gear icon indicating copy to clipboard operation
gear copied to clipboard
verified publisher icon gear-tech

`ethexe`: make security research of FROST signature verification in Solidity

Open StackOverflowExcept1on opened this issue 1 year ago • 0 comments

Problem to Solve

FROST is promising threshold signature scheme that will save us lot of gas in ethexe. We currently have Solidity implementation that has not yet been integrated into ethexe, but that may happen soon.

It's necessary to prove that the verifySignature function correctly checks zB - cA == signature.R on paper (ideally as security audit in pdf file). Also it's necessary to take into account behavior of ecrecover (it may return address(0) in some cases). The computeChallenge function does not require auditing, since all other FROST cryptography has been audited by NCC Group.

  • https://github.com/StackOverflowExcept1on/frost-secp256k1-evm/blob/master/src/FROST.sol
  • https://github.com/ZcashFoundation/frost/blob/dcf17732f791cd5c69aeed5bb4ff60d019a57ee8/frost-core/src/verifying_key.rs#L63
  • https://github.com/ethereum/go-ethereum/blob/bb9897f11be1054bdbb8fc3b10fed38be8f33000/core/vm/contracts.go#L243

Possible Solution

N/A

Notes

No response

StackOverflowExcept1on avatar Sep 27 '24 14:09 StackOverflowExcept1on