We found critical flaws in common TSS libraries, a cryptographic protocol for distributed key generation and signing. We’ve released ZKDocs.com to help secure the rapidly advancing field of ZKPs, TSS, and similar schemes. blog.trailofbits.com/2021/12/21/dis
Conversation
Replying to
Todays vulnerability release helps describe threshold signature schemes (TSS) and verifiable secret sharing (VSS) for new readers. Fun fact, aside from academic pubs about them, there is virtually no guidance for implementing them securely! (Until ZKDocs).
1
7
36
I think just systematic manual review, plus lots of knowledge about algebra.
Replying to
This is great!
Other ideas of protocols (+ attacks) that could be documented: Joint Feltman DKG, MuSig, BLS (both aggregate + threshold versions), GG20 for t-ECDSA
1
6
Working on it! This is the top focus of our team going into 2022. Putting a stake in the ground with this release. 7 cryptographers and counting! Feel free to file issues for what you want to see.
1
13
Show replies
Replying to
show me a crypto auditing firm that is more chad than Trail of Bits
you can’t
1
9
Replying to
Not mentioned: my code was audited and the audit missed the bug as well !
Excellent work , , and team !
1
6
Show more replies