Update test vectors (#438)

update test vectors to final version (v1) and update spec links

frost-core/src/frost.rs

@@ -101,7 +101,7 @@ where
     //
     // [`binding_factor_for_participant`] in the spec
     //
-    // [`binding_factor_for_participant`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-4.3
+    // [`binding_factor_for_participant`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-4.3
     fn index(&self, identifier: Identifier<C>) -> &Self::Output {
         &self.0[&identifier]
     }
@@ -421,7 +421,7 @@ where
     //
     // Implements [`aggregate`] from the spec.
     //
-    // [`aggregate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-5.3
+    // [`aggregate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-5.3
     let mut z = <<C::Group as Group>::Field>::zero();
 
     for signature_share in signature_shares.values() {

frost-core/src/frost/keys.rs

@@ -378,7 +378,7 @@ where
     /// This also implements `derive_group_info()` from the [spec] (which is very similar),
     /// but only for this participant.
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#appendix-C.2-4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.2-4
     pub fn verify(&self) -> Result<(VerifyingShare<C>, VerifyingKey<C>), Error<C>> {
         let f_result = <C::Group>::generator() * self.value.0;
         let result = evaluate_vss(&self.commitment, self.identifier);
@@ -414,7 +414,7 @@ pub enum IdentifierList<'a, C: Ciphersuite> {
 ///
 /// Implements [`trusted_dealer_keygen`] from the spec.
 ///
-/// [`trusted_dealer_keygen`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#appendix-C
+/// [`trusted_dealer_keygen`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C
 pub fn generate_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>(
     max_signers: u16,
     min_signers: u16,
@@ -482,7 +482,7 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
 ///
 /// Implements [`polynomial_evaluate`] from the spec.
 ///
-/// [`polynomial_evaluate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-evaluation-of-a-polynomial
+/// [`polynomial_evaluate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-evaluation-of-a-polynomial
 fn evaluate_polynomial<C: Ciphersuite>(
     identifier: Identifier<C>,
     coefficients: &[Scalar<C>],
@@ -703,7 +703,7 @@ pub(crate) fn generate_secret_polynomial<C: Ciphersuite>(
 ///
 /// Implements [`secret_share_shard`] from the spec.
 ///
-/// [`secret_share_shard`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#appendix-C.1
+/// [`secret_share_shard`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.1
 pub(crate) fn generate_secret_shares<C: Ciphersuite>(
     secret: &SigningKey<C>,
     max_signers: u16,

frost-core/src/frost/round1.rs

@@ -35,7 +35,7 @@ where
     ///
     /// An implementation of `nonce_generate(secret)` from the [spec].
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-nonce-generation
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-nonce-generation
     pub fn new<R>(secret: &SigningShare<C>, rng: &mut R) -> Self
     where
         R: CryptoRng + RngCore,
@@ -280,7 +280,7 @@ where
 
     /// Computes the [signature commitment share] from these round one signing commitments.
     ///
-    /// [signature commitment share]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-signature-share-verificatio
+    /// [signature commitment share]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-share-verificatio
     #[cfg_attr(feature = "internals", visibility::make(pub))]
     pub(super) fn to_group_commitment_share(
         self,
@@ -321,7 +321,7 @@ pub struct GroupCommitmentShare<C: Ciphersuite>(pub(super) Element<C>);
 /// Outputs:
 /// - A byte string containing the serialized representation of B.
 ///
-/// [`encode_group_commitment_list()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-list-operations
+/// [`encode_group_commitment_list()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-list-operations
 pub(super) fn encode_group_commitments<C: Ciphersuite>(
     signing_commitments: &BTreeMap<Identifier<C>, SigningCommitments<C>>,
 ) -> Vec<u8> {
@@ -375,7 +375,7 @@ where
 /// Generates the signing nonces and commitments to be used in the signing
 /// operation.
 ///
-/// [`commit`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-round-one-commitment
+/// [`commit`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-round-one-commitment
 pub fn commit<C, R>(
     secret: &SigningShare<C>,
     rng: &mut R,

frost-core/src/frost/round2.rs

@@ -81,7 +81,7 @@ where
     ///
     /// This is the final step of [`verify_signature_share`] from the spec.
     ///
-    /// [`verify_signature_share`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-signature-share-verificatio
+    /// [`verify_signature_share`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-share-verificatio
     #[cfg_attr(feature = "internals", visibility::make(pub))]
     pub(crate) fn verify(
         &self,
@@ -183,7 +183,7 @@ fn compute_signature_share<C: Ciphersuite>(
 /// Assumes the participant has already determined which nonce corresponds with
 /// the commitment that was assigned by the coordinator in the SigningPackage.
 ///
-/// [`sign`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-round-two-signature-share-g
+/// [`sign`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-round-two-signature-share-g
 pub fn sign<C: Ciphersuite>(
     signing_package: &SigningPackage<C>,
     signer_nonces: &round1::SigningNonces<C>,

frost-core/src/lib.rs

@@ -67,13 +67,13 @@ pub trait Field: Copy + Clone {
 
     /// Generate a random scalar from the entire space [0, l-1]
     ///
-    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.3>
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.3>
     fn random<R: RngCore + CryptoRng>(rng: &mut R) -> Self::Scalar;
 
     /// A member function of a [`Field`] that maps a [`Scalar`] to a unique byte array buf of
     /// fixed length Ne.
     ///
-    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.8>
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.8>
     fn serialize(scalar: &Self::Scalar) -> Self::Serialization;
 
     /// A member function of a [`Field`] that maps a [`Scalar`] to a unique byte array buf of
@@ -88,7 +88,7 @@ pub trait Field: Copy + Clone {
     /// [`Field`]. This function can raise an [`Error`] if deserialization fails or if the
     /// resulting [`Scalar`] is zero
     ///
-    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.9>
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.9>
     fn deserialize(buf: &Self::Serialization) -> Result<Self::Scalar, FieldError>;
 }
 
@@ -164,20 +164,20 @@ pub trait Group: Copy + Clone + PartialEq {
 
     /// Additive [identity] of the prime order group.
     ///
-    /// [identity]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.2
+    /// [identity]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.2
     fn identity() -> Self::Element;
 
     /// The fixed generator element of the prime order group.
     ///
     /// The 'base' of ['ScalarBaseMult()'] from the spec.
     ///
-    /// [`ScalarBaseMult()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.5
+    /// [`ScalarBaseMult()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.5
     fn generator() -> Self::Element;
 
     /// A member function of a group _G_ that maps an [`Element`] to a unique byte array buf of
     /// fixed length Ne.
     ///
-    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.6>
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.6>
     fn serialize(element: &Self::Element) -> Self::Serialization;
 
     /// A member function of a [`Group`] that attempts to map a byte array `buf` to an [`Element`].
@@ -186,7 +186,7 @@ pub trait Group: Copy + Clone + PartialEq {
     /// [`Group`]. This function can raise an [`Error`] if deserialization fails or if the
     /// resulting [`Element`] is the identity element of the group
     ///
-    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.1-3.7>
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.7>
     fn deserialize(buf: &Self::Serialization) -> Result<Self::Element, GroupError>;
 }
 
@@ -231,7 +231,7 @@ where
 /// A [FROST ciphersuite] specifies the underlying prime-order group details and cryptographic hash
 /// function.
 ///
-/// [FROST ciphersuite]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-ciphersuites
+/// [FROST ciphersuite]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-ciphersuites
 pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
     /// The ciphersuite ID string
     const ID: &'static str;
@@ -250,28 +250,28 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
     ///
     /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field.
     ///
-    /// [H1]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-cryptographic-hash-function
+    /// [H1]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;
 
     /// [H2] for a FROST ciphersuite.
     ///
     /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field.
     ///
-    /// [H2]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-cryptographic-hash-function
+    /// [H2]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;
 
     /// [H3] for a FROST ciphersuite.
     ///
     /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field.
     ///
-    /// [H3]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-cryptographic-hash-function
+    /// [H3]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;
 
     /// [H4] for a FROST ciphersuite.
     ///
     /// Usually an an alias for the ciphersuite hash function _H_ with domain separation applied.
     ///
-    /// [H4]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-cryptographic-hash-function
+    /// [H4]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function
     fn H4(m: &[u8]) -> Self::HashOutput;
 
     /// [H5] for a FROST ciphersuite.
@@ -325,7 +325,7 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
 
 /// A type refinement for the scalar field element representing the per-message _[challenge]_.
 ///
-/// [challenge]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-signature-challenge-computa
+/// [challenge]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-challenge-computa
 #[derive(Clone)]
 pub struct Challenge<C: Ciphersuite>(pub(crate) <<C::Group as Group>::Field as Field>::Scalar);
 
@@ -368,8 +368,8 @@ where
 ///
 /// This is the only invocation of the H2 hash function from the [RFC].
 ///
-/// [FROST]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#name-signature-challenge-computa
-/// [RFC]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-3.2
+/// [FROST]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-challenge-computa
+/// [RFC]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.2
 #[cfg_attr(feature = "internals", visibility::make(pub))]
 fn challenge<C>(R: &Element<C>, verifying_key: &Element<C>, msg: &[u8]) -> Challenge<C>
 where

frost-ed25519/src/lib.rs

@@ -145,10 +145,10 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar {
     Scalar::from_bytes_mod_order_wide(&output)
 }
 
-/// Context string 'FROST-ED25519-SHA512-v11' from the ciphersuite in the [spec]
+/// Context string from the ciphersuite in the [spec]
 ///
-/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-1
-const CONTEXT_STRING: &str = "FROST-ED25519-SHA512-v11";
+/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-1
+const CONTEXT_STRING: &str = "FROST-ED25519-SHA512-v1";
 
 /// An implementation of the FROST(Ed25519, SHA-512) ciphersuite.
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
@@ -167,35 +167,35 @@ impl Ciphersuite for Ed25519Sha512 {
 
     /// H1 for FROST(Ed25519, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-2.2.2.1
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.1
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m])
     }
 
     /// H2 for FROST(Ed25519, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-2.2.2.2
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.2
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[m])
     }
 
     /// H3 for FROST(Ed25519, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-2.2.2.3
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.3
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m])
     }
 
     /// H4 for FROST(Ed25519, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-2.2.2.4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.4
     fn H4(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m])
     }
 
     /// H5 for FROST(Ed25519, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.1-2.2.2.5
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.5
     fn H5(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m])
     }

