Skip to content

[experimental][threshold_ecdsa] Add threshold ECDSA module with native Paillier and YACL-style cleanup#634

Open
jjllzhang wants to merge 73 commits into
secretflow:mainfrom
jjllzhang:integration/threshold_ecdsa
Open

[experimental][threshold_ecdsa] Add threshold ECDSA module with native Paillier and YACL-style cleanup#634
jjllzhang wants to merge 73 commits into
secretflow:mainfrom
jjllzhang:integration/threshold_ecdsa

Conversation

@jjllzhang

Copy link
Copy Markdown

Summary

This PR adds yacl/crypto/experimental/threshold_ecdsa and finalizes the staged integration work.

  • Added threshold ECDSA module structure: common/, crypto/, net/, protocol/, tests/
  • Replaced direct secp256k1 usage with YACL ECC (EcGroup, OpenSSL backend)
  • Replaced libhcs dependency with native Paillier implementation
  • Aligned error handling to YACL style via common/errors.h (TECDSA_THROW*)
  • Aligned Bazel build style (yacl_cc_library / yacl_cc_binary)
  • Removed bench/docs artifacts from this module (bench/, docs/)

Motivation

  • Remove third-party crypto dependency coupling in this module
  • Keep protocol flow and interfaces stable while improving maintainability
  • Align implementation style with YACL conventions

Main Changes

  • Build integration:
    • yacl/crypto/experimental/threshold_ecdsa/BUILD.bazel
    • yacl/crypto/experimental/threshold_ecdsa/CMakeLists.txt
  • Core crypto/protocol implementation:
    • ECC wrapper and math verify path
    • Native Paillier keygen/encrypt/decrypt/homomorphic ops
    • Keygen/sign session flow and strict-proof checks
  • Tests:
    • crypto_primitives_tests
    • protocol_infrastructure_tests
    • keygen_flow_tests
    • sign_flow_tests
  • Docs:
    • Updated README.md to match current module scope (no bench/docs section)

Compatibility

  • Module public behavior remains consistent with current flow expectations
  • No extra external repo/file changes required outside this module

Validation

Commands executed:

bazelisk build //yacl/crypto/experimental/threshold_ecdsa:tecdsa_core \
  --extra_toolchains=@rules_foreign_cc//toolchains:preinstalled_make_toolchain,@rules_foreign_cc//toolchains:preinstalled_pkgconfig_toolchain

bazelisk run //yacl/crypto/experimental/threshold_ecdsa:crypto_primitives_tests \
  --extra_toolchains=@rules_foreign_cc//toolchains:preinstalled_make_toolchain,@rules_foreign_cc//toolchains:preinstalled_pkgconfig_toolchain

bazelisk run //yacl/crypto/experimental/threshold_ecdsa:protocol_infrastructure_tests \
  --extra_toolchains=@rules_foreign_cc//toolchains:preinstalled_make_toolchain,@rules_foreign_cc//toolchains:preinstalled_pkgconfig_toolchain

bazelisk run //yacl/crypto/experimental/threshold_ecdsa:keygen_flow_tests \
  --extra_toolchains=@rules_foreign_cc//toolchains:preinstalled_make_toolchain,@rules_foreign_cc//toolchains:preinstalled_pkgconfig_toolchain

bazelisk run //yacl/crypto/experimental/threshold_ecdsa:sign_flow_tests \
  --extra_toolchains=@rules_foreign_cc//toolchains:preinstalled_make_toolchain,@rules_foreign_cc//toolchains:preinstalled_pkgconfig_toolchain

- add experimental threshold ECDSA module under
  yacl/crypto/experimental/threshold_ecdsa with:
  common/, crypto/, net/, protocol/, tests/
- add build integration:
  - BUILD.bazel (tecdsa_core + 4 test binaries)
  - CMakeLists.txt (tecdsa_core + 4 test executables)
- implement ECC path with yacl EcGroup (OpenSSL backend) and math-based ECDSA verify flow
- add native Paillier provider (keygen/encrypt/decrypt/homomorphic ops, Z*_N checks)
- align module error handling with YACL exception style via common/errors.h (TECDSA_THROW*)
- include protocol/session infrastructure for keygen/sign and strict-proof validation
- add regression/E2E targets:
  crypto_primitives_tests, protocol_infrastructure_tests, keygen_flow_tests, sign_flow_tests
- intentionally exclude bench and docs artifacts from this commit
@gemini-code-assist

Copy link
Copy Markdown
Contributor

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request adds an experimental threshold ECDSA module to YACL, enhancing its cryptographic capabilities. It focuses on improving maintainability and reducing external dependencies by replacing libhcs with a native Paillier implementation and aligning the code with YACL's coding conventions. The module provides threshold key generation and signing functionalities, supported by a comprehensive test suite and updated documentation.

