Skip to content

Expose interactive FROST DKG signer ABI #4011

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mswilkison merged 4 commits into from
Jun 6, 2026
+1,367 −29
Merged

Expose interactive FROST DKG signer ABI #4011

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
506959d
Expose interactive FROST DKG signer ABI
mswilkison Jun 4, 2026
4f775b9
Document interactive FROST nonce contract
mswilkison Jun 6, 2026
57461c3
Zeroize interactive FROST secret buffers
mswilkison Jun 6, 2026
6179a3f
Merge signer mirror updates into interactive FROST ABI
mswilkison Jun 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions pkg/tbtc/signer/include/frost_tbtc.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,24 @@ TbtcSignerResult frost_tbtc_rollback_canary(const uint8_t* request_ptr, size_t r
void frost_tbtc_free_buffer(uint8_t* ptr, size_t len);

TbtcSignerResult frost_tbtc_run_dkg(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_dkg_part1(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_dkg_part2(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_dkg_part3(const uint8_t* request_ptr, size_t request_len);

/*
* Stateless interactive signing nonce contract:
*
* frost_tbtc_generate_nonces_and_commitments returns `nonces_hex`, a secret
* one-time FROST nonce package. The caller owns that secret after it crosses
* the FFI boundary and must pass it to frost_tbtc_sign_share at most once.
* Reusing the same `nonces_hex` for a different signing package/message can
* reveal the caller's private signing share. The caller should erase its copy
* immediately after the single frost_tbtc_sign_share call.
*/
TbtcSignerResult frost_tbtc_generate_nonces_and_commitments(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_new_signing_package(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_sign_share(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_aggregate(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_start_sign_round(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_finalize_sign_round(const uint8_t* request_ptr, size_t request_len);
TbtcSignerResult frost_tbtc_build_taproot_tx(const uint8_t* request_ptr, size_t request_len);
Expand Down
134 changes: 134 additions & 0 deletions pkg/tbtc/signer/src/api.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,140 @@ pub struct DkgResult {
pub created_at_unix: u64,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgRound1Package {
pub identifier: String,
pub package_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgRound2Package {
pub identifier: String,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub sender_identifier: Option<String>,
pub package_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart1Request {
pub participant_identifier: String,
pub max_signers: u16,
pub min_signers: u16,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart1Result {
pub secret_package_hex: String,
pub package: DkgRound1Package,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart2Request {
pub secret_package_hex: String,
pub round1_packages: Vec<DkgRound1Package>,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart2Result {
pub secret_package_hex: String,
pub packages: Vec<DkgRound2Package>,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NativeFrostKeyPackage {
pub identifier: String,
pub data_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NativeFrostPublicKeyPackage {
pub verifying_shares: std::collections::BTreeMap<String, String>,
pub verifying_key: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart3Request {
pub secret_package_hex: String,
pub round1_packages: Vec<DkgRound1Package>,
pub round2_packages: Vec<DkgRound2Package>,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct DkgPart3Result {
pub key_package: NativeFrostKeyPackage,
pub public_key_package: NativeFrostPublicKeyPackage,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NativeFrostCommitment {
pub identifier: String,
pub data_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NativeFrostSignatureShare {
pub identifier: String,
pub data_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct GenerateNoncesAndCommitmentsRequest {
pub key_package_identifier: String,
pub key_package_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct GenerateNoncesAndCommitmentsResult {
/// Secret one-time FROST signing nonces serialized as hex.
///
/// The caller owns this secret after it crosses the FFI boundary. It must
/// be supplied to `SignShareRequest::nonces_hex` at most once and erased by
/// the caller immediately afterward. Reuse for another signing package or
/// message can reveal the private signing share.
pub nonces_hex: String,
pub commitment: NativeFrostCommitment,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NewSigningPackageRequest {
pub message_hex: String,
pub commitments: Vec<NativeFrostCommitment>,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct NewSigningPackageResult {
pub signing_package_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct SignShareRequest {
pub signing_package_hex: String,
/// Secret one-time nonces returned by `GenerateNoncesAndCommitmentsResult`.
///
/// This stateless endpoint cannot remember consumed nonces across FFI
/// calls. The caller is cryptographically responsible for single use.
pub nonces_hex: String,
pub key_package_identifier: String,
pub key_package_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct SignShareResult {
pub signature_share: NativeFrostSignatureShare,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct AggregateRequest {
pub signing_package_hex: String,
pub signature_shares: Vec<NativeFrostSignatureShare>,
pub public_key_package: NativeFrostPublicKeyPackage,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct AggregateResult {
pub signature_hex: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Eq, Serialize)]
pub struct StartSignRoundRequest {
pub session_id: String,
Expand Down
Loading
Loading