This repository has been archived by the owner on Mar 28, 2023. It is now read-only.
Attributable threshold signing #212
Assignees
Labels
Milestone
Comments
liamzebedee
added
⚙️ system-design
|
Removed this from the sprint board until we do a prioritization pass post-mainnet. We are shipping v1 without attributability, and with 3-of-3 signing. |
|
Since shipping tBTC v1, the world has kept on turning. Adding @eth-r as we explore Cannetti and Gennaro '20 for tBTC v2. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
We're working with @keep-network/cryptography-advisors on an approach to add attribution of malice to Gennaro and Goldfeder 2019- the protocol currently forces a group-wide abort in the case of detected malicious behavior, and naive attributability modifications might violate the security proof.
We can likely ship without attributability and add it as an upgrade to
ECDSAKeeps for futureDeposits, or hack around this using voting or combinatorial retries if it's an absolute requirement. Ideally, though, we'd get a core fix to the existing protocols with a few worst-case ZKPs, and perhaps co-author a paper while we're at it.This work will be all over the place, but I'll be tracking high-level progress relevant to tBTC here.
The text was updated successfully, but these errors were encountered: