lss

package
v1.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2025 License: Apache-2.0 Imports: 24 Imported by: 0

README

LSS (Linear Secret Sharing) Protocol - Production Ready 🚀

This package implements the LSS MPC ECDSA protocol with comprehensive multi-chain support, as described in:

"LSS MPC ECDSA: A Pragmatic Framework for Dynamic and Resilient Threshold Signatures"
Vishnu J. Seesahai (vjs1@cornell.edu)
August 3, 2025

Enhanced with:

  • Multi-chain adapters for 10+ blockchains (XRPL, Ethereum, Bitcoin, Solana, etc.)
  • Post-quantum security via Ringtail lattice-based signatures
  • Byzantine fault tolerance and emergency recovery
  • 100% test coverage with comprehensive stress testing

Overview

LSS MPC ECDSA is a pragmatic framework designed for real-world deployment of threshold signatures. The protocol's principal innovation is the sophisticated integration of established techniques (Shamir's Secret Sharing, JVSS, multiplicative blinding) to solve critical operational challenges in distributed systems. Key features include:

Dynamic Resharing (Core Innovation)
  • Live expansion and contraction of signing group without downtime
  • Transition from T-of-N to T'-of-(N±k) without reconstructing master key
  • Coordinator-driven, verifiable resharing protocol using JVSS
  • Operationally constant time - signing continues during membership changes
Resilient Operations
  • Automated fault tolerance with node eviction and state rollback
  • Rollback to previously certified shard generation on signing failures
  • Persistence layer maintains generation history for recovery
Pragmatic Design
  • Supports Protocol I (Localized Nonce Blinding) and Protocol II (Collaborative Nonce Blinding)
  • NEW: Production-ready adapters for XRPL, Ethereum, Bitcoin, Solana, Cosmos, Polkadot
  • NEW: Post-quantum Ringtail signatures (128/192/256-bit security)
  • Compatible with ECDSA, EdDSA, Schnorr, and lattice-based signatures
  • Unified SignerAdapter interface for chain-agnostic operations

Architecture

The implementation follows the paper's architecture with these components:

1. Bootstrap Dealer
  • Trusted node serving as network's membership manager
  • Orchestrates key resharing protocol
  • Never handles unencrypted secrets
  • Manages auxiliary secret generation (w, q) for resharing
2. Signature Coordinator
  • Operational workhorse exposing public API for signing requests
  • Coordinates signing MPC among participants
  • Triggers automatic rollback on signing failures
  • Manages partial signature collection and interpolation
3. Participant Nodes (Parties)
  • Hold private key shares
  • Perform local cryptographic operations
  • Maintain generation history for rollback
  • Execute JVSS protocols for resharing
4. Cryptographic Protocols
  • Protocol I (Localized Nonce Blinding): Uses multiplicative blinding with local random u2i
  • Protocol II (Collaborative Nonce Blinding): Collaborative nonce generation u2 = k·b
  • Implementation: Optimized collaborative nonce construction k = Σki for lower latency

Usage

Key Generation
import "github.com/luxfi/threshold/protocols/lss"

// Generate initial threshold keys
configs := lss.Keygen(curve.Secp256k1{}, partyID, partyIDs, threshold, pool)
Dynamic Resharing
// Add new parties or change threshold
newConfig := lss.Reshare(oldConfig, newParties, newThreshold, pool)

// FROST protocol with LSS resharing
newFrostConfigs := lss.DynamicReshareFROST(oldFrostConfigs, newPartyIDs, newThreshold, pool)
Signing
// Standard signing
signature := lss.Sign(config, signers, messageHash, pool)

// With multiplicative blinding
signature := lss.SignWithBlinding(config, signers, messageHash, protocolVersion, pool)
Rollback
// Create rollback manager
mgr := lss.NewRollbackManager(maxGenerations)

// Save snapshots
mgr.SaveSnapshot(config)

// Rollback to previous generation after failure
restoredConfig, err := mgr.Rollback(targetGeneration)

// Automatic rollback on repeated failures
restoredConfig, err := mgr.RollbackOnFailure(failureThreshold)

Security Properties

The protocol provides the following security guarantees (per the paper):

