taurushq-io / multi-party-sig

Implementation of protocols for threshold signatures
Apache License 2.0
311 stars 120 forks source link

Implement almost all zk proofs using safenum internally #21

Closed cronokirby closed 3 years ago

cronokirby commented 3 years ago

This addresses #17, with the exception of the mod proof, which is complicated enough to warrant a separate PR.

The general pattern here is to implement the proof generation using secret numbers to not leak the private values, or intermediate secrets that are generated. Eventually (i.e. once we expose safenum stuff in public interfaces, and finish all of the glue) we'll represent private values with safenum stuff directly, which should simplify things a lot.