Add permissions tag 20250816003558

.github/workflows/pull-request.yaml

@@ -0,0 +1,39 @@
+name: MPC LIB CI
+
+on:
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  gofmt:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag: v4
+      - name: Check Source Formatting
+        run: |
+          INCORRECTLY_FORMATTED_FILES=$(gofmt -l $GITHUB_WORKSPACE)
+          if [ ${#INCORRECTLY_FORMATTED_FILES} -gt 0 ]; then
+            echo "Please run \`go fmt \` and update the PR"
+            echo
+            echo "incorrectly formatted files:"
+            echo ${INCORRECTLY_FORMATTED_FILES//$GITHUB_WORKSPACE/} | tr ' ' '\n'
+            exit 1
+          else
+            echo "all files are formatted correctly"
+          fi
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag: v4
+      - name: Set up Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # tag: v5
+        with:
+          go-version: '1.20'
+      - name: Download dependencies
+        run: go mod download
+      - name: Run tests
+        run: go test -v ./...
+

.github/workflows/push.yaml

@@ -0,0 +1,20 @@
+name: MPC LIB CI
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag: v4
+      - name: Set up Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # tag: v5
+        with:
+          go-version: '1.20'
+      - name: Download dependencies
+        run: go mod download
+      - name: Run tests
+        run: go test -v ./...

.github/workflows/security.yml

@@ -0,0 +1,28 @@
+# Name of this GitHub Actions workflow.
+name: Security Actions
+
+on:
+  # Scan changed files in PRs (diff-aware scanning):
+  pull_request: {}
+
+  # Scan on-demand through GitHub Actions interface
+  workflow_dispatch: {}
+
+  # Scan mainline branches when there is change in security.yml file:
+  push: {}
+
+  # Schedule the CI job (this method uses cron syntax):
+  schedule:
+    - cron: '40 22 * * 1'
+    # It is recommended to change the schedule to a random time.
+
+permissions:
+  actions: read
+  contents: read
+  pull-requests: read
+
+jobs:
+  # Calling Security Reusable action which would in turn call other reusable actions example - Semgrep
+  call_security:
+    uses: falconxio/security-actions/.github/workflows/security.yml@main
+    secrets: inherit

.github/workflows/tag.yml

@@ -0,0 +1,24 @@
+name: Tag for production
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+
+permissions:
+  contents: read
+  actions: read
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag: v4
+      - name: Set up Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # tag: v5
+        with:
+          go-version: '1.20'
+      - name: Download dependencies
+        run: go mod download
+      - name: Run tests
+        run: go test -v ./...

internal/ot/correlated.go

@@ -245,7 +245,6 @@ type CorreOTSendResult struct {
 // satsifying t_j = q_j ^ (choices_j * Delta).
 //
 // This follows the extend section of Figure 3 in https://eprint.iacr.org/2015/546.
-//
 func CorreOTSend(ctxHash *hash.Hash, setup *CorreOTSendSetup, batchSize int, msg *CorreOTReceiveMessage) (*CorreOTSendResult, error) {
 	batchSizeBytes := batchSize >> 3
 

protocols/cmp/sign/round4.go

@@ -56,7 +56,7 @@ func (r *round4) StoreBroadcastMessage(msg round.Message) error {
 
 // VerifyMessage implements round.Round.
 //
-// - Verify Π(log*)(ϕ''ᵢⱼ, Δⱼ, Γ).
+// - Verify Π(log*)(ϕ”ᵢⱼ, Δⱼ, Γ).
 func (r *round4) VerifyMessage(msg round.Message) error {
 	from, to := msg.From, msg.To
 	body, ok := msg.Content.(*message4)

protocols/doerner/keygen/keygen.go

@@ -57,7 +57,7 @@ func (c *ConfigReceiver) Derive(adjust curve.Scalar, newChainKey []byte) (*Confi
 
 // DeriveChild adjusts the shares to represent the derived public key at a certain index.
 //
-// This will panic if the group is not curve.Secp256k1
+// # This will panic if the group is not curve.Secp256k1
 //
 // This derivation works according to BIP-32, see:
 // https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
@@ -168,7 +168,7 @@ func (c *ConfigSender) Derive(adjust curve.Scalar, newChainKey []byte) (*ConfigS
 
 // DeriveChild adjusts the shares to represent the derived public key at a certain index.
 //
-// This will panic if the group is not curve.Secp256k1
+// # This will panic if the group is not curve.Secp256k1
 //
 // This derivation works according to BIP-32, see:
 // https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

protocols/frost/frost.go

@@ -43,7 +43,8 @@ func EmptyConfig(group curve.Curve) *Config {
 // selfID is the identifier for the local party calling this function.
 //
 // This protocol corresponds to Figure 1 of the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 func Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc {
 	return keygen.StartKeygenCommon(false, group, participants, threshold, selfID, nil, nil, nil)
 }
@@ -91,8 +92,8 @@ func RefreshTaproot(config *TaprootConfig, participants []party.ID) protocol.Sta
 // messageHash is the hash of the message a signature should be generated for.
 //
 // This protocol merges Figures 2 and 3 from the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
 //
+//	https://eprint.iacr.org/2020/852.pdf
 //
 // We merge the pre-processing and signing protocols into a single signing protocol
 // which doesn't require any pre-processing.

