Documentation ¶
Index ¶
- func Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc
- func KeygenTaproot(selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc
- func KeygenTaprootGennaro(selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc
- func Refresh(config *Config, participants []party.ID) protocol.StartFunc
- func RefreshTaproot(config *TaprootConfig, participants []party.ID) protocol.StartFunc
- func Sign(config *Config, signers []party.ID, messageHash []byte) protocol.StartFunc
- func SignTaproot(config *TaprootConfig, signers []party.ID, messageHash []byte) protocol.StartFunc
- func SignTaprootWithTweak(config *TaprootConfig, signers []party.ID, messageHash []byte, tweak []byte) protocol.StartFunc
- type Config
- type Signature
- type TaprootConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Keygen ¶
func Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc
Keygen initiates the Frost key generation protocol.
This protocol establishes a new threshold signature key among a set of participants. Later, a subset of these participants can create signatures for this public key, using the private shares created in this protocol.
participants is a complete set of parties that will hold a share of the secret key. Future signers must come from this set.
threshold is the number of participants that can be corrupted without breaking the security of the protocol. In the future, threshold + 1 participants will need to cooperate to produce signatures.
selfID is the identifier for the local party calling this function.
This protocol corresponds to Figure 1 of the Frost paper:
https://eprint.iacr.org/2020/852.pdf
func KeygenTaproot ¶
KeygenTaproot is like Keygen, but will make Taproot / BIP-340 compatible keys.
This will also return TaprootResult instead of Result, at the end of the protocol.
See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#specification
func KeygenTaprootGennaro ¶
func KeygenTaprootGennaro(selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc
KeygenTaprootGennaro is like Keygen Taproot, but uses DKG algorithm based on Gennaro et al's work
This will also return TaprootResult instead of Result, at the end of the protocol.
func RefreshTaproot ¶
func RefreshTaproot(config *TaprootConfig, participants []party.ID) protocol.StartFunc
RefreshTaproot is like Refresh, but will make Taproot / BIP-340 compatible keys.
This will also return TaprootResult instead of Result, at the end of the protocol.
See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#specification
func Sign ¶
Sign initiates the protocol for producing a threshold signature, with Frost.
result is the result of the key generation phase, for this participant.
signers is the list of all participants generating a signature together, including this participant.
messageHash is the hash of the message a signature should be generated for.
This protocol merges Figures 2 and 3 from the Frost paper:
https://eprint.iacr.org/2020/852.pdf
We merge the pre-processing and signing protocols into a single signing protocol which doesn't require any pre-processing.
Another major difference is that there's no central "Signing Authority". Instead, each participant independently verifies and broadcasts items as necessary.
Differences stemming from this change are commented throughout the protocol.
func SignTaproot ¶
SignTaproot is like Sign, but will generate a Taproot / BIP-340 compatible signature.
This needs to result of a Taproot compatible key generation phase, naturally.
See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki
func SignTaprootWithTweak ¶
func SignTaprootWithTweak(config *TaprootConfig, signers []party.ID, messageHash []byte, tweak []byte) protocol.StartFunc
SignTaprootWithTweak is like SignTaproot, but will add the tweak to the public key and signature
This needs to result of a Taproot compatible key generation phase, naturally.
See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki
Types ¶
type Config ¶
func EmptyConfig ¶
EmptyConfig creates an empty Config with a specific group.
This needs to be called before unmarshalling, instead of just using new(Result). This is to allow points and scalars to be correctly unmarshalled.
type TaprootConfig ¶
type TaprootConfig = keygen.TaprootConfig