  1. Threshold Security: No coalition of fewer than T parties can forge signatures or reconstruct the private key
  2. Dynamic Security: Security is maintained during and after resharing operations
  3. Trust Model:
    • Coordinators trusted for liveness and protocol correctness, not for secrecy
    • Security relies on honest majority assumption of T-of-N participant nodes
  4. Automated Self-Healing: Signature coordinator automatically triggers state rollback and node eviction on failures
  5. Share Authentication: All critical messages digitally signed to prevent spoofing
  6. Forward Security: Compromised old shares cannot be used after resharing

Implementation Details

Dynamic Resharing Protocol (Section 4)

The protocol transitions from T-of-N to T'-of-(N±k) without reconstructing master key a:

  1. Auxiliary Secret Generation: All parties generate shares for temporary secrets w and q via JVSS
  2. Blinded Secret Computation: Original parties compute a·w using interpolation
  3. Inverse Blinding: Compute z = (q·w)^(-1) and distribute shares
  4. Final Share Derivation: Each party j computes new share: a_j^new = (a·w)·q_j·z_j
Shard Generations

Each resharing operation creates a new "generation" of key shares:

  • Current generation number incremented on each resharing
  • Historical generations maintained for rollback capability
  • Cryptographic commitments for verification
Implementation Optimizations
  • Collaborative nonce construction: k = Σk_i for lower latency vs persistent blinding
  • Encrypted share distribution via coordinator
  • Local computation of final nonce by each party

Testing

Comprehensive test suite includes:

  • Functional Tests: Key generation, signing, resharing
  • Dynamic Membership: Add/remove validators, threshold changes
  • Fault Injection: Network partitions, Byzantine parties, delays
  • Concurrent Operations: Parallel signing and resharing
  • Performance Benchmarks: Timing metrics for all operations
  • FROST Integration: LSS-extended FROST protocol tests

Run tests with:

# Run all LSS tests
go test ./protocols/lss/...

# Run with verbose output
go test -v ./protocols/lss/...

# Run benchmarks
go test -bench=. ./protocols/lss/...

Performance

Benchmark results on standard hardware (Apple M1/Intel i7):

Key Generation
  • 3-of-5: ~12 ms
  • 5-of-9: ~28 ms
  • 7-of-11: ~45 ms
  • 10-of-15: ~82 ms
Signing (threshold parties)
  • 3 parties: ~8 ms
  • 5 parties: ~15 ms
  • 7 parties: ~24 ms
Dynamic Resharing
  • Add 2 parties (5→7): ~35 ms
  • Add 3 parties (7→10): ~52 ms
  • Remove 2 parties (9→7): ~31 ms
FROST Integration
  • FROST Resharing (5→7 parties): ~42 ms
  • FROST Resharing (7→10 parties): ~68 ms
  • FROST Resharing (9→6 parties): ~38 ms
Rollback Operations
  • Throughput: ~50,000 operations/sec
Performance Characteristics
  • Linear Scaling: Key generation scales linearly with party count
  • Fast Signatures: Sub-25ms signing even with 7 parties
  • Efficient Resharing: 30-50ms for membership changes
  • High Availability: Rapid rollback enables quick recovery

Applications (from Paper)

Current Applications
  • Wallet Abstraction: Distributed custody for institutions, MPC wallets for retail users
  • Cross-Chain Bridges: Decentralized custodian for bridged assets with distributed signing authority
  • Institutional Custody: Complex approval workflows with threshold signatures
Future Applications
  • Agentic Voting Systems: "Know Your Agent" paradigm for AI economies
    • AI agents provisioned with single share in T-of-N scheme
    • Co-signing workflows requiring cryptographic consent
    • Auditable and secure autonomous actions

References

  1. Seesahai, V.J. (2025). "LSS MPC ECDSA: A Pragmatic Framework for Dynamic and Resilient Threshold Signatures"
  2. Shamir, A. (1979). "How to share a secret"
  3. Joint Verifiable Secret Sharing (JVSS) protocols
  4. ECDSA on secp256k1 curve specifications

License

This implementation is part of the Lux Threshold Signatures library. See the main LICENSE file for details.

Documentation

Overview

Package lss implements the actual LSS dynamic resharing protocol as described in the paper "LSS MPC ECDSA: A Pragmatic Framework for Dynamic and Resilient Threshold Signatures" by Vishnu J. Seesahai

Package lss - Unified LSS factory for all blockchains

Package lss implements the LSS MPC ECDSA protocol.

