Sketch client-facing and server-facing APIs

Question

Sketch client-facing and server-facing APIs

piotr-roslaniec opened this issue a year ago · 4 comments

piotr-roslaniec commented a year ago

Related to creating protocol description
Relevant issues:
- #59
- #60

Answer 1 · 2023-02-01T14:00:43.000Z

Client Side

create/initialise/build a cohort. Parameters are m, n, refresh_policy
can the client force a refresh?
encrypt
decrypt
revoke (this is really a protocol level endpoint, nothing to do with ferveo/tpke)
cohort/dkg ritual status?

Answer 2 · 2023-02-01T14:21:32.000Z

create/initialise/build a cohort. Parameters are m, n, refresh_policy
can the client force a refresh?
revoke (this is really a protocol level endpoint, nothing to do with ferveo/tpke)
cohort/dkg ritual status?

Sounds like a job for nucypher-ts, nucypher/taco-web#166

encrypt
decrypt

Added encrypt, decrypt_with_shared_secret, decrypt_with_private_key to #59

Answer 3 · 2023-02-01T15:18:58.000Z

Server API

Lifted from protocol description

Dkg::new(ritual_id: int, shares_num: int, threshold: int, validators: List[ExternalValidator], me: ExternalValidator)
Dkg::generate_transcript(rng): Transcript
Dkg::aggregate_transcripts(messages: List[(ExternalValidator, Transcript)]): AggregatedTranscript
AggregatedTranscript::validate(dkg: Dkg): Boolean
AggregatedTranscript::create_decryption_share(dkg: Dkg, ciphertext: Ciphertext, aad: bytes, unblinding_key: PrivateKey): DecryptionShare

Questions/design points:

Should we expose AggregatedTranscript::validate, or should it be baked into Dkg::aggregate_transcripts?
- The former gives us the opportunity to provide the validator with some feedback, i.e. which transcript was bad
AggregatedTranscript::create_decryption_share takes Dkg as a parameter: Can we roll AggregatedTranscript methods into Dkg?
- It would make for a more straightforward server API. Still, it requires mutating Dkg state in order to distinguish between two different DKG stages: transcript aggregation and decryption share creation (which is possible only after a sufficient number of transcripts was collected and validated).
Should we closely follow naming nomenclature from Ferveo or use something simpler in bindings?
- Example: PubliclyVerifiableDkg vs Dkg

Answer 4 · 2023-04-12T09:16:23.000Z

Closed by #62