frost-ed25519/tests/helpers/vectors-big-identifier.json

@@ -1054,36 +1054,36 @@
     "outputs": [
       {
         "identifier": 129,
-        "hiding_nonce_randomness": "ec08c8c4c2350155c065d61dd430081519c684c25f12aba9ab6e1adef6d84018",
-        "binding_nonce_randomness": "b11584b174c30f7ce2e3be3c6403a4dc1186a3bd49a8139778d2a44faef898b0",
-        "hiding_nonce": "e2fc5fd30eec871be059b3fd13aeef5bab98292a0e7fc9d2018961cde2aa7903",
-        "binding_nonce": "1f9378beffde036ad2b76592e9061434bb2656736da1b59102b12d4ab210f20b",
-        "hiding_nonce_commitment": "11945fba2cc1ea609e82a07fd7ca79211e44b151eeb21d7f38f2dda94790d6bd",
-        "binding_nonce_commitment": "169a12b971265451b8cf82e87c1f814b35b9772bdfefdc9259ce367694ef74a2",
-        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673c5b95020cba31a9035835f074f718d0c3af02a318d6b4723bbd1c088f4889dd7b9ff8e79f9a67a9d27605144259a7af18b7cca2539ffa5c4f1366a98645da8f4c6382ef2ee1fa1d5144c504a0d1c132d7062fcadb785feb79e3ab44dc28a580a26c476994d7cd8a865b03e8f84daef7a47be2f1524631e8ca1abb4e7144477738100000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "fa811f36e44cfc36abc5b6d69e48bfcba0c73d87360f3dfeffc4fde893b36b02"
+        "hiding_nonce_randomness": "4056872198d0aef1cd5971162625ad2072a35d82426d4d34717c191e66f30393",
+        "binding_nonce_randomness": "79bd7f0bf8d00f2550af1b483a6d4062277b63f233eadb6cb943680534a8f9ea",
+        "hiding_nonce": "7628010a20152d84fe047fda67199279777346296d42fa2a18721c0675730c0b",
+        "binding_nonce": "45c0cd601ae8eb4fae8b563d534439db3d34ba26a25bad1aa3161f3e7de1ff0f",
+        "hiding_nonce_commitment": "ce431930c283def10dc0e0b9213483813af1e46eb7fe152b9d72defc0f676c41",
+        "binding_nonce_commitment": "48265ddd63e75e478947f26554a975c7b83b7deeae9d9718d1dc5d11dd47fbcc",
+        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673504df914fa965023fb75c25ded4bb260f417de6d32e5c442c6ba313791cc9a4948d6273e8d3511f93348ea7a708a9b862bc73ba2a79cfdfe07729a193751cbc9ae84e1c51d99746269e56bfa450c0826ac743c882b48d2740d68e2bd5aadcf8464be49e6fe2747169876a1b7d65f133c55c5c44ce02e8986a146cd576538eb1b8100000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "94fd7110b583148dd02477ea29cd772f48b359b3099ecb6fc260facd84446b01"
       },
       {
         "identifier": 256,
-        "hiding_nonce_randomness": "87ff31fb909391b46079c63cfefe2d9041020f7f46d48cfec3390de2b410e6d5",
-        "binding_nonce_randomness": "4124fb9b0fce158500b674137826f9ab890f6f76dc3ba19a6088762a9992e520",
-        "hiding_nonce": "07b002b4fd0dda44604b2099775635a24d79ea8d87690be736f73bd3d484ae05",
-        "binding_nonce": "14119d73de0f65ca914d1476681d39cb2c03e9d7ce5d28066370cab975627705",
-        "hiding_nonce_commitment": "75e43d1a2c0e01fe9cb9311afd75c1fec81aac8f39c304d972d60ed54378d72b",
-        "binding_nonce_commitment": "9cfe9ea77ac7586392b5016b55b629aa32f977e1fce4edcb3a01279407be8bf1",
-        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673c5b95020cba31a9035835f074f718d0c3af02a318d6b4723bbd1c088f4889dd7b9ff8e79f9a67a9d27605144259a7af18b7cca2539ffa5c4f1366a98645da8f4c6382ef2ee1fa1d5144c504a0d1c132d7062fcadb785feb79e3ab44dc28a580a26c476994d7cd8a865b03e8f84daef7a47be2f1524631e8ca1abb4e7144477730001000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "fed6345d683d3071706d6c55e5c7d8cd540429cf5fc28091638092998fe55409"
+        "hiding_nonce_randomness": "9caedab768869b9f1819b701dee0f0a59dc04da1ebdecfd2993d3c4a86190eef",
+        "binding_nonce_randomness": "3706b9a0cf1bd798c47262fe38da7371ff2cf6792d8e721bcb0d9a4f6b2c8166",
+        "hiding_nonce": "5bca0eac0609ce5e2e3ff3ce3de143879a8d9f552d60676ba880a39dc94b2103",
+        "binding_nonce": "1644d300b4fd456423e94c60b0decb6019117c53b5f5d3ef38b029c86ec03400",
+        "hiding_nonce_commitment": "3ea9c9fab4bc7ea9a545ec413fe90330db60d1ce9d210319597d964764cb3f32",
+        "binding_nonce_commitment": "78ef9b10890c50c7cafa9eae0abc9f9a21dded1b208be6067f09934be048ca5c",
+        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673504df914fa965023fb75c25ded4bb260f417de6d32e5c442c6ba313791cc9a4948d6273e8d3511f93348ea7a708a9b862bc73ba2a79cfdfe07729a193751cbc9ae84e1c51d99746269e56bfa450c0826ac743c882b48d2740d68e2bd5aadcf8464be49e6fe2747169876a1b7d65f133c55c5c44ce02e8986a146cd576538eb1b0001000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "b06e386b3e10b5d0f522729f395c761c62ab72a483d06c1fb34b4d9bd2c42004"
       },
       {
         "identifier": 257,
-        "hiding_nonce_randomness": "170208bb9f299f4ec4f203b7d04aea87064997571c62f31ab430b1a22a0c767c",
-        "binding_nonce_randomness": "d804dd002e9b57149de963dc5aca193420e5cb757ea234280f965fb1631ab37f",
-        "hiding_nonce": "ea06c1b0c7374e7bb7425345b6c254ef1f0ab992add7d64511e8af4eb6fd6702",
-        "binding_nonce": "255b967e49b9613675b4b195b4a8b694d731d0d77a6610e84ca10bbaebd9b707",
-        "hiding_nonce_commitment": "55d244c623afe86745672810bcaae686521479e99051592fd76b56c05d949a72",
-        "binding_nonce_commitment": "2490e3a0d39ef8e8b90214c2f500c4a3dc69c31f8e2fd025ae6eb0d688b64dad",
-        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673c5b95020cba31a9035835f074f718d0c3af02a318d6b4723bbd1c088f4889dd7b9ff8e79f9a67a9d27605144259a7af18b7cca2539ffa5c4f1366a98645da8f4c6382ef2ee1fa1d5144c504a0d1c132d7062fcadb785feb79e3ab44dc28a580a26c476994d7cd8a865b03e8f84daef7a47be2f1524631e8ca1abb4e7144477730101000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "0e3f7b0d81448a7c475e1591ed1f3cf4948b783759be18e176fb8d676d88c102"
+        "hiding_nonce_randomness": "1ac810c0a707fd5492ee7bb8fd54ac47a771fea1a61619dd0f1c90a8d5b6aa63",
+        "binding_nonce_randomness": "303398becdf03edc0431cc232ab5833771a93fb80d73bd2932354397f7e892f6",
+        "hiding_nonce": "938bdb98581a603f92153cf7d3da169b868ab9efd1838f6fba9a3cfe1655fb00",
+        "binding_nonce": "27f3fabb22c8db2f87aba9e4a652618cb9c551c3d857a68e53e6c475be91020b",
+        "hiding_nonce_commitment": "e082b39c16104190969458d3897c41463336a74a42b31a93fe93ca65e836cc89",
+        "binding_nonce_commitment": "f78a48bcf9a6cf493402ddea48f933971ded41b028ebca1e90aa86be4cc56973",
+        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673504df914fa965023fb75c25ded4bb260f417de6d32e5c442c6ba313791cc9a4948d6273e8d3511f93348ea7a708a9b862bc73ba2a79cfdfe07729a193751cbc9ae84e1c51d99746269e56bfa450c0826ac743c882b48d2740d68e2bd5aadcf8464be49e6fe2747169876a1b7d65f133c55c5c44ce02e8986a146cd576538eb1b0101000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "4668f784b2b35df93acf74ea2a0b22d6742fe9da1df58d6e23922b2e4d3cbf0d"
       }
     ]
   },
@@ -1091,19 +1091,19 @@
     "outputs": [
       {
         "identifier": 129,
-        "sig_share": "4e6e19d634e304d07e56066e99dbe5c409239b7238e96f7e2f2d4e8b5d70d904"
+        "sig_share": "808eff244460a1452d76de0054f42b8453bb3b4bd972644e55cbf09fa7512f0b"
       },
       {
         "identifier": 256,
-        "sig_share": "f69598f55f9041e49750787e274382f56805b11a9227952f38bbf6d43ae11407"
+        "sig_share": "1542ac2d5801c9ecb455c2d131375cb4ab8bd6a5afb8141756faa15b736f830c"
       },
       {
         "identifier": 257,
-        "sig_share": "d57252821e7c3be331e87e55f8e4e51ff8e3f42c880d11ec6396332993823a0d"
+        "sig_share": "5ab0d77adefef52cd7e2a2cfeede45ba9d8f076ac5e98ab80d5103ba2ce93508"
       }
     ]
   },
   "final_output": {
-    "sig": "203441aa79877a915ca89891c4491c505bcf61ac8a2886f6822a16dbce1055bb2ca30ef1988c6f3f72f2059fda096fc56a0c41ba521e169acb7e78892bd42809"
+    "sig": "0428333999d3113b3a7227505cd55e94ba89473ad1012ea3af7634dfc5bca7d402ad8d7060fd4d07e3114cff9510efdd9cd6195b4e15041eb91696b547aae80f"
   }
 }

frost-ed25519/tests/helpers/vectors.json

@@ -37,25 +37,25 @@
     "outputs": [
       {
         "identifier": 1,
-        "hiding_nonce_randomness": "486e5404f57bd43fc5330db63afd53608af242ece541e5a390867c1b278b2ddc",
-        "binding_nonce_randomness": "73b8564c3d342e061c334b2e05a43d844730fa0066db5bc9c3e63fabe2ddbaa9",
-        "hiding_nonce": "5d54055f078d811dbfd8b54d389f23e24afa1e1c3cd8372880b240834b6b1205",
-        "binding_nonce": "3c46be47532e40c99e2734261bd05292647776ca1c16943ebe93d62fa1e2ec06",
-        "hiding_nonce_commitment": "5078f5c6d679654bb88a8887242d49cc21a553ed26caed4d52570c6656fb9b92",
-        "binding_nonce_commitment": "936b660d3008d8298b0a7220a327a0813ffedd9d07604bdc73d7cffef63c0da0",
-        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673c5b95020cba31a9035835f074f718d0c3af02a318d6b4723bbd1c088f4889dd7b9ff8e79f9a67a9d27605144259a7af18b7cca2539ffa5c4f1366a98645da8f4983d08b25a656f4ac53202ee8f9d6ddbdc9e21653d6af47f40eb7790a6de5b8c5041c21736c36099b509cdd88136e4f75a665d598385e544fd142c78c8ba2c3a0100000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "6f42e90aa7386259e7a9b79049f156f876aec506e49c334093d67b310bd9140f"
+        "hiding_nonce_randomness": "06894e04ee4aceec8619d5f6a0a180e2f47194d2ac306cba586b555e7c48d765",
+        "binding_nonce_randomness": "40d6f879ff22e22409f7d808fed81f37118e7d3e4af71c0f44c60207553bcbce",
+        "hiding_nonce": "ef6599dea4010581a72b3018c37c29a4341d7cab0773e8687ca74dcf14009701",
+        "binding_nonce": "2baadfa0c69aa60d517ad4751de372a73f9d89cfc39026601f18458cdec12605",
+        "hiding_nonce_commitment": "9b116f12589591a7e23fe8048059ab10ab48e67739e7a2fb3890f61a7999478c",
+        "binding_nonce_commitment": "c39b66b7dfccb122da24f13587f9a08c4347cae70046ca15169adf90ba65854d",
+        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673504df914fa965023fb75c25ded4bb260f417de6d32e5c442c6ba313791cc9a4948d6273e8d3511f93348ea7a708a9b862bc73ba2a79cfdfe07729a193751cbc93df7739fd1223d8697dfc21b1679435bafda1f92815944f28d2faf21ded33ae94a16100090ae7d83555c9b2d961e3d5d1b62828e8cb58a88a73cda404f8f725a0100000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "ff960a65374e216a0918729b153466016664fa980d409bc3f308daa7acb30d0d"
       },
       {
         "identifier": 3,
-        "hiding_nonce_randomness": "8f1a8975c234912a0316f201fbf53b8931dd2a90c77ba8979afd8459c5c97a2f",
-        "binding_nonce_randomness": "80b01da1e0d1b7a18f87858176c0c213d5dc5ee6a2fb7e2336cb9a17f51aa8dd",
-        "hiding_nonce": "06b0bf76e90e151e9c5d22b0437f1b01c5968525ca4b001572f37aa99bc4b70c",
-        "binding_nonce": "b08d6f1da38d9dec1943e83940984a0797bac0b77949913761c990cb5cd0a504",
-        "hiding_nonce_commitment": "91c2469b501fe5af8493f9ae77c8f57999460af317f2d9f2d4378ae0e665860e",
-        "binding_nonce_commitment": "c225618accff2266a45d87dc3219b04c774ca26c8629c4fa483e7e87da820007",
-        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673c5b95020cba31a9035835f074f718d0c3af02a318d6b4723bbd1c088f4889dd7b9ff8e79f9a67a9d27605144259a7af18b7cca2539ffa5c4f1366a98645da8f4983d08b25a656f4ac53202ee8f9d6ddbdc9e21653d6af47f40eb7790a6de5b8c5041c21736c36099b509cdd88136e4f75a665d598385e544fd142c78c8ba2c3a0300000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "e5c59a171351c8f526186ea57719e4e07d6791662ca049d3a8848af5ce0dae07"
+        "hiding_nonce_randomness": "fa5d950626782aade9e33fa781376d4888c2d1de7c37518bc248eb818ed0cdde",
+        "binding_nonce_randomness": "7459a4d14ded0e365b085271be8dc6600d5b88f3978a2174297ffa32001a5afc",
+        "hiding_nonce": "80f8d9a4b8f9366e1a0b618107c907cd3ee29fa9bb40b4691cc1bde696240005",
+        "binding_nonce": "2610b664a5a187b4855e87d2ff485bebdf043dc2f161fcd4854cd01dc0276404",
+        "hiding_nonce_commitment": "e679a2a971748ccfaabead4dbe8ac1def61275c186c79d471e1e45091ad1e687",
+        "binding_nonce_commitment": "b2a942478453fabb6bd3181c56ba657413447b4136e1daea2484d396d1a516b3",
+        "binding_factor_input": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673504df914fa965023fb75c25ded4bb260f417de6d32e5c442c6ba313791cc9a4948d6273e8d3511f93348ea7a708a9b862bc73ba2a79cfdfe07729a193751cbc93df7739fd1223d8697dfc21b1679435bafda1f92815944f28d2faf21ded33ae94a16100090ae7d83555c9b2d961e3d5d1b62828e8cb58a88a73cda404f8f725a0300000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "279d48ec56f16d234c09ea62f3d02ab776ee38e03f66b20f939f1316e13df10f"
       }
     ]
   },
@@ -63,15 +63,15 @@
     "outputs": [
       {
         "identifier": 1,
-        "sig_share": "b97409beff18861f0959530db091a64b812e3fefaa87e1e3d2c039f11d96cc09"
+        "sig_share": "60997f0142e43e8005027fe5ab7447dac00d22c2d7ddd9571a02613ba7d81c08"
       },
       {
         "identifier": 3,
-        "sig_share": "9816a14e7cdecfcb240976f564cf98c5640e596b6ddf270379efbef4e9f7db0b"
+        "sig_share": "79390e78bc59699c7af831f8f5fb478ec871a85f561a8641b5670ac4443f720f"
       }
     ]
   },
   "final_output": {
-    "sig": "72c948a63797c693e8e978fdb703a1f5a7590472a539da13b71dd6c2b8c1b2a664b7b4af6194439357c5d15f366760fce53c985a186709e74bb0f8e5078ea805"
+    "sig": "154fb694ee7fcb37bf2381d94488c2a84b03b3352ad085feca81ad26d45852b7ecfe971ce4da95c4a95db93ac376b053897fca212ef85f99cf696bffeb178f07"
   }
 }

frost-ed448/src/lib.rs

@@ -142,8 +142,8 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar {
 
 /// Context string from the ciphersuite in the [spec]
 ///
-/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-1
-const CONTEXT_STRING: &str = "FROST-ED448-SHAKE256-v11";
+/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-1
+const CONTEXT_STRING: &str = "FROST-ED448-SHAKE256-v1";
 
 /// An implementation of the FROST(Ed448, SHAKE256) ciphersuite.
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
@@ -162,35 +162,35 @@ impl Ciphersuite for Ed448Shake256 {
 
     /// H1 for FROST(Ed448, SHAKE256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-2.2.2.1
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.1
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m])
     }
 
     /// H2 for FROST(Ed448, SHAKE256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-2.2.2.2
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.2
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[b"SigEd448\0\0", m])
     }
 
     /// H3 for FROST(Ed448, SHAKE256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-2.2.2.3
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.3
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m])
     }
 
     /// H4 for FROST(Ed448, SHAKE256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-2.2.2.4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.4
     fn H4(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m])
     }
 
     /// H5 for FROST(Ed448, SHAKE256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.3-2.2.2.5
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.5
     fn H5(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m])
     }

frost-ed448/tests/helpers/vectors-big-identifier.json

@@ -1054,36 +1054,36 @@
     "outputs": [
       {
         "identifier": 129,
-        "hiding_nonce_randomness": "a2b995793e9525fdf8a91624ea9631a5ec4fa4820c4ba705731984f06f5b7105",
-        "binding_nonce_randomness": "5b4d52a3b704c1b2ae396572006260dd58f700bc71aa706a0b6572b15503398e",
-        "hiding_nonce": "d1e73cf687f18a78db57ece8ab3aa284b127887b3925ac4b9828d9a53f433b1014decb6a3772a0bc6189350653f7def9b83b3d569a993c3700",
-        "binding_nonce": "627e49867778b9c91622898373471139c7a1036c87f6d49c9cae893ba051f9270772b44d966acd6984958bfabca280591aa7e46db06f5d3900",
-        "hiding_nonce_commitment": "b8bea80979bd98647dfc2b7ab34a790dce55ddb70ff063a41d56f3a9a9fd044a0599a8405b800b9d9b3f82f66fabc6b25a4c95434ae9be5300",
-        "binding_nonce_commitment": "0d5a554443396a2e51644958245c1fcbcd0504c2dd4c90c22398fb6590602390a0cf400e91e48a072ee2162b809514dce028c6867494db8080",
-        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000106dadce87ca867018702d69a02effd165e1ac1a511c957cff1897ceff2e34ca212fe798d84f0bde6054bf0fa77fd4cd4bc4853d6dc8dbd19d340923f0ebbbb35172df4ab865a45d55af31fa0e6606ea97cf8513022b2b133d0f9f6b8d3be184221fc4592bf12bd7fb4127bb67e51a6dc9e5ca8e7606a8e5c972f6547b4d33c0a449a5f0b7616f36e6153c87bb0771f957f3c343d15d91769794c5548a5400c7d2430e13434c94376cce490e3f6d65de2521c44ef18225dcfe0f08e52fa52047ffec65d678f16e382b8bba8f7ef5bfde2cbd0e4b1247c42443c3690b8c3e5bb746b51683810000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "a9932b89b73c115622ef0902a876d05b1531a800a8ec4c253fdf37a48053621f910ad018cd97122ef1cafb85ba986f1e3a959631e75c8b0f00"
+        "hiding_nonce_randomness": "398dff6ab0cd23e0826c40bd456f02a82ed50a0ee741bbeb5ff40549b32fd25f",
+        "binding_nonce_randomness": "86b1e9e202726fa611ec68e211bf374dcfe2e31bea3f3f743335f194574f9d5a",
+        "hiding_nonce": "362824dc5a28a66723702132cad78b7f8e1ecb31ced794f51eac2e5bda66b5e5b2f651c276c27c93c7aab9da71fd724794dc65472ea4bb3c00",
+        "binding_nonce": "ab8a20b25ca24a4e9a15193c50e62a3e92eca254f2c3462117fed674f06a2d6c77dc43c64b0b142b6eadd1df9c2f63f03d35e7d28aa8fb3200",
+        "hiding_nonce_commitment": "536b4eddcab3ec42de33bdaf1cd73731a89dbd2d9aa628e9bc3fd20e14bca1abdb96fdb403365fe369b7f455cf32af98238553cee525522580",
+        "binding_nonce_commitment": "7a2b3e671c848cdad2d4d969e0300b245625ada17a480de99b9615da132e4c01b5ae786a82d0c5b6f284dfe57670bcedf0adc479981f6f4a00",
+        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000e9a0f30b97fe77ef751b08d4e252a3719ae9135e7f7926f7e3b7dd6656b27089ca354997fe5a633aa0946c89f022462e7e9d50fd6ef313f72d956ea4571089427daa1862f623a41625177d91e4a8f350ce9c8bd3bc7c766515dc1dd3a0eab93777526b616cccb148fe1e5992dc1ae705c8ba66106db565fc6b7de14708224aaafe91425c672f8b660bcebe93d4fdbe47cdb0cdf6e3bab2bf79d270821f191871ad4e3ca4a27888d3c39f16f01a6c4998e50ed67788e401b5b3472eb4ef52ff3ad2fabc58282dcffb9785f9ea42313b440270f08356bc63a8ad503a28d44a91ac364cf177810000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "c6277403d0f30f5ad734dc3ee1b1a120bed7667794e3273ec6d7baca5142ab83f56fd2217a1d2619f0fd666a12ea64872894c9e9e544070400"
       },
       {
         "identifier": 256,
-        "hiding_nonce_randomness": "9a56b55af109d7bdbf2c1c2fab87e4c364c1ae165c2237b64e2ddb78d9198ed6",
-        "binding_nonce_randomness": "99432ba700c7cb0035bb0c7972a7ced34340aab33d59470d14d5b931a25ed552",
-        "hiding_nonce": "56d67034c7478db26834f09c714b90456ba8ccb3c10169891a76f36b33086c17919f7ccc47365f8cf0508302a1210f351c76fb568289770d00",
-        "binding_nonce": "b67fb8f43dcef31913d227b06ef697229837d3b74b99489b1442fac25d185379412455bda0a983762d9504c3e1316e7b0486ba7b89ceee1300",
-        "hiding_nonce_commitment": "559d54d0471cf22dd3969e9136c6b6bec7d61b44e93005eb951f9595cefc9b8bcd6f03a31b449e6085bf75979d8c95f2f9c7dfda5824617180",
-        "binding_nonce_commitment": "50542e20370e7e5f47ffa3042d314f9213d37db3273a7bd6189c9e544495f0d3783b98d4580bb8260e4fa5f35bb9f4991824bd58b5848a0280",
-        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000106dadce87ca867018702d69a02effd165e1ac1a511c957cff1897ceff2e34ca212fe798d84f0bde6054bf0fa77fd4cd4bc4853d6dc8dbd19d340923f0ebbbb35172df4ab865a45d55af31fa0e6606ea97cf8513022b2b133d0f9f6b8d3be184221fc4592bf12bd7fb4127bb67e51a6dc9e5ca8e7606a8e5c972f6547b4d33c0a449a5f0b7616f36e6153c87bb0771f957f3c343d15d91769794c5548a5400c7d2430e13434c94376cce490e3f6d65de2521c44ef18225dcfe0f08e52fa52047ffec65d678f16e382b8bba8f7ef5bfde2cbd0e4b1247c42443c3690b8c3e5bb746b51683000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "1188363083691df2a39a1a64df9f71c71d64decad20ee65e3a0db6bd2a78b67ab972712286e9eabdc80531ece67fe84ea90d2e788575761000"
+        "hiding_nonce_randomness": "bb3dbe9685ba7d7436430d107fd817c3c1117f2489be87b597d3e1fa06e94f8e",
+        "binding_nonce_randomness": "3f8d8050d64c712db643929002243aec2639b9ffd6536b733cd4190e3c61c775",
+        "hiding_nonce": "82a1f23bce0eb99e498782cdec51e6762ac6462c02461537f6de7e1a20086bf8b8485bf20b408ebf98a210ace021ca143df702b168326b2c00",
+        "binding_nonce": "b708bb4c3474638f2ff98a2a8a531b3dc385cf417b2e142f56096eec440efefc6f24d83e4ee7b0ecf9d963afc986f86604a4017594c20c3000",
+        "hiding_nonce_commitment": "795bff47d58938f3697739f70162ea2c46f148ebb35f1220e1fc3e3b26883c62029224939c1cb0825bd32c4f583424260429263b14dc173480",
+        "binding_nonce_commitment": "6ddcd0087825f42f49e0a20667d0a22ec1f16632e665bc258b118d2c713f7dc648765ee9c9715132ed1613fb147f7b459bb9a9b076aeac6280",
+        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000e9a0f30b97fe77ef751b08d4e252a3719ae9135e7f7926f7e3b7dd6656b27089ca354997fe5a633aa0946c89f022462e7e9d50fd6ef313f72d956ea4571089427daa1862f623a41625177d91e4a8f350ce9c8bd3bc7c766515dc1dd3a0eab93777526b616cccb148fe1e5992dc1ae705c8ba66106db565fc6b7de14708224aaafe91425c672f8b660bcebe93d4fdbe47cdb0cdf6e3bab2bf79d270821f191871ad4e3ca4a27888d3c39f16f01a6c4998e50ed67788e401b5b3472eb4ef52ff3ad2fabc58282dcffb9785f9ea42313b440270f08356bc63a8ad503a28d44a91ac364cf177000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "d59a8d07f61c7f426d7a63c37d4994d2fb51c616dd4d440919f088adf61fea9fddab43f1846d52d56eb6654eb0ec7c86ba329f6ff509611a00"
       },
       {
         "identifier": 257,
-        "hiding_nonce_randomness": "fbe2690ac9ef8e087dc05379d9beb26841e9732ee0fac2c540b0202fd88a8ce1",
-        "binding_nonce_randomness": "5d02c6c60b7bb394c45499e99f13660de28e3dd7b7c3074be68bced067e36b26",
-        "hiding_nonce": "6a7aea66864385cb97f9a265dbb196bf3925cdf20d92e721404bd1d6aeb5894b142ba4b64c5ea2728e8e9ab7db3040e9d643d1a60477891d00",
-        "binding_nonce": "7655c69d2c123f1b754b7e88570e41d58309b94e768a428510537ca06798e991483c365d678a28ca98abf28c99309bb7ae729412bfff602800",
-        "hiding_nonce_commitment": "6123c4feee8d0dd770cec8ce6d5bc2e00be8bbe38ee8b08b31b2ebf7624292f96149e3e50a2d5e903200067a75c2eb9e46e3b3569e1ea37700",
-        "binding_nonce_commitment": "a8438a09b58c9e77d178b9192799b94c525a0f6ee0ac3485560a04245becb7873bd12e01f077b107e5fe9293fc88d9b7a09b563b6260f26800",
-        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000106dadce87ca867018702d69a02effd165e1ac1a511c957cff1897ceff2e34ca212fe798d84f0bde6054bf0fa77fd4cd4bc4853d6dc8dbd19d340923f0ebbbb35172df4ab865a45d55af31fa0e6606ea97cf8513022b2b133d0f9f6b8d3be184221fc4592bf12bd7fb4127bb67e51a6dc9e5ca8e7606a8e5c972f6547b4d33c0a449a5f0b7616f36e6153c87bb0771f957f3c343d15d91769794c5548a5400c7d2430e13434c94376cce490e3f6d65de2521c44ef18225dcfe0f08e52fa52047ffec65d678f16e382b8bba8f7ef5bfde2cbd0e4b1247c42443c3690b8c3e5bb746b51683010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "f3d38b499606bf8252da363fcda65d9a0e5d63de24cb292d91241547bfeb4df2212ee172a16eeb57790e8af2571c36d6a6c80f8a70078b3d00"
+        "hiding_nonce_randomness": "59b38a54af4a8309e151e977574eea0f1392d51b41e84489c675e72eacccaa9c",
+        "binding_nonce_randomness": "a7ddd5ae6fb43cf39695e1d78fdb3928f445582662893e2c677d6eef71e8c8b9",
+        "hiding_nonce": "e0ffcbcf2ea177a659cd52de14139fe34a48ac51c745272324ef89e826374adbd4d90f1c5e6095a346eeeaa55b675b336efb434a26f8732f00",
+        "binding_nonce": "5cd906a579641e66b8f968146534cdad5309d4831156332ac97e9ea9a77a1dd0f67694071e5a8f8770f9f38754fa3ea4b39cb044c27f1e1200",
+        "hiding_nonce_commitment": "949a3bbc0272cdc49bc17f8469aa38057bc17a69d20d5482b2f6d4a089d109a417f1b84079ff2546891bcf768845b552775e911fc3807bb900",
+        "binding_nonce_commitment": "65d5fc0775c3b701b302bf27414e8ef322d4daf9949244b5b3d8262d40f060e830066aaf237ffac739e9997915cede51512ceea136b052aa00",
+        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000e9a0f30b97fe77ef751b08d4e252a3719ae9135e7f7926f7e3b7dd6656b27089ca354997fe5a633aa0946c89f022462e7e9d50fd6ef313f72d956ea4571089427daa1862f623a41625177d91e4a8f350ce9c8bd3bc7c766515dc1dd3a0eab93777526b616cccb148fe1e5992dc1ae705c8ba66106db565fc6b7de14708224aaafe91425c672f8b660bcebe93d4fdbe47cdb0cdf6e3bab2bf79d270821f191871ad4e3ca4a27888d3c39f16f01a6c4998e50ed67788e401b5b3472eb4ef52ff3ad2fabc58282dcffb9785f9ea42313b440270f08356bc63a8ad503a28d44a91ac364cf177010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "d54cfc69ea3e19f4c56e2852e127911cf64a92e6d62b57b433bc97f0d98c5011df3bc78bd220781eb64b68f40e8642445d0f0ab77d34e33300"
       }
     ]
   },
@@ -1091,19 +1091,19 @@
     "outputs": [
       {
         "identifier": 129,
-        "sig_share": "98d89d2c7dde4343b5a40927fd1d42a17adc43149577eaf3483827d887a441a9abcaae527a82fd3243fe6280fe8583db290ee84a3b63aa3900"
+        "sig_share": "519fc2abd478731b95e9b312608d5537544fdbc75e774b6aab5eb455b00ad0bc026f6d33e349d531b107db52c8c9c1224261b9ad04bb841a00"
       },
       {
         "identifier": 256,
-        "sig_share": "fdbf100960d5979748077c34640287bbe3b401a12bed9a8a4eb2498d5a763809186cadfb580d21245256c91b51928b691336bcf1ec3cc13d00"
+        "sig_share": "1ed886dce506dc95f651a83ee34ebd1d5bf52940ad6b462592475bd56bfbd4d20677185ce1a74a5d8892acf8d5761ee710ecfbfbf52e5a3000"
       },
       {
         "identifier": 257,
-        "sig_share": "fe3db4270ba139d95475d0809da981b592208e62097147d3fd21743980a3510a01614d30db8bfde8c0b672f996e7e1496dadeda911535a0400"
+        "sig_share": "e7f4a4b9110393fe38656af1be70044bd878e5924e68bf398b668c98244a76e57f378f6caf4b7a8153d4456e34114105a71de9bbf993d13300"
       }
     ]
   },
   "final_output": {
-    "sig": "91032ea4e49e67fda8fab9743975e731ec39422bcfcbe40d356ca70d9bdf4c7bf74f4ff65fb65ed2a6616700a823eedde0a2a4061d51223080a0910ab255929c90fd91904e8c07def0607bfd6880fa7d8dabe81a2263becbbcc497a97eae1b1c40560b9f95e6fff08eaaf191e639f3c53b00"
+    "sig": "9217a13561be869233292a2e3a96b6b7ad6fa13b8e4e6d3241d442a77d9d0994d25259dcdf2ab57f1d43c51006f99b541820e46f39089e12806327969639c0698c6f1101b58f8aaa7ef78614ec10700205dfe8d14641501b75891d15fc733d9a108d6ecdb9d251210ffa6a9e65f47db03e00"
   }
 }

