An Any t-from-n Threshold ECDSA Scheme using GG20, Krytology and Golang
Satoshi Nakamoto select secp256k1 and used the ECDSA signature. This was then adopted by Ethereum. And so, we are building a world of trust around ECDSA signatures. With this we generate a key pair: a private key (sk) and a public key (pk). When we sign for data, we take a hash of it, and then use our private key and a random nonce value. This creates a signature defined by (r, s). We can then check with our public key and the data. But how do we protect the private key? Well we could split it into shares, and, when required, rebuild using a t-from-n approach, and where t is the threshold number, and n is the number of participants. So can we now split the signature up, so that each of the parties create part of the signature related to their shared key, and then for us to rebuild the complete signature, without ever needing to rebuild the private key. Well, yes, and one of the best around is the DD20 method:
The focus of the paper [1] is to create an ECDSA signature using secret shares of a private key. In this way we can create an ECDSA signature using multiple Shamir shares, and where the private is never actually revealed, but split over two or more…
