Distributed Hot Keys with FROST

About

This is a fork of yushan created by Nick Farrow for BTC++ Taipei FROST Workshop. It is highly recommended to first take a look at that demo which is POC of multiple independent parties signing a message using FROST.

This fork is instead intended to be a POC for a single party employing FROST to distribute key shares over multiple servers for signing. Rather than having multiple independent parties manually participating in the FROST key generation and signing rounds this POC has multiple server nodes automatically communicating with a coordinator to participate in the FROST rounds.

The inspriation for this POC was to mitigate the risk inherent to storing hot keys on a single server by distributing the key shares accross multiple servers that can collaboratively sign, while even having some key shares offline in cold storage. Validating Lightning Server attempts to mitigate this risk by moving the signing keys to a second validating server in the case of lightning hot wallets, however it doesn't eliminate the risk factor of having a single server storing the signing key.

How To Run

Spin up the number of yushan-nodes desired (same as the number of key shares)
Configure each yushan-node to have the desired ROOM ID, PARTICIPANTS (number of key shares), THRESHOLD (number of key shares required for signing), and assign a unique INDEX for each (from 1 to the number of key shares) and hit SUBSCRIBE
Spin up a single yushan-coordinator and configure it with the same ROOM ID, PARTICIPANTS (number of key shares), THRESHOLD (number of key shares required for signing) and hit SUBSCRIBE
Observe as the yushan-coordinator and yushan-nodes automatically particpate in key generation
Turn off the yushan-nodes that do not need to be available during message signing (only a THRESHOLD number of yushan-nodes should remain online)
On the yushan-coordinator enter a message to be signed
Observe as the yushan-coordinator and yushan-nodes automatically participate in the message signing
Manually verify the signed message at the bottom of the yushan-coordinator page

A yushan-node can be served from within the node directory, a yushan-coordinator can be served from within the coordinator directory. Simple way to serve these is using python http module python -m http.server <port>.

Caveats

This fork uses a local nostr relay being served at http://localhost:7777 to communicate. This will be required for this POC to work (or change the nostr relays that are used in the index.html files).

Built With

javascript
nostr
yushan

Updates

stoic unicorn started this project — Dec 16, 2025 01:48 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.