Check num of commitments against min signers (#597)

* Check num of commitments against min signers * Move incorrect number of commitments check to part2 in the DKG
ZcashFoundation · Jan 17, 2024 · e1fb9bc · e1fb9bc
1 parent 9921b12
commit e1fb9bc
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 5 deletions.
diff --git a/frost-core/src/keys.rs b/frost-core/src/keys.rs
@@ -39,7 +39,7 @@ pub(crate) fn sum_commitments<C: Ciphersuite>(
     let mut group_commitment = vec![
         CoefficientCommitment(<C::Group>::identity());
         commitments
-            .get(0)
+            .first()
             .ok_or(Error::IncorrectNumberOfCommitments)?
             .0
             .len()
@@ -407,7 +407,7 @@ where
     /// element in the vector), or an error if the vector is empty.
     pub(crate) fn verifying_key(&self) -> Result<VerifyingKey<C>, Error<C>> {
         Ok(VerifyingKey::new(
-            self.0.get(0).ok_or(Error::MissingCommitment)?.0,
+            self.0.first().ok_or(Error::MissingCommitment)?.0,
         ))
     }
 
@@ -614,7 +614,7 @@ fn evaluate_polynomial<C: Ciphersuite>(
     }
     value = value
         + *coefficients
-            .get(0)
+            .first()
             .expect("coefficients must have at least one element");
     value
 }

diff --git a/frost-core/src/keys/dkg.rs b/frost-core/src/keys/dkg.rs
@@ -349,7 +349,7 @@ pub(crate) fn compute_proof_of_knowledge<C: Ciphersuite, R: RngCore + CryptoRng>
     let c_i = challenge::<C>(identifier, &commitment.verifying_key()?, &R_i)
         .ok_or(Error::DKGNotSupported)?;
     let a_i0 = *coefficients
-        .get(0)
+        .first()
         .expect("coefficients must have at least one element");
     let mu_i = k + a_i0 * c_i.0;
     Ok(Signature { R: R_i, z: mu_i })
@@ -406,6 +406,12 @@ pub fn part2<C: Ciphersuite>(
         return Err(Error::IncorrectNumberOfPackages);
     }
 
+    for package in round1_packages.values() {
+        if package.commitment.0.len() != secret_package.min_signers as usize {
+            return Err(Error::IncorrectNumberOfCommitments);
+        }
+    }
+
     let mut round2_packages = BTreeMap::new();
 
     for (sender_identifier, round1_package) in round1_packages {

diff --git a/frost-core/src/tests/ciphersuite_generic.rs b/frost-core/src/tests/ciphersuite_generic.rs
@@ -360,7 +360,7 @@ fn check_aggregate_invalid_share_identifier_for_verifying_shares<C: Ciphersuite
         .expect_err("should not work");
 }
 
-/// Test FROST signing with trusted dealer with a Ciphersuite.
+/// Test FROST signing with DKG with a Ciphersuite.
 pub fn check_sign_with_dkg<C: Ciphersuite + PartialEq, R: RngCore + CryptoRng>(
     mut rng: R,
 ) -> (Vec<u8>, Signature<C>, VerifyingKey<C>)