FROST at the NIST Workshop on Threshold Schemes
I was invited to present FROST and to give recommendations for the standardization of Schnorr threshold signatures at the recent NIST workshop on standardization of threshold schemes! Overall, we got great feedback from those attending about the simplicity and flexibility of FROST to be used in a range of settings, something which was very important to us when designing the scheme.
One other interesting point of discussion was regarding whether to require determinism in a multi-party threshold signature scheme. In fact, requiring single-party EdDSA-style determinism in many schemes actually introduces unintended vulnerabilities even while attempting to mitigate those introduced by nonce-reuse attacks. Our recommendation was to keep protocols simple and not require determinism, which seemed to be a common view.
The NIST organizers will be posting videos soon, but for anyone interested, my slides are located here.