jesseposner/FrostyMuSig.md

Last active August 29, 2025 14:35

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/jesseposner/673c9fbc9d10b7abbe8f128c3165d948.js"></script>
Save jesseposner/673c9fbc9d10b7abbe8f128c3165d948 to your computer and use it in GitHub Desktop.

Download ZIP

FrostyMuSig

Raw

FrostyMuSig.md

polynomial nonces okay because you need honest majority anyway for BFT consensus
PoK/commit-reveal could be better than noncehash for better flexibility (or noncehash that doesn't commit to signing set or message)
stinsons and strobl only has proof for passive adversary
do we want to commit to the FROST group key explictly in the sig with a tweak?

Author

jesseposner commented Aug 29, 2025

https://dl.acm.org/doi/10.1145/1180405.1180453

Author

jesseposner commented Aug 29, 2025 •

edited

Loading

threshold trick: AB, BC, CA -> generalizes to n-1 of n

Scheme
Proof of Correctness
Lemma 1 and Lemma 2
EUF-CMA Game (same as MuSig2 game, except interfaces for nested scheme and forger is at the aggregate level, only honest participant is one of the nested participants)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment