sander
commented
1 month ago This seems to be less of an issue with the 2024-05-21 version of the ARKG draft, where Derive-Secret-Key was refactored into Derive-Private-Key as a wrapper over KEM-Decaps. The HDK spec needs to be updated to use KEM-Decaps directly instead of the custom ARKG-Derive-Blind.
Under sections “Asynchronous Remote Key Generation” and “Proof of Possession” I noticed we need some ARKG implementation details that are currently not exposed in the ARKG spec, since the ARKG spec assumes we can know the value of sk_bl instead of a reference to it in a WSCD. Is it feasible to expose this separate ARKG-Derive-Blind function?