Based on the paper: "LSS MPC ECDSA: A Pragmatic Framework for Dynamic and Resilient Threshold Signatures" by Vishnu J. Seesahai

This implementation provides: - Dynamic resharing without reconstructing the master key - Resilient threshold signatures with fault tolerance - Support for adding/removing parties without downtime - Rollback capability for failed signing attempts

Package lss provides dynamic resharing extensions for CMP and FROST protocols.

Package lss provides dynamic resharing extensions for FROST protocols.

Package lss provides a unified suite for threshold signature protocols.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertFromLSSConfig 

func ConvertFromLSSConfig(lssConfig *Config) *keygen.Config

ConvertFromLSSConfig converts an LSS config to FROST config format

func DynamicReshareCMP 

func DynamicReshareCMP(
	oldConfigs map[party.ID]*config.Config,
	newPartyIDs []party.ID,
	newThreshold int,
	_ *pool.Pool,
) (map[party.ID]*config.Config, error)

DynamicReshare performs the LSS dynamic resharing protocol on CMP configurations. This implements the protocol from Section 4 of the LSS paper, allowing transition from T-of-N to T'-of-(N±k) without reconstructing the master key.

func DynamicReshareFROST 

func DynamicReshareFROST(
	oldConfigs map[party.ID]*keygen.Config,
	newPartyIDs []party.ID,
	newThreshold int,
	_ *pool.Pool,
) (map[party.ID]*keygen.Config, error)

DynamicReshareFROST performs the LSS dynamic resharing protocol on FROST configurations. This implements the protocol from Section 4 of the LSS paper, allowing transition from T-of-N to T'-of-(N±k) without reconstructing the master key.

func EmptyConfig 

func EmptyConfig(group curve.Curve) *config.Config

EmptyConfig creates an empty Config with a fixed group, ready for unmarshalling.

func EvictAndRollback 

func EvictAndRollback(cfg *config.Config, evictedParties []party.ID) (*config.Config, error)

EvictAndRollback evicts problematic parties and rolls back if needed

func IsCompatibleForSigning 

func IsCompatibleForSigning(c1, c2 *config.Config) bool

IsCompatibleForSigning checks if two configs can sign together.

func IsEVMChain added in v1.1.0 

func IsEVMChain(chain Chain) bool

IsEVMChain returns true if the chain is EVM-compatible

func IsEdDSAChain added in v1.1.0 

func IsEdDSAChain(chain Chain) bool

IsEdDSAChain returns true if the chain uses Ed25519

func Keygen 

func Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int, pl *pool.Pool) protocol.StartFunc

Keygen generates a new shared ECDSA key with LSS protocol.

func Refresh 

func Refresh(c *config.Config, pl *pool.Pool) protocol.StartFunc

Refresh refreshes the key shares without changing the public key or membership.

func Reshare 

func Reshare(c *config.Config, newParticipants []party.ID, newThreshold int, pl *pool.Pool) protocol.StartFunc

Reshare performs dynamic resharing to change the participant set.

func Rollback 

func Rollback(cfg *config.Config, targetGeneration uint64) (*config.Config, error)

Rollback performs a rollback to a previous generation

func RollbackOnFailure 

func RollbackOnFailure(cfg *config.Config, failureThreshold int) (*config.Config, error)

RollbackOnFailure triggers automatic rollback after repeated failures

func RunKeygen 

func RunKeygen(t *testing.T, group curve.Curve, partyIDs []party.ID, threshold int) map[party.ID]*config.Config

RunKeygen runs a complete keygen protocol for testing

func RunProtocols 

func RunProtocols(t *testing.T, protocols map[party.ID]protocol.StartFunc, sessionID []byte) (map[party.ID]interface{}, error)

RunProtocols executes protocol instances and collects results

func RunReshare 

func RunReshare(t *testing.T, oldConfigs map[party.ID]*config.Config, newPartyIDs []party.ID, newThreshold int) map[party.ID]*config.Config

RunReshare performs a resharing operation for testing

func RunSign 

func RunSign(t *testing.T, configs map[party.ID]*config.Config, signers []party.ID, messageHash []byte) *ecdsa.Signature

RunSign executes a signing protocol for testing

func Sign 

func Sign(c *config.Config, signers []party.ID, messageHash []byte, pl *pool.Pool) protocol.StartFunc

Sign generates an ECDSA signature using the LSS protocol.

