API contract
The package draws a hard boundary between the cryptographic library and the surrounding application.
Library responsibilities
Section titled “Library responsibilities”- The minimal public manifest with
rosterHashandoptionList - Honest-majority threshold derivation from the accepted registration roster
- Typed payload builders for manifest publication, registration, acceptance, DKG messages, ballots, ballot close, decryption shares, and tally publication
- Transport and authentication helpers used by the ceremony flow
- Ristretto255-based ballot encryption, proof generation, decryption-aggregate preparation, threshold share handling, and tally recovery helpers
- GJKR transcript verification over the signed public log
- Organizer-signed
ballot-closeverification and counted-ballot selection - Full-ceremony verification that replays the DKG transcript, recomputes the counted ballot aggregates locally, verifies decryption-share proofs, checks tally publications, and returns board-audit metadata
Application responsibilities
Section titled “Application responsibilities”- Bulletin-board storage and deployment-specific transport plumbing
- UI, orchestration, retries, worker usage, and deadline handling
- Enrollment policy and roster governance before manifest publication
- Pre-DKG vote collection, local plaintext staging, reminders, and organizer controls
- Final application decisions about when the organizer closes voting
- Result presentation and any fairness policy beyond the auditable counted-ballot set