frost-ed448/tests/helpers/vectors.json

@@ -37,25 +37,25 @@
     "outputs": [
       {
         "identifier": 1,
-        "hiding_nonce_randomness": "6a46e7107cbcc28fd1f8f5787020e001b181d946a9699b7d7bec8c3377d12412",
-        "binding_nonce_randomness": "24622fb4ae41a0f4f040e6ab14b1e9f0b9c8322386196e1a19dd7f8ba19d1f96",
-        "hiding_nonce": "6154417981da6b4a298c16c22ceb4c9c3f57aa6b4b7514b3ce4e73b4c5ea7e8ef1a71451b51f90d72ff01bf54fb4b2673e5533a18a9ca82500",
-        "binding_nonce": "454c9887dd3e810653c191e334ed43aa62f6a2a5cd215f3906e732c9106014fe28d6c635aa0d937f595284318e29f2cd00e9a3821f34542b00",
-        "hiding_nonce_commitment": "e15bf037a625d923e1fbe550594a47d08591f8b0213afd48fc802c2452ab364e77f31b3d3a64b8f65ab47e521f6cbf093fa0b5c07c9f81de00",
-        "binding_nonce_commitment": "44f4fb84e0d90ebb9dbb84c2d13f46905e25742b42e158e348ce65b363b3f1a7bb8bb5dcb07b96256b6bdbfc3a5905b24ffb771c4be2ea4780",
-        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000106dadce87ca867018702d69a02effd165e1ac1a511c957cff1897ceff2e34ca212fe798d84f0bde6054bf0fa77fd4cd4bc4853d6dc8dbd19d340923f0ebbbb35172df4ab865a45d55af31fa0e6606ea97cf8513022b2b133d0f9f6b8d3be184221fc4592bf12bd7fb4127bb67e51a6dc9e5637db62b249b236f09a4a0696a6c272f808b018da3eded6622a2cda4431ced451452541624ecf6a72aeebec807719bb2ccdfbe8990dc01f30402cea8704e1723a1cbb8a25614dcd4d7a965b4ccb0f1c5c679c36ead86441cbaba5482468442c6526b33777dfcbed92913d6e6890d3839c1ff010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "424b017c7020a995b6b85717199e858616191a0f566178bc66b7261582fdecf029c0c3ee50be34f3e6b73e03299e7457bb536d59f417f13d00"
+        "hiding_nonce_randomness": "3d9e765ab0f06bc3131acc2f7642223255fd5295f3c04bef5c644c0bae4f85be",
+        "binding_nonce_randomness": "86160f8224ea273128b0ea5af828a9c0b0985cd9b52a3b8b668ae9d3205a6672",
+        "hiding_nonce": "d9610abd59ac2e9b33a3919acf28f5c895918389c69a26a3fcfe6a70edab4685e9ea3d3641d8bfe1634616fafd457b2ef6503c51f191991300",
+        "binding_nonce": "1caf737f1e73b5ab7f155c239ea70fb5783cd8da454298984a325cb4eb968b0e625936cbb9623e57919b3cc01be40f7f45b6c37fd947772b00",
+        "hiding_nonce_commitment": "2afe1a6d56ee111e7e4b84060c07044643434362edbce8f79f568236884c1c16883e9a4d3f42029f324619b32587d501609941bab590682000",
+        "binding_nonce_commitment": "605d2b3b5af4159ca3fa23e4463a3573d4144b43c7b01322d621817c80fcd84f874ea79655648ca65f128a4cfbec236c0c89f3898b27529180",
+        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000e9a0f30b97fe77ef751b08d4e252a3719ae9135e7f7926f7e3b7dd6656b27089ca354997fe5a633aa0946c89f022462e7e9d50fd6ef313f72d956ea4571089427daa1862f623a41625177d91e4a8f350ce9c8bd3bc7c766515dc1dd3a0eab93777526b616cccb148fe1e5992dc1ae705c8ba12fd57e4d8cc8bbf0ff51b79275332fff65f8549bbdc289d7d5ab813a968e6da66f478f3193fda4e298ce953dfbc4d71287b7915d8e08301cc03da6f02e611e37c39ec5c1b1c96dad8436090b5fa5ce1544394e31e5af589fe54e065edbb351766eb597cef8a97f69fbf98597e3fd205a8a2010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "02a61d347e83fc93eaab248c409eaea947cb6d2166b02d19c0d3760031c064b5f2f9354f301e274ac3a6ee000c91136dedfb4f98ffc50a3700"
       },
       {
         "identifier": 3,
-        "hiding_nonce_randomness": "2b0a62afc4de1361cb09ba81f726511fdae8f1a30c71d4c760c76109a51031aa",
-        "binding_nonce_randomness": "9ae4957a4835c06f89c26195bca980ab1283fd0bdd97ec40db66d089978b4bb2",
-        "hiding_nonce": "472ab44961e5d8f2203ba0309ba3ca2d6bafa2e5d46ffd299f9ea4ff6e0a3f3eb443e2ca28c41b3bebab4d5a2e05f8098a949b66dc45aa3b00",
-        "binding_nonce": "1ef3339a966479219491bdadf081b55919165120b68edde33554d3a4ccce451f142ea5b86952d7e2994f578a72bce5a27c08ba9b5b15b13900",
-        "hiding_nonce_commitment": "1dc6dded71485ba80d6efd27b0e5d147e5184771fed065178da516a8d128e250bb213f61ed1c041496f0507f43b65f1d367b803576d5839280",
-        "binding_nonce_commitment": "ebf28407a07ee23191a9f1ba1d48d29e0a2262bd2c671a95906948222fa4ad9c6c03900dbded195730984b9eb24249566e33e1900053acfc80",
-        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000106dadce87ca867018702d69a02effd165e1ac1a511c957cff1897ceff2e34ca212fe798d84f0bde6054bf0fa77fd4cd4bc4853d6dc8dbd19d340923f0ebbbb35172df4ab865a45d55af31fa0e6606ea97cf8513022b2b133d0f9f6b8d3be184221fc4592bf12bd7fb4127bb67e51a6dc9e5637db62b249b236f09a4a0696a6c272f808b018da3eded6622a2cda4431ced451452541624ecf6a72aeebec807719bb2ccdfbe8990dc01f30402cea8704e1723a1cbb8a25614dcd4d7a965b4ccb0f1c5c679c36ead86441cbaba5482468442c6526b33777dfcbed92913d6e6890d3839c1ff030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "68c0fa9226027efb64574782bd6e1f11e7e836adf20f1c7e1b3f57984039f07cc4cfdeaed6e87188ebac699b5726111f05abffb8ec2fad3d00"
+        "hiding_nonce_randomness": "8cba373b6c3a3601d5cfa3d37cbc93f310d253a2fcf886695bb59ac703d8a100",
+        "binding_nonce_randomness": "1a84c88d88fbb99a4417157487b45367eb91d7dd2ba55566d6784f39f750a2f7",
+        "hiding_nonce": "3a8f5b86cf6e80d3a2d99ac5628a1229eaa9dd205b3b3bdd3bc8d2270c749d08836379c8b50d964f492ba8785f3deb571e0b4e7db887be1400",
+        "binding_nonce": "4b529518068f9b261d56cffced7f753b9b22db6a79c8c495584ec67edc561da644b70f9af42e633e14bc145b3ea61c5d2bf30090c3700b2f00",
+        "hiding_nonce_commitment": "3f06fbce6ca0f92331e97946e27c649e9fdb96f1ba1061189495bcd6d019e7915de818c3901b9d5d0e2de062ddeca7a40bbd84c9ffbc983900",
+        "binding_nonce_commitment": "ef2f07a309be3c8936c505b385dee51f319ebb9bf26520ed5579c9b3ede6467968d969fc3c7b34d704b86547e8ae11dcdae9fdc0794e642380",
+        "binding_factor_input": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000e9a0f30b97fe77ef751b08d4e252a3719ae9135e7f7926f7e3b7dd6656b27089ca354997fe5a633aa0946c89f022462e7e9d50fd6ef313f72d956ea4571089427daa1862f623a41625177d91e4a8f350ce9c8bd3bc7c766515dc1dd3a0eab93777526b616cccb148fe1e5992dc1ae705c8ba12fd57e4d8cc8bbf0ff51b79275332fff65f8549bbdc289d7d5ab813a968e6da66f478f3193fda4e298ce953dfbc4d71287b7915d8e08301cc03da6f02e611e37c39ec5c1b1c96dad8436090b5fa5ce1544394e31e5af589fe54e065edbb351766eb597cef8a97f69fbf98597e3fd205a8a2030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "14e0cfb824bd2003099f3ebb2fe00e95355eab38098a5619acc62a8faa2092ce25cdc061a7b51b6ed41e291ed311a2909d2ce8c3acadfc1200"
       }
     ]
   },
@@ -63,15 +63,15 @@
     "outputs": [
       {
         "identifier": 1,
-        "sig_share": "92641d2881fe04daf120497902a19ef2e05e5b3ccfedd0dafbeac9fab2a41ed22db8aa0cba23195b90d0a10e995cf9fbfa095644e76d811000"
+        "sig_share": "0dad0c550bade2576c6cbe1d7b57a55b00e57a6e3683c8f84fbfa48751745bb0b2b89624e7d1b443b1ff62ffde9ee0c15e5df678c4ed1c0400"
       },
       {
         "identifier": 3,
-        "sig_share": "d85010a45c06786b3c453e8861015676eaafb51df32d123021bcdbafe8345ffc4a96508cab576ccf86d6e316de5b40aa9ea3c8de5628880900"
+        "sig_share": "0baf31c64cf452fe3a520f14c5e2b898d6869341fdd8ea26044086a11a4372cd31ba2ee9cf7e316706067a53d05e184ebb95cae16aac7f3700"
       }
     ]
   },
   "final_output": {
-    "sig": "e5609865bc23dc352690645e8e76f008f6a6438958914f2d2c5804b66329c42b403ba2a55362aab3d0153b8b69a8a3b4db9ce847143e9241806ab52dccdd047d452e66870164a2f468cb0e115ac21be30a1da7a5aa9bd97dce784efb98657b852a17a7852577b839a699ad1e233e96091a00"
+    "sig": "60e3d4d641dd19054c1eced47f02f4a5e377126fb75f68cbd1122d948f93e26069f6740506da0366eb4225746faf894ecd196a1f56d1e1d280185c3e1b58a13556a7becd31403a5ef4d66b0eb0335cb31f54ff2a296cb7cd7de472c50db750e6aab705dd52affdf80f1af3c05a2f9a9c3b00"
   }
 }

frost-p256/src/lib.rs

@@ -167,8 +167,8 @@ fn hash_to_scalar(domain: &[u8], msg: &[u8]) -> Scalar {
 
 /// Context string from the ciphersuite in the [spec]
 ///
-/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-1
-const CONTEXT_STRING: &str = "FROST-P256-SHA256-v11";
+/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-1
+const CONTEXT_STRING: &str = "FROST-P256-SHA256-v1";
 
 /// An implementation of the FROST(P-256, SHA-256) ciphersuite.
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
@@ -187,35 +187,35 @@ impl Ciphersuite for P256Sha256 {
 
     /// H1 for FROST(P-256, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-2.2.2.1
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.1
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "rho").as_bytes(), m)
     }
 
     /// H2 for FROST(P-256, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-2.2.2.2
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.2
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "chal").as_bytes(), m)
     }
 
     /// H3 for FROST(P-256, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-2.2.2.3
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.3
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "nonce").as_bytes(), m)
     }
 
     /// H4 for FROST(P-256, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-2.2.2.4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.4
     fn H4(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m])
     }
 
     /// H5 for FROST(P-256, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.4-2.2.2.5
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.5
     fn H5(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m])
     }

frost-p256/tests/helpers/vectors-big-identifier.json

@@ -1054,36 +1054,36 @@
     "outputs": [
       {
         "identifier": 129,
-        "hiding_nonce_randomness": "a3dffab54ba4bcf809a42d426472a025bc9ae20d837ef6e4df50c21776dd1124",
-        "binding_nonce_randomness": "74059065d32abefdd95a55301f61882c2a2d975d5e7ebdc834e0b64f2d551f3e",
-        "hiding_nonce": "fd8e2a2df84ca2124922a5f38bc374cb05381bcd6933b91540dc99dacddf0a83",
-        "binding_nonce": "00fda29c80d7241b91ddc6e61088e9841e52a53b866edf840cb2f9706776a86a",
-        "hiding_nonce_commitment": "0328d831f8c94682e6baec175293c8ebe152bc8c1fad2dd1f5340e6f63fd2280ed",
-        "binding_nonce_commitment": "03684229ab62fce637d491a22fc4d894b378f5bf3f57ff7bebaf4c4af445f29c77",
-        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70350c8b523feea9bb35720e9fbe0405ed48d78caa4fb60869f34367e144c68bb01cf39422297ba82169690e7e97d425ff839886c5393719b301d65993e38eabae0000000000000000000000000000000000000000000000000000000000000081",
-        "binding_factor": "0802987c628944ce661cc63d69588b7d992a65d1d44bf9e337ebe1e0e3ccda2a"
+        "hiding_nonce_randomness": "666a9e4319012aed9d7ce0d563b4ae5a2ffbdefe6c6b851298cc1dfdf038703f",
+        "binding_nonce_randomness": "984f4fcb0d0eafc0bfeaf50b188c8d7e6579823cc02c2d4f68663e5aa7e9a316",
+        "hiding_nonce": "cb2bdac50f6b2ba9f459be16d38ffaed42f2a74dcc648bc94302b30c72cfed1e",
+        "binding_nonce": "d748e9f73eeb54ac85d6da7b3b0d832b10479ddda0835da744a17a6d7079e1fe",
+        "hiding_nonce_commitment": "0203f9fd6335bd8898012614e56c789bb9dd922d5ea2744d6b58e306ca3ef467ea",
+        "binding_nonce_commitment": "03a779bcaa774d348734768bab5f43cdc9336507874f6cccf0237dc55873e12aba",
+        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70825371853e974bc30ac5b947b216d70461919666584c70c51f9f56f117736c5d19eee5d2f185086106b56f30df5b840b37c6153e7ac8e0e1e9a6f66ebbc4aff60000000000000000000000000000000000000000000000000000000000000081",
+        "binding_factor": "9d77b703fcc34eb8a232aafa5d78db8c4be9a4ebef8326a6955311b03db628ae"
       },
       {
         "identifier": 256,
-        "hiding_nonce_randomness": "4de52337622f670253e59b0bc52e0c5317c1c82366f5c56394d371f295e9974f",
-        "binding_nonce_randomness": "bbd5e454d1cfe5d4675197154344fa1c01b6ffe56d82e5aaae014f02585d59d1",
-        "hiding_nonce": "5f805894c688c9220098e8e2a02041cf40270ccb239c8823e58c28c311d8dfaa",
-        "binding_nonce": "d6ca6508f76140424097623e9f30406fe00acaf135985a16fcee1e135d36d789",
-        "hiding_nonce_commitment": "02e102ea2511229556705c6d7610f7051549548f5203b3815a3698148aa92e6002",
-        "binding_nonce_commitment": "03de24899cb9b5bf4e9d1e7d637a3bd69ae384908dc7b593e9ac6dfe78ae699bab",
-        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70350c8b523feea9bb35720e9fbe0405ed48d78caa4fb60869f34367e144c68bb01cf39422297ba82169690e7e97d425ff839886c5393719b301d65993e38eabae0000000000000000000000000000000000000000000000000000000000000100",
-        "binding_factor": "3445bc5b1f461ba703d7ccbdc26a34db54122ae73729befd65d1e52fe6dd4588"
+        "hiding_nonce_randomness": "bf1740cd77f9fe74e4c4c7bc755fea2a692ba485cc24a393a8fe43e8e7c2991d",
+        "binding_nonce_randomness": "808ab63ef7a904d556917a4e03802b5707b86534415bda0a16438b9301fda311",
+        "hiding_nonce": "3b9851dcf53de234715a4e121109ed51b51b6d5d01061c792c6a4a4444fc0a86",
+        "binding_nonce": "faacab3fc0db2176dcfd98cce5560d2fe9180bfb899ae649967e13c13d119f5a",
+        "hiding_nonce_commitment": "03229a21ff0eac23a2ec52b0c4291403f9171ea1fccc6002a9dbd32d463aec67bc",
+        "binding_nonce_commitment": "02063d82caab5506217f31d27493ae3eaa956d1237257fa70d49d0931142b9b867",
+        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70825371853e974bc30ac5b947b216d70461919666584c70c51f9f56f117736c5d19eee5d2f185086106b56f30df5b840b37c6153e7ac8e0e1e9a6f66ebbc4aff60000000000000000000000000000000000000000000000000000000000000100",
+        "binding_factor": "5e167d10de7cd9b6c16c6ecf1fa40b92939c366f533df76490e068b8925d912d"
       },
       {
         "identifier": 257,
-        "hiding_nonce_randomness": "56356c2c1cdb71d1ce638e47fc0d4aa426ea248d917f33dba924761dc96e0a86",
-        "binding_nonce_randomness": "04121e4a9e1b3a22c0f9c1d8fa9865eee909c64b962b0e40c9a8b412434e9aa8",
-        "hiding_nonce": "5f8d2c7e5e7593c9b6e5a30c19ea36761752fdb20912482af8e19eac78060b78",
-        "binding_nonce": "8005918db8e3562ed3a1dad8f4bd3a502a0f507fe4b08853ecca7fd8a39c5899",
-        "hiding_nonce_commitment": "032c8dd2755d1e958c677b0b272b93ed92dbe20e48e6fbeed3fa02060ea615ccc8",
-        "binding_nonce_commitment": "02220de1269f14e8ced56cbe0ed6e87eb0909cbad3f6c9801d1d487115cd4497c5",
-        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70350c8b523feea9bb35720e9fbe0405ed48d78caa4fb60869f34367e144c68bb01cf39422297ba82169690e7e97d425ff839886c5393719b301d65993e38eabae0000000000000000000000000000000000000000000000000000000000000101",
-        "binding_factor": "16ce346401478b07ebdc20636b058744468b55d75c1f43e780f584f7e64d68c9"
+        "hiding_nonce_randomness": "724860ff150f088e695da0aeb0fb6421c12fbd0b6f6592e379807d97f2aeb9d0",
+        "binding_nonce_randomness": "1940e54262030338de4dd120b349e8b53d6103a8c74b795cf4b1092e86780a56",
+        "hiding_nonce": "3ac376b5304487606e86d55ee0ce3e41f55c3d349315a01fefa731fad73aa0f0",
+        "binding_nonce": "e385bc026e786498ccc81ea23f6e9086761734a7158a5ad6b19c03de473b8232",
+        "hiding_nonce_commitment": "0394020ca44176bc3ad92e2a473ce104b6a7871def87ad423a76156cc50954c879",
+        "binding_nonce_commitment": "02696a16a6f1ecfa524b10d8b26d4e2fe46a5b08b7720a5305db57dfae28e9d808",
+        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70825371853e974bc30ac5b947b216d70461919666584c70c51f9f56f117736c5d19eee5d2f185086106b56f30df5b840b37c6153e7ac8e0e1e9a6f66ebbc4aff60000000000000000000000000000000000000000000000000000000000000101",
+        "binding_factor": "6bd5c2b549521722cbdbc4197a1a2a1398a71b5861fc71cfa1d7ac0ba1034bc2"
       }
     ]
   },
@@ -1091,19 +1091,19 @@
     "outputs": [
       {
         "identifier": 129,
-        "sig_share": "8f9d9a492dd24ca8b0e38caf886c2f7ceba78659f066d16c1b081eaef772ba43"
+        "sig_share": "a7bcf8d542593127a391cdf1b83df475c4608322d7660474f4ce76e3b263b5ca"
       },
       {
         "identifier": 256,
-        "sig_share": "b5c3b9aac20358a28cffa130230eb26dc683a783a08ea21e2111de0123af0a6e"
+        "sig_share": "9d47444061493b9ff4bd654b39eb12b18a33638a4f1d66a156c40b5078c47b72"
       },
       {
         "identifier": 257,
-        "sig_share": "0782ac511d3f3c341fc50af3bcab8afb88f244946f90509d0a94504dbd9a2672"
+        "sig_share": "2bea459e63abfa8ac03f4217bfe498af6b98e1ac72a1824f8b6850ec3fa67c40"
       }
     ]
   },
   "final_output": {
-    "sig": "02ed33908e1a513355043e9362de13eed21f61dfd0e81b0b5f880a50859107da3f4ce400460d14e17e5da838d368266ce67e3677c4596e25a252f4823adc58c5d2"
+    "sig": "0323061463a6f77b8e3b1c62bb478b405503c0316cbdba5f323d038ce2a2cd215870ee82b5074e6751588e7554b20d9fd6fd45cdabf20d4ee0e341085d6e6b882b"
   }
 }