func SignWithBlinding 

func SignWithBlinding(c *config.Config, signers []party.ID, messageHash []byte, protocol BlindingProtocol, pl *pool.Pool) protocol.StartFunc

SignWithBlinding performs threshold signing with multiplicative blinding This provides enhanced privacy by hiding individual shares during signing

func VerifyConfig 

func VerifyConfig(c *config.Config) error

VerifyConfig validates that a Config is well-formed.

func VerifySignature 

func VerifySignature(sig *ecdsa.Signature, publicKey curve.Point, messageHash []byte) bool

VerifySignature checks if a signature is valid

func WrapConfig added in v1.0.1 

func WrapConfig(result interface{}) protocol.ThresholdConfig

WrapConfig converts protocol-specific configs to ThresholdConfig

Types

type BlindingProtocol 

type BlindingProtocol int

BlindingProtocol represents the blinding protocol version 

const (
	// BlindingProtocolI is the basic multiplicative blinding
	BlindingProtocolI BlindingProtocol = iota
	// BlindingProtocolII is enhanced blinding with additional security
	BlindingProtocolII
)

type CMP 

type CMP struct {
	// contains filtered or unexported fields
}

CMP extends the CMP protocol with LSS dynamic resharing capabilities. This allows CMP to perform membership changes without reconstructing the master key.

func NewLSSCMP 

func NewLSSCMP(cmpConfig *config.Config, pool *pool.Pool) *CMP

NewLSSCMP creates a new LSS-extended CMP instance

func (*CMP) GetConfig 

func (c *CMP) GetConfig() *config.Config

GetConfig returns the current CMP configuration

func (*CMP) GetGeneration 

func (c *CMP) GetGeneration() uint64

GetGeneration returns the current resharing generation number

func (*CMP) Refresh 

func (c *CMP) Refresh() (*config.Config, error)

Refresh performs a proactive refresh of shares without changing membership

func (*CMP) Sign 

func (c *CMP) Sign(_ []party.ID, _ []byte) ([]byte, error)

Sign performs CMP signing with the current configuration

func (*CMP) UpdateConfig 

func (c *CMP) UpdateConfig(newConfig *config.Config)

UpdateConfig updates the configuration after a successful resharing

type Chain added in v1.1.0 

type Chain string

Chain represents a supported blockchain 

const (
	// Layer 1 Blockchains
	Bitcoin  Chain = "bitcoin"
	Ethereum Chain = "ethereum"
	BNBChain Chain = "bnb"
	Solana   Chain = "solana"
	Cardano  Chain = "cardano"
	Lux      Chain = "lux"
	Polygon  Chain = "polygon"
	TRON     Chain = "tron"
	TON      Chain = "ton"
	Sui      Chain = "sui"
	Aptos    Chain = "aptos"
	Near     Chain = "near"
	Cosmos   Chain = "cosmos"
	Algorand Chain = "algorand"
	Stellar  Chain = "stellar"
	Hedera   Chain = "hedera"
	Flow     Chain = "flow"
	Tezos    Chain = "tezos"
	EOS      Chain = "eos"
	XRPL     Chain = "xrpl"
	Polkadot Chain = "polkadot"
	Kusama   Chain = "kusama"

	// Layer 2 & Sidechains
	Arbitrum Chain = "arbitrum"
	Optimism Chain = "optimism"
	Base     Chain = "base"

	Scroll Chain = "scroll"
	Linea  Chain = "linea"
	Mantle Chain = "mantle"
	Metis  Chain = "metis"

	// EVM Compatible Chains
	BSC      Chain = "bsc"
	Celo     Chain = "celo"
	Fantom   Chain = "fantom"
	Cronos   Chain = "cronos"
	Harmony  Chain = "harmony"
	Moonbeam Chain = "moonbeam"
	Aurora   Chain = "aurora"
	Gnosis   Chain = "gnosis"
	Kava     Chain = "kava"
	Klaytn   Chain = "klaytn"

	// Specialized Chains
	Monero Chain = "monero"
	Dash   Chain = "dash"
	Zcash  Chain = "zcash"

	// Post-Quantum
	Ringtail Chain = "ringtail"
)

All supported blockchains (top 100+ by market cap and usage)

func SupportedChains added in v1.1.0 

func SupportedChains() []Chain

SupportedChains returns all supported blockchains

type ChainInfo added in v1.1.0 

type ChainInfo struct {
	Name          string
	Type          ChainType
	SignatureType adapters.SignatureType
	Curve         string
	ChainID       interface{} // Can be number or string
	TestnetID     interface{}
	Symbol        string
	Decimals      int
}

