1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
======
FROSIX
======
This package includes the Frosix core logic. The code is released
under the GNU Affero General Public License (v3 or later). See
COPYING for details.
Description
===========
At this early stage, Frosix is an implementation of the FROST
threshold signature scheme published at the end of 2020 by Chelsea
Komlo and Ian Goldberg (see https://eprint.iacr.org/2020/852.pdf).
Therefore Frosix is rather just the library libfrost at the moment.
Frosix aims to provide a safe and secure EdDSA compatible threshold
signature service, based on the previously mentioned FROST protocol.
In the end, Frosix should include an implementation to run small web
servers - the providers - which a software, running on a client, can
access via a simple REST API. The software on the client side will be
a simple CLI as a first step.
The providers are designed to only store the data necessary for its
service, either encrypted without knowing the key, or just in form of
a salted hash. The drawback of this complete zero knowledge driven
strategy is that the information which is needed to let a provider
participate in a signing process, has again to be stored securly by
the user. Obviously this means that the attacking vector of such a
provider is really small. But what happens if the secret data is
stolen?
For this reason there will be a further security mechanism in Frosix.
Just as with GNU Anastasis (see
https://git.taler.net/anastasis.git/tree/doc/sphinx/rest.rst), Frosix
providers are required to challenge, respectively authenticate their
users. This ensures that, depending on the challenge selected, only
the legitimate user can have a valid signature generated.
Dependencies
============
libsodium : ISC License
libgnunet : GPLv3+
Directory structure
===================
src/include/
-- installed headers for public APIs
src/libfrostdistkeygen/
-- contains the logic to perform a distributed key generation process
src/libfrosthigh/
-- contains the main logic to compute a signature share
src/libfrostlow/
-- wrapper for the crypto function of libsodium
src/libfrosttrusteddealer/
-- contains a function to generate a key pair, for testing purposes only
src/libfrostverify/
-- contains a function to verify a given signature over a specific message
src/testing
-- contains an integration test
contrib/
-- contains resource files
doc/
-- contains the documentation files of this project
|