Skip to content

Threshold Signatures

links: AC1 TOC - Secret sharing - Index


We assume the following:

Everything is Broken!

Alice wants to create a cryptographic signature but:

  • No single piece of hardware is trusted
  • No single service provider is trusted

But there is hope: Using \(t\) independent signature service providers might be ok!

If we need \(t\) providers we should sign up with \(n\) providers initially so we can still create signatures if only \(t/n\) are available.

FROST

Flexible Round-Optimized Schnorr Threshold (FROST) is a \(t\)-out-of-\(n\) threshold signature scheme.

  • Threshold signature schemes exist to facilitate shared ownership of a private key. Using a set of participants such that a threshold number of the set must cooperate to issue a signature.
  • \(t\) of this set of \(n\) participants must work collaboratively to create the digital signature.

FROSIX

Free Software implementation of the threshold signature scheme using FROST.

  • RESTful API to interact between signer and signing services
  • Configurable authentication methods to authorize creation of signature
  • To avoid single point of failure the client should still use multiple devices
  • Command-Line tool to interact with FROSIX service providers

links: AC1 TOC - Secret sharing - Index