[TASK] Remove superfluous/extra encryption in keygen
drewstone opened this issue · comments
Issue summary
When we originally modified the Zengo mp-ecdsa, we added additional encryption to P2P messages because we were originally broadcasting/gossiping all messages over our network,
Some old commits which added this extra encryption are:
- webb-tools/multi-party-ecdsa@a4895af
- webb-tools/multi-party-ecdsa@033d799
- webb-tools/multi-party-ecdsa@cd894b6
- webb-tools/multi-party-ecdsa@1ef80e1
I think we should remove this and make more explicit how this type of message can be encrypted before the P2P messages hit the wire.
Yup, in CGGMP the assumption is that the channels are authenticated between parties and broadcasts are reliable. Our approach is to use Noise protocol on a higher level which provides authenticated encryption between all parties and allows to use untrusted proxy for relaying messages. See https://github.com/mpc-sdk/framework.