frost

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 3, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Keygen

func Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc

Keygen initiates the Frost key generation protocol.

This protocol establishes a new threshold signature key among a set of participants. Later, a subset of these participants can create signatures for this public key, using the private shares created in this protocol.

participants is a complete set of parties that will hold a share of the secret key. Future signers must come from this set.

threshold is the number of participants that can be corrupted without breaking the security of the protocol. In the future, threshold + 1 participants will need to cooperate to produce signatures.

selfID is the identifier for the local party calling this function.

This protocol corresponds to Figure 1 of the Frost paper:

https://eprint.iacr.org/2020/852.pdf

func KeygenTaproot

func KeygenTaproot(selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc

KeygenTaproot is like Keygen, but will make Taproot / BIP-340 compatible keys.

This will also return TaprootResult instead of Result, at the end of the protocol.

See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#specification

func KeygenTaprootGennaro

func KeygenTaprootGennaro(selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc

KeygenTaprootGennaro is like Keygen Taproot, but uses DKG algorithm based on Gennaro et al's work

This will also return TaprootResult instead of Result, at the end of the protocol.

func Refresh

func Refresh(config *Config, participants []party.ID) protocol.StartFunc

Refresh

func RefreshTaproot

func RefreshTaproot(config *TaprootConfig, participants []party.ID) protocol.StartFunc

RefreshTaproot is like Refresh, but will make Taproot / BIP-340 compatible keys.

This will also return TaprootResult instead of Result, at the end of the protocol.

See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#specification

func Sign

func Sign(config *Config, signers []party.ID, messageHash []byte) protocol.StartFunc

Sign initiates the protocol for producing a threshold signature, with Frost.

result is the result of the key generation phase, for this participant.

signers is the list of all participants generating a signature together, including this participant.

messageHash is the hash of the message a signature should be generated for.

This protocol merges Figures 2 and 3 from the Frost paper:

https://eprint.iacr.org/2020/852.pdf

We merge the pre-processing and signing protocols into a single signing protocol which doesn't require any pre-processing.

Another major difference is that there's no central "Signing Authority". Instead, each participant independently verifies and broadcasts items as necessary.

Differences stemming from this change are commented throughout the protocol.

func SignTaproot

func SignTaproot(config *TaprootConfig, signers []party.ID, messageHash []byte) protocol.StartFunc

SignTaproot is like Sign, but will generate a Taproot / BIP-340 compatible signature.

This needs to result of a Taproot compatible key generation phase, naturally.

See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki

func SignTaprootWithTweak

func SignTaprootWithTweak(config *TaprootConfig, signers []party.ID, messageHash []byte, tweak []byte) protocol.StartFunc

SignTaprootWithTweak is like SignTaproot, but will add the tweak to the public key and signature

This needs to result of a Taproot compatible key generation phase, naturally.

See: https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki

Types

type Config

type Config = keygen.Config

func EmptyConfig

func EmptyConfig(group curve.Curve) *Config

EmptyConfig creates an empty Config with a specific group.

This needs to be called before unmarshalling, instead of just using new(Result). This is to allow points and scalars to be correctly unmarshalled.

type Signature

type Signature = sign.Signature

type TaprootConfig

type TaprootConfig = keygen.TaprootConfig

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL