reply on: Frostsnap - Easy, personalized, secure bitcoin multisig for everyone \ stacker news ~bitcoin

2120 sats \ 3 replies \ @rijndael 20 Jul 2023 \ parent \ on: Frostsnap - Easy, personalized, secure bitcoin multisig for everyone bitcoin

@utxoclub answered the "how" in his comment (the google-able term is "rpoactive secret sharing)

For "how can it be secure" question, you need a quorum of signers to add/remove a signer. So if you have a 3/5 and you want to add a new signer, you need to have 3 of the existing signers. Those three could move all the money anyway.

110 sats \ 0 replies \ @hugohanoi 21 Jul 2023

It's a cool feature - but doesn't this also create a new attack vector?

For example, some parties might be tricked into generating a new quorum/new shares, whereas other parties are still using the old quorum/old shares.

3-of-5 becomes 3-of-4, where 2 shares are stale/invalid: Party A: share A1 Party B: share B1 Party C: share C2 (tricked) Party D: share D2 (tricked) Party E: removed

To mitigate this, I suppose you might want a secure communication channel and a protocol to ensure that either everybody moves to a new set of shares, or no one moves. That and keeping old shares on the devices, just in case. Keeping states is something that you might have to do anyway for the nonces.

121 sats \ 1 reply \ @nerd2ninja 20 Jul 2023

rijndael coming in clutch.

28 sats \ 0 replies \ @utxoclub OP 20 Jul 2023

That's what he does!