Blockchain-Assisted Weighted Threshold EdDSA with Rational Identifiable Aborts

The security of distributed systems, especially blockchain-based applications, relies heavily on threshold signature protocols to maintain decentralization. Identifiable aborts are critical in these protocols, enabling detection and attribution of malicious behavior. However, existing threshold EdDSA schemes with identifiable aborts often rely on zeroknowledge proofs, which significantly increase computational overhead. Additionally, these schemes suffer from inefficient abort handling and difficulty defending against DDoS attacks targeting abort mechanisms. Furthermore, weighted threshold signature schemes frequently encounter weight centralization, where high-weight participants dominate decision-making. In this paper, we propose a threshold EdDSA protocol, named EdFROST, which is unforgeable and supports identifiable aborts under a chosen-message attack (IA-CMA), based on FROST3 proposed by Ruffing et al. (ACM CCS '22). Leveraging EdFROST, we present the first weighted threshold EdDSA scheme that considers both the number of participants and arbitrary weight distribution to mitigate the risk of weight centralization. We also design a game-theoretic incentive model, implemented via tamper-proof chaincode, achieving rational identifiable aborts with a unique sequential equilibrium. This model incentivizes honest behavior to maximize individual benefits while ensuring efficient abort handling and resisting DDoS attacks targeting IA. Experimental results demonstrate that the EdFROST and chaincode are efficient and lightweight, making them well-suited for large-scale distributed systems.