We have released FROST v2.2.0, which includes a security fix. There are no breaking changes in this release. For full details, please refer to the release notes.
Security Fix
This release adds validation for the min_signers parameter in the frost_core::keys::refresh functions. Before, it was not clear that it was not possible to change min_signers with the refresh procedure. Using a smaller value would not decrease the threshold, and attempts to sign using a smaller threshold would fail. Additionally, after refreshing the shares with a smaller threshold, it would still be possible to sign with the original threshold; however, this could cause a security loss to the participant’s shares. We have not determined the exact security implications of doing so and judged it simpler to just validate min_signers. If for some reason you have done a refresh share procedure with a smaller min_signers we strongly recommend migrating to a new key. Thank you BlockSec for reporting the finding.
Other Changes
The Minimum Supported Rust Version (MSRV) has been updated to 1.81, making all crates no-std, except for frost-ed448. Distributed Key Generation (DKG) refresh functions have been added to the crate-specific refresh modules. Additionally, we have added serialize_whole and deserialize_whole methods for VerifiableSecretSharingCommitment. To further enhance customization options, a new post_generate method has been implemented in the Ciphersuite, allowing for greater flexibility in ciphersuite configurations. We’ve also made documentation improvements and improved test coverage.
Acknowledgments
A big thank you to all the contributors who made this release possible: @VolodymyrB, @StackOverflowExcept1on, @crStiv, @azuchi, @conradoplg and @natalieesk