We’ve simply launched FROST v3.0.0-rc.0. The principle adjustments on this launch have been altering the cheater detection function to permit specifying as a perform parameter as a substitute of a compile-time function, a giant refactor of the restore share and refresh share performance, enhancing our take a look at protection for serialisation and async, and a few important enhancements to our documentation.
Characteristic Configuration Modifications
The `cheater-detection` function was eliminated to simplify the function matrix and cut back upkeep burden. Since most customers need cheater detection enabled, it’s now the default habits. For customers who explicitly have to disable it (e.g., for efficiency in trusted environments), a brand new `aggregate_custom()` perform was added that accepts a `CheaterDetection` argument. The `std` and `nightly` options have additionally been eliminated because the crates are actually no-std by default (apart from frost-ed448) and the nightly function was by no means used.Â
Key Refresh and Repairable Module Enhancements
The `refresh` module was simplified to enhance usability: `compute_refreshing_shares()` not takes `min_signers` and `max_signers` arguments since these values could be inferred from the `PublicKeyPackage`. This prevents errors from mismatched parameters and makes the API tougher to misuse.
The `repairable` module additionally underwent some refactoring to enhance readability. Features had been renamed from `repair_share_step_X()` to `repair_share_partX()` for consistency with DKG naming. New `Delta` and `Sigma` varieties substitute uncooked `Scalar` values, stopping unintended misuse, and these capabilities now return a `KeyPackage` as a substitute of `SecretShare`, which is extra helpful since `SecretShare`s don’t should be saved long-term.
To enhance safety, `ZeroizeOnDrop` was carried out for `SigningNonces`, guaranteeing that delicate nonce materials is routinely zeroed from reminiscence when it goes out of scope.
Enhancements
We added `pre_commitment_aggregate()` and `pre_commitment_sign()` hooks to the `Ciphersuite` trait in addition to `Ciphersuite::post_generate()` to permit ciphersuit particular customization.
A `min_signers` argument was added to `PublicKeyPackage::new()` (wrapped in `Choice` for backwards compatibility) to make sure threshold data is preserved with the general public key package deal. The `frost-rerandomized` crate is now re-exported in ciphersuite crates, making it simpler to make use of rerandomized signing with out extra imports.
The `InvalidSignatureShare::offender` discipline was modified to `culprits` (now a `Vec`), and `Error::offender()` was equally renamed to `culprits()`, permitting a number of misbehaving contributors to be recognized in a single aggregation try. The `Ciphersuite`, `Scalar`, and `Ingredient` traits now require `Ship` and `Sync` bounds to allow secure use in async contexts. The serialization traits (`SignatureSerialization`, `Subject::Serialization`, `Ingredient::Serialization`) had been simplified to not require `TryFrom
frost-rerandomized Crate
The `cheater-detection` function was additionally faraway from this crate with the identical habits adjustments as frost-core.
The frost-rerandomized crate obtained a revamped API motivated by Zcash integration necessities. The earlier strategy generated randomizers in a manner that relied on a single social gathering’s randomness whereas the brand new API ensures all signing events contribute to the randomness, enhancing safety.
New capabilities embody `RandomizedParams` created for producing a randomizer primarily based on signing commitments and recent random knowledge, and for recreating the identical randomizer from a saved seed.Â
Documentation Enhancements
Documentation was expanded to make clear safety necessities: authenticated and confidential channels are wanted for DKG (to forestall man-in-the-middle assaults throughout key era), however solely authenticated channels are wanted for signing. Warnings about secp256k1 utilization had been added to assist customers perceive the safety issues.
A community topologies documentation part was added explaining the alternative ways FROST contributors could be organized. A FROST Server part and zcash-devtool demo part have additionally been added.
There are many breaking adjustments, so please do take a look on the frost-core Changelog in addition to the frost-rerandomized Changelog for extra particulars earlier than upgrading.
Many because of @conradoplg, @natalieesk, @mpguerra, @StackOverflowExcept1on, @VolodymyrBg, @crStiv, @azuchi and @kwsantiago for his or her contributions.
Thanks for studying!