frost-p256/tests/helpers/vectors.json

@@ -37,25 +37,25 @@
     "outputs": [
       {
         "identifier": 1,
-        "hiding_nonce_randomness": "33c1270dea110665050fbc267a63aca53720d73bc7fc260fb1adcf322a5cfb87",
-        "binding_nonce_randomness": "aa07652d614a11a53e5307d3b1571efe42c7b2b8d76665df9df097ee9a623926",
-        "hiding_nonce": "1bbec0bfe9064ac5beba6d4b16c97d073169034db6be9739b926b9952c455407",
-        "binding_nonce": "7a0a250368f5c9938eef9fe33d1d9e0edfdd0926d65383c46e8bfd8361071f31",
-        "hiding_nonce_commitment": "03d4be662788b2f7e87f7b6ea14d28e1c65ca823fcd57eb7a85976f99b9d88cf17",
-        "binding_nonce_commitment": "03647507519b6a822ca8e6b3ec18c4584a9559b7deeb220c559820f8729f5470bd",
-        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70350c8b523feea9bb35720e9fbe0405ed48d78caa4fb60869f34367e144c68bb0e22ae0546b7b9525ef382322fc02a746fad19e76464948c6670cd27ff0301da10000000000000000000000000000000000000000000000000000000000000001",
-        "binding_factor": "cfbba583b314888a1ca65654b9c198535b9bca937986ce3f3e0759f44d263afb"
+        "hiding_nonce_randomness": "4a8477d587f118308d3069e63995feec76f5d9b83ab7d9bce2fc8011d3462bb4",
+        "binding_nonce_randomness": "62cbcda4d3d0df22b8dcc973714bc50c4ebb12caed8266df5e1a49cb73c0bcff",
+        "hiding_nonce": "a5d80a9eb6454a912473d129effd1eb6610ab556fbb2d198594947ea87be88bf",
+        "binding_nonce": "224bf61f1b423a20d1e4e74d6de7f6fe492488067c6f3b36b0aba601ae74eae1",
+        "hiding_nonce_commitment": "0211fe5268b9341f6de336fbb797effb21160bc836be0a7521ba02864019c94e97",
+        "binding_nonce_commitment": "03022d2adb2825f4233c21e6a182a91078368bc6b6b2736586a016d2656a14937a",
+        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70825371853e974bc30ac5b947b216d70461919666584c70c51f9f56f117736c5d3a27b8c270f59cc19034e43e42b66179dafc795f55807cce71610b4366c2cad60000000000000000000000000000000000000000000000000000000000000001",
+        "binding_factor": "f3524ed2b393ae51a66c8de55b65bea32532d7d90e34a6419ec32ea42201b846"
       },
       {
         "identifier": 3,
-        "hiding_nonce_randomness": "943e64532c3ef5710bfd67945befd72205ed31f83de1df53dfb97fa58e08500d",
-        "binding_nonce_randomness": "22e88993adde960fdd7b6846288a56b87c4f7209ecd285ba4374b2636c5f5bb4",
-        "hiding_nonce": "f7979a769e7a80b2b636c8c9034efdba8c8643bf1a8b439ad1c37b8ff1a26710",
-        "binding_nonce": "48ad5e524512b337225c64735edb201ad15e41858b4a1cc7bfc9034c31a28d29",
-        "hiding_nonce_commitment": "034341c84a3cc97696b080938b5cb51da596d8dad7c78d1b34d0cf6f43753b1a8d",
-        "binding_nonce_commitment": "027e7950dcb446e4995521406a7ea00f9c4adecd505dad7f3f7da597f70a9b6216",
-        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70350c8b523feea9bb35720e9fbe0405ed48d78caa4fb60869f34367e144c68bb0e22ae0546b7b9525ef382322fc02a746fad19e76464948c6670cd27ff0301da10000000000000000000000000000000000000000000000000000000000000003",
-        "binding_factor": "8036f2e50bbbe60415dd5f2dd167f3056ba8b33c86721b0edbfc5a05e5bd4acb"
+        "hiding_nonce_randomness": "da6c48369ed5170e8000a3d379c07c426a98620e7f7835334c87721e090188bc",
+        "binding_nonce_randomness": "b9c65da6de960b4c3eea5fb951e51aba852a91b7f893fbf8976c7a945e41d86d",
+        "hiding_nonce": "9a98a4bb403c55b194c470b4f05a11bf240b770e4ef8730c83f737a3308b5f01",
+        "binding_nonce": "6d18b61b5353af66f9ebee38fda169d7c01f0b2a51fc68ed7a526a79ed87eb86",
+        "hiding_nonce_commitment": "02d4bfd0ce577be72c1e9d1dd981490a15bf56518d194db0b61bfb3deb00c85d21",
+        "binding_nonce_commitment": "02a03c9990a3f79be07da4531ea8e2e90afbaf74ea31731f6d98113370a003f804",
+        "binding_factor_input": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70825371853e974bc30ac5b947b216d70461919666584c70c51f9f56f117736c5d3a27b8c270f59cc19034e43e42b66179dafc795f55807cce71610b4366c2cad60000000000000000000000000000000000000000000000000000000000000003",
+        "binding_factor": "a44f422051188cb7b48e8a326b961cef99ab1bd47d8425a130794767e7c7bc05"
       }
     ]
   },
@@ -63,15 +63,15 @@
     "outputs": [
       {
         "identifier": 1,
-        "sig_share": "18a95625cf125f7140bc209d4d9c9f64c737e600b5eb50096c3796516958295e"
+        "sig_share": "3913cccb804dd81498c9f2873ce7f7d39accf7def963ee2e18817955462ca88a"
       },
       {
         "identifier": 3,
-        "sig_share": "d8dbc8d2d5993717618bb68e2e85f3df2d100583a71ecd6d45614e49b4d643fa"
+        "sig_share": "9149aa8ac15e6e7481f9e3816135bc9e18de1f5dd1f472073fa00c8ef8e749bb"
       }
     ]
   },
   "final_output": {
-    "sig": "0386fb03f164dc1fd1f94be224445fe4fd8e3c1067ffb86bf6a192c1a358f62fe0f1851ef8a4ab9688a247d72b7c229343f447eb845d0a1d76b198e49b1e2e6d58"
+    "sig": "02aea65143565d19f2811d6c1d7a7486fdd57dd3f6b08d8653ca260ec0ebe00b61ca5d775641ac46891ac3d6089e1db471b3ab173ccb586035582185e43f13f245"
   }
 }

frost-ristretto255/src/lib.rs

@@ -136,8 +136,8 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar {
 
 /// Context string from the ciphersuite in the [spec].
 ///
-/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-1
-const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v11";
+/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-1
+const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v1";
 
 /// An implementation of the FROST(ristretto255, SHA-512) ciphersuite.
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
@@ -156,35 +156,35 @@ impl Ciphersuite for Ristretto255Sha512 {
 
     /// H1 for FROST(ristretto255, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-2.2.2.1
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.1
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m])
     }
 
     /// H2 for FROST(ristretto255, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-2.2.2.2
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.2
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"chal", m])
     }
 
     /// H3 for FROST(ristretto255, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-2.2.2.3
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.3
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m])
     }
 
     /// H4 for FROST(ristretto255, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-2.2.2.4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.4
     fn H4(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m])
     }
 
     /// H5 for FROST(ristretto255, SHA-512)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.2-2.2.2.5
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.5
     fn H5(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m])
     }

frost-ristretto255/tests/helpers/vectors-big-identifier.json

@@ -1054,36 +1054,36 @@
     "outputs": [
       {
         "identifier": 129,
-        "hiding_nonce_randomness": "7b88bdb232625fe36cb1b69b2b6666737a71d7397169016d62e751dab0de706b",
-        "binding_nonce_randomness": "23fd47ab14f8ec106687cf1c5a78d9b82a2ad95ff68a55bb1c6b247fc1d00e38",
-        "hiding_nonce": "de74b5f42a5a334775ed2b8e93b9300db9e7c3993eb9ee01b5c94a552694c801",
-        "binding_nonce": "bf535e3c6266db6526d636bebb36957b93a4374332a8709c43be4b55c1ef3f0e",
-        "hiding_nonce_commitment": "34ad3284617c57769ef00a44f767bf1ea9865d813cbe5be76875a4848c96a773",
-        "binding_nonce_commitment": "f20f3ecb95f93bd69c37c1064ad096ae1a2853395cd391788021e0d2f95c5a55",
-        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f579c245d5fc2e451c5c5a617cc6f2a20629fb317d9b1c1915ab4bfa319d4ebf922c54dd1a5b3b754550c72734ac9255db8107a2b01f361754d9f13f428c2f6de9edd2341f0d6af9cf6f2cc89f9c0386376417c4cb640a3f63de3208e8bc33f8b681af92604668104da9e997ce2cdd64412fde2c87f784f375e06ba2b97f7434b768100000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "525b9f27217174f07b93bcba578eb0eb41de43a883dd4abd282d1aaa9c3e0808"
+        "hiding_nonce_randomness": "5bb3d6794546e11c3e2de2ef999a87fa95d4a29a058829bfe26fd48164366e43",
+        "binding_nonce_randomness": "0e9496c8477d7075bc1b5512071b9e4cf50162fd6bb47a233fb9cbc8b620a804",
+        "hiding_nonce": "f4bd3da94222a2d8c09d931b79001199e7763158861a1a6a396b28808bcf0205",
+        "binding_nonce": "9cad274595248b7cea521a78505de99af3cbcaaa2dcb9ec9ef6562ffcf374602",
+        "hiding_nonce_commitment": "40a87c96d7c24d8c486f63fb31e0b10b1339d66eb6c1a870fb23ff14d3ce0236",
+        "binding_nonce_commitment": "8a24f0a5165c0178b9f7c2156514ee4b4790fb778e3aae7433f615cdbeba6150",
+        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f572889dde2854e26377a16caf77dfee5f6be8fe5b4c80318da84698a4161021b033911db5ef8205362701bc9ecd983027814abee94f46d094943a2f4b79a6e4d466d2692ce5dd66c94827d8eb0e2c7fb20b5c2c6db162f66db3ac5655d08492c00aa4a5f01124f9f4f535c8c65566758d127bd0ec4485d8f9f5bfe7e8a3c938bf08100000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "b99f5b2efa4fbf76a7695bb3a8357fc41a0a1a9d0525c4ede93403cb37ad6600"
       },
       {
         "identifier": 256,
-        "hiding_nonce_randomness": "1529bdb437e1dc39883c5c8a89127647d071ec77dc568f03162ba322a96a3377",
-        "binding_nonce_randomness": "31fe323272c7f76d165ca8f563b7438b85f64ca594689a9afa7ce2a0d14cc3fd",
-        "hiding_nonce": "3e4cba21e3ccdc12da7c77cc96d5e67b08f51ee7d7f293793d185012b1ead602",
-        "binding_nonce": "e88cc8856ca5fbe1221819e3ff30b9a51e1d44e34759d74b908d366a06eeb60d",
-        "hiding_nonce_commitment": "ae18a204bb7877b88162460b5ddd0d8476ca4a4b321956c91ef7c156576eaf2f",
-        "binding_nonce_commitment": "2c5fc4c552a5131580b1e85163bfa6d9d029bf5364601997593cb4f4c7e3ac3c",
-        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f579c245d5fc2e451c5c5a617cc6f2a20629fb317d9b1c1915ab4bfa319d4ebf922c54dd1a5b3b754550c72734ac9255db8107a2b01f361754d9f13f428c2f6de9edd2341f0d6af9cf6f2cc89f9c0386376417c4cb640a3f63de3208e8bc33f8b681af92604668104da9e997ce2cdd64412fde2c87f784f375e06ba2b97f7434b760001000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "0c435484b99594597597a72be88ed6b05907aac9b63f5ebc763090801594d800"
+        "hiding_nonce_randomness": "6e09cdb6da3ac41b5daf62388ea59338e8d745ea60606bd1dd965d36209559ac",
+        "binding_nonce_randomness": "bde90f9ff29889bb5c4e6b94b04d50e7425c0787b811618ee052e200ee56f8a3",
+        "hiding_nonce": "8eaa05e7dc18a35a7e4d710cb1ffb0024a732534526278e91fb60e0fa2115c03",
+        "binding_nonce": "012dd480086bf838ce9b1b39d44027e9c288ae76f858c023a471c83b62127a03",
+        "hiding_nonce_commitment": "a6ddaee4e10099d8ee7a316d120198712daae17ad6c3c1aaa861f4ff6d35276e",
+        "binding_nonce_commitment": "dac643aa91df51c47f4ed395bb7a98dcd9cc44835a7bb7bb2a6d83cdbfaafa1d",
+        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f572889dde2854e26377a16caf77dfee5f6be8fe5b4c80318da84698a4161021b033911db5ef8205362701bc9ecd983027814abee94f46d094943a2f4b79a6e4d466d2692ce5dd66c94827d8eb0e2c7fb20b5c2c6db162f66db3ac5655d08492c00aa4a5f01124f9f4f535c8c65566758d127bd0ec4485d8f9f5bfe7e8a3c938bf00001000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "7fb21cfe622a5dba3026a9f20bd7acd5a50a77e5eddd16d8037be07a3f316803"
       },
       {
         "identifier": 257,
-        "hiding_nonce_randomness": "149a6f7868ffa8334aa344eb3eb757d74ea6e9d37986e899bfdc5c2f931bfd8f",
-        "binding_nonce_randomness": "fdb3cfaf3524996d1f68c1ba055a50231f40c2e89f603b3ad8f2071d206ec0ac",
-        "hiding_nonce": "f84fc416e0b36f46fdbae64d9f2ce4a350bc9dde7adc94cfe6157cef4019550f",
-        "binding_nonce": "ba42d212749f3b32ddbcd779fae3f50ad850dfccf0d861f83b0de20b2a286d00",
-        "hiding_nonce_commitment": "a2bd6f4cab772b4967a862b8b8f75be29d0d14e4b96d2d14cdd6848420551e5d",
-        "binding_nonce_commitment": "2ca5e1307719cfad9a50072c281a80673f3bfa8f2a933501b638e2de81a8183d",
-        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f579c245d5fc2e451c5c5a617cc6f2a20629fb317d9b1c1915ab4bfa319d4ebf922c54dd1a5b3b754550c72734ac9255db8107a2b01f361754d9f13f428c2f6de9edd2341f0d6af9cf6f2cc89f9c0386376417c4cb640a3f63de3208e8bc33f8b681af92604668104da9e997ce2cdd64412fde2c87f784f375e06ba2b97f7434b760101000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "d1920d5ec53b5b465c754ca9b7b318f18e14a3bdb38badbeca645d90f1cfdc0b"
+        "hiding_nonce_randomness": "cd0efe25518a66e9fa02bf56e4c909365f9c0a1e796658f54a9166d8f59d42df",
+        "binding_nonce_randomness": "81333b09c5c7a648cbf81aa5241744e9159370c1d21b002b1a2911fefec0b156",
+        "hiding_nonce": "56df579d001d1b1e3c1be8b05069e14d63b8eba850529151b638dc9efb57b502",
+        "binding_nonce": "aab573e412cea04c5e0780ec7b40a610aa058fb1238df8a4baee5c4b8d2ae003",
+        "hiding_nonce_commitment": "4c8f75c1462d3a5777a45c0c76c4769b1af94afb5390c2af91b2e91900900864",
+        "binding_nonce_commitment": "c06340ac0bb9bf8bbd6050c9370040374b65a41c3aebdacc2cb2c322227ec636",
+        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f572889dde2854e26377a16caf77dfee5f6be8fe5b4c80318da84698a4161021b033911db5ef8205362701bc9ecd983027814abee94f46d094943a2f4b79a6e4d466d2692ce5dd66c94827d8eb0e2c7fb20b5c2c6db162f66db3ac5655d08492c00aa4a5f01124f9f4f535c8c65566758d127bd0ec4485d8f9f5bfe7e8a3c938bf00101000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "5b074048ef2c7a1c12173def28badaeadd1234bb4939a548af7cf8b8ca07a80d"
       }
     ]
   },
@@ -1091,19 +1091,19 @@
     "outputs": [
       {
         "identifier": 129,
-        "sig_share": "7577c322dc1cf27ebd5eed00117a81a72c1cf48c84b298fcbda29e840561300b"
+        "sig_share": "a35a4e231a8d33d0843c1cc5a1d39505b5ada0cf3aaa67b15f26357822e1d209"
       },
       {
         "identifier": 256,
-        "sig_share": "faf4e46bbf9f1716caa5d331e2bb691340f516d9c664f857aa639e877270cc02"
+        "sig_share": "8711f17b2a1a48c10ce4a39e2146915533f2d746b3fd44d626ac98b064fdb30b"
       },
       {
         "identifier": 257,
-        "sig_share": "65194dca1cdb72e73f1b0da848cd57b47061d299ca1f36cdd3f393ace7be760c"
+        "sig_share": "b66679e6b84877bf49b3ab5bfc4cb4739a6f504d484d3cebc4e502c24e386a03"
       }
     ]
   },
   "final_output": {
-    "sig": "bc4f873c741d336d150fdbab6fd63c11a1787ae6cc378cfc890fc8edbf3f5e29e7b1fffb9d346a24f182d6375d09645add72ddff1537c7213cfad0b85f90730a"
+    "sig": "ae8c8068e9dd98a7ac5fe3340d0a60a05aace264915beaba97642b7c00be846af3fec228e38ce0f80437741ce16cfcb9820fc96336f5e8724bb8d0ead516f108"
   }
 }

