Skip to content

Commit

Permalink
doc: update README and cargo manifest (#215)
Browse files Browse the repository at this point in the history 
* doc: update README and cargo manifest

* update manifest
  • Loading branch information
@milapsheth
milapsheth authored Jul 10, 2024
1 parent df28081 commit 943bc13
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
5 changes: 3 additions & 2 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,13 @@
name = "tofn"
version = "1.0.0"
authors = [
"Gus Gutoski <gus@axelar.network>",
"Milap Sheth <milap@axelar.network>",
"Interoplabs Eng <eng@interoplabs.io>",
]
edition = "2021"
license = "MIT OR Apache-2.0"
rust-version = "1.78.0"
description = "A cryptography library in Rust, used by the Axelar Network."
keywords = ["cryptography", "axelar", "blockchain"]

[lib]
crate-type = ["lib"]
Expand Down
10 changes: 4 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
# Tofn (t-of-n): a threshold cryptography library in Rust
# tofn: a cryptography library in Rust

Tofn provides the following:

* An implementation of ECDSA SECP256k1 signing scheme.
* An implementation of ED25519 signing scheme.

tofn is primarily used as part of [tofnd](https://github.com/axelarnetwork/tofnd) for the [Axelar network](https://www.axelar.network). For an older version of the library that included a threshold ECDSA implementation, see the section below on Threshold cryptography.

## Setup

* Get the latest version of Rust stable.
Expand All @@ -16,11 +18,7 @@ Tofn provides the following:
## Threshold cryptography

For an implementation of the [GG20](https://eprint.iacr.org/2020/540.pdf) threshold-ECDSA protocol,
see this version (with *known vulnerabilities*) of [tofn](https://github.com/axelarnetwork/tofn/tree/0b441ed758ebed6726f7a2cf1ccce6a95c33152c). The GG20 protocol implementation should not be considered ready for production since it doesn't protect against [recently discovered attacks](https://www.verichains.io/tsshock/) on the protocol implementation. This was removed from `tofn` as it is not being used in the Axelar protocol.

## Security notes

* In our security model, we don't guarantee security if the attacker has access to the device. Secret key material is zeroized on a best effort basis.
see this version of [tofn](https://github.com/axelarnetwork/tofn/tree/0b441ed758ebed6726f7a2cf1ccce6a95c33152c). This GG20 protocol implementation should not be considered ready for production since it has *known vulnerabilities* against [recently discovered attacks](https://www.verichains.io/tsshock/) on the protocol implementation. This was removed from `tofn` as it is not being used in the Axelar protocol.

## License

Expand Down

0 comments on commit 943bc13

Please sign in to comment.