unboundsecurity / blockchain-crypto-mpc Goto Github PK
View Code? Open in Web Editor NEWProtecting cryptographic signing keys and seed secrets with Multi-Party Computation.
License: GNU General Public License v3.0
Protecting cryptographic signing keys and seed secrets with Multi-Party Computation.
License: GNU General Public License v3.0
Is any code in this repository covered by this patent or any other patents?
Testing 1,2,3.
Hi,
Referring to ecdsa Share Refresh as described in text https://github.com/unbound-tech/blockchain-crypto-mpc/blob/master/docs/Unbound_Cryptocurrency_Wallet_Library_White_Paper.md#56-share-refresh and in code https://github.com/unbound-tech/blockchain-crypto-mpc/blob/74a4864b940e74f4da9858bf6b51202bb6ee2a7a/src/mpc_protocols/mpc_ecdsa.cpp#L473
x1' = x1 + r mod q
and the paillier encryption is for x1 + r
. Theoretically after many rotations some bits could be leaked but in practice this is a very big number. Since in signing r
part of the encryptions cancel out the difference between the private key and its encryption does not matter much.In the README file it is stated that documentation will be available soon, and indeed, I didn't find the documentation, only the white paper, which is very valuable, but doesn't seem to include documentation of the library API itself. Also, I didn't find the API in C, only the source in c++. Considering that the library is said to be no longer maintained, will be able to see those things in the future?
Hi,
Recently have read the white paper of the blockchain-crypto-mpc library, but I still confused about that how to use BIP-Key-Derivation to output the shared private keys x1 and x2 of wallet private keys x. How to split the BIP32 seed and get the shared private keys x1 and x2 of wallet private keys x via 2-party BIP32 .I want to know hou to implementation 2-party BIP32 of the library? Looking forward to your reply, thanks
Radeon Pro 560X:
Chipset Model: Radeon Pro 560X
Type: GPU
Bus: PCIe
PCIe Lane Width: x8
VRAM (Total): 4 GB
Vendor: AMD (0x1002)
Device ID: 0x67ef
Revision ID: 0x00c2
ROM Revision: 113-C980AL-075
VBIOS Version: 113-C97501U-005
EFI Driver Version: 01.01.075
Automatic Graphics Switching: Supported
gMux Version: 5.0.0
Metal: Supported, feature set macOS GPUFamily2 v1
Displays:
Color LCD:
Display Type: Built-In Retina LCD
Resolution: 2880 x 1800 Retina
Framebuffer Depth: 24-Bit Color (ARGB8888)
Main Display: Yes
Mirror: Off
Online: Yes
Automatically Adjust Brightness: No
Connection Type: Internal
I tried to serialize the context to a file, and the share obtained by the deserialized context could not execute the toBuf function. A memory error will be reported as soon as it is executed.
I followed the comments in mpc_demo.py to test key generation. The example is as follows.
Example 1: Generate a split EDDSA key
user1@host1> python mpc_demo.py --out_file key_share.bin --server
user2@host2> python mpc_demo.py --type EDDSA --command generate --out_file key_share.bin --host host1
I ran them both on the same machine, but in two different sessions kinda like this:
user1@host1> python mpc_demo.py --out_file key_share1.bin --server
user1@host1> python mpc_demo.py --type EDDSA --command generate --out_file key_share2.bin --host localhost
but key_share1 and key_share2 are identitcal.
What's happening? Is it because it runs on the same machine? Or did I misunderstood something else?
