Rename fields to match types

book/src/zcash/ywallet-demo.md

@@ -82,13 +82,13 @@ take a bit to compile. It will show a bunch of warnings which is normal.
 cargo build --release --bin sign --features dotenv -- -g
 ```
 
-When prompted for the `ak`, paste the `group_public` value that was printed in
+When prompted for the `ak`, paste the `verifying_key` value that was printed in
 the previous part, inside the Public Key Package. For example, in the following
 package
 
 ```
 Public key package:
-{"signer_pubkeys": ...snip... ,"group_public":"d2bf40ca860fb97e9d6d15d7d25e4f17d2e8ba5dd7069188cbf30b023910a71b","ciphersuite":"FROST(Pallas, BLAKE2b-512)"}
+{"verifying_shares": ...snip... ,"verifying_key":"d2bf40ca860fb97e9d6d15d7d25e4f17d2e8ba5dd7069188cbf30b023910a71b","ciphersuite":"FROST(Pallas, BLAKE2b-512)"}
 ```
 
 you would need to use

frost-core/src/benches.rs

@@ -130,7 +130,7 @@ pub fn bench_sign<C: Ciphersuite, R: RngCore + CryptoRng + Clone>(
                         key_packages
                             .get(&participant_identifier)
                             .unwrap()
-                            .secret_share(),
+                            .signing_share(),
                         rng,
                     );
                 })
@@ -146,7 +146,7 @@ pub fn bench_sign<C: Ciphersuite, R: RngCore + CryptoRng + Clone>(
                 key_packages
                     .get(&participant_identifier)
                     .unwrap()
-                    .secret_share(),
+                    .signing_share(),
                 rng,
             );
             nonces.insert(participant_identifier, nonce);

frost-core/src/frost.rs

@@ -100,13 +100,13 @@ where
 #[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
 pub(crate) fn compute_binding_factor_list<C>(
     signing_package: &SigningPackage<C>,
-    group_public: &VerifyingKey<C>,
+    verifying_key: &VerifyingKey<C>,
     additional_prefix: &[u8],
 ) -> BindingFactorList<C>
 where
     C: Ciphersuite,
 {
-    let preimages = signing_package.binding_factor_preimages(group_public, additional_prefix);
+    let preimages = signing_package.binding_factor_preimages(verifying_key, additional_prefix);
 
     BindingFactorList(
         preimages
@@ -274,15 +274,15 @@ where
     #[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
     pub fn binding_factor_preimages(
         &self,
-        group_public: &VerifyingKey<C>,
+        verifying_key: &VerifyingKey<C>,
         additional_prefix: &[u8],
     ) -> Vec<(Identifier<C>, Vec<u8>)> {
         let mut binding_factor_input_prefix = vec![];
 
         // The length of a serialized verifying key of the same cipersuite does
         // not change between runs of the protocol, so we don't need to hash to
         // get a fixed length.
-        binding_factor_input_prefix.extend_from_slice(group_public.serialize().as_ref());
+        binding_factor_input_prefix.extend_from_slice(verifying_key.serialize().as_ref());
 
         // The message is hashed with H4 to force the variable-length message
         // into a fixed-length byte string, same for hashing the variable-sized
@@ -422,22 +422,22 @@ where
     C: Ciphersuite,
 {
     // Check if signing_package.signing_commitments and signature_shares have
-    // the same set of identifiers, and if they are all in pubkeys.signer_pubkeys.
+    // the same set of identifiers, and if they are all in pubkeys.verifying_shares.
     if signing_package.signing_commitments().len() != signature_shares.len() {
         return Err(Error::UnknownIdentifier);
     }
     if !signing_package
         .signing_commitments()
         .keys()
-        .all(|id| signature_shares.contains_key(id) && pubkeys.signer_pubkeys().contains_key(id))
+        .all(|id| signature_shares.contains_key(id) && pubkeys.verifying_shares().contains_key(id))
     {
         return Err(Error::UnknownIdentifier);
     }
 
     // Encodes the signing commitment list produced in round one as part of generating [`BindingFactor`], the
     // binding factor.
     let binding_factor_list: BindingFactorList<C> =
-        compute_binding_factor_list(signing_package, &pubkeys.group_public, &[]);
+        compute_binding_factor_list(signing_package, &pubkeys.verifying_key, &[]);
 
     // Compute the group commitment from signing commitments produced in round one.
     let group_commitment = compute_group_commitment(signing_package, &binding_factor_list)?;
@@ -461,7 +461,7 @@ where
 
     // Verify the aggregate signature
     let verification_result = pubkeys
-        .group_public
+        .verifying_key
         .verify(signing_package.message(), &signature);
 
     // Only if the verification of the aggregate signature failed; verify each share to find the cheater.