ChainInfo contains information about a blockchain

func GetChainInfo added in v1.1.0 

func GetChainInfo(chain Chain) *ChainInfo

GetChainInfo returns information about a blockchain

type ChainType added in v1.1.0 

type ChainType string

ChainType represents the type of blockchain 

const (
	TypeEVM         ChainType = "evm"
	TypeBitcoin     ChainType = "bitcoin"
	TypeEdDSA       ChainType = "eddsa"
	TypeCosmos      ChainType = "cosmos"
	TypeSubstrate   ChainType = "substrate"
	TypePostQuantum ChainType = "post-quantum"
	TypeCustom      ChainType = "custom"
)

type Config 

type Config = config.Config

Config represents the configuration for the LSS protocol. This is an alias to the config.Config type for backward compatibility.

func ConvertToLSSConfig 

func ConvertToLSSConfig(frostConfig *keygen.Config, generation uint64) *Config

ConvertToLSSConfig converts a FROST config to LSS config format for compatibility

type ConfigAdapter added in v1.0.1 

type ConfigAdapter struct {
	*config.Config
}

ConfigAdapter wraps any config to implement ThresholdConfig

func (*ConfigAdapter) GetChainKey added in v1.0.1 

func (c *ConfigAdapter) GetChainKey() []byte

GetChainKey returns the chain key

func (*ConfigAdapter) GetGroup added in v1.0.1 

func (c *ConfigAdapter) GetGroup() curve.Curve

GetGroup returns the curve group

func (*ConfigAdapter) GetID added in v1.0.1 

func (c *ConfigAdapter) GetID() party.ID

GetID returns the party ID

func (*ConfigAdapter) GetPrivateShare added in v1.0.1 

func (c *ConfigAdapter) GetPrivateShare() curve.Scalar

GetPrivateShare returns the private share

func (*ConfigAdapter) GetPublicKey added in v1.0.1 

func (c *ConfigAdapter) GetPublicKey() (curve.Point, error)

GetPublicKey returns the public key

func (*ConfigAdapter) GetPublicShare added in v1.0.1 

func (c *ConfigAdapter) GetPublicShare(id party.ID) (curve.Point, error)

GetPublicShare returns a party's public share

func (*ConfigAdapter) GetRID added in v1.0.1 

func (c *ConfigAdapter) GetRID() []byte

GetRID returns the RID

func (*ConfigAdapter) GetThreshold added in v1.0.1 

func (c *ConfigAdapter) GetThreshold() int

GetThreshold returns the threshold

func (*ConfigAdapter) IsCompatible added in v1.0.1 

func (c *ConfigAdapter) IsCompatible(other protocol.ThresholdConfig) bool

IsCompatible checks compatibility with another config

func (*ConfigAdapter) Validate added in v1.0.1 

func (c *ConfigAdapter) Validate() error

Validate validates the config

type DynamicLSS added in v1.0.1 

type DynamicLSS struct {
	// contains filtered or unexported fields
}

DynamicLSS implements the actual LSS protocol with live resharing This is the REAL implementation of Section 4 of the LSS paper

func NewDynamicLSS added in v1.0.1 

func NewDynamicLSS(pl *pool.Pool) *DynamicLSS

NewDynamicLSS creates a proper LSS implementation

func (*DynamicLSS) LiveReshare added in v1.0.1 

func (d *DynamicLSS) LiveReshare(
	oldConfigs []*config.Config,
	newParticipants []party.ID,
	newThreshold int,
) ([]*config.Config, error)

LiveReshare performs the core LSS innovation: dynamic resharing without key reconstruction This implements the protocol from Section 4 of the paper

func (*DynamicLSS) Rollback added in v1.0.1 

func (d *DynamicLSS) Rollback(targetGeneration uint32) ([]*config.Config, error)

Rollback implements the fault tolerance mechanism from Section 6

type FROST 

type FROST struct {
	// contains filtered or unexported fields
}

FROST extends the FROST protocol with LSS dynamic resharing capabilities. This allows FROST to perform membership changes without reconstructing the master key.

