We’ve got simply launched FROST v3.0.0-rc.0. The principle adjustments on this launch have been altering the cheater detection function to permit specifying as a operate parameter as an alternative of a compile-time function, a giant refactor of the restore share and refresh share performance, bettering our check protection for serialisation and async, and a few vital enhancements to our documentation.
Function Configuration Modifications
The `cheater-detection` function was eliminated to simplify the function matrix and scale back upkeep burden. Since most customers need cheater detection enabled, it’s now the default conduct. For customers who explicitly must disable it (e.g., for efficiency in trusted environments), a brand new `aggregate_custom()` operate was added that accepts a `CheaterDetection` argument. The `std` and `nightly` options have additionally been eliminated because the crates at the moment are no-std by default (aside from frost-ed448) and the nightly function was by no means used.
Key Refresh and Repairable Module Enhancements
The `refresh` module was simplified to enhance usability: `compute_refreshing_shares()` not takes `min_signers` and `max_signers` arguments since these values will be inferred from the `PublicKeyPackage`. This prevents errors from mismatched parameters and makes the API more durable to misuse.
The `repairable` module additionally underwent some refactoring to enhance readability. Features had been renamed from `repair_share_step_X()` to `repair_share_partX()` for consistency with DKG naming. New `Delta` and `Sigma` varieties exchange uncooked `Scalar` values, stopping unintentional misuse, and these capabilities now return a `KeyPackage` as an alternative of `SecretShare`, which is extra helpful since `SecretShare`s don’t must be saved long-term.
To enhance safety, `ZeroizeOnDrop` was carried out for `SigningNonces`, guaranteeing that delicate nonce materials is mechanically zeroed from reminiscence when it goes out of scope.
Enhancements
We added `pre_commitment_aggregate()` and `pre_commitment_sign()` hooks to the `Ciphersuite` trait in addition to `Ciphersuite::post_generate()` to permit ciphersuit particular customization.
A `min_signers` argument was added to `PublicKeyPackage::new()` (wrapped in `Possibility` for backwards compatibility) to make sure threshold data is preserved with the general public key bundle. The `frost-rerandomized` crate is now re-exported in ciphersuite crates, making it simpler to make use of rerandomized signing with out extra imports.
The `InvalidSignatureShare::perpetrator` area was modified to `culprits` (now a `Vec`), and `Error::perpetrator()` was equally renamed to `culprits()`, permitting a number of misbehaving members to be recognized in a single aggregation try. The `Ciphersuite`, `Scalar`, and `Ingredient` traits now require `Ship` and `Sync` bounds to allow secure use in async contexts. The serialization traits (`SignatureSerialization`, `Area::Serialization`, `Ingredient::Serialization`) had been simplified to not require `TryFrom
frost-rerandomized Crate
The `cheater-detection` function was additionally faraway from this crate with the identical conduct adjustments as frost-core.
The frost-rerandomized crate obtained a revamped API motivated by Zcash integration necessities. The earlier strategy generated randomizers in a means that trusted a single occasion’s randomness whereas the brand new API ensures all signing events contribute to the randomness, bettering safety.
New capabilities embrace `RandomizedParams` created for producing a randomizer based mostly on signing commitments and contemporary random information, and for recreating the identical randomizer from a saved seed.
Documentation Enhancements
Documentation was expanded to make clear safety necessities: authenticated and confidential channels are wanted for DKG (to forestall man-in-the-middle assaults throughout key era), however solely authenticated channels are wanted for signing. Warnings about secp256k1 utilization had been added to assist customers perceive the safety concerns.
A community topologies documentation part was added explaining the alternative ways FROST members will be organized. A FROST Server part and zcash-devtool demo part have additionally been added.
There are many breaking adjustments, so please do take a look on the frost-core Changelog in addition to the frost-rerandomized Changelog for extra particulars earlier than upgrading.
Many because of @conradoplg, @natalieesk, @mpguerra, @StackOverflowExcept1on, @VolodymyrBg, @crStiv, @azuchi and @kwsantiago for his or her contributions.
Thanks for studying!
