Expand description
§FROST (Flexible Round-Optimised Schnorr Threshold signatures) Core
Base traits and types in Rust that implement ‘Two-Round Threshold Schnorr Signatures with
FROST’ generically for
Ciphersuite
implementations.
For key generation, refer to the keys
module. For round-specific
types and functions, refer to the round1
and round2
modules. This module
contains types and functions not directly related to key generation and the
FROST rounds.
§Status ⚠
The FROST specification is not yet finalized, though no significant changes are
expected at this point. This code base has been audited by NCC. The APIs and
types in frost-core
are subject to change during the release candidate phase,
and will follow SemVer guarantees after 1.0.0.
§Usage
frost-core
implements the base traits and types in a generic manner, to enable top-level
implementations for different ciphersuites / curves without having to implement all of FROST from
scratch. End-users should not use frost-core
if they want to sign and verify signatures, they
should use the crate specific to their ciphersuite/curve parameters that uses frost-core
as a
dependency, such as frost_ristretto255
.
§Example
See ciphersuite-specific crates, e.g. frost_ristretto255
.
§Features
-
std
(enabled by default) — Enable standard library support. -
internals
— Expose internal types, which do not have SemVer guarantees. This is an advanced feature which can be useful if you need to build a modified version of FROST. The docs won’t list them, you will need to check the source code. -
serde
— Enableserde
support for types that need to be communicated. You can useserde
to serialize structs with any encoder that supportsserde
(e.g. JSON withserde_json
).
Re-exports§
pub use serde;
serde
Modules§
- Performs batch Schnorr signature verification.
- FROST keys, keygen, key shares
- FROST Round 1 functionality and types
- FROST Round 2 functionality and types, for signature share generation
- Serialization support.
Structs§
- The binding factor, also known as rho (ρ)
- A type refinement for the scalar field element representing the per-message challenge.
- The product of all signers’ individual commitments, published as part of the final signature.
- A FROST participant identifier.
- A Schnorr signature over some prime order group (or subgroup).
- A signing key for a Schnorr signature on a FROST
Ciphersuite::Group
. - Generated by the coordinator of the signing operation and distributed to each signing party
- A valid verifying key for Schnorr signatures over a FROST
Ciphersuite::Group
.
Enums§
- An error related to FROST.
- An error related to a scalar Field.
- An error related to a Group (usually an elliptic curve or constructed from one) or one of its Elements.
Traits§
- A FROST ciphersuite specifies the underlying prime-order group details and cryptographic hash function.
- A prime order finite field GF(q) over which all scalar values for our prime order group can be multiplied are defined.
- A prime-order group (or subgroup) that provides everything we need to create and verify Schnorr signatures.
Functions§
- Aggregates the signature shares to produce a final signature that can be verified with the group public key.
- Verify a signature share for the given participant
identifier
,verifying_share
andsignature_share
; with thesigning_package
for which the signature share was produced and with the group’sverifying_key
.