frost-ristretto255/tests/helpers/vectors.json

@@ -37,25 +37,25 @@
     "outputs": [
       {
         "identifier": 1,
-        "hiding_nonce_randomness": "e1f20967628cc118ede6a340bbec18f88a676d270823d443a6c03ddb4d5d9e24",
-        "binding_nonce_randomness": "b920c7bd488b42a3224299a4f245b2a1dc0bb1ad23c16b03432c5c1aafef06f6",
-        "hiding_nonce": "09b84762754062cee9b27373838c6b493cdd9c820f5a51620a43a0efae4ea101",
-        "binding_nonce": "06d4b840cadef85cd9404ee51c41212200c487423c1fe68590c24d83a3471707",
-        "hiding_nonce_commitment": "6c3356b8bf5e9e2c55ba903ad7f67ee7f082339cd598f7b8c04ad808155ce409",
-        "binding_nonce_commitment": "e011b45a279682bec3f8924117bf4a50bb5ca532a2c74fd41899811880731173",
-        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f579c245d5fc2e451c5c5a617cc6f2a20629fb317d9b1c1915ab4bfa319d4ebf922c54dd1a5b3b754550c72734ac9255db8107a2b01f361754d9f13f428c2f6de9e5f5c38fa28d05010ef00438bbc8fedc1a50c46d265d53448558179f2a7574c012f70b4458b4b4c6582e397116d73ad2a001b06cf5701e466b1fbbe99572946570100000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "376180fd0fa329212fbcf653d284caacf5a2857cb9dd06254a673c787c87d405"
+        "hiding_nonce_randomness": "4366eff4b4676f97822998ec3e5af1388131bffa3db76e54ee19805f0e778f33",
+        "binding_nonce_randomness": "173a02012818fbb58ed70b2dc620bb22e2d144d8c3953479e213ed7323f0270a",
+        "hiding_nonce": "b16f611649233ec528d20759e8cf828c12630a3b73996a643e59a5eda63c8b05",
+        "binding_nonce": "0cfb25a32975cc397e86509cdeb461d83d5021e4101c9554bd0b33b776645e09",
+        "hiding_nonce_commitment": "4818a19481eddc359c299dc101a84820423fcbe4b08badfa78c24b4de56c022e",
+        "binding_nonce_commitment": "f6df3b1ca00c88b7688a6ebffd6eb2d81a3d1305342ec69cc24cb4558bc2b41b",
+        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f572889dde2854e26377a16caf77dfee5f6be8fe5b4c80318da84698a4161021b033911db5ef8205362701bc9ecd983027814abee94f46d094943a2f4b79a6e4d46d196080c9b1229edb902e05ee9b6c10209cf3383e5e7bea1830a098ae2140e209295e74231d5cc522ae076f77fe08efd92b98daf433517ee50596f12123314b00100000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "812e62f8abce961bd9b3aabe36b6a00e7158611d6b5ccedec98119ae94a20d01"
       },
       {
         "identifier": 3,
-        "hiding_nonce_randomness": "054ddec7a2d303a915fda79f73e486639d759f2eae3929fd268e53c9672d45b3",
-        "binding_nonce_randomness": "95e9f6c87a8b5a580b8a019d5eb7d959d5ceb32dcf44d819340934520e8537ad",
-        "hiding_nonce": "fd8866d175ad3b6e945dd153980c1d696a9e34cd78f73c9b8941715e7f7e3c02",
-        "binding_nonce": "8a4dd5d19b85248dd2fadcb7649abbb897ac3a6e472540fac1f4cb3f39379802",
-        "hiding_nonce_commitment": "ba177131e0e5ae0ddcf0dd2284ae4c0b95e96c15c924d104c25d8a4ac60f1624",
-        "binding_nonce_commitment": "620e36f1c5f22a6f9667a75b54e33712b6c6c1b140225546be86c03224c68a16",
-        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f579c245d5fc2e451c5c5a617cc6f2a20629fb317d9b1c1915ab4bfa319d4ebf922c54dd1a5b3b754550c72734ac9255db8107a2b01f361754d9f13f428c2f6de9e5f5c38fa28d05010ef00438bbc8fedc1a50c46d265d53448558179f2a7574c012f70b4458b4b4c6582e397116d73ad2a001b06cf5701e466b1fbbe99572946570300000000000000000000000000000000000000000000000000000000000000",
-        "binding_factor": "42f3993ed4f4f54d0e017d88c6e02f99d8549096a4db1ae6bc1b0637db083f0b"
+        "hiding_nonce_randomness": "ca93286a68e79bd850839fd4fb4498fbee1bae3829f5dbd9e447860925e556cc",
+        "binding_nonce_randomness": "598dce485138d86ddecebb5c0cfa112ac114eb35fcded3cf69ad915c7abeb425",
+        "hiding_nonce": "4388f2f9912a8d2af3e9a655ce20c4eeb4a8c31df626cf628996f770b156b104",
+        "binding_nonce": "c680e9639176fd17747a915864299a3ad8fbd85883271d85726f311c94ed0604",
+        "hiding_nonce_commitment": "52554f07003db6c789b867872a762bbd5efc5fb699dc8213863369d66117142c",
+        "binding_nonce_commitment": "e0842fef27f9ccc38fbe93c73eb1f04d1de6c917b35aafffc8ffc7c02889cd70",
+        "binding_factor_input": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f572889dde2854e26377a16caf77dfee5f6be8fe5b4c80318da84698a4161021b033911db5ef8205362701bc9ecd983027814abee94f46d094943a2f4b79a6e4d46d196080c9b1229edb902e05ee9b6c10209cf3383e5e7bea1830a098ae2140e209295e74231d5cc522ae076f77fe08efd92b98daf433517ee50596f12123314b00300000000000000000000000000000000000000000000000000000000000000",
+        "binding_factor": "989e8cca0fbd75655f6eb77b010c45e4368c4fa912dbffb6c06798a42d91cd07"
       }
     ]
   },
@@ -63,15 +63,15 @@
     "outputs": [
       {
         "identifier": 1,
-        "sig_share": "4dfdf6c727011184cbd80324a1408b81ccc9cc99a52cf5078bd2e0ed8ff7b502"
+        "sig_share": "1f5adbfd775a95ce4c95c7d81b3898d89bdce160adece3168b38dc9367a20502"
       },
       {
         "identifier": 3,
-        "sig_share": "e9696a6100e56603eee88b83cb7ecf03bfe18ce5ac98ca0837539ddebdd7af01"
+        "sig_share": "34c974f623cd0b5563334afc2a395ee86c0638136d6cad74240478c13d4a2101"
       }
     ]
   },
   "final_output": {
-    "sig": "cc03ccfd6252754619df0dc4e1890fe073c3ad3447480f0de9a4a220355294223667612928e67787b9c18fa76cbf5a858bab597f52c5bf10c2257ecc4dcf6504"
+    "sig": "fa954853693068803615803a06e2c23a6228f7d6d6b442b72b26696aa776fe75532350f49b27a123b0c811d54671f6c008e319741a59918baf3c5455a5ec2603"
   }
 }

frost-secp256k1/src/lib.rs

@@ -167,8 +167,8 @@ fn hash_to_scalar(domain: &[u8], msg: &[u8]) -> Scalar {
 
 /// Context string from the ciphersuite in the [spec].
 ///
-/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-1
-const CONTEXT_STRING: &str = "FROST-secp256k1-SHA256-v11";
+/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-1
+const CONTEXT_STRING: &str = "FROST-secp256k1-SHA256-v1";
 
 /// An implementation of the FROST(secp256k1, SHA-256) ciphersuite.
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
@@ -187,35 +187,35 @@ impl Ciphersuite for Secp256K1Sha256 {
 
     /// H1 for FROST(secp256k1, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-2.2.2.1
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.1
     fn H1(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "rho").as_bytes(), m)
     }
 
     /// H2 for FROST(secp256k1, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-2.2.2.2
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.2
     fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "chal").as_bytes(), m)
     }
 
     /// H3 for FROST(secp256k1, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-2.2.2.3
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.3
     fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
         hash_to_scalar((CONTEXT_STRING.to_owned() + "nonce").as_bytes(), m)
     }
 
     /// H4 for FROST(secp256k1, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-2.2.2.4
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.4
     fn H4(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m])
     }
 
     /// H5 for FROST(secp256k1, SHA-256)
     ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-11.html#section-6.5-2.2.2.5
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.5
     fn H5(m: &[u8]) -> Self::HashOutput {
         hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m])
     }

