[Cryptography] Libra is technical junk

Phillip Hallam-Baker phill at hallambaker.com
Thu Nov 7 10:49:15 EST 2019

On Wed, Nov 6, 2019 at 11:37 PM John Levine <johnl at iecc.com> wrote:

> This blog post has been floating around lately.  It seems to be a
> pretty well informed look at the open source code for Libra.  He
> is deeply unimpressed by what he found:
>         http://www.stephendiehl.com/posts/libra.html
> This is just technical problems, separate from the well reported
> financial and governance problems.

Use of threshold signatures in this context is just bizarre. If you want to
know if Alice and Bob both signed a message, the simplest mechanism is for
Alice to sign it and Bob to sign it and put both signature blobs on the

I see absolutely no reason not to do that in a new protocol or for that
matter in any protocol where the signatures come from different parties.

The only use case I have for threshold signatures is to enable the private
key operations to be split across devices. That is a completely different
case to the one Libra appears to be addressing.

I am not at all opposed to the use of crypto that is outside the canon. But
anything we add has to be added for a really, really good reason. It is not
clear to me that Libra has good reasons, it seems like it might be more
like someone is trying to use as many bright shiny objects as possible.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20191107/954ffb45/attachment.htm>

More information about the cryptography mailing list