delvingbitcoin

Non interactive anti-exfil (airgap compatible)

Non interactive anti-exfil (airgap compatible)

Original Postby reardencode

Posted on: August 20, 2024 15:26 UTC

The mail provides insights into a cryptographic scheme that introduces a method for enhancing security during transaction signing processes, particularly focusing on the interaction between host wallet applications and hardware signers.

It begins by explaining that n serves as a uniformly random value supplied by the host wallet app, playing a crucial role in the proposed scheme's operation.

The concept of vector_commit is introduced as a cryptographically strong hash, generated from the concatenation of specific values. The flexibility of this scheme is highlighted through its compatibility across different cryptographic standards, such as bip340 and ecdsa. It achieves this by either adhering to a common standard for both or aligning with the unique hashing techniques employed by each signing variant, like the tagged hash for bip340 and double sha256 for ecdsa.

Furthermore, the proposal draws parallels with existing cryptographic protocols such as the double nonce scheme utilized in MuSig2 and FROST. However, it distinguishes itself by eliminating the need for the host to conceal its secret value. This is made possible because the secret can be directly transmitted to the hardware signer, simplifying the overall process. Specifically, this direct transmission of the secret allows for its use in ECDSA signing without the complications encountered in nonce aggregation methods like those seen in MuSig2. In these traditional methods, the full secret nonce remains unknown to either party involved, posing challenges that the discussed scheme aims to overcome.