Highlights

  • Threshold ECDSA Module: This PR introduces a new threshold_ecdsa module within the YACL crypto library, providing a C++20 implementation of the GG2019 threshold ECDSA protocol.
  • Dependency Removal: The PR replaces the libhcs dependency with a native Paillier implementation, reducing external dependencies.
  • YACL Alignment: The code has been refactored to align with YACL conventions, including error handling and build style.
  • Comprehensive Testing: The PR includes a suite of tests covering crypto primitives, protocol infrastructure, key generation flow, and signing flow.
  • Documentation Update: The README.md file has been updated to reflect the current scope of the module.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Activity
  • The PR introduces a new module with core crypto/protocol implementation.
  • Includes ECC wrapper, native Paillier, and keygen/sign session flow.
  • Adds tests for crypto primitives, protocol infrastructure, keygen, and sign flows.
  • Updates documentation to reflect the module's scope.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a new experimental module for threshold ECDSA, which is a substantial and well-structured contribution. The implementation aligns with the GG2019 paper and includes a native Paillier implementation, replacing previous dependencies. The code quality is high, with strong error handling, good security practices like secure zeroization of sensitive data, and a comprehensive test suite covering happy paths and adversarial scenarios. My main feedback concerns the maintainability of several very large files. Splitting them into smaller, more focused modules would significantly improve readability and future development. I've also identified a minor potential integer overflow issue in the random number generation utility.

Note: Security Review did not run due to the size of the PR.

Comment thread yacl/crypto/experimental/threshold_ecdsa/protocol/sign_session.cc Outdated
Comment thread yacl/crypto/experimental/threshold_ecdsa/crypto/random.cc Outdated
Comment thread yacl/crypto/experimental/threshold_ecdsa/crypto/strict_proofs.cc Outdated
Comment thread yacl/crypto/experimental/threshold_ecdsa/protocol/keygen_session.cc Outdated
jjllzhang and others added 27 commits March 5, 2026 14:45
…s with BigInt

- Removed dependencies on GMP's mpz_class in favor of a custom BigInt type for better integration and performance.
- Updated function signatures and internal logic to accommodate BigInt, including conversions and validations.
- Adjusted tests to ensure compatibility with the new BigInt type, ensuring that all instances of mpz_class are replaced.
- Enhanced readability and maintainability of the code by streamlining type usage across key generation and signing sessions.
- Added strict_proofs_codec.cc to handle encoding and decoding of strict proof metadata and payloads.
- Introduced strict_proofs_internal.h for internal structures and functions related to strict proofs.
- Created strict_proofs_math.cc for mathematical operations and challenge generation related to strict proofs.
- Implemented functions for encoding/decoding square-free strict payloads and auxiliary parameter strict payloads.
- Added utility functions for handling modular arithmetic and random number generation in the context of strict proofs.
- Added keygen_session_codec.cc and keygen_session_internal.h to handle key generation logic.
- Implemented phase 1, phase 2, and phase 3 of the key generation process in separate source files.
- Introduced functions for validating participants, building peer sets, and handling payloads for each phase.
- Added support for Schnorr proofs and square-free proofs in the key generation process.
- Ensured strict proof verification and compatibility checks for enhanced security.
- Introduced `sign_flow_test_shared.h` to define common structures and functions for testing the signing flow in threshold ECDSA.
- Implemented `sign_flow_test_support.cc` to provide utility functions for managing key generation and signing sessions, including envelope delivery and message collection for various phases.
- Added helper functions for constructing sign fixtures, verifying session states, and handling envelope tampering scenarios.
  - add missing Apache license headers to threshold_ecdsa sources
  - run clang-format on the threshold_ecdsa module
  - reformat BUILD.bazel with buildifier
  - keep changes limited to style and CI cleanup
jjllzhang and others added 29 commits April 21, 2026 21:42
@jjllzhang jjllzhang marked this pull request as ready for review June 17, 2026 09:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant