FROST with Secp256k1

[aidenrb]

Is it possible to use FROST tss with secp256k1 curve? I saw in the code that it requires just a generic curve implementation, but it also requires Challenge Deriver when creating a signer and is labeled under ted25519.

[mikelodder7]

Yes it is. FROST generates a Schnorr signature so the only difference that is required is the challenge deriver or how the c value is computed. Bitcoin taproot requires using SHA256 with certain tag prefixes. Ed25519 uses SHA512. Mina uses Poseidon. If you want to have a basic proof of concept, you could just use SHA256 for the three inputs.

[lfzkoala]

Yes, you can define a challenge deriver using secp256k1 curve abstraction to do this, which should be similar the existing ed25519 challenge deriver.