Implement threshold cryptography #219
Conversation
abread
force-pushed
the
threshcrypto
branch
from
e5a9d6e
to
608de18
Compare
|
@xosmig Thank you for the thorough review! I believe I have integrated all the suggestions |
There was a problem hiding this comment.
Very nice, thanks a lot for the contribution André!
I only added a few very minor cosmetic comments that you can use to polish the code, but I think the code is ready for merging even as-is. Great job! 👍
A big thanks also to @xosmig for the initial thorough review and comments!
|
Thank you so much, Matej! |
|
I've started playing around with this, and ended up implementing some DSL utilities akin to the availability module. They don't require much thought to implement so I went ahead and included them here |
|
@abread sorry that you had to do it several times already, but could you please merge the latest |
Ah, it was already done (when I added the DSL stuff) :)
Fine by me! |
|
Weird, it gives me "Already up to date". |
Co-authored-by: Andrei Tonkikh <andrei.tonkikh@gmail.com>
Upon looking at the tbls implementation, it is clear that it is not ready to handle multiple/duplicate signature shares from the same node. This is something that can be done ahead of time with greater efficiency leading to less calls to `Recover`. Note: anonymous threshold signature schemes cannot validate share origin, and therefore may require modifying our requirements
Co-authored-by: Matej Pavlovic <matopavlovic@gmail.com>
Co-authored-by: Matej Pavlovic <matopavlovic@gmail.com>
Co-authored-by: Andrei Tonkikh <andrei.tonkikh@gmail.com>
abread
force-pushed
the
threshcrypto
branch
from
d93e540
to
f74809f
Compare
|
Rebased to main, should be alright now! |
Yes, sorry, it was my fault, I had the wrong option selected in github and the button for merging was gray 😩 |
|
Ah dw, it was quick to do! |
|
Merging. Thanks for your contribution!! |
This PR introduces
threshcrypto- a new module for working with threshold signatures in Mir, and an implementation using BLS12-381 threshold signatures (using the same underlying library as drand).There was some discussion on Slack on how to go about this.
It's based on the existing
cryptomodule: the dummy and pseudo implementations were kept for testing purposes, but I did not reimplement theDefaultImplas no API consumers exist yet and there's no "real" implementations besides TBLS to guide its design.