multi-party-schnorr

new 1.0.0-beta	May 15, 2025

#1725 in Cryptography

Custom license

585KB
4.5K SLoC

Table of Contents

Introduction

This is a high-performance threshold EdDSA/Schnorr signing protocol based on the paper Simple Three-Round Multiparty Schnorr Signing with Full Simulatability.

This is a production-ready, audited implementation and has undergone a comprehensive security audit by HashCloak.

Distributed Key Generation (DKG)
Distributed Signature Generation (DSG)
Key refresh
Quorum Change: dynamically change the participant set by adding or removing parties

cargo build

cargo test

Under examples/ directory there are examples on how to perform keygen, sign and refresh.

Running the examples:

cargo run --example keygen
cargo run --example sign
cargo run --example refresh

This library provides Distributed Key Generation generic over any elliptic curve group that implements the Group trait from the elliptic-curve crate.
We currently support threshold Schnorr signing with random nonce over curve25519 and Bitcoin Taproot Schnorr over the secp256k1 curve.

Not in scope:

This library contains only the cryptographic protocol and does not provide any networking functions.
The parties in the protocol do not authenticate themselves and do not establish e2e secure channels

Feature	Default?	Description
`eddsa`	✓	Enables signing over curve25519 with edd25519-dalek signing objects compatibility
`taproot`		Enables Bitcoin Taproot Schnorr signing over secp256k1

If you discover a vulnerability, please follow the instructions in SECURITY.

HashCloak has performed a security audit in April, 2025 on the following commit:

and the report is available here: security audit

Please refer to CONTRIBUTING.

Don't hesitate to contact us if you need any assistance.

Happy signing!

~10MB
~195K SLoC