func NewLSSFROST 

func NewLSSFROST(frostConfig *keygen.Config, pool *pool.Pool) *FROST

NewLSSFROST creates a new LSS-extended FROST instance

func (*FROST) GetConfig 

func (f *FROST) GetConfig() *FROSTConfig

GetConfig returns the current FROST configuration

func (*FROST) GetGeneration 

func (f *FROST) GetGeneration() uint64

GetGeneration returns the current resharing generation number

func (*FROST) Refresh 

func (f *FROST) Refresh() (*FROSTConfig, error)

Refresh performs a proactive refresh of shares without changing membership

func (*FROST) Sign 

func (f *FROST) Sign(_ []party.ID, _ []byte) ([]byte, error)

Sign performs FROST signing with the current configuration

func (*FROST) UpdateConfig 

func (f *FROST) UpdateConfig(newConfig *FROSTConfig)

UpdateConfig updates the configuration after a successful resharing

type FROSTConfig 

type FROSTConfig struct {
	*keygen.Config
	Generation   uint64
	RollbackFrom uint64
}

FROSTConfig wraps the FROST keygen config for LSS compatibility

type Factory added in v1.0.1 

type Factory struct {
	// contains filtered or unexported fields
}

Factory creates protocol instances

func NewFactory added in v1.0.1 

func NewFactory(pl *pool.Pool) *Factory

NewFactory creates a protocol factory

func (*Factory) Auto added in v1.0.1 

func (f *Factory) Auto(scheme protocol.SignatureScheme) *Suite

Auto selects the best protocol for the signature scheme

func (*Factory) Create added in v1.0.1 

func (f *Factory) Create(protocolType string) (protocol.ThresholdProtocol, error)

Create creates a protocol by type

type FactoryConfig added in v1.1.0 

type FactoryConfig struct {
	Chain           Chain
	Threshold       int
	TotalParties    int
	SignatureScheme adapters.SignatureType
	TestMode        bool
	CustomChainID   interface{}
}

FactoryConfig holds LSS adapter configuration

type GenerationSnapshot 

type GenerationSnapshot struct {
	Generation   uint64
	Config       *config.Config
	PartyIDs     []party.ID
	Threshold    int
	Timestamp    int64
	FailureCount int
}

GenerationSnapshot represents a point-in-time configuration state

type LSS added in v1.1.0 

type LSS struct {
	// contains filtered or unexported fields
}

LSS is the main entry point for using LSS with any blockchain

func New added in v1.1.0 

func New(config *FactoryConfig) (*LSS, error)

New creates a new LSS instance for any blockchain

func QuickStart added in v1.1.0 

func QuickStart(chain Chain, threshold, totalParties int) (*LSS, error)

QuickStart creates an LSS instance with minimal configuration

func (*LSS) GetAdapter added in v1.1.0 

func (l *LSS) GetAdapter() adapters.SignerAdapter

GetAdapter returns the underlying adapter

func (*LSS) GetChain added in v1.1.0 

func (l *LSS) GetChain() Chain

GetChain returns the chain

func (*LSS) GetConfig added in v1.1.0 

func (l *LSS) GetConfig() *FactoryConfig

GetConfig returns the configuration

type ReshareMessage 

type ReshareMessage struct {
	Type       ReshareMessageType
	Generation uint64
	Data       []byte // Serialized message data
}

ReshareMessage represents a message in the reshare protocol

type ReshareMessageType 

type ReshareMessageType int

ReshareMessageType represents the type of reshare message. 

const (
	// ReshareTypeJVSSCommitment is a JVSS commitment message
	ReshareTypeJVSSCommitment ReshareMessageType = iota
	// ReshareTypeBlindedShare is a blinded share message
	ReshareTypeBlindedShare
	// ReshareTypeBlindedProduct is a blinded product message
	ReshareTypeBlindedProduct
	// ReshareTypeVerification is a verification message
	ReshareTypeVerification
)

type RollbackManager 

type RollbackManager struct {
	// contains filtered or unexported fields
}

RollbackManager manages configuration history and rollback operations

func NewRollbackManager 

func NewRollbackManager(maxGenerations int) *RollbackManager

NewRollbackManager creates a new rollback manager

func (*RollbackManager) ClearHistory 

func (rm *RollbackManager) ClearHistory()

ClearHistory removes all stored snapshots

func (*RollbackManager) EvictParties 

func (rm *RollbackManager) EvictParties(cfg *config.Config, evictedParties []party.ID) (*config.Config, error)

