Closed LLFourn closed 2 years ago
Also:
Currently user creates and validates their own shares + pop. Is this annoying?
Test tweaks thoroughly
Is there anything special that needs to be done when cloning / consuming secrets for security?
All of these have been implemented in https://github.com/LLFourn/secp256kfun/pull/84 except for additional tweak tests (no test vectors yet)
closed by #84. More things to be done but they are not captured by this issue.
secp256kfun FROST impl
TODO Notion DKG id
This is useful so we can sign it with pop and in gun to make sure every device displays the same thing before using they key.
TODO Proof of possession
Just use hash type parameter that is passed to internal Schnorr instance. Tag the hash when you init Frost with “frost/dkg”. Then hash all the commitments together to form the dkg-id, use the internal Schnorr (with noncegen) to produce pop.
TODO How do we make it two rounds in gun
TODO Have API that allows you to pass in first coef
Need to handle needs negation later:
Stop using needs negation when creating shares.
TODO How should gennonce be designed
Application makes sure sid is unique. Document
secret
could be either static first coef or secret share depending on the application – but be consistent!TODO Renaming things
Don’t use HashMap
Doesn’t work with nostd and introduces non-determinism. Probably just use vec internally and warn users.
Nonce agg scheme what to hash?
No
Do proptesting