Curve as parameter (#137)

* move curve into tss.Parameters * regen proto with full package name * pass curve through parameter * add curve name in ecpoint json serialization
2026-01-09 13:57:58 -05:00 · 2021-07-06 11:51:20 +08:00
parent acfc4a91f8
commit 856d77b7fb
66 changed files with 613 additions and 500 deletions
--- a/common/signature.pb.go
+++ b/common/signature.pb.go
@@ -97,20 +97,21 @@ func (m *SignatureData) GetM() []byte {
 }

 func init() {
-	proto.RegisterType((*SignatureData)(nil), "SignatureData")
+	proto.RegisterType((*SignatureData)(nil), "binance.tsslib.SignatureData")
 }

 func init() { proto.RegisterFile("signature.proto", fileDescriptor_76962cacebaec211) }

 var fileDescriptor_76962cacebaec211 = []byte{
-	// 133 bytes of a gzipped FileDescriptorProto
+	// 150 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2f, 0xce, 0x4c, 0xcf,
-	0x4b, 0x2c, 0x29, 0x2d, 0x4a, 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x57, 0x6a, 0x63, 0xe4, 0xe2,
-	0x0d, 0x86, 0x89, 0xb9, 0x24, 0x96, 0x24, 0x0a, 0xc9, 0x70, 0x71, 0xc2, 0x15, 0x49, 0x30, 0x2a,
-	0x30, 0x6a, 0xf0, 0x04, 0x21, 0x04, 0x84, 0x74, 0xb9, 0x84, 0xe0, 0x9c, 0xf8, 0xa2, 0xd4, 0xe4,
-	0xfc, 0xb2, 0xd4, 0xa2, 0x4a, 0x09, 0x26, 0xb0, 0x32, 0x41, 0xb8, 0x4c, 0x10, 0x54, 0x42, 0x88,
-	0x87, 0x8b, 0xb1, 0x48, 0x82, 0x19, 0x2c, 0xcb, 0x58, 0x04, 0xe2, 0x15, 0x4b, 0xb0, 0x40, 0x78,
-	0xc5, 0x20, 0x5e, 0xae, 0x04, 0x2b, 0x84, 0x97, 0xeb, 0xc4, 0x11, 0xc5, 0x96, 0x9c, 0x9f, 0x9b,
-	0x9b, 0x9f, 0x97, 0xc4, 0x06, 0x76, 0x99, 0x31, 0x20, 0x00, 0x00, 0xff, 0xff, 0x02, 0x54, 0x54,
-	0x57, 0xac, 0x00, 0x00, 0x00,
+	0x4b, 0x2c, 0x29, 0x2d, 0x4a, 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x4b, 0xca, 0xcc,
+	0x4b, 0xcc, 0x4b, 0x4e, 0xd5, 0x2b, 0x29, 0x2e, 0xce, 0xc9, 0x4c, 0x52, 0x6a, 0x63, 0xe4, 0xe2,
+	0x0d, 0x86, 0xa9, 0x71, 0x49, 0x2c, 0x49, 0x14, 0x92, 0xe1, 0xe2, 0x84, 0x6b, 0x92, 0x60, 0x54,
+	0x60, 0xd4, 0xe0, 0x09, 0x42, 0x08, 0x08, 0xe9, 0x72, 0x09, 0xc1, 0x39, 0xf1, 0x45, 0xa9, 0xc9,
+	0xf9, 0x65, 0xa9, 0x45, 0x95, 0x12, 0x4c, 0x60, 0x65, 0x82, 0x70, 0x99, 0x20, 0xa8, 0x84, 0x10,
+	0x0f, 0x17, 0x63, 0x91, 0x04, 0x33, 0x58, 0x96, 0xb1, 0x08, 0xc4, 0x2b, 0x96, 0x60, 0x81, 0xf0,
+	0x8a, 0x41, 0xbc, 0x5c, 0x09, 0x56, 0x08, 0x2f, 0xd7, 0x89, 0x23, 0x8a, 0x2d, 0x39, 0x3f, 0x37,
+	0x37, 0x3f, 0x2f, 0x89, 0x0d, 0xec, 0x52, 0x63, 0x40, 0x00, 0x00, 0x00, 0xff, 0xff, 0xcf, 0xe1,
+	0x86, 0xde, 0xbc, 0x00, 0x00, 0x00,
 }
--- a/crypto/ecpoint.go
+++ b/crypto/ecpoint.go
@@ -61,6 +61,10 @@ func (p *ECPoint) IsOnCurve() bool {
 	return isOnCurve(p.curve, p.coords[0], p.coords[1])
 }

+func (p *ECPoint) Curve() elliptic.Curve {
+	return p.curve
+}
+
 func (p *ECPoint) Equals(p2 *ECPoint) bool {
 	if p == nil || p2 == nil {
 		return false
@@ -199,24 +203,44 @@ func (p *ECPoint) GobDecode(buf []byte) error {

 // crypto.ECPoint is not inherently json marshal-able
 func (p *ECPoint) MarshalJSON() ([]byte, error) {
+	ecName, ok := tss.GetCurveName(p.curve)
+	if !ok {
+		return nil, fmt.Errorf("cannot find %T name in curve registry, please call tss.RegisterCurve(name, curve) to register it first", p.curve)
+	}
+
 	return json.Marshal(&struct {
+		Curve  string
 		Coords [2]*big.Int
 	}{
+		Curve:  string(ecName),
 		Coords: p.coords,
 	})
 }

 func (p *ECPoint) UnmarshalJSON(payload []byte) error {
 	aux := &struct {
+		Curve  string
 		Coords [2]*big.Int
 	}{}
 	if err := json.Unmarshal(payload, &aux); err != nil {
 		return err
 	}
-	p.curve = tss.EC()
 	p.coords = [2]*big.Int{aux.Coords[0], aux.Coords[1]}
-	if !p.IsOnCurve() {
-		return errors.New("ECPoint.UnmarshalJSON: the point is not on the elliptic curve")
+
+	if len(aux.Curve) > 0 {
+		ec, ok := tss.GetCurveByName(tss.CurveName(aux.Curve))
+		if !ok {
+			return fmt.Errorf("cannot find curve named with %s in curve registry, please call tss.RegisterCurve(name, curve) to register it first", aux.Curve)
+		}
+		p.curve = ec
+	} else {
+		// forward compatible, use global ec as default value
+		p.curve = tss.EC()
 	}
+
+	if !p.IsOnCurve() {
+		return fmt.Errorf("ECPoint.UnmarshalJSON: the point is not on the elliptic curve (%T) ", p.curve)
+	}
+
 	return nil
 }
--- a/crypto/ecpoint_test.go
+++ b/crypto/ecpoint_test.go
@@ -7,10 +7,16 @@
 package crypto_test

 import (
+	"encoding/hex"
+	"encoding/json"
 	"math/big"
 	"reflect"
 	"testing"

+	"github.com/btcsuite/btcd/btcec"
+	"github.com/decred/dcrd/dcrec/edwards/v2"
+	"github.com/stretchr/testify/assert"
+
 	. "github.com/binance-chain/tss-lib/crypto"
 	"github.com/binance-chain/tss-lib/tss"
 )
@@ -113,3 +119,49 @@ func TestUnFlattenECPoints(t *testing.T) {
 		})
 	}
 }
+
+func TestS256EcpointJsonSerialization(t *testing.T) {
+	ec := btcec.S256()
+	tss.RegisterCurve("secp256k1", ec)
+
+	pubKeyBytes, err := hex.DecodeString("03935336acb03b2b801d8f8ac5e92c56c4f6e93319901fdfffba9d340a874e2879")
+	assert.NoError(t, err)
+	pbk, err := btcec.ParsePubKey(pubKeyBytes, btcec.S256())
+	assert.NoError(t, err)
+
+	point, err := NewECPoint(ec, pbk.X, pbk.Y)
+	assert.NoError(t, err)
+	bz, err := json.Marshal(point)
+	assert.NoError(t, err)
+	assert.True(t, len(bz) > 0)
+
+	var umpoint ECPoint
+	err = json.Unmarshal(bz, &umpoint)
+	assert.NoError(t, err)
+
+	assert.True(t, point.Equals(&umpoint))
+	assert.True(t, reflect.TypeOf(point.Curve()) == reflect.TypeOf(umpoint.Curve()))
+}
+
+func TestEdwardsEcpointJsonSerialization(t *testing.T) {
+	ec := edwards.Edwards()
+	tss.RegisterCurve("ed25519", ec)
+
+	pubKeyBytes, err := hex.DecodeString("ae1e5bf5f3d6bf58b5c222088671fcbe78b437e28fae944c793897b26091f249")
+	assert.NoError(t, err)
+	pbk, err := edwards.ParsePubKey(pubKeyBytes)
+	assert.NoError(t, err)
+
+	point, err := NewECPoint(ec, pbk.X, pbk.Y)
+	assert.NoError(t, err)
+	bz, err := json.Marshal(point)
+	assert.NoError(t, err)
+	assert.True(t, len(bz) > 0)
+
+	var umpoint ECPoint
+	err = json.Unmarshal(bz, &umpoint)
+	assert.NoError(t, err)
+
+	assert.True(t, point.Equals(&umpoint))
+	assert.True(t, reflect.TypeOf(point.Curve()) == reflect.TypeOf(umpoint.Curve()))
+}
--- a/crypto/mta/proofs.go
+++ b/crypto/mta/proofs.go
@@ -7,6 +7,7 @@
 package mta

 import (
+	"crypto/elliptic"
 	"errors"
 	"fmt"
 	"math/big"
@@ -14,7 +15,6 @@ import (
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	"github.com/binance-chain/tss-lib/crypto/paillier"
-	"github.com/binance-chain/tss-lib/tss"
 )

 const (
@@ -35,14 +35,14 @@ type (

 // ProveBobWC implements Bob's proof both with or without check "ProveMtawc_Bob" and "ProveMta_Bob" used in the MtA protocol from GG18Spec (9) Figs. 10 & 11.
 // an absent `X` generates the proof without the X consistency check X = g^x
-func ProveBobWC(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int, X *crypto.ECPoint) (*ProofBobWC, error) {
+func ProveBobWC(ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int, X *crypto.ECPoint) (*ProofBobWC, error) {
 	if pk == nil || NTilde == nil || h1 == nil || h2 == nil || c1 == nil || c2 == nil || x == nil || y == nil || r == nil {
 		return nil, errors.New("ProveBob() received a nil argument")
 	}

 	NSquared := pk.NSquare()

-	q := tss.EC().Params().N
+	q := ec.Params().N
 	q3 := new(big.Int).Mul(q, q)
 	q3 = new(big.Int).Mul(q, q3)
 	qNTilde := new(big.Int).Mul(q, NTilde)
@@ -65,9 +65,9 @@ func ProveBobWC(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int
 	gamma := common.GetRandomPositiveRelativelyPrimeInt(pk.N)

 	// 5.
-	u := crypto.NewECPointNoCurveCheck(tss.EC(), zero, zero) // initialization suppresses an IDE warning
+	u := crypto.NewECPointNoCurveCheck(ec, zero, zero) // initialization suppresses an IDE warning
 	if X != nil {
-		u = crypto.ScalarBaseMult(tss.EC(), alpha)
+		u = crypto.ScalarBaseMult(ec, alpha)
 	}

 	// 6.
@@ -135,22 +135,22 @@ func ProveBobWC(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int
 }

 // ProveBob implements Bob's proof "ProveMta_Bob" used in the MtA protocol from GG18Spec (9) Fig. 11.
-func ProveBob(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int) (*ProofBob, error) {
+func ProveBob(ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int) (*ProofBob, error) {
 	// the Bob proof ("with check") contains the ProofBob "without check"; this method extracts and returns it
 	// X is supplied as nil to exclude it from the proof hash
-	pf, err := ProveBobWC(pk, NTilde, h1, h2, c1, c2, x, y, r, nil)
+	pf, err := ProveBobWC(ec, pk, NTilde, h1, h2, c1, c2, x, y, r, nil)
 	if err != nil {
 		return nil, err
 	}
 	return pf.ProofBob, nil
 }