crypto::ecurve_t curve = crypto::curve_k256; //line 324 blockchain-crypto-mpc/src/mpc_crypto_ecdsa.cpp
Hi,
I've followed the instructions posted at #8 and can successfully run the python demo, so thank you for posting them. However, I'm trying to figure out what the public key is from one of the derived key shares. I can see that there is a function named getPublic() which I have called. This returns me the following data if I do a print:
b'0V0\x10\x06\x07*\x86H\xce=\x02\x01\x06\x05+\x81\x04\x00\n\x03B\x00\x04\x18\xe1Dn)\xa9G\xc6\xf3\x8b\xd1\xa2"\xfc]\xb0!\xe1Y\xd3\xcd\x8b\t!S\x17\x81\xe0O\xd1\x1a\xc9vA\xb1\xc4^\xb4\x93\x9f|\xf0\x1at\x85r\xc3\xd4\x95'\xc8u\x0e\x84\x83\n\xf0\x0f\xfa\xf1\xf0\xdc\x16\xc9'
If I call .encode("hex") on this data I get:
'3056301006072a8648ce3d020106052b8104000a0342000418e1446e29a947c6f38bd1a222fc5db021e159d3cd8b0921531781e04fd11ac97641b1c45eb4939f7cf01a748572c3d49527c8750e84830af00ffaf1f0dc16c9'
Is what I'm doing correct? I've tried to use the public key to verify a signature generated from my keyshares using an online tool (https://kjur.github.io/jsrsasign/sample/sample-ecdsa.html) and it hasn't worked (which would suggest my public key is wrong)
Any help would be greatly appreciated.
Thanks,
Zeki
Hi, i need help for building lib
I apologize in advance for the stupid questions, I am not strong in c ++
i use directions for build of the build.md and i get an error
c++ -O2 -fPIC -fno-strict-aliasing -Wno-unused -Wno-switch -Wno-switch-enum -Werror -mpclmul -std=c++0x -DMPC_CRYPTO_NO_JNI -DMPC_CRYPTO_EXPORTS -fvisibility=hidden -maes -I include -I /include -I /include/linux -I src/utils -I src/crypto_utils -I src/mpc_protocols -o src/utils/precompiled.h.gch -c src/utils/precompiled.h
clang: error: treating 'c-header' input as 'c++-header' when in C++ mode, this behavior is deprecated [-Werror,-Wdeprecated]
make: *** [src/utils/precompiled.h.gch] Error 1
Has anyone come across this?
And second question)
i can compile this library into wasm?
i try compile but i always get errors because at first i need compile this lib
I would like to know right away whether to spend the effort or is it unrealistic, like some libraries on Rust
my platform macos
Not see further code detail to how to achieve protect seed or key.
I am very interested in you project, please provider some examples~~
Hi,
I am a bit fuzzled about standard signature hash lengths and deriving r and s values. When doing ECDSA signing with a derived BIP32 key, i get variant signature hash lengths, so far have observed 69,70 and 71 lengths......
length 69bytes:
b'0C\x02 \x15\x10\xf8D\xf2P\xe2j\xf7\x1d\xa9\x9a|\xe0\xbd\xcdh\x7f\xb5\xfdB&\xf6\x15H\x84\xb6\xc8pG\x1e\x85\x02\x1ff\xb4\x9c\x05\x13O\xa7\x7f\xde\xc0\x14\xdb&\xeb\x80\xacJ\x03\x1cnR\x9a\x99v\x11\x02\xbcb\xe8U\xf3'
length 70bytes:
b'0D\x02!\x00\xd3*\xfc\xdeT+h\xf5k[\xaa3\x13$r\x17\xd1\xdfe\n\x03\xde=Y\xb0\xc1@\x90*\x1a\xac\xc7\x02\x1f):D\xeb\x9b*\xe3:\xcf\xf7\x1a\xefL1%3\x1eN\x0b\xe5\x16\xaa\xb1\x00e\xff\x01\xdf\xdcv\x01'
length 71bytes:
b'0E\x02!\x00\xff\xf3>W\x94!\x03\xf6+i\xd6M\#\x8ag;\x96\x9a\xce7\xfa\x95\xf3\xf4@\x11\xccR\xaa\x011\x02s\x94\xbaH\xbb\x04q]T\n\x1f\x1bs!\xe4\x9c\xf2\x14C\x8a\xcd\xbdr\x7fwzR\xd2\x03;\xa7\x88'
.....which doesn't easily fit into the 70bytes to 73 bytes expectation, as follows, and how to get an RLP encoded signature.
