private static G1 AssemblePublicKey(IEnumerable <G1> shares, int n)
{
var xs = Enumerable.Range(1, n).Select(Fr.FromInt).ToArray();
var ys = shares.ToArray();
return(MclBls12381.LagrangeInterpolate(xs, ys));
}
public Signature AssembleSignature(IEnumerable <KeyValuePair <int, Signature> > shares)
{
var keyValuePairs = shares as KeyValuePair <int, Signature>[] ?? shares.ToArray();
var xs = keyValuePairs.Take(Threshold + 1).Select(pair => Fr.FromInt(pair.Key + 1)).ToArray();
var ys = keyValuePairs.Take(Threshold + 1).Select(pair => pair.Value.RawSignature).ToArray();
if (xs.Length <= Threshold || ys.Length <= Threshold)
{
throw new ArgumentException("not enough shares for signature");
}
return(new Signature(MclBls12381.LagrangeInterpolate(xs, ys)));
}
public void TestPolyInterpolationG2()
{
const int degree = 100;
var coeffs = Enumerable.Range(0, degree)
.Select(i => G2.Generator * Fr.GetRandom())
.ToArray();
var xs = Enumerable.Range(1, degree)
.Select(i => Fr.GetRandom())
.ToArray();
var ys = xs
.Select(x => MclBls12381.EvaluatePolynomial(coeffs, x))
.ToArray();
var intercept = MclBls12381.EvaluatePolynomial(coeffs, Fr.FromInt(0));
Assert.AreEqual(intercept, MclBls12381.LagrangeInterpolate(xs, ys));
Assert.Throws <ArgumentException>(() => MclBls12381.LagrangeInterpolate(xs, ys.Take(degree - 1).ToArray()));
}
public void EvalInterpolateTestFr()
{
const int n = 10;
var poly = Enumerable.Range(0, n).Select(_ => Fr.GetRandom()).ToArray();
var values = Enumerable.Range(100, n + 1)
.Select(i => MclBls12381.EvaluatePolynomial(poly, Fr.FromInt(i)))
.ToArray();
for (var i = 0; i < n + 1; ++i)
{
Assert.AreEqual(DummyEval(poly, Fr.FromInt(100 + i)), values[i]);
}
var intercept = MclBls12381.LagrangeInterpolate(
Enumerable.Range(100, n + 1).Select(Fr.FromInt).ToArray(),
values
);
Assert.AreEqual(poly[0], intercept);
}
public Fr InterpolateValues()
{
if (Commitment is null)
{
throw new ArgumentException("Cannot interpolate without commitment");
}
var xs = Acks.WithIndex()
.Where(x => x.item)
.Select(x => x.index + 1)
.Select(Fr.FromInt)
.Take(Commitment.Degree + 1)
.ToArray();
var ys = Acks.WithIndex()
.Where(x => x.item)
.Select(x => Values[x.index])
.Take(Commitment.Degree + 1)
.ToArray();
if (xs.Length != Commitment.Degree + 1 || ys.Length != Commitment.Degree + 1)
{
throw new Exception("Cannot interpolate values");
}
return(MclBls12381.LagrangeInterpolate(xs, ys));
}
public RawShare FullDecrypt(EncryptedShare share, List <PartiallyDecryptedShare> us)
{
return(FullDecryptBenchmark.Benchmark(() =>
{
if (us.Count < _t)
{
throw new Exception("Insufficient number of shares!");
}
var ids = new HashSet <int>();
foreach (var part in us)
{
if (ids.Contains(part.DecryptorId))
{
throw new Exception($"Id {part.DecryptorId} was provided more than once!");
}
if (part.ShareId != share.Id)
{
throw new Exception($"Share id mismatch for decryptor {part.DecryptorId}");
}
ids.Add(part.DecryptorId);
}
var ys = new List <G1>();
var xs = new List <Fr>();
foreach (var part in us)
{
xs.Add(Fr.FromInt(part.DecryptorId + 1));
ys.Add(part.Ui);
}
var u = MclBls12381.LagrangeInterpolate(xs.ToArray(), ys.ToArray());
return new RawShare(Utils.XorWithHash(u, share.V), share.Id);
}));
}