-func ProofBobWCFromBytes(bzs [][]byte) (*ProofBobWC, error) {
+func ProofBobWCFromBytes(ec elliptic.Curve, bzs [][]byte) (*ProofBobWC, error) {
 	proofBob, err := ProofBobFromBytes(bzs)
 	if err != nil {
 		return nil, err
 	}
-	point, err := crypto.NewECPoint(tss.EC(),
+	point, err := crypto.NewECPoint(ec,
 		new(big.Int).SetBytes(bzs[10]),
 		new(big.Int).SetBytes(bzs[11]))
 	if err != nil {
@@ -185,12 +185,12 @@ func ProofBobFromBytes(bzs [][]byte) (*ProofBob, error) {

 // ProveBobWC.Verify implements verification of Bob's proof with check "VerifyMtawc_Bob" used in the MtA protocol from GG18Spec (9) Fig. 10.
 // an absent `X` verifies a proof generated without the X consistency check X = g^x
-func (pf *ProofBobWC) Verify(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big.Int, X *crypto.ECPoint) bool {
+func (pf *ProofBobWC) Verify(ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big.Int, X *crypto.ECPoint) bool {
 	if pk == nil || NTilde == nil || h1 == nil || h2 == nil || c1 == nil || c2 == nil {
 		return false
 	}

-	q := tss.EC().Params().N
+	q := ec.Params().N
 	q3 := new(big.Int).Mul(q, q)
 	q3 = new(big.Int).Mul(q, q3)

@@ -216,8 +216,8 @@ func (pf *ProofBobWC) Verify(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big

 	// 4. runs only in the "with check" mode from Fig. 10
 	if X != nil {
-		s1ModQ := new(big.Int).Mod(pf.S1, tss.EC().Params().N)
-		gS1 := crypto.ScalarBaseMult(tss.EC(), s1ModQ)
+		s1ModQ := new(big.Int).Mod(pf.S1, ec.Params().N)
+		gS1 := crypto.ScalarBaseMult(ec, s1ModQ)
 		xEU, err := X.ScalarMult(e).Add(pf.U)
 		if err != nil || !gS1.Equals(xEU) {
 			return false
@@ -268,12 +268,12 @@ func (pf *ProofBobWC) Verify(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big
 }

 // ProveBob.Verify implements verification of Bob's proof without check "VerifyMta_Bob" used in the MtA protocol from GG18Spec (9) Fig. 11.
-func (pf *ProofBob) Verify(pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big.Int) bool {
+func (pf *ProofBob) Verify(ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big.Int) bool {
 	if pf == nil {
 		return false
 	}
 	pfWC := &ProofBobWC{ProofBob: pf, U: nil}
-	return pfWC.Verify(pk, NTilde, h1, h2, c1, c2, nil)
+	return pfWC.Verify(ec, pk, NTilde, h1, h2, c1, c2, nil)
 }

 func (pf *ProofBob) ValidateBasic() bool {
--- a/crypto/mta/range_proof.go
+++ b/crypto/mta/range_proof.go
@@ -7,13 +7,13 @@
 package mta

 import (
+	"crypto/elliptic"
 	"errors"
 	"fmt"
 	"math/big"

 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto/paillier"
-	"github.com/binance-chain/tss-lib/tss"
 )

 const (
@@ -31,12 +31,12 @@ type (
 )

 // ProveRangeAlice implements Alice's range proof used in the MtA and MtAwc protocols from GG18Spec (9) Fig. 9.
-func ProveRangeAlice(pk *paillier.PublicKey, c, NTilde, h1, h2, m, r *big.Int) (*RangeProofAlice, error) {
+func ProveRangeAlice(ec elliptic.Curve, pk *paillier.PublicKey, c, NTilde, h1, h2, m, r *big.Int) (*RangeProofAlice, error) {
 	if pk == nil || NTilde == nil || h1 == nil || h2 == nil || c == nil || m == nil || r == nil {
 		return nil, errors.New("ProveRangeAlice constructor received nil value(s)")
 	}

-	q := tss.EC().Params().N
+	q := ec.Params().N
 	q3 := new(big.Int).Mul(q, q)
 	q3 = new(big.Int).Mul(q, q3)
 	qNTilde := new(big.Int).Mul(q, NTilde)
@@ -103,13 +103,13 @@ func RangeProofAliceFromBytes(bzs [][]byte) (*RangeProofAlice, error) {
 	}, nil
 }

-func (pf *RangeProofAlice) Verify(pk *paillier.PublicKey, NTilde, h1, h2, c *big.Int) bool {
+func (pf *RangeProofAlice) Verify(ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c *big.Int) bool {
 	if pf == nil || !pf.ValidateBasic() || pk == nil || NTilde == nil || h1 == nil || h2 == nil || c == nil {
 		return false
 	}

 	N2 := new(big.Int).Mul(pk.N, pk.N)
-	q := tss.EC().Params().N
+	q := ec.Params().N
 	q3 := new(big.Int).Mul(q, q)
 	q3 = new(big.Int).Mul(q, q3)

--- a/crypto/mta/range_proof_test.go
+++ b/crypto/mta/range_proof_test.go
@@ -37,9 +37,9 @@ func TestProveRangeAlice(t *testing.T) {
 	primes := [2]*big.Int{common.GetRandomPrimeInt(testSafePrimeBits), common.GetRandomPrimeInt(testSafePrimeBits)}
 	NTildei, h1i, h2i, err := crypto.GenerateNTildei(primes)
 	assert.NoError(t, err)
-	proof, err := ProveRangeAlice(pk, c, NTildei, h1i, h2i, m, r)
+	proof, err := ProveRangeAlice(tss.EC(), pk, c, NTildei, h1i, h2i, m, r)
 	assert.NoError(t, err)

-	ok := proof.Verify(pk, NTildei, h1i, h2i, c)
+	ok := proof.Verify(tss.EC(), pk, NTildei, h1i, h2i, c)
 	assert.True(t, ok, "proof must verify")
 }
--- a/crypto/mta/share_protocol.go
+++ b/crypto/mta/share_protocol.go
@@ -7,16 +7,17 @@
 package mta

 import (
+	"crypto/elliptic"
 	"errors"
 	"math/big"

 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	"github.com/binance-chain/tss-lib/crypto/paillier"
-	"github.com/binance-chain/tss-lib/tss"
 )

 func AliceInit(
+	ec elliptic.Curve,
 	pkA *paillier.PublicKey,
 	a, NTildeB, h1B, h2B *big.Int,
 ) (cA *big.Int, pf *RangeProofAlice, err error) {
@@ -24,20 +25,21 @@ func AliceInit(
 	if err != nil {
 		return nil, nil, err
 	}
-	pf, err = ProveRangeAlice(pkA, cA, NTildeB, h1B, h2B, a, rA)
+	pf, err = ProveRangeAlice(ec, pkA, cA, NTildeB, h1B, h2B, a, rA)
 	return cA, pf, err
 }

 func BobMid(
+	ec elliptic.Curve,
 	pkA *paillier.PublicKey,
 	pf *RangeProofAlice,
 	b, cA, NTildeA, h1A, h2A, NTildeB, h1B, h2B *big.Int,
 ) (beta, cB, betaPrm *big.Int, piB *ProofBob, err error) {
-	if !pf.Verify(pkA, NTildeB, h1B, h2B, cA) {
+	if !pf.Verify(ec, pkA, NTildeB, h1B, h2B, cA) {
 		err = errors.New("RangeProofAlice.Verify() returned false")
 		return
 	}
-	q := tss.EC().Params().N
+	q := ec.Params().N
 	betaPrm = common.GetRandomPositiveInt(pkA.N)
 	cBetaPrm, cRand, err := pkA.EncryptAndReturnRandomness(betaPrm)
 	if err != nil {
@@ -52,21 +54,22 @@ func BobMid(
 		return
 	}
 	beta = common.ModInt(q).Sub(zero, betaPrm)
-	piB, err = ProveBob(pkA, NTildeA, h1A, h2A, cA, cB, b, betaPrm, cRand)
+	piB, err = ProveBob(ec, pkA, NTildeA, h1A, h2A, cA, cB, b, betaPrm, cRand)
 	return
 }

 func BobMidWC(
+	ec elliptic.Curve,
 	pkA *paillier.PublicKey,
 	pf *RangeProofAlice,
 	b, cA, NTildeA, h1A, h2A, NTildeB, h1B, h2B *big.Int,
 	B *crypto.ECPoint,
 ) (beta, cB, betaPrm *big.Int, piB *ProofBobWC, err error) {
-	if !pf.Verify(pkA, NTildeB, h1B, h2B, cA) {
+	if !pf.Verify(ec, pkA, NTildeB, h1B, h2B, cA) {
 		err = errors.New("RangeProofAlice.Verify() returned false")
 		return
 	}
-	q := tss.EC().Params().N
+	q := ec.Params().N
 	betaPrm = common.GetRandomPositiveInt(pkA.N)
 	cBetaPrm, cRand, err := pkA.EncryptAndReturnRandomness(betaPrm)
 	if err != nil {
@@ -81,41 +84,43 @@ func BobMidWC(
 		return
 	}
 	beta = common.ModInt(q).Sub(zero, betaPrm)
-	piB, err = ProveBobWC(pkA, NTildeA, h1A, h2A, cA, cB, b, betaPrm, cRand, B)
+	piB, err = ProveBobWC(ec, pkA, NTildeA, h1A, h2A, cA, cB, b, betaPrm, cRand, B)
 	return
 }

 func AliceEnd(
+	ec elliptic.Curve,
 	pkA *paillier.PublicKey,
 	pf *ProofBob,
 	h1A, h2A, cA, cB, NTildeA *big.Int,
 	sk *paillier.PrivateKey,
 ) (*big.Int, error) {
-	if !pf.Verify(pkA, NTildeA, h1A, h2A, cA, cB) {
+	if !pf.Verify(ec, pkA, NTildeA, h1A, h2A, cA, cB) {
 		return nil, errors.New("ProofBob.Verify() returned false")
 	}
 	alphaPrm, err := sk.Decrypt(cB)
 	if err != nil {
 		return nil, err
 	}
-	q := tss.EC().Params().N
+	q := ec.Params().N
 	return new(big.Int).Mod(alphaPrm, q), nil
 }

 func AliceEndWC(
+	ec elliptic.Curve,
 	pkA *paillier.PublicKey,
 	pf *ProofBobWC,
 	B *crypto.ECPoint,
 	cA, cB, NTildeA, h1A, h2A *big.Int,
 	sk *paillier.PrivateKey,
 ) (*big.Int, error) {
-	if !pf.Verify(pkA, NTildeA, h1A, h2A, cA, cB, B) {
+	if !pf.Verify(ec, pkA, NTildeA, h1A, h2A, cA, cB, B) {
 		return nil, errors.New("ProofBobWC.Verify() returned false")
 	}
 	alphaPrm, err := sk.Decrypt(cB)
 	if err != nil {
 		return nil, err
 	}
-	q := tss.EC().Params().N
+	q := ec.Params().N
 	return new(big.Int).Mod(alphaPrm, q), nil
 }
--- a/crypto/mta/share_protocol_test.go
+++ b/crypto/mta/share_protocol_test.go
@@ -39,13 +39,13 @@ func TestShareProtocol(t *testing.T) {
 	NTildej, h1j, h2j, err := keygen.LoadNTildeH1H2FromTestFixture(1)
 	assert.NoError(t, err)

-	cA, pf, err := AliceInit(pk, a, NTildej, h1j, h2j)
+	cA, pf, err := AliceInit(tss.EC(), pk, a, NTildej, h1j, h2j)
 	assert.NoError(t, err)

-	_, cB, betaPrm, pfB, err := BobMid(pk, pf, b, cA, NTildei, h1i, h2i, NTildej, h1j, h2j)
+	_, cB, betaPrm, pfB, err := BobMid(tss.EC(), pk, pf, b, cA, NTildei, h1i, h2i, NTildej, h1j, h2j)
 	assert.NoError(t, err)

-	alpha, err := AliceEnd(pk, pfB, h1i, h2i, cA, cB, NTildei, sk)
+	alpha, err := AliceEnd(tss.EC(), pk, pfB, h1i, h2i, cA, cB, NTildei, sk)
 	assert.NoError(t, err)

 	// expect: alpha = ab + betaPrm
@@ -70,15 +70,15 @@ func TestShareProtocolWC(t *testing.T) {
 	NTildej, h1j, h2j, err := keygen.LoadNTildeH1H2FromTestFixture(1)
 	assert.NoError(t, err)

-	cA, pf, err := AliceInit(pk, a, NTildej, h1j, h2j)
+	cA, pf, err := AliceInit(tss.EC(), pk, a, NTildej, h1j, h2j)
 	assert.NoError(t, err)

 	gBPoint, err := crypto.NewECPoint(tss.EC(), gBX, gBY)
 	assert.NoError(t, err)
-	_, cB, betaPrm, pfB, err := BobMidWC(pk, pf, b, cA, NTildei, h1i, h2i, NTildej, h1j, h2j, gBPoint)
+	_, cB, betaPrm, pfB, err := BobMidWC(tss.EC(), pk, pf, b, cA, NTildei, h1i, h2i, NTildej, h1j, h2j, gBPoint)
 	assert.NoError(t, err)

-	alpha, err := AliceEndWC(pk, pfB, gBPoint, cA, cB, NTildei, h1i, h2i, sk)
+	alpha, err := AliceEndWC(tss.EC(), pk, pfB, gBPoint, cA, cB, NTildei, h1i, h2i, sk)
 	assert.NoError(t, err)

 	// expect: alpha = ab + betaPrm
--- a/crypto/schnorr/schnorr_proof.go
+++ b/crypto/schnorr/schnorr_proof.go
@@ -12,7 +12,6 @@ import (

 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
-	"github.com/binance-chain/tss-lib/tss"
 )

 type (
@@ -32,12 +31,13 @@ func NewZKProof(x *big.Int, X *crypto.ECPoint) (*ZKProof, error) {
 	if x == nil || X == nil || !X.ValidateBasic() {
 		return nil, errors.New("ZKProof constructor received nil or invalid value(s)")
 	}
-	ecParams := tss.EC().Params()
+	ec := X.Curve()
+	ecParams := ec.Params()
 	q := ecParams.N
-	g := crypto.NewECPointNoCurveCheck(tss.EC(), ecParams.Gx, ecParams.Gy) // already on the curve.
+	g := crypto.NewECPointNoCurveCheck(ec, ecParams.Gx, ecParams.Gy) // already on the curve.

 	a := common.GetRandomPositiveInt(q)
-	alpha := crypto.ScalarBaseMult(tss.EC(), a)
+	alpha := crypto.ScalarBaseMult(ec, a)

 	var c *big.Int
 	{
@@ -55,16 +55,17 @@ func (pf *ZKProof) Verify(X *crypto.ECPoint) bool {
 	if pf == nil || !pf.ValidateBasic() {
 		return false
 	}
-	ecParams := tss.EC().Params()
+	ec := X.Curve()
+	ecParams := ec.Params()
 	q := ecParams.N
-	g := crypto.NewECPointNoCurveCheck(tss.EC(), ecParams.Gx, ecParams.Gy)
+	g := crypto.NewECPointNoCurveCheck(ec, ecParams.Gx, ecParams.Gy)

 	var c *big.Int
 	{
 		cHash := common.SHA512_256i(X.X(), X.Y(), g.X(), g.Y(), pf.Alpha.X(), pf.Alpha.Y())
 		c = common.RejectionSample(q, cHash)
 	}
-	tG := crypto.ScalarBaseMult(tss.EC(), pf.T)
+	tG := crypto.ScalarBaseMult(ec, pf.T)
 	Xc := X.ScalarMult(c)
 	aXc, err := pf.Alpha.Add(Xc)
 	if err != nil {
@@ -85,13 +86,14 @@ func NewZKVProof(V, R *crypto.ECPoint, s, l *big.Int) (*ZKVProof, error) {
 	if V == nil || R == nil || s == nil || l == nil || !V.ValidateBasic() || !R.ValidateBasic() {
 		return nil, errors.New("ZKVProof constructor received nil value(s)")
 	}
-	ecParams := tss.EC().Params()
+	ec := V.Curve()
+	ecParams := ec.Params()
 	q := ecParams.N
-	g := crypto.NewECPointNoCurveCheck(tss.EC(), ecParams.Gx, ecParams.Gy)
+	g := crypto.NewECPointNoCurveCheck(ec, ecParams.Gx, ecParams.Gy)

 	a, b := common.GetRandomPositiveInt(q), common.GetRandomPositiveInt(q)
 	aR := R.ScalarMult(a)
-	bG := crypto.ScalarBaseMult(tss.EC(), b)
+	bG := crypto.ScalarBaseMult(ec, b)
 	alpha, _ := aR.Add(bG) // already on the curve.

 	var c *big.Int
@@ -110,9 +112,10 @@ func (pf *ZKVProof) Verify(V, R *crypto.ECPoint) bool {
 	if pf == nil || !pf.ValidateBasic() {
 		return false
 	}
-	ecParams := tss.EC().Params()
+	ec := V.Curve()
+	ecParams := ec.Params()
 	q := ecParams.N
-	g := crypto.NewECPointNoCurveCheck(tss.EC(), ecParams.Gx, ecParams.Gy)
+	g := crypto.NewECPointNoCurveCheck(ec, ecParams.Gx, ecParams.Gy)

 	var c *big.Int
 	{
@@ -120,7 +123,7 @@ func (pf *ZKVProof) Verify(V, R *crypto.ECPoint) bool {
 		c = common.RejectionSample(q, cHash)
 	}
 	tR := R.ScalarMult(pf.T)
-	uG := crypto.ScalarBaseMult(tss.EC(), pf.U)
+	uG := crypto.ScalarBaseMult(ec, pf.U)
 	tRuG, _ := tR.Add(uG) // already on the curve.

 	Vc := V.ScalarMult(c)
--- a/crypto/vss/feldman_vss.go
+++ b/crypto/vss/feldman_vss.go
@@ -11,13 +11,13 @@
 package vss

 import (
+	"crypto/elliptic"
 	"errors"
 	"fmt"
 	"math/big"

 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
-	"github.com/binance-chain/tss-lib/tss"
 )

 type (
@@ -42,7 +42,7 @@ var (
 // Returns a new array of secret shares created by Shamir's Secret Sharing Algorithm,
 // requiring a minimum number of shares to recreate, of length shares, from the input secret
 //
-func Create(threshold int, secret *big.Int, indexes []*big.Int) (Vs, Shares, error) {
+func Create(ec elliptic.Curve, threshold int, secret *big.Int, indexes []*big.Int) (Vs, Shares, error) {
 	if secret == nil || indexes == nil {
 		return nil, nil, fmt.Errorf("vss secret or indexes == nil: %v %v", secret, indexes)
 	}
@@ -54,11 +54,11 @@ func Create(threshold int, secret *big.Int, indexes []*big.Int) (Vs, Shares, err
 		return nil, nil, ErrNumSharesBelowThreshold
 	}

-	poly := samplePolynomial(threshold, secret)
+	poly := samplePolynomial(ec, threshold, secret)
 	poly[0] = secret // becomes sigma*G in v
 	v := make(Vs, len(poly))
 	for i, ai := range poly {
-		v[i] = crypto.ScalarBaseMult(tss.EC(), ai)
+		v[i] = crypto.ScalarBaseMult(ec, ai)
 	}

 	shares := make(Shares, num)
@@ -66,38 +66,38 @@ func Create(threshold int, secret *big.Int, indexes []*big.Int) (Vs, Shares, err
 		if indexes[i].Cmp(big.NewInt(0)) == 0 {
 			return nil, nil, fmt.Errorf("party index should not be 0")
 		}
-		share := evaluatePolynomial(threshold, poly, indexes[i])
+		share := evaluatePolynomial(ec, threshold, poly, indexes[i])
 		shares[i] = &Share{Threshold: threshold, ID: indexes[i], Share: share}
 	}
 	return v, shares, nil
 }

-func (share *Share) Verify(threshold int, vs Vs) bool {
+func (share *Share) Verify(ec elliptic.Curve, threshold int, vs Vs) bool {
 	if share.Threshold != threshold || vs == nil {
 		return false
 	}
 	var err error
-	modQ := common.ModInt(tss.EC().Params().N)
+	modQ := common.ModInt(ec.Params().N)
 	v, t := vs[0], one // YRO : we need to have our accumulator outside of the loop
 	for j := 1; j <= threshold; j++ {
 		// t = k_i^j
 		t = modQ.Mul(t, share.ID)
 		// v = v * v_j^t
-		vjt := vs[j].SetCurve(tss.EC()).ScalarMult(t)
-		v, err = v.SetCurve(tss.EC()).Add(vjt)
+		vjt := vs[j].SetCurve(ec).ScalarMult(t)
+		v, err = v.SetCurve(ec).Add(vjt)
 		if err != nil {
 			return false
 		}
 	}
-	sigmaGi := crypto.ScalarBaseMult(tss.EC(), share.Share)
+	sigmaGi := crypto.ScalarBaseMult(ec, share.Share)
 	return sigmaGi.Equals(v)
 }

-func (shares Shares) ReConstruct() (secret *big.Int, err error) {
+func (shares Shares) ReConstruct(ec elliptic.Curve) (secret *big.Int, err error) {
 	if shares != nil && shares[0].Threshold > len(shares) {
 		return nil, ErrNumSharesBelowThreshold
 	}
-	modN := common.ModInt(tss.EC().Params().N)
+	modN := common.ModInt(ec.Params().N)

 	// x coords
 	xs := make([]*big.Int, 0)
@@ -125,8 +125,8 @@ func (shares Shares) ReConstruct() (secret *big.Int, err error) {
 	return secret, nil
 }

-func samplePolynomial(threshold int, secret *big.Int) []*big.Int {
-	q := tss.EC().Params().N
+func samplePolynomial(ec elliptic.Curve, threshold int, secret *big.Int) []*big.Int {
+	q := ec.Params().N
 	v := make([]*big.Int, threshold+1)
 	v[0] = secret
 	for i := 1; i <= threshold; i++ {
@@ -140,8 +140,8 @@ func samplePolynomial(threshold int, secret *big.Int) []*big.Int {
 // evaluatePolynomial([a, b, c, d], x):
 // 		returns a + bx + cx^2 + dx^3
 //
-func evaluatePolynomial(threshold int, v []*big.Int, id *big.Int) (result *big.Int) {
-	q := tss.EC().Params().N
+func evaluatePolynomial(ec elliptic.Curve, threshold int, v []*big.Int, id *big.Int) (result *big.Int) {
+	q := ec.Params().N
 	modQ := common.ModInt(q)
 	result = new(big.Int).Set(v[0])
 	X := big.NewInt(int64(1))
--- a/crypto/vss/feldman_vss_test.go
+++ b/crypto/vss/feldman_vss_test.go
@@ -27,7 +27,7 @@ func TestCreate(t *testing.T) {
 		ids = append(ids, common.GetRandomPositiveInt(tss.EC().Params().N))
 	}

-	vs, _, err := Create(threshold, secret, ids)
+	vs, _, err := Create(tss.EC(), threshold, secret, ids)
 	assert.Nil(t, err)

 	assert.Equal(t, threshold+1, len(vs))
@@ -55,11 +55,11 @@ func TestVerify(t *testing.T) {
 		ids = append(ids, common.GetRandomPositiveInt(tss.EC().Params().N))
 	}

-	vs, shares, err := Create(threshold, secret, ids)
+	vs, shares, err := Create(tss.EC(), threshold, secret, ids)
 	assert.NoError(t, err)

 	for i := 0; i < num; i++ {
-		assert.True(t, shares[i].Verify(threshold, vs))
+		assert.True(t, shares[i].Verify(tss.EC(), threshold, vs))
 	}
 }

@@ -73,18 +73,18 @@ func TestReconstruct(t *testing.T) {
 		ids = append(ids, common.GetRandomPositiveInt(tss.EC().Params().N))
 	}

-	_, shares, err := Create(threshold, secret, ids)
+	_, shares, err := Create(tss.EC(), threshold, secret, ids)
 	assert.NoError(t, err)

-	secret2, err2 := shares[:threshold-1].ReConstruct()
+	secret2, err2 := shares[:threshold-1].ReConstruct(tss.EC())
 	assert.Error(t, err2) // not enough shares to satisfy the threshold
 	assert.Nil(t, secret2)

-	secret3, err3 := shares[:threshold].ReConstruct()
+	secret3, err3 := shares[:threshold].ReConstruct(tss.EC())
 	assert.NoError(t, err3)
 	assert.NotZero(t, secret3)

-	secret4, err4 := shares[:num].ReConstruct()
+	secret4, err4 := shares[:num].ReConstruct(tss.EC())
 	assert.NoError(t, err4)
 	assert.NotZero(t, secret4)
 }
--- a/ecdsa/keygen/ecdsa-keygen.pb.go
+++ b/ecdsa/keygen/ecdsa-keygen.pb.go
@@ -1,5 +1,5 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
-// source: protob/ecdsa-keygen.proto
+// source: ecdsa-keygen.proto

 package keygen

@@ -37,7 +37,7 @@ func (m *KGRound1Message) Reset()         { *m = KGRound1Message{} }
 func (m *KGRound1Message) String() string { return proto.CompactTextString(m) }
 func (*KGRound1Message) ProtoMessage()    {}
 func (*KGRound1Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_1a2e19e981cdbb01, []int{0}
+	return fileDescriptor_b9942204cc0c4f82, []int{0}
 }

 func (m *KGRound1Message) XXX_Unmarshal(b []byte) error {
@@ -106,7 +106,7 @@ func (m *KGRound2Message1) Reset()         { *m = KGRound2Message1{} }
 func (m *KGRound2Message1) String() string { return proto.CompactTextString(m) }
 func (*KGRound2Message1) ProtoMessage()    {}
 func (*KGRound2Message1) Descriptor() ([]byte, []int) {
-	return fileDescriptor_1a2e19e981cdbb01, []int{1}
+	return fileDescriptor_b9942204cc0c4f82, []int{1}
 }

 func (m *KGRound2Message1) XXX_Unmarshal(b []byte) error {
@@ -147,7 +147,7 @@ func (m *KGRound2Message2) Reset()         { *m = KGRound2Message2{} }
 func (m *KGRound2Message2) String() string { return proto.CompactTextString(m) }
 func (*KGRound2Message2) ProtoMessage()    {}
 func (*KGRound2Message2) Descriptor() ([]byte, []int) {
-	return fileDescriptor_1a2e19e981cdbb01, []int{2}
+	return fileDescriptor_b9942204cc0c4f82, []int{2}
 }

 func (m *KGRound2Message2) XXX_Unmarshal(b []byte) error {
@@ -188,7 +188,7 @@ func (m *KGRound3Message) Reset()         { *m = KGRound3Message{} }
 func (m *KGRound3Message) String() string { return proto.CompactTextString(m) }
 func (*KGRound3Message) ProtoMessage()    {}
 func (*KGRound3Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_1a2e19e981cdbb01, []int{3}
+	return fileDescriptor_b9942204cc0c4f82, []int{3}
 }

 func (m *KGRound3Message) XXX_Unmarshal(b []byte) error {
@@ -217,30 +217,30 @@ func (m *KGRound3Message) GetPaillierProof() [][]byte {
 }

 func init() {
-	proto.RegisterType((*KGRound1Message)(nil), "KGRound1Message")
-	proto.RegisterType((*KGRound2Message1)(nil), "KGRound2Message1")
-	proto.RegisterType((*KGRound2Message2)(nil), "KGRound2Message2")
-	proto.RegisterType((*KGRound3Message)(nil), "KGRound3Message")
+	proto.RegisterType((*KGRound1Message)(nil), "binance.tsslib.ecdsa.keygen.KGRound1Message")
+	proto.RegisterType((*KGRound2Message1)(nil), "binance.tsslib.ecdsa.keygen.KGRound2Message1")
+	proto.RegisterType((*KGRound2Message2)(nil), "binance.tsslib.ecdsa.keygen.KGRound2Message2")
+	proto.RegisterType((*KGRound3Message)(nil), "binance.tsslib.ecdsa.keygen.KGRound3Message")
 }

-func init() { proto.RegisterFile("protob/ecdsa-keygen.proto", fileDescriptor_1a2e19e981cdbb01) }
+func init() { proto.RegisterFile("ecdsa-keygen.proto", fileDescriptor_b9942204cc0c4f82) }

-var fileDescriptor_1a2e19e981cdbb01 = []byte{
-	// 241 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x2c, 0x28, 0xca, 0x2f,
-	0xc9, 0x4f, 0xd2, 0x4f, 0x4d, 0x4e, 0x29, 0x4e, 0xd4, 0xcd, 0x4e, 0xad, 0x4c, 0x4f, 0xcd, 0xd3,
-	0x03, 0x8b, 0x29, 0x75, 0x32, 0x72, 0xf1, 0x7b, 0xbb, 0x07, 0xe5, 0x97, 0xe6, 0xa5, 0x18, 0xfa,
-	0xa6, 0x16, 0x17, 0x27, 0xa6, 0xa7, 0x0a, 0xc9, 0x71, 0x71, 0x25, 0xe7, 0xe7, 0xe6, 0x66, 0x96,
-	0xe4, 0xa6, 0xe6, 0x95, 0x48, 0x30, 0x2a, 0x30, 0x6a, 0xf0, 0x04, 0x21, 0x89, 0x08, 0xc9, 0x72,
-	0x71, 0x15, 0x24, 0x66, 0xe6, 0xe4, 0x64, 0xa6, 0x16, 0xc5, 0xe7, 0x49, 0x30, 0x81, 0xe5, 0x39,
-	0x61, 0x22, 0x7e, 0x42, 0xe2, 0x5c, 0xec, 0x79, 0xf1, 0x25, 0x99, 0x39, 0x29, 0xa9, 0x12, 0xcc,
-	0x60, 0x39, 0xb6, 0xbc, 0x10, 0x10, 0x4f, 0x88, 0x8f, 0x8b, 0x29, 0xc3, 0x50, 0x82, 0x05, 0x2c,
-	0xc6, 0x94, 0x61, 0x08, 0xe6, 0x1b, 0x49, 0xb0, 0x42, 0xf9, 0x46, 0x4a, 0x1a, 0x5c, 0x02, 0x50,
-	0xa7, 0x18, 0x41, 0x9d, 0x62, 0x28, 0x24, 0xc2, 0xc5, 0x5a, 0x9c, 0x91, 0x58, 0x94, 0x0a, 0x75,
-	0x06, 0x84, 0xa3, 0x64, 0x8e, 0xa1, 0xd2, 0x48, 0x48, 0x99, 0x8b, 0x37, 0x25, 0x35, 0x1e, 0xc5,
-	0xe1, 0xcc, 0x1a, 0x3c, 0x41, 0x3c, 0x29, 0xa9, 0xce, 0x70, 0x31, 0x25, 0x0b, 0xb8, 0x6f, 0x8d,
-	0x61, 0xbe, 0x55, 0xe5, 0xe2, 0x83, 0xfb, 0xa6, 0xa0, 0x28, 0x3f, 0x3f, 0x0d, 0xaa, 0x91, 0x17,
-	0x26, 0x1a, 0x00, 0x12, 0x74, 0xe2, 0x8b, 0xe2, 0x01, 0x07, 0x9f, 0x3e, 0x24, 0xf8, 0x92, 0xd8,
-	0xc0, 0xe1, 0x67, 0x0c, 0x08, 0x00, 0x00, 0xff, 0xff, 0xa1, 0x59, 0x33, 0xa0, 0x5c, 0x01, 0x00,
-	0x00,
+var fileDescriptor_b9942204cc0c4f82 = []byte{
+	// 255 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x90, 0x41, 0x4b, 0xc4, 0x30,
+	0x14, 0x84, 0x69, 0xd7, 0x5d, 0xf1, 0xd1, 0xad, 0x12, 0x04, 0x03, 0xa2, 0x48, 0x45, 0xe8, 0xc5,
+	0x4a, 0xbb, 0x07, 0x3d, 0xeb, 0xc1, 0x83, 0x28, 0x52, 0x3c, 0x79, 0x29, 0x69, 0xf3, 0xdc, 0x06,
+	0xdb, 0xa4, 0x34, 0xf1, 0xe0, 0x4f, 0xf0, 0x5f, 0x4b, 0xd3, 0xb4, 0x28, 0x7b, 0x9c, 0xef, 0xcd,
+	0x83, 0x99, 0x01, 0x82, 0x15, 0xd7, 0xec, 0xfa, 0x13, 0xbf, 0xb7, 0x28, 0x93, 0xae, 0x57, 0x46,
+	0x91, 0xd3, 0x52, 0x48, 0x26, 0x2b, 0x4c, 0x8c, 0xd6, 0x8d, 0x28, 0x13, 0x6b, 0x49, 0x46, 0x4b,
+	0xf4, 0xe3, 0xc1, 0xe1, 0xd3, 0x63, 0xae, 0xbe, 0x24, 0x4f, 0x9f, 0x51, 0x6b, 0xb6, 0x45, 0x72,
+	0x0e, 0x50, 0xa9, 0xb6, 0x15, 0xa6, 0x45, 0x69, 0xa8, 0x77, 0xe1, 0xc5, 0x41, 0xfe, 0x87, 0x90,
+	0x33, 0x80, 0x8e, 0x89, 0xa6, 0x11, 0xd8, 0x17, 0x92, 0xfa, 0xf6, 0x7e, 0x30, 0x91, 0x17, 0x72,
+	0x02, 0xfb, 0xb2, 0x30, 0xa2, 0xe1, 0x48, 0x17, 0xf6, 0xb6, 0x92, 0x6f, 0x83, 0x22, 0x21, 0xf8,
+	0x75, 0x4a, 0xf7, 0x2c, 0xf3, 0xeb, 0xd4, 0xea, 0x8c, 0x2e, 0x9d, 0xce, 0xa2, 0x18, 0x8e, 0x5c,
+	0x94, 0xcc, 0x45, 0x49, 0xc9, 0x31, 0x2c, 0x75, 0xcd, 0x7a, 0x74, 0x31, 0x46, 0x11, 0xdd, 0xee,
+	0x38, 0x33, 0x72, 0x09, 0x6b, 0x8e, 0xc5, 0xbf, 0xe0, 0x8b, 0x38, 0xc8, 0x03, 0x8e, 0x0f, 0x33,
+	0x8b, 0xee, 0xe6, 0xb6, 0x9b, 0xa9, 0xed, 0x15, 0x84, 0x73, 0x9b, 0xae, 0x57, 0xea, 0xc3, 0x3d,
+	0xae, 0x27, 0xfa, 0x3a, 0xc0, 0xfb, 0xf0, 0x3d, 0xb0, 0xc3, 0xdd, 0x8c, 0xc3, 0x95, 0x2b, 0x3b,
+	0xee, 0xe6, 0x37, 0x00, 0x00, 0xff, 0xff, 0x29, 0x67, 0x33, 0x70, 0x72, 0x01, 0x00, 0x00,
 }
--- a/ecdsa/keygen/local_party_test.go
+++ b/ecdsa/keygen/local_party_test.go
@@ -45,7 +45,7 @@ func TestStartRound1Paillier(t *testing.T) {
 	pIDs := tss.GenerateTestPartyIDs(1)
 	p2pCtx := tss.NewPeerContext(pIDs)
 	threshold := 1
-	params := tss.NewParameters(p2pCtx, pIDs[0], len(pIDs), threshold)
+	params := tss.NewParameters(tss.EC(), p2pCtx, pIDs[0], len(pIDs), threshold)

 	out := make(chan tss.Message, len(pIDs))
 	lp := NewLocalParty(params, out, nil).(*LocalParty)
@@ -74,7 +74,7 @@ func TestFinishAndSaveH1H2(t *testing.T) {
 	pIDs := tss.GenerateTestPartyIDs(1)
 	p2pCtx := tss.NewPeerContext(pIDs)
 	threshold := 1
-	params := tss.NewParameters(p2pCtx, pIDs[0], len(pIDs), threshold)
+	params := tss.NewParameters(tss.EC(), p2pCtx, pIDs[0], len(pIDs), threshold)

 	out := make(chan tss.Message, len(pIDs))
 	lp := NewLocalParty(params, out, nil).(*LocalParty)
@@ -110,7 +110,7 @@ func TestBadMessageCulprits(t *testing.T) {

 	pIDs := tss.GenerateTestPartyIDs(2)
 	p2pCtx := tss.NewPeerContext(pIDs)
-	params := tss.NewParameters(p2pCtx, pIDs[0], len(pIDs), 1)
+	params := tss.NewParameters(tss.S256(), p2pCtx, pIDs[0], len(pIDs), 1)

 	out := make(chan tss.Message, len(pIDs))
 	lp := NewLocalParty(params, out, nil)
@@ -126,7 +126,7 @@ func TestBadMessageCulprits(t *testing.T) {
 	assert.Equal(t, 1, len(err.Culprits()))
 	assert.Equal(t, pIDs[1], err.Culprits()[0])
 	assert.Equal(t,
-		"task keygen, party {0,P[1]}, round 1, culprits [{1,P[2]}]: message failed ValidateBasic: Type: binance.tss-lib.ecdsa.keygen.KGRound1Message, From: {1,P[2]}, To: all",
+		"task ecdsa-keygen, party {0,P[1]}, round 1, culprits [{1,P[2]}]: message failed ValidateBasic: Type: binance.tsslib.ecdsa.keygen.KGRound1Message, From: {1,P[2]}, To: all",
 		err.Error())
 }

@@ -155,7 +155,7 @@ func TestE2EConcurrentAndSaveFixtures(t *testing.T) {
 	// init the parties
 	for i := 0; i < len(pIDs); i++ {
 		var P *LocalParty
-		params := tss.NewParameters(p2pCtx, pIDs[i], len(pIDs), threshold)
+		params := tss.NewParameters(tss.S256(), p2pCtx, pIDs[i], len(pIDs), threshold)
 		if i < len(fixtures) {
 			P = NewLocalParty(params, outCh, endCh, fixtures[i].LocalPreParams).(*LocalParty)
 		} else {
@@ -225,7 +225,7 @@ keygen:
 						}
 						pShares = append(pShares, shareStruct)
 					}
-					uj, err := pShares[:threshold+1].ReConstruct()
+					uj, err := pShares[:threshold+1].ReConstruct(tss.S256())
 					assert.NoError(t, err, "vss.ReConstruct should not throw error")

 					// uG test: u*G[j] == V[0]
@@ -243,7 +243,7 @@ keygen:
 					{
 						badShares := pShares[:threshold]
 						badShares[len(badShares)-1].Share.Set(big.NewInt(0))
-						uj, err := pShares[:threshold].ReConstruct()
+						uj, err := pShares[:threshold].ReConstruct(tss.S256())
 						assert.NoError(t, err)
 						assert.NotEqual(t, parties[j].temp.ui, uj)
 						BigXjX, BigXjY := tss.EC().ScalarBaseMult(uj.Bytes())
--- a/ecdsa/keygen/messages.go
+++ b/ecdsa/keygen/messages.go
@@ -9,8 +9,6 @@ package keygen
 import (
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
 	"github.com/binance-chain/tss-lib/crypto/paillier"
@@ -31,13 +29,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*KGRound1Message)(nil), tss.ECDSAProtoNamePrefix+"keygen.KGRound1Message")
-	proto.RegisterType((*KGRound2Message1)(nil), tss.ECDSAProtoNamePrefix+"keygen.KGRound2Message1")
-	proto.RegisterType((*KGRound2Message2)(nil), tss.ECDSAProtoNamePrefix+"keygen.KGRound2Message2")
-	proto.RegisterType((*KGRound3Message)(nil), tss.ECDSAProtoNamePrefix+"keygen.KGRound3Message")
-}
-
 // ----- //

 func NewKGRound1Message(
--- a/ecdsa/keygen/round_1.go
+++ b/ecdsa/keygen/round_1.go
@@ -39,13 +39,13 @@ func (round *round1) Start() *tss.Error {
 	i := Pi.Index

 	// 1. calculate "partial" key share ui
-	ui := common.GetRandomPositiveInt(tss.EC().Params().N)
+	ui := common.GetRandomPositiveInt(round.Params().EC().Params().N)

 	round.temp.ui = ui

 	// 2. compute the vss shares
 	ids := round.Parties().IDs().Keys()
-	vs, shares, err := vss.Create(round.Threshold(), ui, ids)
+	vs, shares, err := vss.Create(round.Params().EC(), round.Threshold(), ui, ids)
 	if err != nil {
 		return round.WrapError(err, Pi)
 	}
--- a/ecdsa/keygen/round_3.go
+++ b/ecdsa/keygen/round_3.go
@@ -41,7 +41,7 @@ func (round *round3) Start() *tss.Error {
 		share := r2msg1.UnmarshalShare()
 		xi = new(big.Int).Add(xi, share)
 	}
-	round.save.Xi = new(big.Int).Mod(xi, tss.EC().Params().N)
+	round.save.Xi = new(big.Int).Mod(xi, round.Params().EC().Params().N)

 	// 2-3.
 	Vc := make(vss.Vs, round.Threshold()+1)
@@ -77,7 +77,7 @@ func (round *round3) Start() *tss.Error {
 				ch <- vssOut{errors.New("de-commitment verify failed"), nil}
 				return
 			}
-			PjVs, err := crypto.UnFlattenECPoints(tss.EC(), flatPolyGs)
+			PjVs, err := crypto.UnFlattenECPoints(round.Params().EC(), flatPolyGs)
 			if err != nil {
 				ch <- vssOut{err, nil}
 				return
@@ -88,7 +88,7 @@ func (round *round3) Start() *tss.Error {
 				ID:        round.PartyID().KeyInt(),
 				Share:     r2msg1.UnmarshalShare(),
 			}
-			if ok = PjShare.Verify(round.Threshold(), PjVs); !ok {
+			if ok = PjShare.Verify(round.Params().EC(), round.Threshold(), PjVs); !ok {
 				ch <- vssOut{errors.New("vss verify failed"), nil}
 				return
 			}
@@ -146,7 +146,7 @@ func (round *round3) Start() *tss.Error {
 	// 12-16. compute Xj for each Pj
 	{
 		var err error
-		modQ := common.ModInt(tss.EC().Params().N)
+		modQ := common.ModInt(round.Params().EC().Params().N)
 		culprits := make([]*tss.PartyID, 0, len(Ps)) // who caused the error(s)
 		bigXj := round.save.BigXj
 		for j := 0; j < round.PartyCount(); j++ {
@@ -170,7 +170,7 @@ func (round *round3) Start() *tss.Error {
 	}

 	// 17. compute and SAVE the ECDSA public key `y`
-	ecdsaPubKey, err := crypto.NewECPoint(tss.EC(), Vc[0].X(), Vc[0].Y())
+	ecdsaPubKey, err := crypto.NewECPoint(round.Params().EC(), Vc[0].X(), Vc[0].Y())
 	if err != nil {
 		return round.WrapError(errors2.Wrapf(err, "public key is not on the curve"))
 	}
--- a/ecdsa/keygen/test_utils.go
+++ b/ecdsa/keygen/test_utils.go
@@ -53,6 +53,10 @@ func LoadKeygenTestFixtures(qty int, optionalStart ...int) ([]LocalPartySaveData
 				"could not unmarshal fixture data for party %d located at: %s",
 				i, fixtureFilePath)
 		}
+		for _, kbxj := range key.BigXj {
+			kbxj.SetCurve(tss.S256())
+		}
+		key.ECDSAPub.SetCurve(tss.S256())
 		keys = append(keys, key)
 	}
 	partyIDs := make(tss.UnSortedPartyIDs, len(keys))
@@ -87,6 +91,10 @@ func LoadKeygenTestFixturesRandomSet(qty, fixtureCount int) ([]LocalPartySaveDat
 				"could not unmarshal fixture data for party %d located at: %s",
 				i, fixtureFilePath)
 		}
+		for _, kbxj := range key.BigXj {
+			kbxj.SetCurve(tss.S256())
+		}
+		key.ECDSAPub.SetCurve(tss.S256())
 		keys = append(keys, key)
 	}
 	partyIDs := make(tss.UnSortedPartyIDs, len(keys))
--- a/ecdsa/resharing/ecdsa-resharing.pb.go
+++ b/ecdsa/resharing/ecdsa-resharing.pb.go
@@ -1,5 +1,5 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
-// source: protob/ecdsa-resharing.proto
+// source: ecdsa-resharing.proto

 package resharing

@@ -35,7 +35,7 @@ func (m *DGRound1Message) Reset()         { *m = DGRound1Message{} }
 func (m *DGRound1Message) String() string { return proto.CompactTextString(m) }
 func (*DGRound1Message) ProtoMessage()    {}
 func (*DGRound1Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{0}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{0}
 }

 func (m *DGRound1Message) XXX_Unmarshal(b []byte) error {
@@ -94,7 +94,7 @@ func (m *DGRound2Message1) Reset()         { *m = DGRound2Message1{} }
 func (m *DGRound2Message1) String() string { return proto.CompactTextString(m) }
 func (*DGRound2Message1) ProtoMessage()    {}
 func (*DGRound2Message1) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{1}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{1}
 }

 func (m *DGRound2Message1) XXX_Unmarshal(b []byte) error {
@@ -162,7 +162,7 @@ func (m *DGRound2Message2) Reset()         { *m = DGRound2Message2{} }
 func (m *DGRound2Message2) String() string { return proto.CompactTextString(m) }
 func (*DGRound2Message2) ProtoMessage()    {}
 func (*DGRound2Message2) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{2}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{2}
 }

 func (m *DGRound2Message2) XXX_Unmarshal(b []byte) error {
@@ -196,7 +196,7 @@ func (m *DGRound3Message1) Reset()         { *m = DGRound3Message1{} }
 func (m *DGRound3Message1) String() string { return proto.CompactTextString(m) }
 func (*DGRound3Message1) ProtoMessage()    {}
 func (*DGRound3Message1) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{3}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{3}
 }

 func (m *DGRound3Message1) XXX_Unmarshal(b []byte) error {
@@ -237,7 +237,7 @@ func (m *DGRound3Message2) Reset()         { *m = DGRound3Message2{} }
 func (m *DGRound3Message2) String() string { return proto.CompactTextString(m) }
 func (*DGRound3Message2) ProtoMessage()    {}
 func (*DGRound3Message2) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{4}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{4}
 }

 func (m *DGRound3Message2) XXX_Unmarshal(b []byte) error {
@@ -277,7 +277,7 @@ func (m *DGRound4Message) Reset()         { *m = DGRound4Message{} }
 func (m *DGRound4Message) String() string { return proto.CompactTextString(m) }
 func (*DGRound4Message) ProtoMessage()    {}
 func (*DGRound4Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_f7d3ae1dc68dc295, []int{5}
+	return fileDescriptor_cb0d21b734b9b1ac, []int{5}
 }

 func (m *DGRound4Message) XXX_Unmarshal(b []byte) error {
@@ -299,34 +299,35 @@ func (m *DGRound4Message) XXX_DiscardUnknown() {
 var xxx_messageInfo_DGRound4Message proto.InternalMessageInfo

 func init() {
-	proto.RegisterType((*DGRound1Message)(nil), "DGRound1Message")
-	proto.RegisterType((*DGRound2Message1)(nil), "DGRound2Message1")
-	proto.RegisterType((*DGRound2Message2)(nil), "DGRound2Message2")
-	proto.RegisterType((*DGRound3Message1)(nil), "DGRound3Message1")
-	proto.RegisterType((*DGRound3Message2)(nil), "DGRound3Message2")
-	proto.RegisterType((*DGRound4Message)(nil), "DGRound4Message")
+	proto.RegisterType((*DGRound1Message)(nil), "binance.tsslib.ecdsa.resharing.DGRound1Message")
+	proto.RegisterType((*DGRound2Message1)(nil), "binance.tsslib.ecdsa.resharing.DGRound2Message1")
+	proto.RegisterType((*DGRound2Message2)(nil), "binance.tsslib.ecdsa.resharing.DGRound2Message2")
+	proto.RegisterType((*DGRound3Message1)(nil), "binance.tsslib.ecdsa.resharing.DGRound3Message1")
+	proto.RegisterType((*DGRound3Message2)(nil), "binance.tsslib.ecdsa.resharing.DGRound3Message2")
+	proto.RegisterType((*DGRound4Message)(nil), "binance.tsslib.ecdsa.resharing.DGRound4Message")
 }

-func init() { proto.RegisterFile("protob/ecdsa-resharing.proto", fileDescriptor_f7d3ae1dc68dc295) }
+func init() { proto.RegisterFile("ecdsa-resharing.proto", fileDescriptor_cb0d21b734b9b1ac) }

-var fileDescriptor_f7d3ae1dc68dc295 = []byte{
-	// 285 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x91, 0xc1, 0x4b, 0xc3, 0x30,
-	0x14, 0xc6, 0x69, 0xe7, 0x26, 0xbe, 0xcd, 0xcd, 0x05, 0xc1, 0x1c, 0x54, 0x66, 0x40, 0xe8, 0x45,
-	0x47, 0x3b, 0x2f, 0x5e, 0x75, 0xe0, 0x49, 0x19, 0xc5, 0x83, 0x7a, 0x09, 0xed, 0x1a, 0xd7, 0x42,
-	0x9b, 0x94, 0x34, 0x2d, 0xfa, 0x67, 0xf8, 0x1f, 0x4b, 0xb3, 0x34, 0x6c, 0xec, 0xf8, 0xfd, 0xde,
-	0x7b, 0x7c, 0x1f, 0xef, 0x83, 0xcb, 0x52, 0x0a, 0x25, 0xe2, 0x39, 0x5b, 0x27, 0x55, 0x74, 0x27,
-	0x59, 0x95, 0x46, 0x32, 0xe3, 0x9b, 0x7b, 0x8d, 0x89, 0x82, 0xc9, 0xf2, 0x25, 0x14, 0x35, 0x4f,
-	0xfc, 0x57, 0x56, 0x55, 0xd1, 0x86, 0xa1, 0x6b, 0x18, 0xea, 0x5d, 0x5a, 0xd6, 0x31, 0xfd, 0xc1,
-	0xce, 0xcc, 0xf1, 0x46, 0xe1, 0x89, 0x46, 0xab, 0x3a, 0xfe, 0xd8, 0x9f, 0xff, 0x62, 0x77, 0x7f,
-	0xfe, 0x89, 0x6e, 0x60, 0xd4, 0xd0, 0xb5, 0x28, 0x8a, 0x4c, 0x15, 0x8c, 0x2b, 0xdc, 0xd3, 0x0b,
-	0xc3, 0xe6, 0xd9, 0x22, 0xf2, 0xe7, 0xc0, 0x99, 0xb1, 0x0d, 0x8c, 0xad, 0x8f, 0xae, 0x00, 0xca,
-	0x28, 0xcb, 0xf3, 0x8c, 0x49, 0xca, 0x3b, 0xdb, 0x8e, 0xbc, 0xa1, 0x5b, 0x18, 0xdb, 0x71, 0x29,
-	0x85, 0xf8, 0xc6, 0xee, 0xac, 0xe7, 0x8d, 0xc2, 0xd3, 0x8e, 0xae, 0x5a, 0x88, 0x2e, 0xe0, 0x98,
-	0x53, 0x95, 0xe5, 0x09, 0x33, 0xc6, 0x03, 0xfe, 0xde, 0x2a, 0x34, 0x06, 0x37, 0xf5, 0xf1, 0x91,
-	0x66, 0x6e, 0xea, 0x6b, 0x1d, 0xe0, 0xbe, 0xd1, 0x01, 0x41, 0x07, 0x91, 0x02, 0xe2, 0x59, 0xb6,
-	0xb0, 0x31, 0xcf, 0xa1, 0xdf, 0xbe, 0x90, 0x99, 0x84, 0x5b, 0x41, 0x1e, 0x0f, 0x36, 0x83, 0x36,
-	0x71, 0x43, 0x13, 0xb6, 0xf3, 0x0a, 0x67, 0x9b, 0xb8, 0x59, 0xee, 0x40, 0x32, 0xb5, 0x15, 0x3c,
-	0x98, 0xd3, 0xa7, 0xe9, 0xd7, 0x44, 0xff, 0x73, 0x6e, 0xeb, 0x8a, 0x07, 0xba, 0xaf, 0xc5, 0x7f,
-	0x00, 0x00, 0x00, 0xff, 0xff, 0x59, 0x4b, 0x8f, 0x39, 0xcf, 0x01, 0x00, 0x00,
+var fileDescriptor_cb0d21b734b9b1ac = []byte{
+	// 299 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x91, 0xcf, 0x4b, 0xfb, 0x30,
+	0x18, 0xc6, 0x69, 0xf7, 0xdd, 0xbe, 0x98, 0xcd, 0xcd, 0x05, 0xc5, 0x5c, 0x1c, 0x33, 0x20, 0xf4,
+	0x62, 0xa5, 0x9d, 0x17, 0xaf, 0x3a, 0xf0, 0xa4, 0x8c, 0xe2, 0x41, 0xbd, 0x84, 0xfe, 0x88, 0x6b,
+	0xa0, 0x4d, 0x4a, 0x93, 0x16, 0xfd, 0x33, 0xfc, 0x8f, 0xa5, 0x59, 0x1a, 0x36, 0x76, 0x7c, 0x3e,
+	0xef, 0xf3, 0xf2, 0x3c, 0xbc, 0x2f, 0xb8, 0xa0, 0x69, 0x26, 0xe3, 0xdb, 0x9a, 0xca, 0x3c, 0xae,
+	0x19, 0xdf, 0xfa, 0x55, 0x2d, 0x94, 0x80, 0x8b, 0x84, 0xf1, 0x98, 0xa7, 0xd4, 0x57, 0x52, 0x16,
+	0x2c, 0xf1, 0xb5, 0xcb, 0xb7, 0x2e, 0xac, 0xc0, 0x6c, 0xfd, 0x1c, 0x89, 0x86, 0x67, 0xc1, 0x0b,
+	0x95, 0x32, 0xde, 0x52, 0xb8, 0x00, 0x63, 0xed, 0x22, 0x55, 0x93, 0x90, 0x6f, 0xe4, 0x2c, 0x1d,
+	0x6f, 0x12, 0x9d, 0x68, 0xb4, 0x69, 0x92, 0xf7, 0xc3, 0xf9, 0x0f, 0x72, 0x0f, 0xe7, 0x1f, 0xf0,
+	0x1a, 0x4c, 0x5a, 0x92, 0x8a, 0xb2, 0x64, 0xaa, 0xa4, 0x5c, 0xa1, 0x81, 0x36, 0x8c, 0xdb, 0x27,
+	0x8b, 0xf0, 0xaf, 0x03, 0xce, 0x4c, 0x6c, 0x68, 0x62, 0x03, 0x78, 0x05, 0x40, 0x15, 0xb3, 0xa2,
+	0x60, 0xb4, 0x26, 0xbc, 0x8f, 0xed, 0xc9, 0x2b, 0xbc, 0x01, 0x53, 0x3b, 0xae, 0x6a, 0x21, 0xbe,
+	0x90, 0xbb, 0x1c, 0x78, 0x93, 0xe8, 0xb4, 0xa7, 0x9b, 0x0e, 0xc2, 0x4b, 0xf0, 0x9f, 0x13, 0xc5,
+	0x8a, 0x8c, 0x9a, 0xe0, 0x11, 0x7f, 0xeb, 0x14, 0x9c, 0x02, 0x37, 0x0f, 0xd0, 0x3f, 0xcd, 0xdc,
+	0x3c, 0xd0, 0x3a, 0x44, 0x43, 0xa3, 0x43, 0x0c, 0x8f, 0x2a, 0x85, 0xd8, 0xb3, 0x6c, 0x65, 0x6b,
+	0x9e, 0x83, 0x61, 0x77, 0x3c, 0x6a, 0x1a, 0xee, 0x04, 0x7e, 0x38, 0x72, 0x86, 0x5d, 0xe3, 0x96,
+	0x64, 0x74, 0xef, 0x14, 0xce, 0xae, 0x71, 0xbb, 0xde, 0x83, 0x78, 0x6e, 0x5f, 0x70, 0x6f, 0x56,
+	0x1f, 0xe7, 0x9f, 0x33, 0x7d, 0xcf, 0x3b, 0xfb, 0xa8, 0x64, 0xa4, 0xff, 0xb9, 0xfa, 0x0b, 0x00,
+	0x00, 0xff, 0xff, 0x75, 0xdf, 0x22, 0xd9, 0xe8, 0x01, 0x00, 0x00,
 }
--- a/ecdsa/resharing/local_party_test.go
+++ b/ecdsa/resharing/local_party_test.go
@@ -72,13 +72,13 @@ func TestE2EConcurrent(t *testing.T) {

 	// init the old parties first
 	for j, pID := range oldPIDs {
-		params := tss.NewReSharingParameters(oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
+		params := tss.NewReSharingParameters(tss.S256(), oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
 		P := NewLocalParty(params, oldKeys[j], outCh, endCh).(*LocalParty) // discard old key data
 		oldCommittee = append(oldCommittee, P)
 	}
 	// init the new parties
 	for j, pID := range newPIDs {
-		params := tss.NewReSharingParameters(oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
+		params := tss.NewReSharingParameters(tss.S256(), oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
 		save := keygen.NewLocalPartySaveData(newPCount)
 		if j < len(fixtures) && len(newPIDs) <= len(fixtures) {
 			save.LocalPreParams = fixtures[j].LocalPreParams
@@ -149,7 +149,7 @@ func TestE2EConcurrent(t *testing.T) {
 				for j, key := range newKeys {
 					// xj test: BigXj == xj*G
 					xj := key.Xi
-					gXj := crypto.ScalarBaseMult(tss.EC(), xj)
+					gXj := crypto.ScalarBaseMult(tss.S256(), xj)
 					BigXj := key.BigXj[j]
 					assert.True(t, BigXj.Equals(gXj), "ensure BigX_j == g^x_j")
 				}
@@ -171,7 +171,7 @@ signing:
 	signEndCh := make(chan common.SignatureData, len(signPIDs))

 	for j, signPID := range signPIDs {
-		params := tss.NewParameters(signP2pCtx, signPID, len(signPIDs), newThreshold)
+		params := tss.NewParameters(tss.S256(), signP2pCtx, signPID, len(signPIDs), newThreshold)
 		P := signing.NewLocalParty(big.NewInt(42), params, signKeys[j], signOutCh, signEndCh).(*signing.LocalParty)
 		signParties = append(signParties, P)
 		go func(P *signing.LocalParty) {
@@ -214,7 +214,7 @@ signing:
 				// BEGIN ECDSA verify
 				pkX, pkY := signKeys[0].ECDSAPub.X(), signKeys[0].ECDSAPub.Y()
 				pk := ecdsa.PublicKey{
-					Curve: tss.EC(),
+					Curve: tss.S256(),
 					X:     pkX,
 					Y:     pkY,
 				}
--- a/ecdsa/resharing/messages.go
+++ b/ecdsa/resharing/messages.go
@@ -7,10 +7,9 @@
 package resharing

 import (
+	"crypto/elliptic"
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
@@ -32,14 +31,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*DGRound1Message)(nil), tss.ECDSAProtoNamePrefix+"resharing.DGRound1Message")
-	proto.RegisterType((*DGRound2Message1)(nil), tss.ECDSAProtoNamePrefix+"resharing.DGRound2Message1")
-	proto.RegisterType((*DGRound2Message2)(nil), tss.ECDSAProtoNamePrefix+"resharing.DGRound2Message2")
-	proto.RegisterType((*DGRound3Message1)(nil), tss.ECDSAProtoNamePrefix+"resharing.DGRound3Message1")
-	proto.RegisterType((*DGRound3Message2)(nil), tss.ECDSAProtoNamePrefix+"resharing.DGRound3Message2")
-}
-
 // ----- //

 func NewDGRound1Message(
@@ -70,9 +61,9 @@ func (m *DGRound1Message) ValidateBasic() bool {
 		common.NonEmptyBytes(m.VCommitment)
 }

-func (m *DGRound1Message) UnmarshalECDSAPub() (*crypto.ECPoint, error) {
+func (m *DGRound1Message) UnmarshalECDSAPub(ec elliptic.Curve) (*crypto.ECPoint, error) {
 	return crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.EcdsaPubX),
 		new(big.Int).SetBytes(m.EcdsaPubY))
 }
--- a/ecdsa/resharing/round_1_old_step_1.go
+++ b/ecdsa/resharing/round_1_old_step_1.go
@@ -47,10 +47,10 @@ func (round *round1) Start() *tss.Error {
 		return round.WrapError(fmt.Errorf("t+1=%d is not satisfied by the key count of %d", round.Threshold()+1, len(ks)), round.PartyID())
 	}
 	newKs := round.NewParties().IDs().Keys()
-	wi, _ := signing.PrepareForSigning(i, len(round.OldParties().IDs()), xi, ks, bigXj)
+	wi, _ := signing.PrepareForSigning(round.Params().EC(), i, len(round.OldParties().IDs()), xi, ks, bigXj)

 	// 2.
-	vi, shares, err := vss.Create(round.NewThreshold(), wi, newKs)
+	vi, shares, err := vss.Create(round.Params().EC(), round.NewThreshold(), wi, newKs)
 	if err != nil {
 		return round.WrapError(err, round.PartyID())
 	}
@@ -101,7 +101,7 @@ func (round *round1) Update() (bool, *tss.Error) {

 		// save the ecdsa pub received from the old committee
 		r1msg := round.temp.dgRound1Messages[0].Content().(*DGRound1Message)
-		candidate, err := r1msg.UnmarshalECDSAPub()
+		candidate, err := r1msg.UnmarshalECDSAPub(round.Params().EC())
 		if err != nil {
 			return false, round.WrapError(errors.New("unable to unmarshal the ecdsa pub key"), msg.GetFrom())
 		}
--- a/ecdsa/resharing/round_4_new_step_2.go
+++ b/ecdsa/resharing/round_4_new_step_2.go
@@ -68,7 +68,7 @@ func (round *round4) Start() *tss.Error {
 	newXi := big.NewInt(0)

 	// 5-9.
-	modQ := common.ModInt(tss.EC().Params().N)
+	modQ := common.ModInt(round.Params().EC().Params().N)
 	vjc := make([][]*crypto.ECPoint, len(round.OldParties().IDs()))
 	for j := 0; j <= len(vjc)-1; j++ { // P1..P_t+1. Ps are indexed from 0 here
 		// 6-7.
@@ -84,7 +84,7 @@ func (round *round4) Start() *tss.Error {
 			// TODO collect culprits and return a list of them as per convention
 			return round.WrapError(errors.New("de-commitment of v_j0..v_jt failed"), round.Parties().IDs()[j])
 		}
-		vj, err := crypto.UnFlattenECPoints(tss.EC(), flatVs)
+		vj, err := crypto.UnFlattenECPoints(round.Params().EC(), flatVs)
 		if err != nil {
 			return round.WrapError(err, round.Parties().IDs()[j])
 		}
@@ -97,7 +97,7 @@ func (round *round4) Start() *tss.Error {
 			ID:        round.PartyID().KeyInt(),
 			Share:     new(big.Int).SetBytes(r3msg1.Share),
 		}
-		if ok := sharej.Verify(round.NewThreshold(), vj); !ok {
+		if ok := sharej.Verify(round.Params().EC(), round.NewThreshold(), vj); !ok {
 			// TODO collect culprits and return a list of them as per convention
 			return round.WrapError(errors.New("share from old committee did not pass Verify()"), round.Parties().IDs()[j])
 		}
--- a/ecdsa/signing/ecdsa-signing.pb.go
+++ b/ecdsa/signing/ecdsa-signing.pb.go
@@ -1,5 +1,5 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
-// source: protob/ecdsa-signing.proto
+// source: ecdsa-signing.proto

 package signing

@@ -34,7 +34,7 @@ func (m *SignRound1Message1) Reset()         { *m = SignRound1Message1{} }
 func (m *SignRound1Message1) String() string { return proto.CompactTextString(m) }
 func (*SignRound1Message1) ProtoMessage()    {}
 func (*SignRound1Message1) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{0}
+	return fileDescriptor_d7fd069ec73c8494, []int{0}
 }

 func (m *SignRound1Message1) XXX_Unmarshal(b []byte) error {
@@ -82,7 +82,7 @@ func (m *SignRound1Message2) Reset()         { *m = SignRound1Message2{} }
 func (m *SignRound1Message2) String() string { return proto.CompactTextString(m) }
 func (*SignRound1Message2) ProtoMessage()    {}
 func (*SignRound1Message2) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{1}
+	return fileDescriptor_d7fd069ec73c8494, []int{1}
 }

 func (m *SignRound1Message2) XXX_Unmarshal(b []byte) error {
@@ -126,7 +126,7 @@ func (m *SignRound2Message) Reset()         { *m = SignRound2Message{} }
 func (m *SignRound2Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound2Message) ProtoMessage()    {}
 func (*SignRound2Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{2}
+	return fileDescriptor_d7fd069ec73c8494, []int{2}
 }

 func (m *SignRound2Message) XXX_Unmarshal(b []byte) error {
@@ -188,7 +188,7 @@ func (m *SignRound3Message) Reset()         { *m = SignRound3Message{} }
 func (m *SignRound3Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound3Message) ProtoMessage()    {}
 func (*SignRound3Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{3}
+	return fileDescriptor_d7fd069ec73c8494, []int{3}
 }

 func (m *SignRound3Message) XXX_Unmarshal(b []byte) error {
@@ -232,7 +232,7 @@ func (m *SignRound4Message) Reset()         { *m = SignRound4Message{} }
 func (m *SignRound4Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound4Message) ProtoMessage()    {}
 func (*SignRound4Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{4}
+	return fileDescriptor_d7fd069ec73c8494, []int{4}
 }

 func (m *SignRound4Message) XXX_Unmarshal(b []byte) error {
@@ -294,7 +294,7 @@ func (m *SignRound5Message) Reset()         { *m = SignRound5Message{} }
 func (m *SignRound5Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound5Message) ProtoMessage()    {}
 func (*SignRound5Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{5}
+	return fileDescriptor_d7fd069ec73c8494, []int{5}
 }

 func (m *SignRound5Message) XXX_Unmarshal(b []byte) error {
@@ -342,7 +342,7 @@ func (m *SignRound6Message) Reset()         { *m = SignRound6Message{} }
 func (m *SignRound6Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound6Message) ProtoMessage()    {}
 func (*SignRound6Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{6}
+	return fileDescriptor_d7fd069ec73c8494, []int{6}
 }

 func (m *SignRound6Message) XXX_Unmarshal(b []byte) error {
@@ -432,7 +432,7 @@ func (m *SignRound7Message) Reset()         { *m = SignRound7Message{} }
 func (m *SignRound7Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound7Message) ProtoMessage()    {}
 func (*SignRound7Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{7}
+	return fileDescriptor_d7fd069ec73c8494, []int{7}
 }

 func (m *SignRound7Message) XXX_Unmarshal(b []byte) error {
@@ -473,7 +473,7 @@ func (m *SignRound8Message) Reset()         { *m = SignRound8Message{} }
 func (m *SignRound8Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound8Message) ProtoMessage()    {}
 func (*SignRound8Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{8}
+	return fileDescriptor_d7fd069ec73c8494, []int{8}
 }

 func (m *SignRound8Message) XXX_Unmarshal(b []byte) error {
@@ -514,7 +514,7 @@ func (m *SignRound9Message) Reset()         { *m = SignRound9Message{} }
 func (m *SignRound9Message) String() string { return proto.CompactTextString(m) }
 func (*SignRound9Message) ProtoMessage()    {}
 func (*SignRound9Message) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5f861bfc687bec19, []int{9}
+	return fileDescriptor_d7fd069ec73c8494, []int{9}
 }

 func (m *SignRound9Message) XXX_Unmarshal(b []byte) error {
@@ -543,45 +543,46 @@ func (m *SignRound9Message) GetS() []byte {
 }

 func init() {
-	proto.RegisterType((*SignRound1Message1)(nil), "SignRound1Message1")
-	proto.RegisterType((*SignRound1Message2)(nil), "SignRound1Message2")
-	proto.RegisterType((*SignRound2Message)(nil), "SignRound2Message")
-	proto.RegisterType((*SignRound3Message)(nil), "SignRound3Message")
-	proto.RegisterType((*SignRound4Message)(nil), "SignRound4Message")
-	proto.RegisterType((*SignRound5Message)(nil), "SignRound5Message")
-	proto.RegisterType((*SignRound6Message)(nil), "SignRound6Message")
-	proto.RegisterType((*SignRound7Message)(nil), "SignRound7Message")
-	proto.RegisterType((*SignRound8Message)(nil), "SignRound8Message")
-	proto.RegisterType((*SignRound9Message)(nil), "SignRound9Message")
+	proto.RegisterType((*SignRound1Message1)(nil), "binance.tsslib.ecdsa.signing.SignRound1Message1")
+	proto.RegisterType((*SignRound1Message2)(nil), "binance.tsslib.ecdsa.signing.SignRound1Message2")
+	proto.RegisterType((*SignRound2Message)(nil), "binance.tsslib.ecdsa.signing.SignRound2Message")
+	proto.RegisterType((*SignRound3Message)(nil), "binance.tsslib.ecdsa.signing.SignRound3Message")
+	proto.RegisterType((*SignRound4Message)(nil), "binance.tsslib.ecdsa.signing.SignRound4Message")
+	proto.RegisterType((*SignRound5Message)(nil), "binance.tsslib.ecdsa.signing.SignRound5Message")
+	proto.RegisterType((*SignRound6Message)(nil), "binance.tsslib.ecdsa.signing.SignRound6Message")
+	proto.RegisterType((*SignRound7Message)(nil), "binance.tsslib.ecdsa.signing.SignRound7Message")
+	proto.RegisterType((*SignRound8Message)(nil), "binance.tsslib.ecdsa.signing.SignRound8Message")
+	proto.RegisterType((*SignRound9Message)(nil), "binance.tsslib.ecdsa.signing.SignRound9Message")
 }

-func init() { proto.RegisterFile("protob/ecdsa-signing.proto", fileDescriptor_5f861bfc687bec19) }
+func init() { proto.RegisterFile("ecdsa-signing.proto", fileDescriptor_d7fd069ec73c8494) }

