feat: Trusted Setup Ceremony Primitives

CHANGELOG.md

@@ -5,14 +5,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
 ### Added
+- [\#238](https://github.com/Manta-Network/manta-rs/pull/238) Add trusted setup ceremony primitives for server and client
 - [\#237](https://github.com/Manta-Network/manta-rs/pull/237) Public input fuzzing tests for transfer protocol
 - [\#215](https://github.com/Manta-Network/manta-rs/pull/215) Add windowed multiplication algorithm for groups
 - [\#213](https://github.com/Manta-Network/manta-rs/pull/197) Add Ceremony Utilities
 - [\#206](https://github.com/Manta-Network/manta-rs/pull/206) Move Poseidon sage script to test the hardcoded round constant values
-- [\#172](https://github.com/Manta-Network/manta-rs/pull/172) Add abstract Phase 2 for Groth16 trusted setup 
-- [\#193](https://github.com/Manta-Network/manta-rs/pull/193) Add Bn254 curve backend for Groth16 trusted setup
-- [\#196](https://github.com/Manta-Network/manta-rs/pull/172) Add fixed base scalar multiplication using precomputed bases
 - [\#197](https://github.com/Manta-Network/manta-rs/pull/197) Add ECLAIR utilities for next circuit upgrade
+- [\#196](https://github.com/Manta-Network/manta-rs/pull/172) Add fixed base scalar multiplication using precomputed bases
+- [\#193](https://github.com/Manta-Network/manta-rs/pull/193) Add Bn254 curve backend for Groth16 trusted setup
+- [\#172](https://github.com/Manta-Network/manta-rs/pull/172) Add abstract Phase 2 for Groth16 trusted setup 
 
 ### Changed
 - [\#247](https://github.com/Manta-Network/manta-rs/pull/247) Moved BLS12-381 and BN254 curves (and Edwards counterparts) to `manta-crypto`

manta-benchmark/Cargo.toml

@@ -44,15 +44,13 @@ name = "reclaim"
 harness = false
 
 [dependencies]
-ark-ec = { version = "0.3.0", default-features = false }
-ark-ff = { version = "0.3.0", default-features = false }
 getrandom = { version = "0.2.6", default-features = false, features = ["js"] }
 instant = { version = "0.1.12", default-features = false, features = [ "wasm-bindgen" ] }
 manta-accounting = { path = "../manta-accounting", default-features = false, features = ["test"] }
 manta-crypto = { path = "../manta-crypto", default-features = false, features = ["ark-bls12-381", "getrandom", "test"] }
 manta-pay = { path = "../manta-pay", default-features = false, features = ["groth16", "test"] }
-wasm-bindgen = { version = "0.2.82", default-features = false }
-wasm-bindgen-test = { version = "0.3.30", default-features = false }
+wasm-bindgen = { version = "0.2.83", default-features = false }
+wasm-bindgen-test = { version = "0.3.33", default-features = false }
 web-sys = { version = "0.3.59", default-features = false, features = ["console"] }
 
 [dev-dependencies]

manta-benchmark/src/ecc.rs

@@ -16,10 +16,14 @@
 
 //! Elliptic Curve Cryptography Utilities
 
-use ark_ec::{AffineCurve, ProjectiveCurve};
-use ark_ff::UniformRand;
 use core::ops::AddAssign;
-use manta_crypto::rand::RngCore;
+use manta_crypto::{
+    arkworks::{
+        ec::{AffineCurve, ProjectiveCurve},
+        ff::UniformRand,
+    },
+    rand::RngCore,
+};
 
 /// Samples an affine point.
 #[inline]

manta-crypto/Cargo.toml

@@ -42,9 +42,10 @@ getrandom = ["rand_core/getrandom"]
 
 # Serde Serialization
 serde = [
+    "ed25519-dalek?/serde",
     "manta-util/serde-alloc",
     "manta-util/serde-array",
-    "rand_chacha?/serde1"
+    "rand_chacha?/serde1",
 ]
 
 # Standard Library

manta-crypto/src/arkworks/mod.rs

@@ -19,7 +19,6 @@
 pub use ark_ec as ec;
 pub use ark_r1cs_std as r1cs_std;
 pub use ark_relations as relations;
-pub use ark_serialize as serialize;
 
 #[cfg(feature = "ark-bls12-381")]
 pub use ark_bls12_381 as bls12_381;
@@ -39,3 +38,4 @@ pub mod ff;
 pub mod pairing;
 pub mod rand;
 pub mod ratio;
+pub mod serialize;

manta-crypto/src/arkworks/serialize.rs

@@ -0,0 +1,54 @@
+// Copyright 2019-2022 Manta Network.
+// This file is part of manta-rs.
+//
+// manta-rs is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// manta-rs is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with manta-rs.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Arkworks Canonical Serialize and Deserialize Backend
+
+#[cfg(feature = "serde")]
+use {
+    alloc::vec::Vec,
+    manta_util::serde::{de, ser, Deserialize, Deserializer, Serialize, Serializer},
+};
+
+#[doc(inline)]
+pub use ark_serialize::*;
+
+/// Serializes `data` using the [`CanonicalSerialize`] format with `S` as the [`Serializer`].
+#[cfg(feature = "serde")]
+#[cfg_attr(doc_cfg, doc(cfg(feature = "serde")))]
+#[inline]
+pub fn canonical_serialize<T, S>(data: &T, serializer: S) -> Result<S::Ok, S::Error>
+where
+    T: CanonicalSerialize,
+    S: Serializer,
+{
+    let mut bytes = Vec::new();
+    data.serialize(&mut bytes).map_err(ser::Error::custom)?;
+    Serialize::serialize(&bytes, serializer)
+}
+
+/// Deserializes data of type `T` using the [`CanonicalDeserialize`] format with `D` as the
+/// [`Deserializer`].
+#[cfg(feature = "serde")]
+#[cfg_attr(doc_cfg, doc(cfg(feature = "serde")))]
+#[inline]
+pub fn canonical_deserialize<'de, D, T>(deserializer: D) -> Result<T, D::Error>
+where
+    D: Deserializer<'de>,
+    T: CanonicalDeserialize,
+{
+    let bytes: Vec<u8> = Deserialize::deserialize(deserializer)?;
+    CanonicalDeserialize::deserialize(bytes.as_slice()).map_err(de::Error::custom)
+}

manta-crypto/src/dalek/ed25519.rs

@@ -14,7 +14,7 @@
 // You should have received a copy of the GNU General Public License
 // along with manta-rs.  If not, see <http://www.gnu.org/licenses/>.
 
-//! Dalek Cryptography `ed25519` Backend
+//! Dalek Cryptography [`ed25519`](ed25519_dalek) Backend
 
 use crate::{
     rand::{CryptoRng, Rand, RngCore},
@@ -27,17 +27,36 @@ use manta_util::AsBytes;
 
 pub use ed25519_dalek::*;
 
-/// Converts `bytes` into a [`SecretKey`].
-#[inline]
-pub fn secret_key_from_bytes(bytes: [u8; SECRET_KEY_LENGTH]) -> SecretKey {
-    match SecretKey::from_bytes(&bytes) {
-        Ok(secret_key) => secret_key,
-        _ => {
-            unreachable!("We are guaranteed the correct number of bytes from `SECRET_KEY_LENGTH`.")
+/// Implements byte conversion from an array of bytes of length `$len` into the given `$type`. These
+/// implementations are prefered over the ones provided by [`ed25519_dalek`] because they have no
+/// error branch.
+macro_rules! byte_conversion {
+    ($name:ident, $type:tt, $len:ident) => {
+        #[doc = "Converts the `bytes` fixed-length array into [`"]
+        #[doc = stringify!($type)]
+        #[doc = "`]."]
+        ///
+        /// # Note
+        ///
+        /// We don't need to return an error here because `bytes` already has the correct length.
+        #[inline]
+        pub fn $name(bytes: [u8; $len]) -> $type {
+            match $type::from_bytes(&bytes) {
+                Ok(value) => value,
+                _ => unreachable!(concat!(
+                    "We are guaranteed the correct number of bytes from `",
+                    stringify!($len),
+                    "`."
+                )),
+            }
         }
-    }
+    };
 }
 
