aor

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

README

Agree on Random (AOR)

Protocol for distributively sampling a random value: all parties contribute randomness, and everyone outputs the XOR if and only if all openings verify. Implemented with hash-based commitments and three broadcast rounds.

Protocol Overview

  1. Commit: Each party samples a random seed r_i and broadcasts a commitment.
  2. Open: Parties broadcast (r_i, witness_i) openings for their commitments.
  3. XOR Aggregate: After verifying all openings, parties XOR all r_i values to obtain the joint random output. Any failed verification aborts.

Implementation Notes

  • Commitments use the hash-based scheme from pkg/commitments/hash.
  • Transcript binding via transcripts ensures domain separation and reproducibility.
  • Participant exposes Round1, Round2, Round3; use a network.Router to exchange round messages.

Usage

  1. Construct a Participant with NewParticipant(id, quorum, size, transcript, prng).
  2. Run Round1 to produce a Round1Broadcast commitment.
  3. Collect others’ commitments; call Round2 to produce the opening.
  4. Collect openings; call Round3 to verify and derive the shared random output (byte slice of length size).

Documentation

Overview

Package aor provides protocol for distributively sampling a random value: all parties contribute randomness, and everyone outputs the XOR if and only if all openings verify. Implemented with hash-based commitments and three broadcast rounds.

See README.md for details.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidArgument = errs.New("invalid argument")
	ErrFailed          = errs.New("failed")
	ErrRound           = errs.New("invalid round")
)

Functions

func NewAgreeOnRandomRunner 

func NewAgreeOnRandomRunner(id sharing.ID, quorum network.Quorum, sampleSize int, tape transcripts.Transcript, prng io.Reader) (network.Runner[[]byte], error)

NewAgreeOnRandomRunner constructs a runner that executes the Agree-on-Random protocol.

Types

type Participant 

type Participant struct {
	// contains filtered or unexported fields
}

Participant runs the Agree-on-Random protocol for a single party.

func NewParticipant 

func NewParticipant(id sharing.ID, quorum network.Quorum, size int, tape transcripts.Transcript, prng io.Reader) (*Participant, error)

NewParticipant initialises an AOR participant with transcript binding and randomness.

func (*Participant) Round1 

func (p *Participant) Round1() (*Round1Broadcast, error)

Round1 samples a random value, commits to it, and broadcasts the commitment.

func (*Participant) Round2 

func (p *Participant) Round2(r1 network.RoundMessages[*Round1Broadcast]) (*Round2Broadcast, error)

Round2 records all commitments and broadcasts the local opening (message, witness).

func (*Participant) Round3 

func (p *Participant) Round3(r2 network.RoundMessages[*Round2Broadcast]) ([]byte, error)

Round3 verifies all openings and aggregates the agreed random output.

func (*Participant) SharingID 

func (p *Participant) SharingID() sharing.ID

type Round1Broadcast 

type Round1Broadcast struct {
	Commitment hash_comm.Commitment `cbor:"commitment"`
}

Round1Broadcast carries the commitment to a participant's random seed.

type Round2Broadcast 

type Round2Broadcast struct {
	Message hash_comm.Message `cbor:"message"`
	Witness hash_comm.Witness `cbor:"witness"`
}

Round2Broadcast carries the opening (message, witness) for the seed commitment.

type State 

type State struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.