This quarter, I focused on three core areas: FROST Trusted Dealer, ChillDKG BIP, and Schnorr Adaptor signatures.

I thoroughly reviewed Jesse Posner's pull request for the FROST Trusted Dealer. The initial implementation followed the FROST1 variant (the original protocol), while the BIP FROST Signing specifies FROST3. My review focused on the differences between the pull request and the BIP, highlighting areas where changes would help align it with the BIP.

I’ve also been working my way through the ChillDKG BIP, which nicely combines various computer science and cryptography concepts. However, that elegance made it difficult to review, especially since I wasn’t familiar with some of the concepts. As usual, I started with the research papers it builds on: [1] Practical Schnorr Threshold Sigs, [2] Pedersen’s DKG, [3] Multi-recipient KEM, and [4] some basics of distributed computing. Let's just say these papers don't fall into the ‘light reading’ category—I will probably keep revisiting them for a while. After that, I began reviewing the ChillDKG spec and the Python code. I found an error in one of their formulas and sent a fix. My review is still ongoing, and I’m noting feedback in this doc that I’ll send to the BIP authors when I’m finished.

Unfortunately, the SoB 2023 student I mentored alongside Jonas Nick, who was working on adaptor signatures, dropped out of the project. So, I stepped in and implemented the remaining parts: I rebased the old PR, added new test vectors, and improved test coverage. I have submitted a pull request for the libsecp256k1-zkp repository, and it is now ready for review.

https://github.com/BlockstreamResearch/secp256k1-zkp/pull/299

Reflections

I’ve reached a point where I feel comfortable with the libsecp256k1 codebase. Implementing new modules has become much easier and quicker. The adaptor signatures module took only a couple of weeks to complete, while my initial batch verification module took several months.

The real challenge—and the most time-intensive part—is understanding new cryptographic protocols through research papers and specifications. I believe this will become easier as I face more complex cryptography and computer science concepts.

September was a bit of a setback for productivity, as I had to travel across cities for my U.S. B1 visa appointments. The visa wait times in India are no joke! Unfortunately, despite two attempts, my visa was denied. Productivity picked up again in the other months, so things balanced out.

Next Steps

My immediate next steps are to finalize the ChillDKG review and provide another round of feedback on the FROST Trusted Dealer PR. Additionally, I need to align the terminologies and coding styles of BIP FROST Signing with those used in ChillDKG.

Jonas Nick mentioned that we need a specification for Schnorr adaptor signatures before sharing it on the mailing list. Drafting that specification is now next on my to-do list for the adaptor signature project.

I recently learned from Jesse Posner that an engineer from Block is working on FROST Rust Bindings and FROST Share refresh—both of which were on my future project list. Since they have already started, I plan to support them by reviewing their work and assisting them wherever necessary.