Interface KeyManagerCHURPStatus

Status represents the current state of a CHURP instance.

interface KeyManagerCHURPStatus {
    applications?: Map<Uint8Array, KeyManagerCHURPApplication>;
    checksum?: Uint8Array;
    committee?: Uint8Array[];
    extra_shares: number;
    handoff: longnum;
    handoff_interval: longnum;
    id: number;
    next_checksum?: Uint8Array;
    next_handoff: longnum;
    policy: KeyManagerCHURPSignedPolicySGX;
    runtime_id: Uint8Array;
    suite_id: number;
    threshold: number;
}

Hierarchy (view full)

Properties

applications? checksum? committee? extra_shares handoff handoff_interval id next_checksum? next_handoff policy runtime_id suite_id threshold

Properties

Optionalapplications

applications?: Map<Uint8Array, KeyManagerCHURPApplication>

Applications is a map of nodes that wish to form the new committee.

Candidates are expected to generate a random bivariate polynomial, construct a verification matrix, compute its checksum, and submit an application one epoch in advance of the next scheduled handoff. Subsequently, upon the arrival of the handoff epoch, nodes must execute the handoff protocol and confirm the reconstruction of its share.

Optionalchecksum

checksum?: Uint8Array

The hash of the verification matrix from the last successfully completed handoff.

Optionalcommittee

committee?: Uint8Array[]

Committee is a vector of nodes holding a share of the secret in the active handoff.

A client needs to obtain more than a threshold number of key shares from the nodes in this vector to construct the key.

extra_shares

extra_shares: number

ExtraShares represents the minimum number of shares that can be lost to render the secret unrecoverable.

If t and e represent the threshold and extra shares, respectively, then the minimum size of the committee is t+e+1.

handoff

handoff: longnum

Handoff is the epoch of the last successfully completed handoff.

The zero value indicates that no handoffs have been completed so far. Note that the first handoff is special and is called the dealer phase, in which nodes do not reshare or randomize shares but instead construct the secret and shares.

handoff_interval

handoff_interval: longnum

HandoffInterval is the time interval in epochs between handoffs.

A zero value disables handoffs.

id

id: number

ID is a unique CHURP identifier within the key manager runtime.

Optionalnext_checksum

next_checksum?: Uint8Array

NextChecksum is the hash of the verification matrix from the current handoff.

The first candidate to confirm share reconstruction is the source of truth for the checksum. All other candidates need to confirm with the same checksum; otherwise, the applications will be annulled, and the nodes will need to apply for the new committee again.

next_handoff

next_handoff: longnum

NextHandoff defines the epoch in which the next handoff will occur.

If an insufficient number of applications is received, the next handoff will be delayed by one epoch.

policy

policy: KeyManagerCHURPSignedPolicySGX

Policy is a signed SGX access control policy.

runtime_id

runtime_id: Uint8Array

RuntimeID is the identifier of the key manager runtime.

suite_id

suite_id: number

SuiteID is the identifier of a cipher suite used for verifiable secret sharing and key derivation.

threshold

threshold: number

Threshold represents the degree of the secret-sharing polynomial.

In a (t,n) secret-sharing scheme, where t represents the threshold, any combination of t+1 or more shares can reconstruct the secret, while losing n-t or fewer shares still allows the secret to be recovered.

Settings

Member Visibility

On This Page

Properties