protocols/frost/keygen/config.go

@@ -85,7 +85,7 @@ func (r *Config) Derive(adjust curve.Scalar, newChainKey []byte) (*Config, error
 
 // DeriveChild adjusts the shares to represent the derived public key at a certain index.
 //
-// This will panic if the group is not curve.Secp256k1
+// # This will panic if the group is not curve.Secp256k1
 //
 // This derivation works according to BIP-32, see:
 // https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

protocols/frost/keygen/keygen_test.go

@@ -116,6 +116,10 @@ func checkOutputTaproot(t *testing.T, rounds []round.Session, parties party.IDSl
 		}
 		publicKey = result.PublicKey
 		if chainKey != nil {
+			if result.ChainKey == nil {
+				t.Logf("chain key is nil for %v", result.ID)
+				t.Fail()
+			}
 			assert.Equal(t, chainKey, result.ChainKey, "different chain keys")
 		}
 		chainKey = result.ChainKey

protocols/frost/keygen/round1.go

@@ -15,7 +15,8 @@ import (
 )
 
 // This round corresponds with the steps 1-4 of Round 1, Figure 1 in the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 type round1 struct {
 	*round.Helper
 	// taproot indicates whether or not to make taproot compatible keys.

protocols/frost/keygen/round2.go

@@ -13,7 +13,8 @@ import (
 )
 
 // This round corresponds with steps 5 of Round 1, 1 of Round 2, Figure 1 in the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 type round2 struct {
 	*round1
 	// f_i is the polynomial this participant uses to share their contribution to

protocols/frost/keygen/round3.go

@@ -12,7 +12,8 @@ import (
 )
 
 // This round corresponds with steps 2-4 of Round 2, Figure 1 in the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 type round3 struct {
 	*round2
 
@@ -163,6 +164,7 @@ func (r *round3) Finalize(chan<- *round.Message) (round.Session, error) {
 			PrivateShare:       r.privateShare.(*curve.Secp256k1Scalar),
 			PublicKey:          YSecp.XBytes()[:],
 			VerificationShares: secpVerificationShares,
+			ChainKey:           ChainKey,
 		}), nil
 	}
 
@@ -172,6 +174,7 @@ func (r *round3) Finalize(chan<- *round.Message) (round.Session, error) {
 		PrivateShare:       r.privateShare,
 		PublicKey:          r.publicKey,
 		VerificationShares: party.NewPointMap(r.verificationShares),
+		ChainKey:           ChainKey,
 	}), nil
 }
 

protocols/frost/sign/round1.go

@@ -11,7 +11,8 @@ import (
 )
 
 // This round sort of corresponds with Figure 2 of the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 //
 // The main difference is that instead of having a separate pre-processing step,
 // we instead have an additional round at the start of the signing step.

protocols/frost/sign/round3.go

@@ -10,7 +10,8 @@ import (
 )
 
 // This corresponds with step 7 of Figure 3 in the Frost paper:
-//   https://eprint.iacr.org/2020/852.pdf
+//
+//	https://eprint.iacr.org/2020/852.pdf
 //
 // The big difference, once again, stems from their being no signing authority.
 // Instead, each participant calculates the signature on their own.

protocols/frost/sign/sign_test.go

@@ -133,6 +133,7 @@ func TestSignTaproot(t *testing.T) {
 			PublicKey:          publicKey,
 			PrivateShare:       privateShares[id],
 			VerificationShares: verificationShares,
+			ChainKey:           chainKey,
 		}
 		result, _ = result.DeriveChild(1)
 		if newPublicKey == nil {
@@ -150,6 +151,7 @@ func TestSignTaproot(t *testing.T) {
 			PrivateShare:       result.PrivateShare,
 			PublicKey:          tapRootPublicKey,
 			VerificationShares: party.NewPointMap(genericVerificationShares),
+			ChainKey:           chainKey,
 		}
 		r, err := StartSignCommon(true, normalResult, partyIDs, steak)(nil)
 		require.NoError(t, err, "round creation should not result in an error")

protocols/frost/sign/types.go

@@ -29,7 +29,7 @@ func (messageHash) Domain() string {
 //
 // This signature claims to satisfy:
 //
-//    z * G = R + H(R, Y, m) * Y
+//	z * G = R + H(R, Y, m) * Y
 //
 // for a public key Y.
 type Signature struct {