ERC-7816: A Schnorr Signature Scheme for EVM Applications

Discussion topic for ERC-7816: Add ERC: A Schnorr Signature Scheme for EVM Applications by pmerkleplant · Pull Request #713 · ethereum/ERCs · GitHub

Update Log

External Reviews

None as of 2024-11-09.

Outstanding Issues

  • 2024-11-09: Provide test cases
3 Likes

For some more background information, see GitHub - verklegarden/schnorr-on-evm: A Schnorr Signature Scheme for EVM Applications.

I experimented a bit with applications of this ERC, FROST from Zcash Foundation and ROAST. I managed to write very cheap threshold signature. It only costs ~4200 gas to verify threshold signature t of n onchain, plus ~2100 gas for calldata. See repository for more information: GitHub - StackOverflowExcept1on/frost-secp256k1-evm: Cheap threshold signature scheme for EVM. I also made PR at Zcash Foundation that adds an efficient cipher suite for EVM: feat: add `frost-secp256k1-evm` crate by StackOverflowExcept1on · Pull Request #749 · ZcashFoundation/frost · GitHub. Based on audited cryptography from Zcash Foundation, I was also able to build an implementation of ROAST protocol (FROST protocol that is suitable for signing messages in asynchronous networks): GitHub - StackOverflowExcept1on/roast: Rust implementation of ROAST (Robust Asynchronous Schnorr Threshold Signatures) with cryptography by Zcash Foundation. The only downside of these Schnorr-based threshold signatures is that FROST is an interactive protocol. But these signatures are very cheap to use them in decentralized applications that are governed by an honest majority.

2 Likes