All signers know the signature

[JesseAbram]

When the signing protocol happens currently at the end of the process the user and validators end up with the signature, which is fine when it is a tx but isn't if it is a message or for a login of sorts.

Proposed Solution

• @fjarri had the concept of stopping at the last round and having a user build their signature theirselves
• require the sig_account sig on random messages to accompany the sign in process

[HCastano]

Is this something that would be handled as part of core, server, or on the crypto side of things?

[JesseAbram]

Is this something that would be handled as part of core, server, or on the crypto side of things?

core but then also sdk, as the client would have to rebuild the signature itself which would require compiling synedrion to webassembly to run in node/browser

[fjarri]

The last step is just summing up curve scalars, which can be done easily in JS; the problem is what to do if the resulting signature is invalid. The CGGMP protocol has a branch for this, which involves calculating a bunch of ZK proofs using the saved randomness. So the nodes will have to keep that for some time in case the user requests an investigation.

[HCastano]

Should we have a set of SDK and Synedrion issues for this as well then?

[fjarri]

I wasn't exactly sure if this functionality is needed; but fair enough, opened entropyxyz/synedrion#38