Skip to content

Add trusted dealer security warnings #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kwsantiago merged 1 commit into from
Jan 5, 2026
Merged

Add trusted dealer security warnings #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,17 @@ keep frost network sign --group npub1... --message <hex> --relay wss://nos.lol -

Generate threshold keys without any single party knowing the full private key. Each participant runs independently and coordinates via Nostr relay.

**Security: DKG vs Trusted Dealer**

| Aspect | Trusted Dealer (`frost generate`) | Distributed DKG (`frost network dkg`) |
|--------|-----------------------------------|---------------------------------------|
| Key exposure | Full key exists on one machine | Full key never exists anywhere |
| Entropy source | Single machine | All participants contribute |
| Compromise risk | Single point of failure | Requires threshold breach |
| Use case | Testing/development | Production |

The trusted dealer approach (`keep frost generate`) generates the full private key on a single machine. If that machine is compromised during generation, all funds are at risk. Distributed DKG ensures the complete key is never computed—each participant generates their share from independent entropy, so no single device ever holds enough information to reconstruct the key.

```bash
# Participant 1 (on first device)
keep frost network dkg \
Expand Down
7 changes: 7 additions & 0 deletions keep-cli/src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1648,6 +1648,13 @@ fn cmd_frost_generate(
) -> Result<()> {
debug!(threshold, total_shares, name, "generating FROST key");

out.newline();
out.warn("WARNING: Trusted dealer mode - for testing/development only.");
out.warn("The full private key exists on this machine during generation.");
out.warn("For production, use 'keep frost network dkg' for distributed key generation");
out.warn("where the full key never exists on any single device.");
out.newline();

let mut keep = Keep::open(path)?;
let password = get_password("Enter password")?;

Expand Down
9 changes: 9 additions & 0 deletions keep-core/src/frost/dealer.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,15 @@ impl ThresholdConfig {
}
}

/// **WARNING: Testing/development only. Do not use in production.**
///
/// The trusted dealer approach generates the full private key on a single machine during
/// key generation, which creates a single point of compromise. If that machine is breached
/// during generation, all funds are at risk.
///
/// For production use, use distributed key generation (`keep frost network dkg`) where each
/// participant contributes entropy independently and the full private key is never computed
/// or exists on any single device.
pub struct TrustedDealer {
config: ThresholdConfig,
}
Expand Down