Packages

c

org.bitcoins.crypto.frost

FrostSessionContext

case class FrostSessionContext(signingContext: FrostSigningContext, aggNonce: FrostNoncePub, tweaks: Vector[FieldElement], isXOnly: Vector[Boolean], message: ByteVector) extends Product with Serializable

Container for a FROST signing session.

This class encapsulates all the information needed for a single FROST signing session, including the signing context (participant information), aggregated nonces, optional tweaks, and the message to be signed.

The session context is used to compute session-specific values (via getSessionValues) such as:

  • b: the nonce coefficient used to combine R1 and R2
  • R: the effective nonce point used in the signature
  • e: the challenge scalar derived from R, the (tweaked) aggregate public key, and the message

These values are required by both the signing and verification algorithms.

signingContext

the signing context containing participant information, their public key shares, and the threshold public key

aggNonce

the aggregated public nonce from all signing participants (R1_agg, R2_agg)

tweaks

optional scalar tweaks to apply to the threshold public key (e.g., for taproot key path spending)

isXOnly

for each tweak, indicates whether it was derived from an x-only public key (affects parity handling)

message

the message bytes to be signed

Linear Supertypes
Serializable, Product, Equals, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. FrostSessionContext
  2. Serializable
  3. Product
  4. Equals
  5. AnyRef
  6. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new FrostSessionContext(signingContext: FrostSigningContext, aggNonce: FrostNoncePub, tweaks: Vector[FieldElement], isXOnly: Vector[Boolean], message: ByteVector)

    signingContext

    the signing context containing participant information, their public key shares, and the threshold public key

    aggNonce

    the aggregated public nonce from all signing participants (R1_agg, R2_agg)

    tweaks

    optional scalar tweaks to apply to the threshold public key (e.g., for taproot key path spending)

    isXOnly

    for each tweak, indicates whether it was derived from an x-only public key (affects parity handling)

    message

    the message bytes to be signed

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. val aggNonce: FrostNoncePub
  5. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @native()
  7. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  8. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable])
  9. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  10. def getSessionValues: FrostSessionValues

    Computes session-specific values needed for FROST signing and verification.

    Computes session-specific values needed for FROST signing and verification.

    This method derives the following values from the session context:

    • **b**: the nonce coefficient (binding factor) computed by hashing the sorted participant IDs, aggregated nonce, (tweaked) threshold public key, and message. This value binds the nonces to the specific signing session.
    • **R**: the effective nonce point computed as R = R1 + b·R2, where R1 and R2 are from the aggregated nonce. If R' (before parity adjustment) is the point at infinity, the generator G is used instead.
    • **e**: the challenge scalar computed via BIP-340 challenge hash from R (x-only), the (tweaked) threshold public key (x-only), and the message.
    • **tweakCtx**: the tweak context containing the (tweaked) aggregate public key Q and the tweak/parity accumulators (tacc, gacc) after applying all tweaks.

    The returned FrostSessionValues contains all these computed values along with participant IDs and their public key shares. These values are used in both the signing equation (s = k1 + b·k2 + e·λ·d) and the verification equation (s·G = R + e·λ·gacc·g·X).

    returns

    FrostSessionValues containing b, R, e, the tweak context, participant IDs, and public shares

    Exceptions thrown

    IllegalArgumentException if the computed b or e equals zero (negligible probability)

  11. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  12. val isXOnly: Vector[Boolean]
  13. val message: ByteVector
  14. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  15. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  16. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  17. def productElementNames: Iterator[String]
    Definition Classes
    Product
  18. def r1: SecpPoint
  19. def r2: SecpPoint
  20. val signingContext: FrostSigningContext
  21. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  22. val tweaks: Vector[FieldElement]
  23. def v: Long
  24. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  25. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  26. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped