Documentation
¶
Overview ¶
nonce package implements NonceDKG as described in <https://github.com/iotaledger/crypto-tss/>. > 4) Asynchronous nonce-DKG > Variant a) > > Setup > Run any DKG (preferably probably FROST-DKG) to derive the aggregated public key and private key share. > This leads to a synchronous, non-robust setup phase. > Nonce sharing (can be started any time before the signing process) > For every party i: > Sample secret s = a₀ > Run ACSSᵢ(s): > C=(A₀,A₁,…,Aₜ), e=(Enc_pk₀(y₀),…,Enc_pkₙ(yₙ)) ← VSSEncAndProve(s) > Broadcast (C,e) using Verified Reliable Broadcast (RBC) with predicate: C is valid > On termination of ACSSⱼ: > sʲᵢ ← output > Tᵢ ← Tᵢ ∪ {j} > Wait until |Tᵢ| ≥ n - f > Signing process > For every party i: > Input Tᵢ (bit vector) into Verified ACS with predicate: |Tᵢ| ≥ n - f > On termination of ACS: > 𝒯 ← {j | the j-th bit is set in at least f+1 elements of the output} > (One can show that |𝒯| ≥ f + 1 will always hold. Thus, one honest dealer will always be included.) > Wait until 𝒯 ⊆ Tᵢ > (as for each j in 𝒯 at least one honest peer observed a termination of ACSSⱼ, this will eventually succeed.) > σᵢ ← sum(sʲᵢ for j in 𝒯) > Create partial signature using the private key share and σᵢ as the nonce share > Aggregate t partial signatures to form the valid signature
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Source Files