śĪ7Ä0īJ      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHINone5I Public Key Private KeyJ Point addingKPoint subtractionL Point scalingMPoint scaling, flip (*.)-NOPQ RSTUV WXYZ[\JKLM]^_`abcdefghi$NOPQ RTUV WXYZ[\JKLM]^_`a#NOPQ RSTUV WXYZ[\JKLM]^_`abcdefghiNoneIj:a group of coefficient starting from the smallest degree.jklmnjklmnjklmnNone5I The generated proofo g1 parameterph1 parameter where h1 = g1^aq g2 parameterrh2 parameter where h2 = g2^asGenerate a prooftVerify a proof uvwxyz{opqrs random valuea DLEQ parameters to generate fromtDLEQ parameter used to verifythe proof to verify|}~ uvwz{opqrst uvwxyz{opqrst|}~None5I1An decrypted share decrypted by a party's key anddecrypted shareproof the decryption is valid/An encrypted share associated to a party's key.#encrypted by participant public keyproof it's a valid shareSecretExtra generator The ID associated with a share€#The number of parties in the scheme!6The number of shares needed to reconstitute the secret#-Transform a secret into a usable random value$Prepare a new escrowing contextbThe only needed parameter is the threshold do not re-use an escrow context for different context.%UPrepare a secret into public encrypted shares for distributions using the PVSS schemeŁreturns: * the encrypted secret which is locked symmetrically to the DH-secret (g^random) * the list of public commitments (Cj) to the scheme * The encrypted shares that should be distributed to each partipants.&Escrow with a given polynomial'Create all the commitments there is  threshold commitments in the list(BCreate all the encrypted share associated with specific public key)ECreate a specific share given a public key and the overall parameters*Decrypt an Encrypted share using the party's key pair. Doesn't verify if an encrypted share is valid, for this you need to use +Q1) compute Si = Yi ^ (1/xi) = G^(p(i)) 2) create a proof of the valid decryption+Verify an encrypted share@anyone can do that given the extra generator and the commitments,GVerify a decrypted share against the public key and the encrypted share-0Verify that a secret recovered is the one escrow.Recover the DhSecret usedJNeed to pass the correct amount of shares (threshold), preferably from a / call/4Get #Threshold decrypted share that are deemed validFSum all commitment multiplied by the share id raised at the power of iQC_0 * 1 + C_1 * shareid + C_2 * shareid^2 + C_3 * shareid^3 ... + C_n * shareid^n-‚ƒ €!"„…#$%'PVSS scheme configuration n/t thresholdParticipants public keys&Participants public keys'()*++the encrypted and the associated public key,-./index iall commitments012340  !"#$%&'()*+,-./0!   "%&$'()*+,-/.# ‚ƒ €!"„…#$%&'()*+,-./01234†        !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdeffghijklmgnopqqrrstuvwx yzpvss-0.1-68lOrxtyxMCDaShOQqprvu Crypto.PVSSCrypto.PVSS.ECCCrypto.PVSS.PolynomialCrypto.PVSS.DLEQScalarPoint PublicKey PrivateKeyDhSecretKeyPair toPrivateKey toPublicKeykeyPairGenerateProofEscrowescrowExtraGenescrowPolynomial escrowSecret escrowProofDecryptedSharedecryptedShareIDshareDecryptedValdecryptedValidProofEncryptedShareshareIDshareEncryptedValshareValidProofSecretExtraGenShareId Threshold CommitmentsecretToDhSecret escrowNewescrow escrowWithcreateCommitments sharesCreate shareCreate shareDecryptverifyEncryptedShareverifyDecryptedShare verifySecretrecovergetValidRecoveryShares$fNFDataEscrow$fBinaryDecryptedShare$fNFDataDecryptedShare$fBinaryEncryptedShare$fNFDataEncryptedShare$fShowCommitment$fEqCommitment$fNFDataCommitment$fBinaryCommitment$fShowExtraGen $fEqExtraGen$fNFDataExtraGen$fBinaryExtraGen $fShowSecret $fEqSecret$fNFDataSecret$fBinarySecret$fShowEncryptedShare$fEqEncryptedShare$fGenericEncryptedShare$fShowDecryptedShare$fEqDecryptedShare$fGenericDecryptedShare $fShowEscrow $fEqEscrow$fGenericEscrow.+.-.**.unScalarunPoint keyFromBytesp256 keyFromNum keyInverse keyGeneratepointToDhSecretpointFromSecret pointIdentity hashPointshashPointsToKeycurveGenerator#+#-#*#^mulPowerAndSum hashSHA256$fBinaryScalar $fBinaryPoint $fEqPoint $fShowPoint $fNFDataPoint$fNFDataKeyPair$fBinaryKeyPair PolynomialgenerateevaluateatZerodleq_g1dleq_h1dleq_g2dleq_h2verifyproof_cproof_z ChallengeDLEQ $fNFDataProof $fBinaryProof$fBinaryChallenge $fNFDataDLEQ ParticipantscreateXi unCommitment