feat: configurable ecdsa curve and support secp256k1

mpc/binance/ecdsa/mpc_test.go

@@ -18,6 +18,10 @@ import (
 	"time"
 
 	"github.com/bnb-chain/tss-lib/v2/tss"
+	"github.com/btcsuite/btcd/btcec/v2"
+	s256k1 "github.com/btcsuite/btcd/btcec/v2"
+	btcecdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	"github.com/decred/dcrd/dcrec/secp256k1/v4"
 	"github.com/stretchr/testify/assert"
 	"go.uber.org/zap"
 )
@@ -109,45 +113,76 @@ func (parties parties) Mapping() map[string]*tss.PartyID {
 }
 
 func TestTSS(t *testing.T) {
-	pA := NewParty(1, elliptic.P256(), logger("pA", t.Name()))
-	pB := NewParty(2, elliptic.P256(), logger("pB", t.Name()))
-	pC := NewParty(3, elliptic.P256(), logger("pC", t.Name()))
+	curves := []elliptic.Curve{
+		elliptic.P256(),
+		s256k1.S256(),
+	}
+
+	for _, tc := range curves {
+		t.Run(tc.Params().Name, func(t *testing.T) {
+			pA := NewParty(1, tc, logger("pA", t.Name()))
+			pB := NewParty(2, tc, logger("pB", t.Name()))
+			pC := NewParty(3, tc, logger("pC", t.Name()))
+
+			t.Logf("Created parties")
 
-	t.Logf("Created parties")
+			parties := parties{pA, pB, pC}
+			parties.init(senders(parties))
 
-	parties := parties{pA, pB, pC}
-	parties.init(senders(parties))
+			t.Logf("Running DKG")
 
-	t.Logf("Running DKG")
+			t1 := time.Now()
+			shares, err := parties.keygen()
+			assert.NoError(t, err)
+			t.Logf("DKG elapsed %s", time.Since(t1))
 
-	t1 := time.Now()
-	shares, err := parties.keygen()
-	assert.NoError(t, err)
-	t.Logf("DKG elapsed %s", time.Since(t1))
+			parties.init(senders(parties))
 
-	parties.init(senders(parties))
+			parties.setShareData(shares)
+			t.Logf("Signing")
 
-	parties.setShareData(shares)
-	t.Logf("Signing")
+			msgToSign := []byte("bla bla")
 
-	msgToSign := []byte("bla bla")
+			t.Logf("Signing message")
+			t1 = time.Now()
+			sigs, err := parties.sign(digest(msgToSign))
+			assert.NoError(t, err)
+			t.Logf("Signing completed in %v", time.Since(t1))
+
+			sigSet := make(map[string]struct{})
+			for _, s := range sigs {
+				sigSet[string(s)] = struct{}{}
+			}
+			assert.Len(t, sigSet, 1)
 
-	t.Logf("Signing message")
-	t1 = time.Now()
-	sigs, err := parties.sign(digest(msgToSign))
-	assert.NoError(t, err)
-	t.Logf("Signing completed in %v", time.Since(t1))
+			pk, err := parties[0].TPubKey()
+			assert.NoError(t, err)
 
-	sigSet := make(map[string]struct{})
-	for _, s := range sigs {
-		sigSet[string(s)] = struct{}{}
+			assert.True(t, verifySignature(tc.Params().Name, pk, msgToSign, sigs[0]))
+		})
 	}
-	assert.Len(t, sigSet, 1)
+}
+
+func verifySignature(curveName string, pk *ecdsa.PublicKey, msg []byte, sig []byte) bool {
+	switch curveName {
+	case elliptic.P256().Params().Name:
+		return ecdsa.VerifyASN1(pk, digest(msg), sig)
+	case s256k1.S256().Params().Name:
+		// convert pk to s256k1.PublicKey
+		xFieldVal, yFieldVal := new(secp256k1.FieldVal), new(secp256k1.FieldVal)
+		xFieldVal.SetByteSlice(pk.X.Bytes())
+		yFieldVal.SetByteSlice(pk.Y.Bytes())
+		btcecPubKey := btcec.NewPublicKey(xFieldVal, yFieldVal)
+
+		signature, err := btcecdsa.ParseDERSignature(sig)
+		if err != nil {
+			return false
+		}
 
-	pk, err := parties[0].TPubKey()
-	assert.NoError(t, err)
+		return signature.Verify(digest(msg), btcecPubKey)
+	}
 
