Browse Source

Fix implementation for verify_share

Ian Goldberg 5 years ago
parent
commit
9d84a9677b
1 changed files with 6 additions and 12 deletions
  1. 6 12
      src/vss.rs

+ 6 - 12
src/vss.rs

@@ -1,4 +1,5 @@
 use curve25519_dalek::edwards::EdwardsPoint;
+use curve25519_dalek::traits::Identity;
 use curve25519_dalek::scalar::Scalar;
 use curve25519_dalek::constants::ED25519_BASEPOINT_POINT;
 use rand::rngs::ThreadRng;
@@ -61,19 +62,12 @@ pub fn generate_shares(secret: Secret, numshares: u32, threshold: u32) -> Result
 pub fn verify_share(share: Share, commitment: &Commitment) -> Result<bool, &'static str> {
     let f_result = ED25519_BASEPOINT_POINT * share.value;
 
-    // always calculate at least the first share
-    let mut result = commitment.coms[0];
+    let x = Scalar::from(share.index);
 
-    for i in 1..share.index+1 {
-        // check in case of the last share
-        if (i as usize) >= commitment.coms.len() {
-            break;
-        }
-
-        let next_comm = commitment.coms[i as usize];
-        let x_raised_to_threshold = share.index.pow(i as u32);
-        result += next_comm * Scalar::from(x_raised_to_threshold);
-    }
+    let (_, result) = commitment.coms.iter().fold(
+        (Scalar::one(), EdwardsPoint::identity()),
+            |(x_to_the_i, sum_so_far), comm_i|
+            (x_to_the_i * x, sum_so_far + x_to_the_i * comm_i));
 
     let is_valid = f_result == result;
     Ok(is_valid)