conduition
conduition
As noted by @jesseposner during the round table, the raw DKG output is not safe to use in a BIP341 context. I'm going to update this PR to reflect that,...
@conradoplg Yes, this PR does handle key negation properly at signing time (i haven't read Jesse's linked negation algorithm yet), but how would key negation at signing time prevent a...
@MatthewLM Great idea. It's simple and elegantly prevents the footgun, without limiting how participants use their group key. The group can still add further tweaks (e.g. BIP341, BIP32, etc) at...
I'm starting the process of resyncing this PR with the upstream v2.0.0 changes on `main`.
Resyncing is done but not yet pushed to this branch. You can preview the changes here: https://github.com/ZcashFoundation/frost/compare/main...conduition:frost:add-secp256k1-tr-reloaded @conradoplg Do you have any preference for how i merge the updates into...
Just to formalize this 'tweak the DKG output' idea a little... Every FROST participant receives three things from the DKG: - A signing share $s_i = \sum_{j=1}^n f_j(i)$ - A...
I've resynchronized this branch with upstream `main` to be compatible with the v2.0.0 codebase. Tests are passing and clippy is happy. I'll add DKG tweaking soon in a new commit
Thanks @conradoplg, I'll try to take a look at these changes soon.
@conradoplg Tests are passing for me on this branch :tada: Now that we've got that sorted out, i'm going to do [the pruning i suggested here](https://github.com/ZcashFoundation/frost/pull/730#discussion_r1817410480) to hopefully reduce code...
Thank you very much @conradoplg :heart: