Merge pull request #3 from ariard/2022-09-frost-pr

dunxen · web-flow · commit ff37f0b7a286 · 2022-09-23T13:49:23.000+02:00
Add FROST review PR
diff --git a/_posts/2022-09-27-#138.md b/_posts/2022-09-27-#138.md
@@ -0,0 +1,27 @@
+---
+layout: pr
+date: 2022-09-27
+title: "FROST"
+authors: ["jesseposner"]
+pr: 138
+components: ["crypto"]
+host: ariard
+status: upcoming
+commit: 6c1cf4e
+---
+
+## Notes
+
+* libsecp256k1-zkp is a C cryptographic library for experimental EC cryptosystems, e.g [ECDSA
+sign-to-contract](https://github.com/ElementsProject/secp256k1-zkp/blob/master/include/secp256k1_ecdsa_s2c.h), [ECDSA adaptor](https://github.com/ElementsProject/secp256k1-zkp/blob/master/include/secp256k1_ecdsa_adaptor.h), [MuSig2](https://github.com/ElementsProject/secp256k1-zkp/blob/master/include/secp256k1_musig.h) and [range proofs](https://github.com/ElementsProject/secp256k1-zkp/blob/master/include/secp256k1_rangeproof.h).
+* This library is an upstream fork of [libsecp256k1](https://github.com/bitcoin-core/secp256k1). While libsecp256k1's scope is strictly the cryptosystems required to validate consensus rules, libsecp256k1-zkp aims to encompass any Bitcoin-related cryptosystems.
+* [#138](https://github.com/ElementsProject/secp256k1-zkp/pull/138) is an implementation of [Flexible Round-Optimized Schnorr Threshold Signatures](https://eprint.iacr.org/2020/852.pdf), a threshold multi-party signature scheme.
+
+## Questions
+
+1. What's [elliptic curve cryptography](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography)? What's the base mathematical assumption providing hardness of the cryptosystems (e.g compared to [RSA](https://en.wikipedia.org/wiki/RSA_(cryptosystem)? What are the fundamental concepts of ECC and how do they interrelate?
+2. What's [ECDSA](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf), the original signature scheme supported by Bitcoin consensus rules? What's [Schnorr](https://link.springer.com/content/pdf/10.1007/3-540-46885-4_68.pdf), the novel signature scheme soft-forked in 2021?
+3. [MuSig2](https://github.com/jonasnick/bips/blob/musig2/bip-musig2.mediawiki) is another multi-party signature scheme. What's the fundamental difference compared to FROST?
+4. What are the properties of the FROST scheme (e.g unbound concurrency, efficiency, etc)?
+5. What are the operations and their outcomes followed by FROST key-generation, preprocessing and signing phases?
+6. What are the advantages of using FROST in a [Lightning node deployment context](https://github.com/lightningdevkit/rust-lightning/issues/1665)?
