Created
April 14, 2024 19:07
-
-
Save kushti/270320175b8b0469d680d41ce13670b1 to your computer and use it in GitHub Desktop.
2-out-of-2 signing algo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
An example test where Alice (A) and Bob (B) are signing an input in a distributed way. A statement which | |
protects the box to spend is "pubkey_Alice && pubkey_Bob". Note that a signature in this case is about | |
a transcript of a Sigma-protocol ((a_Alice, a_Bob), e, (z_Alice, z_Bob)), | |
which is done in non-interactive way (thus "e" is got via a Fiat-Shamir transformation). | |
For that, they are going through following steps: | |
- Bob is generating first protocol message a_Bob and sends it to Alice | |
- Alice forms a hint which contain Bob's commitment "a_Bob", and puts the hint into a hints bag | |
- She proves the statement using the bag, getting the partial protocol transcript | |
(a_Alice, e, z_Alice) as a result and sends "a_Alice" and "z_Alice" to Bob. | |
Please note that "e" is got from both a_Alice and a_Bob. | |
- Bob now also knows a_Alice, so can generate the same "e" as Alice. Thus Bob is generating valid | |
proof ((a_Alice, a_Bob), e, (z_Alice, z_Bob)). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment