Inconsistent threshold semantics across DKG and presigning protocols

[gilcu3]

Background

This issue corresponds to finding 10 in the Robust ECDSA audit.

The threshold parameter has inconsistent semantic meanings across the DKG and the
robust ECDSA implementation. In the DKG protocol, the threshold represents the
reconstruction bound—that is, the minimum number of participants required to
reconstruct the secret. However, in the robust ECDSA protocol, the threshold parameter
represents the maximum number of malicious parties directly, as explicitly documented in
the warning preceding the do_presign function

User Story

No response

Acceptance Criteria

Short term, standardize the threshold semantics across all protocols in the library and add
documentation to clearly indicate the convention used.

Long term, consider introducing type-safe threshold parameters through distinct types
such as ReconstructionThreshold and MaxMaliciousParties that cannot be
confused or used interchangeably. Add compile-time checks or runtime assertions that
verify that the relationship between DKG and presigning thresholds matches the security
requirements, failing early if mismatched parameters are detected.

Resources & Additional Notes

We hit this problem already when integrating robust ECDSA in the node, thread