TSS icon indicating copy to clipboard operation
TSS copied to clipboard
verified publisher icon IBM

Only P256() is supported now?

Open LanfordCai opened this issue 1 year ago • 4 comments

Thank you for the great work on this project!

I’m currently trying to use Secp256k1, but I noticed that the curve appears to be hardcoded as P256 in the following file: mpc.go. If I understand correctly, this means the library currently only supports P256, even though tss-lib itself supports additional curves like Secp256k1. Could you confirm if this is the case? Are there plans to support other curves in the future?

And another question, is it safe to trigger a Sign operation while a KeyGen operation is in progress?

LanfordCai avatar Dec 02 '24 02:12 LanfordCai

Thank you for the great work on this project!

You're welcome! I'm glad you find this work useful.

I’m currently trying to use Secp256k1, but I noticed that the curve appears to be hardcoded as P256 in the following file: mpc.go. If I understand correctly, this means the library currently only supports P256, even though tss-lib itself supports additional curves like Secp256k1. Could you confirm if this is the case? Are there plans to support other curves in the future?

If TSS-lib supports Secp256k1 then probably it should be possible to add support for it in this library. However I no longer work at IBM, and when I left, my administration rights on this repository got automatically revoked. Would you like to make a code contribution? If so, I can review it and @mbrandenburger can then merge it.

And another question, is it safe to trigger a Sign operation while a KeyGen operation is in progress?

How can you sign before the DKG is finished? Are you signing using a previous incarnation of the DKG?

yacovm avatar Dec 24 '24 10:12 yacovm

@yacovm I'm glad to receive your reply! I have submitted PR #45 that adds default secp256k1 support for ecdsa. If you have time, please take a look!

Since Keygen takes quite a long time, I want my service to be able to process signing requests using previously generated keys without waiting for the current Keygen to complete. My current approach is:

  1. After Keygen, ensure we don't call SetStoredData which will modify the Scheme's internal state. During Signing;
  2. Each party retrieves secret data from the database and calls SetStoredData to perform the signing. After Signing is complete, we remove the StoredData.
  3. Ensure only one Signing task can run at a time.

Do you think this approach is safe? I would appreciate your advice on this approach. Thank you!

LanfordCai avatar Dec 28 '24 03:12 LanfordCai

I reviewed your PR.

Regarding your question - The safest thing to do is to just instantiate a new instance of threshold.Scheme and this way you can run instances concurrently and in a mutually exclusive manner. This way, you can call SetStoreData and it will simply be invoked on a different instance.

yacovm avatar Dec 28 '24 14:12 yacovm

@yacovm Thank you! I'm going to change my service so that there will be one scheme for keygen only and one scheme for signing in a party.

LanfordCai avatar Dec 29 '24 10:12 LanfordCai