You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Conrado Gouvea 956d8d3c7f
add benchmarks (#205)
1 day ago
.github Bump reviewdog/action-actionlint from 1.35.0 to 1.36.0 (#219) 1 week ago
frost-core add benchmarks (#205) 1 day ago
frost-ed448 add benchmarks (#205) 1 day ago
frost-ed25519 add benchmarks (#205) 1 day ago
frost-p256 add benchmarks (#205) 1 day ago
frost-redjubjub Update digest requirement from 0.9 to 0.10 6 months ago
frost-rerandomized clippy fixes (#212) 3 weeks ago
frost-ristretto255 add benchmarks (#205) 1 day ago
frost-secp256k1 add benchmarks (#205) 1 day ago
gendoc add benchmarks (#205) 1 day ago
rfcs add missing checks 2 years ago
.gitignore Ignore .DS_Store 11 months ago
.mergify.yml ci(Mergify): configuration update 8 months ago Don't reject small-order verification keys (#137) 1 year ago
Cargo.toml Expose internals to support randomization (simplified) (#152) 4 weeks ago
LICENCE Frost keygen with dealer (#47) 2 years ago
LICENCE.MIT Frost keygen with dealer (#47) 2 years ago
LICENSE.Apache-2.0 Frost keygen with dealer (#47) 2 years ago Improve examples (#160) 3 months ago
codecov.yml Port frost-ristretto255 to frost-core (#57) 8 months ago

FROST (Flexible Round-Optimised Schnorr Threshold signatures)

Rust implementations of 'Two-Round Threshold Schnorr Signatures with FROST'.

Unlike signatures in a single-party setting, threshold signatures require cooperation among a threshold number of signers, each holding a share of a common private key. The security of threshold schemes in general assume that an adversary can corrupt strictly fewer than a threshold number of participants.

'Two-Round Threshold Schnorr Signatures with FROST' presents a variant of a Flexible Round-Optimized Schnorr Threshold (FROST) signature scheme originally defined in FROST20. FROST reduces network overhead during threshold signing operations while employing a novel technique to protect against forgery attacks applicable to prior Schnorr-based threshold signature constructions. This variant of FROST requires two rounds to compute a signature, and implements signing efficiency improvements described by Schnorr21. Single-round signing with FROST is not implemented here.

Status ⚠

The FROST specification is not yet finalized, and this codebase has not yet been audited or released. The APIs and types in frost-core are subject to change.


frost-core implements the base traits and types in a generic manner, to enable top-level implementations for different ciphersuites / curves without having to implement all of FROST from scratch. End-users should not use frost-core if they want to sign and verify signatures, they should use the crate specific to their ciphersuite/curve parameters that uses frost-core as a dependency.