Releases: bnb-chain/tss-lib
v2.0.2
What's Changed
- fix: compatibility of end channel output shift to pointer by @ZhAnGeek in #271
- add: Exposed random sources by @balena #275
- fix: Fixed nil pointer in String method() when no rounds left @olegfomenko #276
- fix: Fix update always round.ok @ZhAnGeek #282
- fix signing issue if the message is leading with 0x00 @zargarzadehm #284
New Contributors
- @balena made his first contribution in #275
- @zargarzadehm made his first contribution in #284
- @olegfomenko made his first contribution in #276
Full Changelog: v2.0.1...v2.0.2
v2.0.1
v2.0.0
In v2.0.0 release, several updates added including 1) ECDSA protocol update according to GG18 paper update; 2) Fix of 2023 GHSA-5cjx-95fx-68q9 by Fireblocks; 3) Fix of 2023 Tsshock by Verichain; 4) Added more boundary condition checks according to various security reports; 5) Add session infomation for sub protocols to prevent message replay; 6) Added switches to optionally turn of heavy Paillier key proof in tss.params(do NOT use unless you are in a trusted setting or the Paillier key are already verified).
Compatibility with v1.3.5
It's generally not compatible with v1.3.5. Not recommend to make hacks to run with a mixture parties of both v2 and v1.3. The existing ECDSA wallet generated from v1.3 can be upgraded(from resharing) to v2 wallet. We recommend to update all parties and their wallet to v2 due to the security updates.
What's Changed
- Fix possible hash collision by @yycen in #233
- Update SECURITY.md by @ackratos in #241
- ECDSA protocol security updates by @yycen in #252
- Ecdsa proof session byte by @ZhAnGeek in #256
- Update tagged version hash encoding by @yycen in #257
- Update module name to v2 by @yycen in #262
New Contributors
Full Changelog: v1.3.5...v2.0.0
v1.3.5
New features
ECDSA child key derivation by @plopezlpz in #195 adds an init function NewLocalPartyWithKDD in ECDSA
Improve DLN proof verification performance by @pdyraga in #203 adds an entry in tss.Parameters
What's Changed
- fix: rebrand by @ackratos in #173
- Add checks in dlnproof [TOB-BIN-8] by @yycen in #180
- Allow to stop pre-parameters generator with a context by @pdyraga in #191
- update README.md to match the new version by @typestring in #185
- Add check in mta_proof by @yycen in #205
- Feature/hd cherry pick by @plopezlpz in #195
- Improve DLN proof verification performance for large signing groups by @pdyraga in #203
New Contributors
- @typestring made their first contribution in #185
- @plopezlpz made their first contribution in #195
Full Changelog: v1.3.3...v1.3.5
Various security fixes
Security updates
- Additional check when Ks mismatch in savedata and sortedID in #156
- Do not normalize IDs of Shamir's Secret Sharing by @pdyraga in #155
- Check paillier ciphertext in #151
- Bugfix for vss, check shareid when construct vss in #149
- Check length of bits of NTildej by @yycen in #146
- dlog smallgroup 8 by @ackratos in #115
Other updates
Bug fix for EdDSA
This release fixes a minor issue in the EdDSA resharing code:
- The error
any: message type "" isn't linked in
was being caused by an unregistered Protobuf message typeDGRound4Message
used only in EdDSA resharing. The message type has been registered properly.
There have been no changes made to the public API.
Bug fixes
This bug fix release addresses these issues in the ECDSA protocols:
- Fix default pre-params concurrency with < 3 CPU cores (#93)
And in code shared by all protocols:
- Allow resharing when more than T+1 of the old committee participates (#95)
- Add fromPartyIdx validation for all incoming messages
- Add more basic sanity checks to PrepareForSigning
- Fix the location of an embedded protocol buffer struct definition
There have been no changes made to the public API.
Edwards-curve digital signature algorithm (EdDSA)
This release adds support for Edwards-curve digital signature algorithm (EdDSA).
The Edwards-curve digital signature algorithm (or EdDSA for short) is a digital signature scheme using a variant of Schnorr signatures based on twisted Edwards curves.
The packages in eddsa/...
contain the EdDSA protocols for keygen, signing and re-sharing; the API was kept as similar as possible to the existing ECDSA protocols.
An announcement introducing this feature has been posted on the Binance blog.
Various bug fixes
Reminder: This software has been audited by security professionals, but some bugs may still exist.
In the interest of providing safe software to the open source community, a full security review of this library was carried out by Kudelski Security, a division of the Kudelski Group, and completed in October 2019. A copy of this report may be found in this repository.
Use of any open source software is at your own risk. You are reminded to review any software source code before use, especially in any systems that are handling financial transactions.
Security Audit Report: https://github.com/binance-chain/tss-lib/releases/download/v1.0.0/audit-binance-tss-lib-final-20191018.pdf
Assorted fixes for ECDSA
This bug fix release addresses these issues in the ECDSA protocols:
In signing and re-sharing:
- The input "save data" is now copied and filtered locally during signing and re-sharing to handle a non-contiguous or non-zero indexed set of participants from keygen. Commit: 51d3031
- The unit tests for signing and re-sharing are now using a random set of participants from the keygen fixtures to verify the above fix. Commit: a110668
In re-sharing only:
- The re-sharing protocol now uses two save data structs named
input
andsave
for code clarity. Commit: 129ebae
For all ECDSA protocols:
- Add a handled short-circuit to prevent causing a panic when calling
WaitingFor
orWrapError
on a non-startedParty
. Issue: #82 Commit: 4fcd04b
There have been no changes made to the public API.