In v2.0.0 release, several updates added including 1) ECDSA protocol update according to GG18 paper update; 2) Fix of 2023 CVE-2023-33241 by Fireblocks; 3) Fix of 2023 Tsshock by Verichain; 4) Added more boundary condition checks according to various security reports; 5) Add session infomation for sub protocols to prevent message replay; 6) Added switches to optionally turn of heavy Paillier key proof in tss.params(do NOT use unless you are in a trusted setting or the Paillier key are already verified).

Compatibility with v1.3.5

It's generally not compatible with v1.3.5. Not recommend to make hacks to run with a mixture parties of both v2 and v1.3. The existing ECDSA wallet generated from v1.3 can be upgraded(from resharing) to v2 wallet. We recommend to update all parties and their wallet to v2 due to the security updates.

What's Changed

• Fix possible hash collision by @yycen in https://github.com/bnb-chain/tss-lib/pull/233
• Update SECURITY.md by @ackratos in https://github.com/bnb-chain/tss-lib/pull/241
• ECDSA protocol security updates by @yycen in https://github.com/bnb-chain/tss-lib/pull/252
• Ecdsa proof session byte by @ZhAnGeek in https://github.com/bnb-chain/tss-lib/pull/256
• Update tagged version hash encoding by @yycen in https://github.com/bnb-chain/tss-lib/pull/257

New Contributors

• @ZhAnGeek made their first contribution in https://github.com/bnb-chain/tss-lib/pull/256

Full Changelog: https://github.com/bnb-chain/tss-lib/compare/v1.3.5...v2.0.0