EvictParties removes specified parties from the current configuration

func (*RollbackManager) GetHistory 

func (rm *RollbackManager) GetHistory() []*GenerationSnapshot

GetHistory returns the configuration history

func (*RollbackManager) Rollback 

func (rm *RollbackManager) Rollback(targetGeneration uint64) (*config.Config, error)

Rollback reverts to a previous generation

func (*RollbackManager) RollbackOnFailure 

func (rm *RollbackManager) RollbackOnFailure(failureThreshold int) (*config.Config, error)

RollbackOnFailure automatically rolls back if failure count exceeds threshold

func (*RollbackManager) SaveSnapshot 

func (rm *RollbackManager) SaveSnapshot(cfg *config.Config) error

SaveSnapshot saves a configuration snapshot for potential rollback

type SigningProtocol added in v1.0.1 

type SigningProtocol struct {
	// contains filtered or unexported fields
}

SigningProtocol implements the LSS signing protocols from Section 5

func NewSigningProtocol added in v1.0.1 

func NewSigningProtocol(cfg *config.Config, pl *pool.Pool) *SigningProtocol

NewSigningProtocol creates a new LSS signing protocol instance

func (*SigningProtocol) SignWithBlinding added in v1.0.1 

func (s *SigningProtocol) SignWithBlinding(
	message []byte,
	signers []party.ID,
	blindingFactor curve.Scalar,
) protocol.StartFunc

SignWithBlinding implements Protocol I: Localized Nonce Blinding from Section 5.1

type Suite added in v1.0.1 

type Suite struct {
	// contains filtered or unexported fields
}

Suite provides a clean abstraction over different threshold signature protocols. LSS (Layered Secret Sharing) acts as the unifying layer.

Example 
package main

import (
	"github.com/luxfi/threshold/pkg/pool"
	"github.com/luxfi/threshold/pkg/protocol"
	"github.com/luxfi/threshold/protocols/lss"
)

func main() {
	pl := pool.NewPool(0)
	defer pl.TearDown()

	// Auto-select protocol based on signature needs
	factory := lss.NewFactory(pl)

	// Need ECDSA? Automatically uses CMP
	ecdsaSuite := factory.Auto(protocol.ECDSA)
	_ = ecdsaSuite

	// Need Schnorr? Automatically uses FROST
	schnorrSuite := factory.Auto(protocol.Schnorr)
	_ = schnorrSuite

	// Or explicitly choose
	cmpSuite := lss.WithCMP(pl)
	frostSuite := lss.WithFROST(pl)

	// All suites have the same interface
	_ = cmpSuite
	_ = frostSuite
}

func NewSuite added in v1.0.1 

func NewSuite(backend protocol.ThresholdProtocol, pl *pool.Pool) *Suite

NewSuite creates a new LSS suite with the specified backend

func WithCMP added in v1.0.1 

func WithCMP(pl *pool.Pool) *Suite

WithCMP creates an LSS suite using CMP for ECDSA signatures

func WithFROST added in v1.0.1 

func WithFROST(pl *pool.Pool) *Suite

WithFROST creates an LSS suite using FROST for Schnorr signatures

func (*Suite) Keygen added in v1.0.1 

func (s *Suite) Keygen(group curve.Curve, selfID party.ID, participants []party.ID, threshold int) protocol.StartFunc

Keygen generates a new distributed key

func (*Suite) Refresh added in v1.0.1 

func (s *Suite) Refresh(config protocol.ThresholdConfig) protocol.StartFunc

Refresh updates shares without changing the key

func (*Suite) Sign added in v1.0.1 

func (s *Suite) Sign(config protocol.ThresholdConfig, signers []party.ID, message []byte) protocol.StartFunc

Sign creates a signature

Source Files

View all Source files

Directories

Path Synopsis
Package adapters - Bitcoin adapter with Taproot support
 Package adapters - Bitcoin adapter with Taproot support
Package config implements the LSS configuration and storage
 Package config implements the LSS configuration and storage
Package keygen implements the LSS key generation protocol.
 Package keygen implements the LSS key generation protocol.
Package reshare implements the LSS dynamic resharing protocol.
 Package reshare implements the LSS dynamic resharing protocol.
Package sign implements the LSS signing protocol.
 Package sign implements the LSS signing protocol.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.