@@ -471,7 +471,7 @@ where
         // Compute the per-message challenge.
         let challenge = crate::challenge::<C>(
             &group_commitment.0,
-            &pubkeys.group_public.element,
+            &pubkeys.verifying_key.element,
             signing_package.message().as_slice(),
         );
 
@@ -480,7 +480,7 @@ where
             // Look up the public key for this signer, where `signer_pubkey` = _G.ScalarBaseMult(s[i])_,
             // and where s[i] is a secret share of the constant term of _f_, the secret polynomial.
             let signer_pubkey = pubkeys
-                .signer_pubkeys
+                .verifying_shares
                 .get(signature_share_identifier)
                 .ok_or(Error::UnknownIdentifier)?;
 

frost-core/src/frost/keys.rs

@@ -356,7 +356,7 @@ pub struct SecretShare<C: Ciphersuite> {
     #[zeroize(skip)]
     pub(crate) identifier: Identifier<C>,
     /// Secret Key.
-    pub(crate) value: SigningShare<C>,
+    pub(crate) signing_share: SigningShare<C>,
     #[zeroize(skip)]
     /// The commitments to be distributed among signers.
     pub(crate) commitment: VerifiableSecretSharingCommitment<C>,
@@ -380,22 +380,17 @@ where
     /// Create a new [`SecretShare`] instance.
     pub fn new(
         identifier: Identifier<C>,
-        value: SigningShare<C>,
+        signing_share: SigningShare<C>,
         commitment: VerifiableSecretSharingCommitment<C>,
     ) -> Self {
         SecretShare {
             identifier,
-            value,
+            signing_share,
             commitment,
             ciphersuite: (),
         }
     }
 
-    /// Gets the inner [`SigningShare`] value.
-    pub fn secret(&self) -> &SigningShare<C> {
-        &self.value
-    }
-
     /// Verifies that a secret share is consistent with a verifiable secret sharing commitment,
     /// and returns the derived group info for the participant (their public verification share,
     /// and the group public key) if successful.
@@ -411,18 +406,18 @@ where
     ///
     /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.2-4
     pub fn verify(&self) -> Result<(VerifyingShare<C>, VerifyingKey<C>), Error<C>> {
-        let f_result = <C::Group>::generator() * self.value.0;
+        let f_result = <C::Group>::generator() * self.signing_share.0;
         let result = evaluate_vss(&self.commitment, self.identifier);
 
         if !(f_result == result) {
             return Err(Error::InvalidSecretShare);
         }
 
-        let group_public = VerifyingKey {
+        let verifying_key = VerifyingKey {
             element: self.commitment.first()?.0,
         };
 
-        Ok((VerifyingShare(result), group_public))
+        Ok((VerifyingShare(result), verifying_key))
     }
 }
 
@@ -496,7 +491,7 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
         }
     }
 
-    let group_public = VerifyingKey::from(key);
+    let verifying_key = VerifyingKey::from(key);
 
     let coefficients = generate_coefficients::<C, R>(min_signers as usize - 1, rng);
 
@@ -509,24 +504,24 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
             generate_secret_shares(key, max_signers, min_signers, coefficients, identifiers)?
         }
     };
-    let mut signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>> =
+    let mut verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>> =
         HashMap::with_capacity(max_signers as usize);
 
     let mut secret_shares_by_id: HashMap<Identifier<C>, SecretShare<C>> =
         HashMap::with_capacity(max_signers as usize);
 
     for secret_share in secret_shares {
-        let signer_public = secret_share.value.into();
-        signer_pubkeys.insert(secret_share.identifier, signer_public);
+        let signer_public = secret_share.signing_share.into();
+        verifying_shares.insert(secret_share.identifier, signer_public);
 
         secret_shares_by_id.insert(secret_share.identifier, secret_share);
     }
 
     Ok((
         secret_shares_by_id,
         PublicKeyPackage {
-            signer_pubkeys,
-            group_public,
+            verifying_shares,
+            verifying_key,
             ciphersuite: (),
         },
     ))
@@ -585,14 +580,14 @@ pub struct KeyPackage<C: Ciphersuite> {
     /// Denotes the participant identifier each secret share key package is owned by.
