sl-mpc-vrf

Threshold multiparty VRF (verifiable random function) protocols on Ristretto, following the Coinbase MPC VRF specification.

This crate provides the shared wire-level protocol logic for VRF distributed key generation (DKG) and VRF evaluation. Host libraries (for example multi-party-schnorr and DKLS23) wrap the round Context types in their own session APIs.

Protocols

Dependencies

• sl-mpc-derive (0.1.0, vrf feature) — Ristretto VRF curve types, hash-to-curve, Lagrange helpers, and output sizing.
• sl-mpc-mate — Shamir polynomial arithmetic for DKG.

Features

Usage sketch

VRF DKG is a two-round protocol after PKI setup:

use sl_mpc_vrf::{VrfDkgContext, VrfDkgParty};

// Build a per-party Context and run round 0 → round 1 → finish.
let party = VrfDkgParty::new(total_parties, threshold, party_id);
let mut ctx = VrfDkgContext::new(party, &mut rng)?;
// ... broadcast round-0 / round-1 messages, then ctx.finish() → VrfKeyshare

VRF evaluation is three rounds over a quorum of keyshares:

use sl_mpc_vrf::VrfEvalContext;

let mut ctx = VrfEvalContext::new(
    party_id,
    threshold,
    total_parties,
    &message,
    output_bits,
    shamir_share,
    public_key,
    party_public_shares,
)?;
// ... round 0 (VrfMsg0), round 1 (VrfMsg1), round 2 → VrfOutput

Host crates typically adapt these Context methods to their Round trait or WASM session types.

Building

From the workspace root:

cargo build -p sl-mpc-vrf
cargo test -p sl-mpc-vrf

With serde support:

cargo build -p sl-mpc-vrf --features serde

License

Licensed under the Silence Laboratories License Agreement. See LICENSE in the repository root.