| Crate | Description |
|---|---|
roast-core |
Generic ROAST implementation |
roast-ed25519 |
Ed25519 ciphersuite |
roast-ed448 |
Ed448 ciphersuite |
roast-p256 |
P-256 ciphersuite |
roast-ristretto255 |
Ristretto255 ciphersuite |
roast-secp256k1 |
secp256k1 ciphersuite |
roast-secp256k1-evm |
secp256k1 ciphersuite (EVM) |
roast-secp256k1-tr |
secp256k1 ciphersuite (Taproot) |
Rust implementation of ROAST (Robust Asynchronous Schnorr Threshold Signatures) with cryptography by Zcash Foundation.
Refer to the ZF FROST book, ROAST white paper and cybersecurity seminar about ROAST.
The ROAST implementation is not yet finalized. Thus, significant changes may occur and SemVer is not guaranteed. ZF FROST code base has been partially audited by NCC, see below for details.
NCC performed an audit of ZF FROST. So the cryptography was audited, but this ROAST implementation was not audited.
roast-core implements the base traits and types in a generic manner, to enable top-level implementations for different
ciphersuites / curves without having to implement all of ROAST from scratch. End-users should not use roast-core if
they want to sign and verify signatures, they should use the crate specific to their ciphersuite/curve parameters that
uses roast-core as a dependency.