Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only P256() is supported now? #43

Open
LanfordCai opened this issue Dec 2, 2024 · 4 comments
Open

Only P256() is supported now? #43

LanfordCai opened this issue Dec 2, 2024 · 4 comments

Comments

@LanfordCai
Copy link

LanfordCai commented Dec 2, 2024
edited
Loading

Thank you for the great work on this project!

I’m currently trying to use Secp256k1, but I noticed that the curve appears to be hardcoded as P256 in the following file: mpc.go. If I understand correctly, this means the library currently only supports P256, even though tss-lib itself supports additional curves like Secp256k1. Could you confirm if this is the case? Are there plans to support other curves in the future?

And another question, is it safe to trigger a Sign operation while a KeyGen operation is in progress?
@yacovm
Copy link
Contributor

yacovm commented Dec 24, 2024

Thank you for the great work on this project!

You're welcome! I'm glad you find this work useful.

I’m currently trying to use Secp256k1, but I noticed that the curve appears to be hardcoded as P256 in the following file: mpc.go. If I understand correctly, this means the library currently only supports P256, even though tss-lib itself supports additional curves like Secp256k1. Could you confirm if this is the case? Are there plans to support other curves in the future?

If TSS-lib supports Secp256k1 then probably it should be possible to add support for it in this library.
However I no longer work at IBM, and when I left, my administration rights on this repository got automatically revoked.
Would you like to make a code contribution? If so, I can review it and @mbrandenburger can then merge it.

And another question, is it safe to trigger a Sign operation while a KeyGen operation is in progress?

How can you sign before the DKG is finished? Are you signing using a previous incarnation of the DKG?

@LanfordCai
Copy link
Author

@yacovm I'm glad to receive your reply! I have submitted PR #45 that adds default secp256k1 support for ecdsa. If you have time, please take a look!

Since Keygen takes quite a long time, I want my service to be able to process signing requests using previously generated keys without waiting for the current Keygen to complete. My current approach is:

  1. After Keygen, ensure we don't call SetStoredData which will modify the Scheme's internal state. During Signing;
  2. Each party retrieves secret data from the database and calls SetStoredData to perform the signing. After Signing is complete, we remove the StoredData.
  3. Ensure only one Signing task can run at a time.

Do you think this approach is safe? I would appreciate your advice on this approach. Thank you!

@yacovm
Copy link
Contributor

yacovm commented Dec 28, 2024

I reviewed your PR.

Regarding your question - The safest thing to do is to just instantiate a new instance of threshold.Scheme and this way you can run instances concurrently and in a mutually exclusive manner.
This way, you can call SetStoreData and it will simply be invoked on a different instance.

@LanfordCai
Copy link
Author

@yacovm Thank you! I'm going to change my service so that there will be one scheme for keygen only and one scheme for signing in a party.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yacovm @LanfordCai