The nonces should not be reused! In particular, in MuSig, the nonces can not be reused.
for other combinations of public keys or messages (also if everyone uses the
same public speeches all the time). This would filter the private keys.
You share the new nonces files in advance by running several rounds of signatures in parallel.
With the library you join
(secp256k1-zkp) this is
sure while keeping session states in memory and not copying them.
Serialization of the state and its storage in a persistent medium is not compatible with
secp256k1-zkp and difficult to correct, because if you accidentally use the
If not, filter the private key.
A simple way to eliminate the overload of the first two interactions
The rounds are attaching the commitment of nonce and nonce to those already existing.
Messages in your protocol. That way you would only have two parallel signatures.
Research is being done on deterministic issues for MuSig that have
Evidence of zero knowledge that the nonce is correctly derived. With such tests
The requests can be derived from the set of signatories, their private key and the
message and there is no status to track.