2P-ECDSA module

[GeneFerneau]

Is anyone currently working on a 2P-ECDSA module, or know of a current implementation using libsecp256k1?

If not, I'm interested in implementing one.

[real-or-random]

I'm not aware of any such efforts. What's the use case you have in mind?

[GeneFerneau]

Steganographic on-chain multisignatures using ECDSA, similar to MuSig applications (using ECDSA instead).

[apoelstra]

Can it be done without Pallier encryption? I'd be fine with Pallier in principle but my expectation is that any new heavy crypto would simply never get reviewed, and I don't want to waste some implementor's time.

[romanz]

There is https://github.com/ZenGo-X/multi-party-ecdsa (CC: @omershlo)

[GeneFerneau]

Can it be done without Pallier encryption? I'd be fine with Pallier in principle but my expectation is that any new heavy crypto would simply never get reviewed, and I don't want to waste some implementor's time.

I don't know, I have similar reservations about Paillier, though. Will need to think about it more, maybe something is possible with ECDSA adaptor signatures?

There is https://github.com/ZenGo-X/multi-party-ecdsa (CC: @omershlo)

Will take a look at their impl again, briefly reviewed it before, and planned to use it as a reference for the Paillier stuff (since they got a third-party audit on their crypto).