ReadonlyhidingThe hiding Nonce
ReadonlybindingThe binding Nonce
ReadonlycommitmentsThe commitments to the nonces. This is precomputed to improve sign() performance, since it needs to check if the commitments to the participant's nonces are included in the commitments sent by the Coordinator, and this prevents having to recompute them.
ReadonlyciphersuiteThe ciphersuite instance
StaticgenerateGenerates a new signing nonce.
Each participant generates signing nonces before performing a signing operation.
The ciphersuite to use
The participant's signing share
A cryptographically secure random number generator
New signing nonces
StaticfromGenerates a new SigningNonces from a pair of Nonces.
SigningNonces MUST NOT be repeated in different FROST signings. Thus, if you're using this method (because e.g. you're writing it to disk between rounds), be careful so that does not happen.
New signing nonces
Zeroize the nonces by overwriting with zeros.
This should be called when the nonces are no longer needed to prevent secret data from remaining in memory.
Returns a string representation of this SigningNonces (redacted for security).
Check equality with another SigningNonces.
The other SigningNonces to compare with
true if the nonces are equal
Clone this SigningNonces.
SigningNonces MUST NOT be repeated in different FROST signings. Be careful when using this method.
A new SigningNonces with the same values
Serialize the SigningNonces to bytes.
The serialized bytes (hiding nonce || binding nonce)
StaticdeserializeDeserialize SigningNonces from bytes.
The ciphersuite to use
The serialized bytes
The deserialized SigningNonces
Comprised of hiding and binding nonces.
Note that SigningNonces must be used only once for a signing operation; re-using nonces will result in leakage of a signer's long-lived signing key.