     #[zeroize(skip)]
     pub(crate) identifier: Identifier<C>,
-    /// This participant's secret share.
-    pub(crate) secret_share: SigningShare<C>,
+    /// This participant's signing share. This is secret.
+    pub(crate) signing_share: SigningShare<C>,
     /// This participant's public key.
     #[zeroize(skip)]
-    pub(crate) public: VerifyingShare<C>,
+    pub(crate) verifying_share: VerifyingShare<C>,
     /// The public verifying key that represents the entire group.
     #[zeroize(skip)]
-    pub(crate) group_public: VerifyingKey<C>,
+    pub(crate) verifying_key: VerifyingKey<C>,
     pub(crate) min_signers: u16,
     /// Ciphersuite ID for serialization
     #[cfg_attr(
@@ -614,16 +609,16 @@ where
     /// Create a new [`KeyPackage`] instance.
     pub fn new(
         identifier: Identifier<C>,
-        secret_share: SigningShare<C>,
-        public: VerifyingShare<C>,
-        group_public: VerifyingKey<C>,
+        signing_share: SigningShare<C>,
+        verifying_share: VerifyingShare<C>,
+        verifying_key: VerifyingKey<C>,
         min_signers: u16,
     ) -> Self {
         Self {
             identifier,
-            secret_share,
-            public,
-            group_public,
+            signing_share,
+            verifying_share,
+            verifying_key,
             min_signers,
             ciphersuite: (),
         }
@@ -661,13 +656,13 @@ where
     /// dealer, but implementations *MUST* make sure that all participants have
     /// a consistent view of this commitment in practice.
     fn try_from(secret_share: SecretShare<C>) -> Result<Self, Error<C>> {
-        let (public, group_public) = secret_share.verify()?;
+        let (verifying_share, verifying_key) = secret_share.verify()?;
 
         Ok(KeyPackage {
             identifier: secret_share.identifier,
-            secret_share: secret_share.value,
-            public,
-            group_public,
+            signing_share: secret_share.signing_share,
+            verifying_share,
+            verifying_key,
             min_signers: secret_share.commitment.0.len() as u16,
             ciphersuite: (),
         })
@@ -684,9 +679,9 @@ where
 pub struct PublicKeyPackage<C: Ciphersuite> {
     /// The verifying shares for all participants. Used to validate signature
     /// shares they generate.
-    pub(crate) signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>>,
+    pub(crate) verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>>,
     /// The joint public key for the entire group.
-    pub(crate) group_public: VerifyingKey<C>,
+    pub(crate) verifying_key: VerifyingKey<C>,
     /// Ciphersuite ID for serialization
     #[cfg_attr(
         feature = "serde",
@@ -706,12 +701,12 @@ where
 {
     /// Create a new [`PublicKeyPackage`] instance.
     pub fn new(
-        signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>>,
-        group_public: VerifyingKey<C>,
+        verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>>,
+        verifying_key: VerifyingKey<C>,
     ) -> Self {
         Self {
-            signer_pubkeys,
-            group_public,
+            verifying_shares,
+            verifying_key,
             ciphersuite: (),
         }
     }
@@ -827,7 +822,7 @@ pub(crate) fn generate_secret_shares<C: Ciphersuite>(
 
         secret_shares.push(SecretShare {
             identifier: *id,
-            value: SigningShare(value),
+            signing_share: SigningShare(value),
             commitment: commitment.clone(),
             ciphersuite: (),
         });
@@ -880,12 +875,12 @@ pub fn reconstruct<C: Ciphersuite>(
     }
 
     // Compute the Lagrange coefficients
-    for secret_share in key_packages.iter() {
+    for key_package in key_packages.iter() {
         let lagrange_coefficient =
-            compute_lagrange_coefficient(&identifiers, None, secret_share.identifier)?;
+            compute_lagrange_coefficient(&identifiers, None, key_package.identifier)?;
 
         // Compute y = f(0) via polynomial interpolation of these t-of-n solutions ('points) of f
-        secret = secret + (lagrange_coefficient * secret_share.secret_share().0);
+        secret = secret + (lagrange_coefficient * key_package.signing_share().0);
     }
 
     Ok(SigningKey { scalar: secret })