6 byte | DER encoding overhead
32 byte | r-value
(1 byte) | r-value padding (if needed)
32 byte | S-value
(1 byte) | S-value padding (if needed)
1 byte | Signature Hash
Kindly clarify what I am missing.
Additionally, extracting the public key after a generate then derive BIP32 key steps still confusing to me, I get a 176byte output thereafter can't figure out what to do to derive an ethereum address, given that computing an address requires a 64byte public key.
Thank you for the library and the chance to research on mpc crypto operations on blockchains.
Refer to tests.py, function eddsa_backup()
we do step
1 backup key
2 verify backup with function mpc_crypto.verifyEddsaBackupKey()
3 restore key from backup with function mpc_crypto.restoreEddsaKey()
we get eddsa private key and public key at this point
I do some test if eddsa private key is corresponds to public key.
I import the eddsa private key to create pynacl's private key
and retrieve public key from pynacl's private key.
I expect public key retrieved from pynacl's private key should equal to public key from function eddsa_backup() but they are not equal.
My test code is here (the code is adapted from tests.py)
https://drive.google.com/file/d/18Op3KwMywbw3sMMbO1NQJcW5HvwxOxsm/view
Anyway, I have learned a lot from your work.
Thanks you so much.
Best regards,
Phanu C.
Hi,
There have been two new publications that allow multi-party (t,n) ECDSA signatures: One protocol by Steven Goldfeder et al. (2018) and one protocol by Yehuda Lindell et al. (2018).
It might be worth looking into these schemes as it allows a more general setup of the wallet. I have put it as a feature request here ๐
Papers:
https://eprint.iacr.org/2018/987.pdf
http://stevengoldfeder.com/papers/GG18.pdf
Hi all. make
command fails at the libmpc_crypto.so
step with the following error. What could be the issue here?
g++ -o -v libmpc_crypto.so src/mpc_crypto_context.o src/mpc_crypto_ec_backup.o src/mpc_crypto_ecdsa.o src/mpc_crypto_ecdsa_bip.o src/mpc_crypto_eddsa.o src/mpc_crypto_generic_secret.o src/mpc_crypto_jni.o src/mpc_crypto_message.o src/mpc_crypto_share.o src/mpc_crypto_test.o src/utils/precompiled.o src/utils/ub_buf.o src/utils/ub_buf128.o src/utils/ub_buf256.o src/utils/ub_common.o src/utils/ub_convert.o src/utils/ub_cpuid.o src/utils/ub_error.o src/utils/ub_string.o src/utils/ub_thread.o src/crypto_utils/crypto.o src/crypto_utils/crypto_aesni.o src/crypto_utils/crypto_bn.o src/crypto_utils/crypto_ecc.o src/crypto_utils/crypto_ecc_bip.o src/crypto_utils/crypto_hash.o src/crypto_utils/crypto_oaep.o src/crypto_utils/crypto_paillier.o src/crypto_utils/crypto_rsa.o src/crypto_utils/ec25519_core.o src/crypto_utils/small_primes.o src/mpc_protocols/circuit_data.o src/mpc_protocols/ecc_backup.o src/mpc_protocols/garbled_circuit.o src/mpc_protocols/garbled_circuit_2party.o src/mpc_protocols/mpc_core.o src/mpc_protocols/mpc_ecc_core.o src/mpc_protocols/mpc_ecdsa.o src/mpc_protocols/mpc_eddsa.o src/mpc_protocols/mpc_ot.o src/mpc_protocols/garbled_circuit_x64.o -s -Wl,-z,defs -Wl,-rpath,\'\$ORIGIN\' -shared -rdynamic -lcrypto -lpthread
clang: error: no such file or directory: 'libmpc_crypto.so'
Some details about my machine and clang version I use.
Apple clang version 13.0.0 (clang-1300.0.27.3)
Target: x86_64-apple-darwin21.4.0
Thread model: posix
InstalledDir: /Library/Developer/CommandLineTools/usr/bin
I understand two parties can sign a message m1 and then a message m2. Is it possible to sign m1 and m2 simultaneously?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.