Imagine a threshold signing protocol. We may want to allow one party to keep several shares of the signing key to increase its "importance". Of course, one could just run several sessions concurrently using separate secret inputs for each share, but that is inefficient:
Sessions will have to send messages to other sessions running locally;
receive_message() methods will do extra work verifying proofs created locally;
Messages from the sessions will have to be sent separately, or somehow bundled together externally.
Alternatively, one could write a Round impl supporting owning multiple shares. It actually seems like a viable option in many cases - if you're a protocol author. But what if you're a user wanting to run an existing protocol this way? It would be nice to have manul support that. This will still require some support from the protocol level though, indicating which parts of the messages are proofs that can be ignored if the message is intended for the locally owned party.
Imagine a threshold signing protocol. We may want to allow one party to keep several shares of the signing key to increase its "importance". Of course, one could just run several sessions concurrently using separate secret inputs for each share, but that is inefficient:
receive_message()methods will do extra work verifying proofs created locally;Alternatively, one could write a
Roundimpl supporting owning multiple shares. It actually seems like a viable option in many cases - if you're a protocol author. But what if you're a user wanting to run an existing protocol this way? It would be nice to havemanulsupport that. This will still require some support from the protocol level though, indicating which parts of the messages are proofs that can be ignored if the message is intended for the locally owned party.