-	assert.True(t, ecdsa.VerifyASN1(pk, digest(msgToSign), sigs[0]))
+	return false
 }
 
 func senders(parties parties) []Sender {

test/binance/ecdsa_test.go

@@ -7,40 +7,57 @@ import (
 	"testing"
 
 	ecdsa_scheme "github.com/IBM/TSS/mpc/binance/ecdsa"
-
 	. "github.com/IBM/TSS/types"
+	s256k1 "github.com/btcsuite/btcd/btcec/v2"
+	btcecdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
 
 	"github.com/stretchr/testify/assert"
 )
 
 func TestThresholdBinanceECDSA(t *testing.T) {
-	n := 4
+	curves := []elliptic.Curve{
+		elliptic.P256(),
+		s256k1.S256(),
+	}
 
-	var verifySig signatureVerifyFunc
+	for _, curve := range curves {
+		t.Run(curve.Params().Name, func(t *testing.T) {
+			n := 4
 
-	var signatureAlgorithms func([]*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer)
+			var verifySig signatureVerifyFunc
+			var signatureAlgorithms func([]*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer)
 
-	verifySig = verifySignatureECDSA
-	signatureAlgorithms = func(loggers []*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer) {
-		return ecdsaKeygenAndSign(elliptic.P256(), loggers)
-	}
+			verifySig = getVerifySignature(curve)
+			signatureAlgorithms = func(loggers []*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer) {
+				return ecdsaKeygenAndSign(curve, loggers)
+			}
 
-	testScheme(t, n, signatureAlgorithms, verifySig, false)
+			testScheme(t, n, signatureAlgorithms, verifySig, false)
+		})
+	}
 }
 
 func TestFastThresholdBinanceECDSA(t *testing.T) {
-	n := 4
+	curves := []elliptic.Curve{
+		elliptic.P256(),
+		s256k1.S256(),
+	}
 
-	var verifySig signatureVerifyFunc
+	for _, curve := range curves {
+		t.Run(curve.Params().Name, func(t *testing.T) {
+			n := 4
 
-	var signatureAlgorithms func([]*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer)
+			var verifySig signatureVerifyFunc
+			var signatureAlgorithms func([]*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer)
 
-	verifySig = verifySignatureECDSA
-	signatureAlgorithms = func(loggers []*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer) {
-		return ecdsaKeygenAndSign(elliptic.P256(), loggers)
-	}
+			verifySig = getVerifySignature(curve)
+			signatureAlgorithms = func(loggers []*commLogger) (func(uint16) KeyGenerator, func(uint16) Signer) {
+				return ecdsaKeygenAndSign(curve, loggers)
+			}
 
-	testScheme(t, n, signatureAlgorithms, verifySig, true)
+			testScheme(t, n, signatureAlgorithms, verifySig, true)
+		})
+	}
 }
 
 func ecdsaKeygenAndSign(curve elliptic.Curve, loggers []*commLogger) (func(id uint16) KeyGenerator, func(id uint16) Signer) {
@@ -54,6 +71,25 @@ func ecdsaKeygenAndSign(curve elliptic.Curve, loggers []*commLogger) (func(id ui
 	return kgf, sf
 }
 
+func getVerifySignature(curve elliptic.Curve) func(pkBytes []byte, t *testing.T, msg string, signature []byte) {
+	switch curve.Params().Name {
+	case s256k1.S256().Params().Name:
+		return verifySignatureSecp256k1
+	default:
+		return verifySignatureECDSA
+	}
+}
+
+func verifySignatureSecp256k1(pkBytes []byte, t *testing.T, msg string, signature []byte) {
+	pk, err := s256k1.ParsePubKey(pkBytes)
+	assert.NoError(t, err)
+
+	sig, err := btcecdsa.ParseDERSignature(signature)
+	assert.NoError(t, err)
+
+	assert.True(t, sig.Verify(sha256Digest([]byte(msg)), pk))
+}
+
 func verifySignatureECDSA(pkBytes []byte, t *testing.T, msg string, signature []byte) {
 	pk, err := x509.ParsePKIXPublicKey(pkBytes)
 	assert.NoError(t, err)

test/go.mod

@@ -49,6 +49,8 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
+replace github.com/IBM/TSS/mpc/binance/ecdsa => ../mpc/binance/ecdsa
+
 replace github.com/IBM/TSS/mpc/bls => ../mpc/bls
 
 replace github.com/agl/ed25519 => github.com/binance-chain/edwards25519 v0.0.0-20200305024217-f36fc4b53d43