feat: adding reconstruction threshold in node#3640
Open
SimonRastikian wants to merge 94 commits into
Open
Conversation
…same number of participants
… possible value due to 60%-80% range
…_bound as helpers
…nstructionthreshold
…inator) Colleagues did not agree on an 80% upper bound for the GovernanceThreshold, so set MAX_THRESHOLD_NUMERATOR = MAX_THRESHOLD_DENOMINATOR (5/5 = 100%). The relative upper cap structure is kept but never binds below the absolute `k <= n` check, so the GovernanceThreshold may again go up to the participant count. The cross-domain rule (GovernanceThreshold >= max(ReconstructionThreshold)) is unchanged. Revert the test changes that were only needed to satisfy the 80% cap (dropping thresholds / raising participant counts) and remove the now-meaningless dedicated upper-cap tests: - thresholds.rs: restore 5/5-participant thresholds; drop reject-above-cap test - dto_mapping.rs / lib.rs: drop the upper-cap rejection tests - lib.rs verify_tee: rework the kickout-refusal fixture to break the relation via the participant-count ceiling instead of the cap - running.rs: make the reconstruction>governance test regenerate until gov < n - sandbox + e2e + node resharing tests: restore original participant/threshold values - docs/design/domain-separation.md: describe the cap as disabled (100%) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…hreshold' of github.com:near/mpc into 3499-correlate-governancethreshold-with-reconstructionthreshold
…hreshold' of github.com:near/mpc into 3499-correlate-governancethreshold-with-reconstructionthreshold # Conflicts: # crates/contract/src/dto_mapping.rs
Co-authored-by: Mårten Blankfors <marten@blankfors.se>
Contributor
Author
Contributor
Author
SimonRastikian
commented
Jul 1, 2026
Contributor
Author
There was a problem hiding this comment.
This file reduces drastically code redundancy between ecdsa.rs and robust_ecdsa.rs. It also unifies parts of the interface
Changing a domain's reconstruction threshold via a resharing proposal had no cryptographic effect. The resharing key event was built from the old domain registry, so the node reshared at the old threshold, and per_domain_thresholds was only folded into the registry on completion. Lowering t left an unusable (higher-degree) key; raising t left the advertised threshold unenforced. Build the resharing key events from the effective (threshold-updated) domains via a new DomainRegistry::effective_domain_by_index, so the reshare targets the new degree. The old-side threshold still comes from the previous registry, so reshare(old_t, .., new_t) receives the correct pair.
Adds an integration test that lowers a domain's reconstruction threshold from 4 to 2 via resharing and then signs with only 2 of 5 nodes online, proving the key was reshared to the new degree. Adds FakeIndexerManager::start_resharing_with_ threshold_updates to drive the change, and a PortSeed for the new test.
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #3164
Closes #1680 in 0b8b201