frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Exclude nonce_process from pre-processing steps

Browse Source
This commit is contained in:
Jesse Posner 2022-09-01 22:39:22 -07:00
parent b7607f93f2
commit d26100cab2
No known key found for this signature in database
GPG Key ID: DC2C87EA692CA983
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/modules/musig/musig.md
View File

@ -42,10 +42,10 @@ Essentially, the protocol proceeds in the following steps:
The aggregate signature can be verified with `secp256k1_schnorrsig_verify`.
Note that steps 1 to 6 can happen before the message to be signed is known to the signers.
Note that steps 1 to 5 can happen before the message to be signed is known to the signers.
Therefore, the communication round to exchange nonces can be viewed as a pre-processing step that is run whenever convenient to the signers.
This disables some of the defense-in-depth measures that may protect against API misuse in some cases.
Similarly, the API supports an alternative protocol flow where generating the aggregate key (steps 1 to 3) is allowed to happen after exchanging nonces (steps 4 to 6).
Similarly, the API supports an alternative protocol flow where generating the aggregate key (steps 1 to 3) is allowed to happen after exchanging nonces (steps 4 to 5).
# Verification