Skip to content
Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).
Branch: master
Clone or download
Latest commit d660e73 May 14, 2019

Build Status License: GPL v3

Multi-party ECDSA

This project is a Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).

Threshold ECDSA includes two protocols:

  • Key Generation for creating secret shares.
  • Signing for using the secret shares to generate a signature.

ECDSA is used extensively for crypto-currencies such as Bitcoin, Ethereum (secp256k1 curve), NEO (NIST P-256 curve) and much more. This library can be used to create MultiSig and ThresholdSig crypto wallet.

Project Status

  • The library supports 2p-ecdsa based on Lindell's crypto 2017 paper [1]. Project Gotham-city is a proof of concept for a full two-party Bitcoin wallet that uses this library. See benchmarks and white paper there.

  • The library supports Gennaro and Goldfeder CCS 2018 protocol [2] for {t,n}-threshold ECDSA.


The following steps are for setup, key generation with n parties and signing with t+1 parties.


  1. We use shared state machine architecture (see white city). The parameters parties and threshold can be configured by changing the file: param. a keygen will run with parties parties and signing will run with any subset of threshold + 1 parties. param file should be located in the same path of the client softwares.
  2. Install Rust,Nightly Rust. Run cargo build --release ( it will build into /target/release)
  3. Run the shared state machine: ./sm_manager. Currently configured to be in, this can be changed in Rocket.toml file. The Rocket.toml file should be in the same folder you run sm_manager from.


run gg18_keygen_client as follows: ./gg18_keygen_client Replace IP and port with the ones configured in setup. Once n parties join the application will run till finish. At the end each party will get a local keys file (change filename in command line). This contain secret and public data of the party after keygen. The file therefore should remain private.


Run ./gg18_sign_client. The application should be in the same folder as the file (or custom filename generated in keygen). the application takes three arguments: IP:port as in keygen, filename and message to be signed: ./gg18_sign_client "KZen Networks". The same message should be used by all signers. Once t+1 parties join the protocol will run and will output to screen signatue (R,s).

Full demo

Run ./ (located in /demo folder) in the same folder as the excutables (usually /target/release). It will spawn a shared state machine, clients in the number of parties and signing requests for the threshold + 1 first parties.

A 5 parties setup with 3 signers (threshold = 2)

Contributions & Development Process

The contribution workflow is described in, in addition the Rust utilities wiki contains information on workflow and environment set-up.


Multi-party ECDSA is released under the terms of the GPL-3.0 license. See LICENSE for more information.


Feel free to reach out or join the KZen Research Telegram for discussions on code and research.




You can’t perform that action at this time.