_key_backup(
GUARDIAN_2_ID, identity_auxiliary_decrypt)
verification2 = GUARDIAN_2.verify_election_partial_key_backup(
GUARDIAN_1_ID, identity_auxiliary_decrypt)
# Act
failed_verification2 = ElectionPartialKeyVerification(
verification2.owner_id,
verification2.designated_id,
verification2.verifier_id,
False,
)
mediator.receive_election_partial_key_verification(verification1)
mediator.receive_election_partial_key_verification(
failed_verification2)
failed_pairs = mediator.share_failed_partial_key_verifications()
missing_challenges = mediator.share_missing_election_partial_key_challenges(
)
# Assert
self.assertTrue(
mediator.all_election_partial_key_verifications_received())
self.assertFalse(mediator.all_election_partial_key_backups_verified())
self.assertIsNone(mediator.publish_joint_key())
self.assertEqual(len(failed_pairs), 1)
self.assertEqual(failed_pairs[0],
GuardianPair(GUARDIAN_1_ID, GUARDIAN_2_ID))
self.assertEqual(len(missing_challenges), 1)
self.assertEqual(missing_challenges[0],
GuardianPair(GUARDIAN_1_ID, GUARDIAN_2_ID))
# Act
challenge = GUARDIAN_1.publish_election_backup_challenge(GUARDIAN_2_ID)
mediator.receive_election_partial_key_challenge(challenge)
no_missing_challenges = mediator.share_missing_election_partial_key_challenges(
)
# Assert
self.assertFalse(mediator.all_election_partial_key_backups_verified())
self.assertEqual(len(no_missing_challenges), 0)
# Act
challenges = mediator.share_open_election_partial_key_challenges()
challenge_verification = VERIFIER.verify_election_partial_key_challenge(
challenges[0])
mediator.receive_election_partial_key_verification(
challenge_verification)
joint_key = mediator.publish_joint_key()
# Assert
self.assertEqual(len(challenges), 1)
self.assertTrue(mediator.all_election_partial_key_backups_verified())
self.assertIsNotNone(joint_key)