We have now simply launched FROST v3.0.0-rc.0. The primary modifications on this launch have been altering the cheater detection characteristic to permit specifying as a operate parameter as a substitute of a compile-time characteristic, an enormous refactor of the restore share and refresh share performance, bettering our check protection for serialisation and async, and a few vital enhancements to our documentation.
Function Configuration Adjustments
The `cheater-detection` characteristic was eliminated to simplify the characteristic matrix and scale back upkeep burden. Since most customers need cheater detection enabled, it’s now the default habits. For customers who explicitly have to disable it (e.g., for efficiency in trusted environments), a brand new `aggregate_custom()` operate was added that accepts a `CheaterDetection` argument. The `std` and `nightly` options have additionally been eliminated for the reason that crates are actually no-std by default (except for frost-ed448) and the nightly characteristic was by no means used.
Key Refresh and Repairable Module Enhancements
The `refresh` module was simplified to enhance usability: `compute_refreshing_shares()` now not takes `min_signers` and `max_signers` arguments since these values might be inferred from the `PublicKeyPackage`. This prevents errors from mismatched parameters and makes the API more durable to misuse.
The `repairable` module additionally underwent some refactoring to enhance readability. Capabilities have been renamed from `repair_share_step_X()` to `repair_share_partX()` for consistency with DKG naming. New `Delta` and `Sigma` varieties change uncooked `Scalar` values, stopping unintentional misuse, and these features now return a `KeyPackage` as a substitute of `SecretShare`, which is extra helpful since `SecretShare`s don’t should be saved long-term.
To enhance safety, `ZeroizeOnDrop` was applied for `SigningNonces`, guaranteeing that delicate nonce materials is mechanically zeroed from reminiscence when it goes out of scope.
Enhancements
We added `pre_commitment_aggregate()` and `pre_commitment_sign()` hooks to the `Ciphersuite` trait in addition to `Ciphersuite::post_generate()` to permit ciphersuit particular customization.
A `min_signers` argument was added to `PublicKeyPackage::new()` (wrapped in `Possibility` for backwards compatibility) to make sure threshold data is preserved with the general public key bundle. The `frost-rerandomized` crate is now re-exported in ciphersuite crates, making it simpler to make use of rerandomized signing with out further imports.
The `InvalidSignatureShare::wrongdoer` area was modified to `culprits` (now a `Vec`), and `Error::wrongdoer()` was equally renamed to `culprits()`, permitting a number of misbehaving contributors to be recognized in a single aggregation try. The `Ciphersuite`, `Scalar`, and `Ingredient` traits now require `Ship` and `Sync` bounds to allow secure use in async contexts. The serialization traits (`SignatureSerialization`, `Subject::Serialization`, `Ingredient::Serialization`) have been simplified to now not require `TryFrom
frost-rerandomized Crate
The `cheater-detection` characteristic was additionally faraway from this crate with the identical habits modifications as frost-core.
The frost-rerandomized crate obtained a revamped API motivated by Zcash integration necessities. The earlier method generated randomizers in a approach that relied on a single social gathering’s randomness whereas the brand new API ensures all signing events contribute to the randomness, bettering safety.
New features embody `RandomizedParams` created for producing a randomizer based mostly on signing commitments and recent random information, and for recreating the identical randomizer from a saved seed.
Documentation Enhancements
Documentation was expanded to make clear safety necessities: authenticated and confidential channels are wanted for DKG (to stop man-in-the-middle assaults throughout key technology), however solely authenticated channels are wanted for signing. Warnings about secp256k1 utilization have been added to assist customers perceive the safety concerns.
A community topologies documentation part was added explaining the alternative ways FROST contributors might be organized. A FROST Server part and zcash-devtool demo part have additionally been added.
There are many breaking modifications, so please do take a look on the frost-core Changelog in addition to the frost-rerandomized Changelog for extra particulars earlier than upgrading.
Many because of @conradoplg, @natalieesk, @mpguerra, @StackOverflowExcept1on, @VolodymyrBg, @crStiv, @azuchi and @kwsantiago for his or her contributions.
Thanks for studying!