frost-secp256k1/tests/helpers/vectors-big-identifier.json

@@ -1054,36 +1054,36 @@
     "outputs": [
       {
         "identifier": 129,
-        "hiding_nonce_randomness": "977265c3e39e09fd4714147654df830a8f55cc3184f9fd2156e063632ae4d302",
-        "binding_nonce_randomness": "8f387b1d0880588952159b0fc5f799c8f844e80bd09d468c793970fab6256058",
-        "hiding_nonce": "2db6fd4d59cd0a55fe45408a1553ca7f227972c1437044c6ee5f9356023e6e4f",
-        "binding_nonce": "51732d18302e970a288ef32dc4df911b9992893d530ba2fd5a64759572ebffbe",
-        "hiding_nonce_commitment": "02ed1a54b12492d9e4f46134dffa83266944d4784c2d94b689c9847727247dff36",
-        "binding_nonce_commitment": "02dfb525addd4b1b026cd5101b28eff5f7e94ac1a2aa960bd32dedc4138d036ed6",
-        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fa645d8249457bbcac34fa7b740f66bcce08fc39506b8bbf1a1c81092f6272edadfc5f765f80fb67466027243cf759556c1f5f5887c0abe7a4fda415d0ed7d5580000000000000000000000000000000000000000000000000000000000000081",
-        "binding_factor": "85b988e9a0d83eba0aea4e51bc567fc34eef428eac9b79299a0be4c9ed9fcb4f"
+        "hiding_nonce_randomness": "8a8821b1b7d3bb29e7c2ed156a17fbdb9d4e036e3c0f31ade4d853c40531526d",
+        "binding_nonce_randomness": "b5964e34921c184757523ebfce17f8c8d9a4f8b1a9a6b3ce2c62e75a79e217e8",
+        "hiding_nonce": "8eeee80965c09c9e46ffbcc15d898c383c078c5d03321bc9d5be4ff9653d8ac4",
+        "binding_nonce": "82a3b16d3361e76c8bdfc6c14fc3ad42c38f41cf3f8688226725c9d2dceccf6a",
+        "hiding_nonce_commitment": "022725c75dd202fc7cb2c513233f22ad8293c39a1404db558920ae421ad72e3e9f",
+        "binding_nonce_commitment": "03e89f797796683a7cc673a13773abc7b385781c0469437bd869c9add4243028c0",
+        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fff9b5210ffbb3c07a73a7c8935be4a8c62cf015f6cf7ade6efac09a6513540fc4591618d01f9ce7a67c6787d8a94bf5e6e19150be75f9230c3c4e4db0bd4a1c90000000000000000000000000000000000000000000000000000000000000081",
+        "binding_factor": "68e13faf3c7fb10a039b7dc40eeed6a7b43494c715092ea91f7d4a3aceaf290b"
       },
       {
         "identifier": 256,
-        "hiding_nonce_randomness": "80b7038393b26dc15f3162827b3b5b0b77e57523d319f945efa04a8382c97c9f",
-        "binding_nonce_randomness": "28a84669d25503303b74f50c7c5a3a948de31a5fb27a91c3fafaa3247d570afc",
-        "hiding_nonce": "2c80e101ce46fb29977f8d06bff4bd5edb39e7cb1c77a9d14f44edaeccc2a389",
-        "binding_nonce": "b51614ff20438040c57f21092a91337153beaf7d2fb7624be7fd8105a5cc3be6",
-        "hiding_nonce_commitment": "03cc9a7f79492f4a0fd610e3e5114be8eb8bc190d76480223cd9176913768cf22b",
-        "binding_nonce_commitment": "03324fee6d16d2c8de266255fd4be77fb5db8ebf70cd1f6874cc34e651c3618d27",
-        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fa645d8249457bbcac34fa7b740f66bcce08fc39506b8bbf1a1c81092f6272edadfc5f765f80fb67466027243cf759556c1f5f5887c0abe7a4fda415d0ed7d5580000000000000000000000000000000000000000000000000000000000000100",
-        "binding_factor": "a0b915115cc4eff7f4f1128631528d62139cedcbe2c7ad0bab380f1ded7e1ca4"
+        "hiding_nonce_randomness": "1227d0c4838dbda8f7871bb64cb49545655d65e1da44da38c9062d39e591f290",
+        "binding_nonce_randomness": "bbab58cdb56bcc90a9cde2778a79cfa786372100d60e6a17dd60349ccceb4c88",
+        "hiding_nonce": "a90463d1c2c10e0cb515efa4f448367b26f57ee3c558f87988abbc1b0767ee5a",
+        "binding_nonce": "a15fef4c65aa4c1cf2d54788fae0459a8bddba5d6c87ac6e92ff0b611aae7cb2",
+        "hiding_nonce_commitment": "025f629c95c7ae32b06c432756647d155214832a0c3a2eadaf0836a7db48a53482",
+        "binding_nonce_commitment": "0313a687d82930862532aa5ed50ec740036ddaa757fc8495932b91226ddc3830f7",
+        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fff9b5210ffbb3c07a73a7c8935be4a8c62cf015f6cf7ade6efac09a6513540fc4591618d01f9ce7a67c6787d8a94bf5e6e19150be75f9230c3c4e4db0bd4a1c90000000000000000000000000000000000000000000000000000000000000100",
+        "binding_factor": "b1bc8dfed71f105eed9266eee7e4633c2019e7295f9806e608f48e1cb3375a3d"
       },
       {
         "identifier": 257,
-        "hiding_nonce_randomness": "b7bfcb6c629a1136bbdeb923a234d2a53eb37410e12eb9931a8b8c66498accea",
-        "binding_nonce_randomness": "5af0da6655826d06b8a9d614d523ec151769296dd8369ce58a3fe2702b2c3d6b",
-        "hiding_nonce": "fa33c4bcae1ae614ee30cc2decfd741192520a3c099e67980f3e4e642473a866",
-        "binding_nonce": "880e6755ff707bc71b2eed66b91d1f9af1915081eb4bbf6fb97a77d590e7bb05",
-        "hiding_nonce_commitment": "03f10be4c734998dbf63bb7259417d8612665ffade5b98ab1247eb8c8d8fd4e8fe",
-        "binding_nonce_commitment": "03e877483d4f6629800d4f7b8012c752f311076cdced31a38622b71f5fa6f6f4b8",
-        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fa645d8249457bbcac34fa7b740f66bcce08fc39506b8bbf1a1c81092f6272edadfc5f765f80fb67466027243cf759556c1f5f5887c0abe7a4fda415d0ed7d5580000000000000000000000000000000000000000000000000000000000000101",
-        "binding_factor": "ce889af97bd177b331d9f94d09d086e4ccfcbe3f901e7345e4aa0b7281a92642"
+        "hiding_nonce_randomness": "8e8a7c08ce9f812a140c5f1b65300e65c63314e2ea00a8a7c8992d8e9baa7151",
+        "binding_nonce_randomness": "5dba45da45f873fd04ddd5f359ee52c8657028429f5819a7d8605b1181bfb3b5",
+        "hiding_nonce": "8a1b69c60990699b748993ea0167f82724f42af89bbf5c30b6ee2be3a2e99226",
+        "binding_nonce": "d09486f384c1ad1c8a517c8a0a249a7a638d4c046dc21657829d1baf671107ba",
+        "hiding_nonce_commitment": "02078f2b933818f8d44176927f4538caf0bad7ac885e279089c2ce0f49c6521c50",
+        "binding_nonce_commitment": "0333d6a39834dc8693fb2ac61bcdf9938a1f20eb575072dd7a0d6e896a1e1c351e",
+        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fff9b5210ffbb3c07a73a7c8935be4a8c62cf015f6cf7ade6efac09a6513540fc4591618d01f9ce7a67c6787d8a94bf5e6e19150be75f9230c3c4e4db0bd4a1c90000000000000000000000000000000000000000000000000000000000000101",
+        "binding_factor": "c03ca21f0fc7860918f5642c6851aa842bfdf3cf57294eb60f3aff91825f6087"
       }
     ]
   },
@@ -1091,19 +1091,19 @@
     "outputs": [
       {
         "identifier": 129,
-        "sig_share": "063eb52f81cfdcb90f1b1772dd5c543d91133cc4fbd9b8e42811e458e9a646bc"
+        "sig_share": "3c9f4bfd6e88db4e2d99831569a290d032453904d35b045c833c75feae6bad88"
       },
       {
         "identifier": 256,
-        "sig_share": "e7aa443b8454e9745472ba6da2d9ce603d4738919b0422b49120baa454b49400"
+        "sig_share": "d1928c93c533f426698940e9734ddf507c50791710be33ad66c97c4091bc7617"
       },
       {
         "identifier": 257,
-        "sig_share": "5b53f1b1ea60c77de5658e6331cfcf759b1b6a0c6f7fa015a17fe0e73ba672b6"
+        "sig_share": "f82e4ccf9c56d88447bd7c28ef9c9e68721d8eaea79acd77912feb9b7e166568"
       }
     ]
   },
   "final_output": {
-    "sig": "027286e220cdff7596dc6f8dc64f9d1b3758120714dc3193b65cf6c4844016022b493ceb1cf0858dab48f36043b205f214aec7027c5714db729ae02157a9cb0c31"
+    "sig": "035018f08dbd0a6d610a311d6f6817e85680f0e6838df4849791e716c8838d0fd206602560d013a7f8dee04027cc8d0e8bab5586fd2d22c509fb9120c11dd20685"
   }
 }

frost-secp256k1/tests/helpers/vectors.json

@@ -37,25 +37,25 @@
     "outputs": [
       {
         "identifier": 1,
-        "hiding_nonce_randomness": "7cb32568d23bb6c75e341a0fcebc9471aea86ff1d049356761ebc2e950b9532f",
-        "binding_nonce_randomness": "bfcfbe6cc0f8ac29c6c727bc5bb8bf4433922b93553f59d92274ca62238bb392",
-        "hiding_nonce": "1cb8009dd46bd95028739e46019a2f72b3a7b1191c3c69227286b78baa9b7f84",
-        "binding_nonce": "c1cfdf7bd3dd6cba3b2c7636779dd8123327950356324fdbf069c9c057096a91",
-        "hiding_nonce_commitment": "03bd97bdd50a5f0de1a826b6f953b283014be515f1e6511b7877bc14353e138933",
-        "binding_nonce_commitment": "03a0e591354dac31abcf42fab5b33e15332ec64e94e1531e36727bfc57b3479b2b",
-        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fa645d8249457bbcac34fa7b740f66bcce08fc39506b8bbf1a1c81092f6272edab58eadfcb68b028ec2de140ae16ed42e55acc32454a94c488b98b0a20495e80a0000000000000000000000000000000000000000000000000000000000000001",
-        "binding_factor": "68b412dbb0655bbf9d91ede1acc5dec71448ae6f65d4d75a4d578d4a861987ef"
+        "hiding_nonce_randomness": "bda8e748e599187762cff956f03dc6ea13fc8e04491a0427b7e6e78600f41c52",
+        "binding_nonce_randomness": "2ca682429bf05df435b9927b8edb1d748278f3e42fa11ef358e49bbf4a1b780d",
+        "hiding_nonce": "09764379667f9a9fa61928947bd925a7f162b21886b750d3b11c226d16b32f58",
+        "binding_nonce": "b2d3f8cb9da70984354c3fc3511b1f6ed21b7205941cb5553565d2ecade8c694",
+        "hiding_nonce_commitment": "0305e62a1d3f57a0b17ade569a3a4043e2a1fc3bd0b102614a8d8cc68e3322ad89",
+        "binding_nonce_commitment": "03b634c2aed7f85b8eec22e97e5f916ab43a3518821480e15da2af7cffcb060a30",
+        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fff9b5210ffbb3c07a73a7c8935be4a8c62cf015f6cf7ade6efac09a6513540fcfac8df6fa81b3f4d9ced4be2474894308232dc0be75dbf81f5a103579a8236310000000000000000000000000000000000000000000000000000000000000001",
+        "binding_factor": "9bee5aef4012de4b94c9fc1a9a9572181079e293bf1d7545a5af0ef86f824a91"
       },
       {
         "identifier": 3,
-        "hiding_nonce_randomness": "c69b4b31b7fee771ded685f8356598d2294813e61355cd925530e4a330cd5b1b",
-        "binding_nonce_randomness": "5710a27cd72fda841321d86c211a5c99eb99bce3f093298e2bc188fb0f1af549",
-        "hiding_nonce": "d8e84f05afdf50109bbe89d11f619676d934c84320a51c856ee7b4cc460f2bb9",
-        "binding_nonce": "3f8ba2085123f8819cded2e12dbddbac0380a7294c247ad5d385ee8b0c65f8b4",
-        "hiding_nonce_commitment": "02b5a13f31c245b9b0c02ae0277833c298021ab3225786f461a7de7e7abc2a01c9",
-        "binding_nonce_commitment": "0259ad4280f6c477ac379350486df8696e8ae5a470ae04fea9cfad2905e751e19e",
-        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fa645d8249457bbcac34fa7b740f66bcce08fc39506b8bbf1a1c81092f6272edab58eadfcb68b028ec2de140ae16ed42e55acc32454a94c488b98b0a20495e80a0000000000000000000000000000000000000000000000000000000000000003",
-        "binding_factor": "73643bffdf314bd7ab394a009515192a6f240e7ee16347b98f1202582e73ed92"
+        "hiding_nonce_randomness": "70818dd5170672c4a4285fd593d4f222417f941f3118e1244955e7a1098a35d8",
+        "binding_nonce_randomness": "74ca2da071ed4a2a6cad5087d6758b48a558ab5861c61117fee05757e4b1309e",
+        "hiding_nonce": "0d92e255e5b42ebc2863f8198d946fc10f388c4983073c18cbb77b88e3bf2e34",
+        "binding_nonce": "1c7243ce00a499b1e7ce3403e7b731d0c820cf108feb8c5ee7c29b4ef43be5e0",
+        "hiding_nonce_commitment": "036f878da0dc19ba7da9f2d9e795e2674e62ff06c990fc4464cc1ed55a2acce46b",
+        "binding_nonce_commitment": "025350e2a9e32e7b1fe0161e990623600b2d301b3307641469129cff7936c4d2ce",
+        "binding_factor_input": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4fff9b5210ffbb3c07a73a7c8935be4a8c62cf015f6cf7ade6efac09a6513540fcfac8df6fa81b3f4d9ced4be2474894308232dc0be75dbf81f5a103579a8236310000000000000000000000000000000000000000000000000000000000000003",
+        "binding_factor": "cfe0db2197c94cc355b6ab05610f27f4a874898009c8bf007f2a4e2ce2c8306d"
       }
     ]
   },
@@ -63,15 +63,15 @@
     "outputs": [
       {
         "identifier": 1,
-        "sig_share": "d84d3c85959a968bf0f06245d5f746d23ca040db71232219e914eb9025c48804"
+        "sig_share": "ca54b18d7449377cfa680760a5770b9e64e201f7ea36b068effeca5fce2155e5"
       },
       {
         "identifier": 3,
-        "sig_share": "16e10b99292455f8f0af08d3f17eff5526b63902543e652da94de13f39ff0ed3"
+        "sig_share": "da13d054e83052568706a6d161d80f112a6bc3f76aa903c022585ae7e091e65e"
       }
     ]
   },
   "final_output": {
-    "sig": "02a1263dcb051f0126192a77582ad78566d251b8454adaeb49497fee0f31f6200eef2e481ebebeec84e19f6b19c7764627635679ddc56187479262cccf5fc396d7"
+    "sig": "024c1ad4e031872661fa6ebd05dfc7fb30db08b38d79f0edbc82051ae931381bc6a46881e25c7989d3816eae32074f1ab0d49ee908a59713ed5284c6bade7cfb02"
   }
 }