+byte_conversion!(secret_key_from_bytes, SecretKey, SECRET_KEY_LENGTH);
+byte_conversion!(public_key_from_bytes, PublicKey, PUBLIC_KEY_LENGTH);
+byte_conversion!(signature_from_bytes, Signature, SIGNATURE_LENGTH);
+
 /// Clones the `secret_key` by serializing and then deserializing.
 #[inline]
 pub fn clone_secret_key(secret_key: &SecretKey) -> SecretKey {
@@ -85,7 +104,9 @@ impl<M> MessageType for Ed25519<M> {
 }
 
 impl<M> RandomnessType for Ed25519<M> {
-    /// The `ed25519_dalek` crate provides randomness internally so we set it as `()` here.
+    /// Empty Randomness
+    ///
+    /// The [`ed25519_dalek`] crate provides randomness internally so we set it as `()` here.
     type Randomness = ();
 }
 

manta-parameters/Cargo.toml

@@ -32,7 +32,7 @@ download = ["anyhow", "attohttpc", "std"]
 std = ["anyhow?/std"]
 
 [dependencies]
-anyhow = { version = "1.0.64", optional = true, default-features = false }
+anyhow = { version = "1.0.65", optional = true, default-features = false }
 attohttpc = { version = "0.22.0", optional = true }
 blake3 = { version = "1.3.1", default-features = false }
 
@@ -44,7 +44,7 @@ tempfile = { version = "3.3.0", default-features = false }
 walkdir = { version = "2.3.2", default-features = false }
 
 [build-dependencies]
-anyhow = { version = "1.0.64", default-features = false, features = ["std"] }
+anyhow = { version = "1.0.65", default-features = false, features = ["std"] }
 blake3 = { version = "1.3.1", default-features = false, features = ["std"] }
 gitignore = { version = "1.0.7", default-features = false }
 hex = { version = "0.4.3", default-features = false, features = ["std"] }

manta-pay/Cargo.toml

@@ -106,7 +106,7 @@ ark-std = { version = "0.3.0", optional = true, default-features = false }
 bip32 = { version = "0.3.0", optional = true, default-features = false, features = ["bip39", "secp256k1"] }
 blake2 = { version = "0.10.4", default-features = false }
 bs58 = { version = "0.4.0", optional = true, default-features = false, features = ["alloc"] }
-clap = { version = "3.2.20", optional = true, default-features = false, features = ["color", "derive", "std", "suggestions", "unicode", "wrap_help"] }
+clap = { version = "3.2.22", optional = true, default-features = false, features = ["color", "derive", "std", "suggestions", "unicode", "wrap_help"] }
 derivative = { version = "2.2.0", default-features = false, features = ["use_core"] }
 futures = { version = "0.3.24", optional = true, default-features = false }
 indexmap = { version = "1.9.1", optional = true, default-features = false }
@@ -119,7 +119,7 @@ scale-codec = { package = "parity-scale-codec", version = "3.1.2", optional = tr
 scale-info = { version = "2.1.2", optional = true, default-features = false, features = ["derive"] }
 serde_json = { version = "1.0.85", optional = true, default-features = false, features = ["alloc"] }
 tempfile = { version = "3.3.0", optional = true, default-features = false }
-tokio = { version = "1.21.0", optional = true, default-features = false }
+tokio = { version = "1.21.1", optional = true, default-features = false }
 tokio-tungstenite = { version = "0.17.2", optional = true, default-features = false, features = ["native-tls"] }
 ws_stream_wasm = { version = "0.7.3", optional = true, default-features = false }
 

manta-trusted-setup/Cargo.toml

@@ -25,6 +25,12 @@ is-it-maintained-open-issues = { repository = "Manta-Network/manta-rs" }
 maintenance = { status = "actively-developed" }
 
