Skip to content

Releases: bnb-chain/tss-lib

v2.0.2

16 Jan 03:19
28d0622
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.0.1...v2.0.2

v2.0.1

20 Sep 15:37
b8d526d
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.0.0...v2.0.1

v2.0.0

26 Aug 05:17
faf1884
Compare
Choose a tag to compare

In v2.0.0 release, several updates added including 1) ECDSA protocol update according to GG18 paper update; 2) Fix of 2023 GHSA-5cjx-95fx-68q9 by Fireblocks; 3) Fix of 2023 Tsshock by Verichain; 4) Added more boundary condition checks according to various security reports; 5) Add session infomation for sub protocols to prevent message replay; 6) Added switches to optionally turn of heavy Paillier key proof in tss.params(do NOT use unless you are in a trusted setting or the Paillier key are already verified).

Compatibility with v1.3.5
It's generally not compatible with v1.3.5. Not recommend to make hacks to run with a mixture parties of both v2 and v1.3. The existing ECDSA wallet generated from v1.3 can be upgraded(from resharing) to v2 wallet. We recommend to update all parties and their wallet to v2 due to the security updates.

What's Changed

New Contributors

Full Changelog: v1.3.5...v2.0.0

v1.3.5

23 Sep 02:57
14e70f2
Compare
Choose a tag to compare

New features

ECDSA child key derivation by @plopezlpz in #195 adds an init function NewLocalPartyWithKDD in ECDSA
Improve DLN proof verification performance by @pdyraga in #203 adds an entry in tss.Parameters

What's Changed

New Contributors

Full Changelog: v1.3.3...v1.3.5

Various security fixes

05 Jan 04:00
30c5ee4
Compare
Choose a tag to compare

Security updates

  • Additional check when Ks mismatch in savedata and sortedID in #156
  • Do not normalize IDs of Shamir's Secret Sharing by @pdyraga in #155
  • Check paillier ciphertext in #151
  • Bugfix for vss, check shareid when construct vss in #149
  • Check length of bits of NTildej by @yycen in #146
  • dlog smallgroup 8 by @ackratos in #115

Other updates

Bug fix for EdDSA

08 May 12:27
e860e36
Compare
Choose a tag to compare

This release fixes a minor issue in the EdDSA resharing code:

  • The error any: message type "" isn't linked in was being caused by an unregistered Protobuf message type DGRound4Message used only in EdDSA resharing. The message type has been registered properly.

There have been no changes made to the public API.

Bug fixes

30 Mar 09:59
cd273d1
Compare
Choose a tag to compare

This bug fix release addresses these issues in the ECDSA protocols:

  • Fix default pre-params concurrency with < 3 CPU cores (#93)

And in code shared by all protocols:

  • Allow resharing when more than T+1 of the old committee participates (#95)
  • Add fromPartyIdx validation for all incoming messages
  • Add more basic sanity checks to PrepareForSigning
  • Fix the location of an embedded protocol buffer struct definition

There have been no changes made to the public API.

Edwards-curve digital signature algorithm (EdDSA)

06 Mar 07:10
abd66f8
Compare
Choose a tag to compare

This release adds support for Edwards-curve digital signature algorithm (EdDSA).

The Edwards-curve digital signature algorithm (or EdDSA for short) is a digital signature scheme using a variant of Schnorr signatures based on twisted Edwards curves.

The packages in eddsa/... contain the EdDSA protocols for keygen, signing and re-sharing; the API was kept as similar as possible to the existing ECDSA protocols.

An announcement introducing this feature has been posted on the Binance blog.

Various bug fixes

06 Mar 03:15
Compare
Choose a tag to compare

Reminder: This software has been audited by security professionals, but some bugs may still exist.

In the interest of providing safe software to the open source community, a full security review of this library was carried out by Kudelski Security, a division of the Kudelski Group, and completed in October 2019. A copy of this report may be found in this repository.

Use of any open source software is at your own risk. You are reminded to review any software source code before use, especially in any systems that are handling financial transactions.

Security Audit Report: https://github.com/binance-chain/tss-lib/releases/download/v1.0.0/audit-binance-tss-lib-final-20191018.pdf

Assorted fixes for ECDSA

27 Dec 14:12
Compare
Choose a tag to compare

This bug fix release addresses these issues in the ECDSA protocols:

In signing and re-sharing:

  • The input "save data" is now copied and filtered locally during signing and re-sharing to handle a non-contiguous or non-zero indexed set of participants from keygen. Commit: 51d3031
  • The unit tests for signing and re-sharing are now using a random set of participants from the keygen fixtures to verify the above fix. Commit: a110668

In re-sharing only:

  • The re-sharing protocol now uses two save data structs named input and save for code clarity. Commit: 129ebae

For all ECDSA protocols:

  • Add a handled short-circuit to prevent causing a panic when calling WaitingFor or WrapError on a non-started Party. Issue: #82 Commit: 4fcd04b

There have been no changes made to the public API.