// Split creates PVSS shares encrypted by the public keys in X and
// provides a NIZK encryption consistency proof for each share.
func (pv *PVSS) Split(X []abstract.Point, secret abstract.Scalar) ([]int, []abstract.Point, []ProofCore, []byte, error) {
n := len(X)
// Create secret sharing polynomial
priPoly := new(poly.PriPoly).Pick(pv.suite, pv.t, secret, random.Stream)
// Create secret set of shares
shares := new(poly.PriShares).Split(priPoly, n)
// Create public polynomial commitments with respect to basis H
pubPoly := new(poly.PubPoly).Commit(priPoly, pv.h)
// Prepare data for encryption consistency proofs ...
share := make([]abstract.Scalar, n)
H := make([]abstract.Point, n)
idx := make([]int, n)
for i := range idx {
idx[i] = i
share[i] = shares.Share(i)
H[i] = pv.h
}
// ... and create them
proof, err := NewProof(pv.suite, H, X, nil)
if err != nil {
return nil, nil, nil, nil, err
}
_, sX, err := proof.SetupCollective(share...)
if err != nil {
return nil, nil, nil, nil, err
}
polyBin, err := pubPoly.MarshalBinary()
if err != nil {
return nil, nil, nil, nil, err
}
return idx, sX, proof.Core, polyBin, nil
}