 [features]
+# Bincode for Message Signing
+bincode = ["dep:bincode", "serde"]
+
+# CSV for Ceremony Registries
+csv = ["dep:csv", "serde", "std"]
+
 # Perpetual Powers of Tau Ceremony
 ppot = ["manta-crypto/ark-bn254"]
 
@@ -33,6 +39,7 @@ rayon = ["manta-util/rayon"]
 
 # Serde Serialization
 serde = [
+    "manta-crypto/serde",
     "manta-util/serde",
     "manta-util/serde-alloc",
     "manta-util/serde-array"
@@ -50,9 +57,16 @@ ark-poly = { version = "0.3.0", default-features = false }
 ark-std = { version = "0.3.0", default-features = false }
 bincode = { version = "1.3.3", optional = true, default-features = false }
 blake2 = { version = "0.10.4", default-features = false }
+bs58 = { version = "0.4", default-features = false, features = ["alloc"] }
+colored = { version = "2.0.0", default-features = false }
+console = { version = "0.15.1", default-features = false }
+csv = { version = "1.1.6", optional = true, default-features = false }
 derivative = { version = "2.2.0", default-features = false, features = ["use_core"] }
-manta-crypto = { path = "../manta-crypto", default-features = false, features = ["arkworks", "getrandom", "rand_chacha"] }
-manta-util = { path = "../manta-util", default-features = false }
+dialoguer = { version = "0.10.2", default-features = false }
+manta-crypto = { path = "../manta-crypto", default-features = false, features = ["arkworks", "getrandom", "rand_chacha", "dalek"] }
+manta-util = { path = "../manta-util", default-features = false, features = ["reqwest"] }
+parking_lot = { version = "0.12.1", default-features = false }
+tiny-bip39 = { version = "1.0.0", default-features = false } 
 
 [dev-dependencies]
 ark-snark = { version = "0.3.0", default-features = false }

manta-trusted-setup/src/ceremony/mod.rs

@@ -0,0 +1,25 @@
+// Copyright 2019-2022 Manta Network.
+// This file is part of manta-rs.
+//
+// manta-rs is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// manta-rs is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with manta-rs.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Trusted Setup Ceremonies
+
+pub mod participant;
+pub mod registry;
+pub mod signature;
+
+#[cfg(all(feature = "bincode", feature = "std"))]
+#[cfg_attr(doc_cfg, doc(cfg(all(feature = "bincode", feature = "std"))))]
+pub mod util;

manta-trusted-setup/src/ceremony/participant.rs

@@ -0,0 +1,59 @@
+// Copyright 2019-2022 Manta Network.
+// This file is part of manta-rs.
+//
+// manta-rs is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// manta-rs is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with manta-rs.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Trusted Setup Ceremony Participants
+
+/// Participant
+pub trait Participant {
+    /// Identifier Type
+    type Identifier;
+
+    /// Verifying Key Type
+    type VerifyingKey;
+
+    /// Nonce Type
+    type Nonce;
+
+    /// Returns the [`Identifier`](Self::Identifier) for `self`.
+    fn id(&self) -> &Self::Identifier;
+
+    /// Returns the [`VerifyingKey`](Self::VerifyingKey) for `self`.
+    fn verifying_key(&self) -> &Self::VerifyingKey;
+
+    /// Checks if the participant has contributed.
+    fn has_contributed(&self) -> bool;
+
+    /// Sets contributed.
+    fn set_contributed(&mut self);
+
+    /// Returns the current nonce for `self`.
+    fn nonce(&self) -> &Self::Nonce;
+
+    /// Increments the current nonce of `self` by one.
+    fn increment_nonce(&mut self);
+}
+
+/// Priority
+pub trait Priority {
+    /// Priority Type
+    type Priority;
+
+    /// Returns the priority level for `self`.
+    fn priority(&self) -> Self::Priority;
+
+    /// Reduces the priority.
+    fn reduce_priority(&mut self);
+}