-var fileDescriptor_5f861bfc687bec19 = []byte{
-	// 395 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x93, 0x5f, 0x4b, 0xe3, 0x40,
-	0x14, 0xc5, 0x49, 0xfa, 0xff, 0x6e, 0xba, 0xa5, 0xc3, 0xc2, 0x0e, 0x5d, 0x58, 0xba, 0xb3, 0x2c,
-	0x74, 0x17, 0xd6, 0x92, 0xb4, 0x6a, 0x7d, 0xb4, 0x3e, 0x2b, 0xa5, 0x56, 0xb4, 0xbe, 0x84, 0x64,
-	0x32, 0xa6, 0x01, 0x9b, 0x09, 0x49, 0x5a, 0xed, 0x47, 0xf1, 0xc9, 0xaf, 0x2a, 0x9d, 0x64, 0xca,
-	0xb4, 0x15, 0xd4, 0x37, 0x1f, 0xef, 0x3d, 0xbf, 0x3b, 0xe7, 0xce, 0x81, 0x0b, 0xad, 0x28, 0xe6,
-	0x29, 0x77, 0xbb, 0x8c, 0x7a, 0x89, 0xf3, 0x3f, 0x09, 0xfc, 0x30, 0x08, 0xfd, 0x03, 0xd1, 0x24,
-	0x17, 0x80, 0x2e, 0x03, 0x3f, 0x1c, 0xf3, 0x45, 0xe8, 0x99, 0xe7, 0x2c, 0x49, 0x1c, 0x9f, 0x99,
-	0xc8, 0x00, 0x8d, 0x62, 0xad, 0xad, 0x75, 0x8c, 0xb1, 0x46, 0xd1, 0x3f, 0x68, 0xc6, 0x4e, 0xe8,
-	0x33, 0x3b, 0x8a, 0x39, 0xbf, 0xb3, 0x9d, 0xfb, 0x80, 0x32, 0xac, 0xb7, 0x0b, 0x1d, 0x63, 0xdc,
-	0x10, 0xc2, 0x68, 0xdd, 0x3f, 0x5d, 0xb7, 0x49, 0xff, 0x95, 0xf7, 0x2c, 0xf4, 0x13, 0x80, 0xf2,
-	0xf9, 0x3c, 0x48, 0xe7, 0x2c, 0x4c, 0xf3, 0x87, 0x95, 0x0e, 0x89, 0xa1, 0xb9, 0x99, 0xb2, 0xf2,
-	0x29, 0xf4, 0x15, 0x74, 0x6a, 0xe6, 0xb0, 0x4e, 0x4d, 0x51, 0x5b, 0x58, 0xcf, 0x6b, 0x0b, 0xfd,
-	0x80, 0x5a, 0xb6, 0x90, 0xcb, 0x5d, 0x5c, 0x10, 0xeb, 0x54, 0x45, 0x63, 0xc8, 0x5d, 0xd4, 0x06,
-	0x63, 0x23, 0xda, 0x0f, 0x14, 0x17, 0x85, 0x0e, 0x52, 0xbf, 0xa6, 0xe4, 0xaf, 0xe2, 0xd9, 0x93,
-	0x9e, 0xdf, 0xa0, 0x94, 0xce, 0x58, 0xea, 0xe4, 0xb6, 0x59, 0x41, 0x9e, 0x34, 0x85, 0xed, 0x4b,
-	0xf6, 0x37, 0xd4, 0x3d, 0x66, 0x6f, 0xfd, 0x6b, 0xed, 0x61, 0x78, 0xec, 0x6c, 0xd3, 0x43, 0x04,
-	0xea, 0x32, 0xb5, 0x68, 0xe6, 0xd8, 0x8f, 0xf9, 0xfe, 0x5f, 0xa2, 0x2c, 0xb2, 0x68, 0xe6, 0xdc,
-	0xec, 0x32, 0x2b, 0x5c, 0xd8, 0x65, 0xa6, 0xe8, 0x3b, 0x54, 0x32, 0x26, 0xc5, 0x45, 0xa1, 0x96,
-	0x45, 0x39, 0x21, 0x3d, 0x65, 0xb5, 0x43, 0xb9, 0xda, 0x5b, 0x79, 0x3f, 0xeb, 0xca, 0xd4, 0xd1,
-	0xa7, 0xfa, 0x10, 0xfa, 0x03, 0x8d, 0xa5, 0xbd, 0x6d, 0x51, 0x12, 0x80, 0xb1, 0x1c, 0x29, 0x1e,
-	0x7b, 0xd8, 0x0a, 0x97, 0xf7, 0xb0, 0x29, 0x6a, 0x41, 0x4d, 0x62, 0x29, 0xae, 0x08, 0xa0, 0x92,
-	0x01, 0x13, 0x55, 0x5b, 0xe0, 0xaa, 0xaa, 0x5d, 0x6d, 0xc5, 0x7a, 0xfc, 0xde, 0x58, 0x07, 0xca,
-	0xd0, 0xe0, 0x23, 0xa9, 0x92, 0x5f, 0xca, 0xe4, 0x89, 0x9c, 0x34, 0x40, 0x4b, 0xe4, 0x15, 0x26,
-	0xc3, 0xc6, 0x6d, 0x5d, 0x1c, 0x70, 0x37, 0x3f, 0x60, 0xb7, 0x2c, 0x2e, 0xb8, 0xf7, 0x12, 0x00,
-	0x00, 0xff, 0xff, 0xe8, 0xdb, 0x9c, 0xf3, 0xdf, 0x03, 0x00, 0x00,
+var fileDescriptor_d7fd069ec73c8494 = []byte{
+	// 409 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x93, 0xc1, 0x8b, 0x13, 0x31,
+	0x14, 0xc6, 0x99, 0xe9, 0x6e, 0xbb, 0xfb, 0x9c, 0x5a, 0x36, 0x0a, 0x06, 0x15, 0xa9, 0x11, 0x61,
+	0x15, 0x1c, 0x99, 0xe9, 0xaa, 0xeb, 0xd1, 0xf5, 0xac, 0x2c, 0xb5, 0xa2, 0xf5, 0x32, 0x64, 0x32,
+	0x71, 0x3a, 0xd0, 0x26, 0xc3, 0x24, 0xad, 0xf6, 0x4f, 0xf1, 0xe4, 0xbf, 0x2a, 0xcd, 0x24, 0x25,
+	0x6d, 0x05, 0xf5, 0xe6, 0xf1, 0xbd, 0xef, 0xf7, 0xf2, 0xbd, 0x7c, 0xf0, 0xe0, 0x16, 0x67, 0x85,
+	0xa2, 0xcf, 0x54, 0x55, 0x8a, 0x4a, 0x94, 0x71, 0xdd, 0x48, 0x2d, 0xd1, 0xfd, 0xbc, 0x12, 0x54,
+	0x30, 0x1e, 0x6b, 0xa5, 0xe6, 0x55, 0x1e, 0x1b, 0x26, 0xb6, 0x0c, 0x79, 0x0f, 0xe8, 0x43, 0x55,
+	0x8a, 0xb1, 0x5c, 0x8a, 0x22, 0x79, 0xc7, 0x95, 0xa2, 0x25, 0x4f, 0x50, 0x04, 0x01, 0xc3, 0xc1,
+	0x30, 0x38, 0x8f, 0xc6, 0x01, 0x43, 0x4f, 0xe1, 0xac, 0xa1, 0xa2, 0xe4, 0x59, 0xdd, 0x48, 0xf9,
+	0x35, 0xa3, 0xf3, 0x8a, 0x71, 0x1c, 0x0e, 0x3b, 0xe7, 0xd1, 0x78, 0x60, 0x84, 0xeb, 0x4d, 0xff,
+	0xcd, 0xa6, 0x4d, 0x2e, 0x7e, 0xf3, 0x5e, 0x8a, 0x1e, 0x00, 0x30, 0xb9, 0x58, 0x54, 0x7a, 0xc1,
+	0x85, 0xb6, 0x0f, 0x7b, 0x1d, 0xd2, 0xc0, 0xd9, 0x76, 0x2a, 0xb5, 0x53, 0xe8, 0x26, 0x84, 0x2c,
+	0xb1, 0x70, 0xc8, 0x12, 0x53, 0xa7, 0x38, 0xb4, 0x75, 0x8a, 0xee, 0xc1, 0x69, 0xbb, 0x50, 0x2e,
+	0x73, 0xdc, 0x31, 0xeb, 0x9c, 0x98, 0xc6, 0x95, 0xcc, 0xd1, 0x10, 0xa2, 0xad, 0x98, 0x7d, 0x63,
+	0xf8, 0xc8, 0xe8, 0xe0, 0xf4, 0x4f, 0x8c, 0x3c, 0xf1, 0x3c, 0x47, 0xce, 0xf3, 0x36, 0x1c, 0xeb,
+	0x19, 0xd7, 0xd4, 0xda, 0xb6, 0x05, 0xf9, 0x11, 0x78, 0xec, 0x85, 0x63, 0x1f, 0x41, 0xbf, 0xe0,
+	0xd9, 0xce, 0xbf, 0x36, 0x1e, 0x51, 0xc1, 0xdf, 0x6e, 0x7b, 0x88, 0x40, 0xdf, 0xa5, 0x56, 0xcf,
+	0x68, 0xf6, 0xdd, 0xee, 0x7f, 0xa3, 0x6e, 0x23, 0xab, 0x67, 0xf4, 0xf3, 0x3e, 0xb3, 0xc6, 0x9d,
+	0x7d, 0x66, 0x8a, 0xee, 0x40, 0xaf, 0x65, 0x34, 0x3e, 0x32, 0x6a, 0xd7, 0x94, 0x13, 0x32, 0xf2,
+	0x56, 0x7b, 0xe1, 0x56, 0xfb, 0x53, 0xde, 0x3f, 0x43, 0x6f, 0xea, 0xe5, 0x7f, 0xf5, 0x21, 0xf4,
+	0x18, 0x06, 0xab, 0x6c, 0xd7, 0xe2, 0xd8, 0x00, 0xd1, 0xea, 0xda, 0xf3, 0x38, 0xc0, 0xd6, 0xb8,
+	0x7b, 0x80, 0x4d, 0xd1, 0x5d, 0x38, 0x75, 0x98, 0xc6, 0x3d, 0x03, 0xf4, 0x5a, 0x60, 0xe2, 0x6b,
+	0x4b, 0x7c, 0xe2, 0x6b, 0x1f, 0x77, 0x62, 0x7d, 0xf5, 0xb7, 0xb1, 0x5e, 0x7a, 0x43, 0x97, 0xff,
+	0x92, 0x2a, 0x79, 0xe8, 0x4d, 0xbe, 0x76, 0x93, 0x11, 0x04, 0xca, 0x5d, 0xa1, 0xba, 0x1a, 0x7c,
+	0xe9, 0x9b, 0xd3, 0x7d, 0x6e, 0x4f, 0x37, 0xef, 0x9a, 0xfb, 0x1e, 0xfd, 0x0a, 0x00, 0x00, 0xff,
+	0xff, 0x63, 0x2f, 0x21, 0x2c, 0xf6, 0x03, 0x00, 0x00,
 }
--- a/ecdsa/signing/finalize.go
+++ b/ecdsa/signing/finalize.go
@@ -25,7 +25,7 @@ func (round *finalization) Start() *tss.Error {
 	round.resetOK()

 	sumS := round.temp.si
-	modN := common.ModInt(tss.EC().Params().N)
+	modN := common.ModInt(round.Params().EC().Params().N)

 	for j := range round.Parties().IDs() {
 		round.ok[j] = true
@@ -38,7 +38,7 @@ func (round *finalization) Start() *tss.Error {

 	recid := 0
 	// byte v = if(R.X > curve.N) then 2 else 0) | (if R.Y.IsEven then 0 else 1);
-	if round.temp.rx.Cmp(tss.EC().Params().N) > 0 {
+	if round.temp.rx.Cmp(round.Params().EC().Params().N) > 0 {
 		recid = 2
 	}
 	if round.temp.ry.Bit(0) != 0 {
@@ -49,14 +49,14 @@ func (round *finalization) Start() *tss.Error {
 	// https://github.com/btcsuite/btcd/blob/c26ffa870fd817666a857af1bf6498fabba1ffe3/btcec/signature.go#L442-L444
 	// This is needed because of tendermint checks here:
 	// https://github.com/tendermint/tendermint/blob/d9481e3648450cb99e15c6a070c1fb69aa0c255b/crypto/secp256k1/secp256k1_nocgo.go#L43-L47
-	secp256k1halfN := new(big.Int).Rsh(tss.EC().Params().N, 1)
+	secp256k1halfN := new(big.Int).Rsh(round.Params().EC().Params().N, 1)
 	if sumS.Cmp(secp256k1halfN) > 0 {
-		sumS.Sub(tss.EC().Params().N, sumS)
+		sumS.Sub(round.Params().EC().Params().N, sumS)
 		recid ^= 1
 	}

 	// save the signature for final output
-	bitSizeInBytes := tss.EC().Params().BitSize / 8
+	bitSizeInBytes := round.Params().EC().Params().BitSize / 8
 	round.data.R = padToLengthBytesInPlace(round.temp.rx.Bytes(), bitSizeInBytes)
 	round.data.S = padToLengthBytesInPlace(sumS.Bytes(), bitSizeInBytes)
 	round.data.Signature = append(round.data.R, round.data.S...)
@@ -64,7 +64,7 @@ func (round *finalization) Start() *tss.Error {
 	round.data.M = round.temp.m.Bytes()

 	pk := ecdsa.PublicKey{
-		Curve: tss.EC(),
+		Curve: round.Params().EC(),
 		X:     round.key.ECDSAPub.X(),
 		Y:     round.key.ECDSAPub.Y(),
 	}
--- a/ecdsa/signing/local_party_test.go
+++ b/ecdsa/signing/local_party_test.go
@@ -57,7 +57,7 @@ func TestE2EConcurrent(t *testing.T) {

 	// init the parties
 	for i := 0; i < len(signPIDs); i++ {
-		params := tss.NewParameters(p2pCtx, signPIDs[i], len(signPIDs), threshold)
+		params := tss.NewParameters(tss.S256(), p2pCtx, signPIDs[i], len(signPIDs), threshold)

 		P := NewLocalParty(big.NewInt(42), params, keys[i], outCh, endCh).(*LocalParty)
 		parties = append(parties, P)
@@ -102,7 +102,7 @@ signing:
 				r := parties[0].temp.rx
 				fmt.Printf("sign result: R(%s, %s), r=%s\n", R.X().String(), R.Y().String(), r.String())

-				modN := common.ModInt(tss.EC().Params().N)
+				modN := common.ModInt(tss.S256().Params().N)

 				// BEGIN check s correctness
 				sumS := big.NewInt(0)
--- a/ecdsa/signing/messages.go
+++ b/ecdsa/signing/messages.go
@@ -7,10 +7,9 @@
 package signing

 import (
+	"crypto/elliptic"
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
@@ -38,19 +37,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*SignRound1Message1)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound1Message1")
-	proto.RegisterType((*SignRound1Message2)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound1Message2")
-	proto.RegisterType((*SignRound2Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound2Message")
-	proto.RegisterType((*SignRound3Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound3Message")
-	proto.RegisterType((*SignRound4Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound4Message")
-	proto.RegisterType((*SignRound5Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound5Message")
-	proto.RegisterType((*SignRound6Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound6Message")
-	proto.RegisterType((*SignRound7Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound7Message")
-	proto.RegisterType((*SignRound8Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound8Message")
-	proto.RegisterType((*SignRound9Message)(nil), tss.ECDSAProtoNamePrefix+"signing.SignRound9Message")
-}
-
 // ----- //

 func NewSignRound1Message1(
@@ -150,8 +136,8 @@ func (m *SignRound2Message) UnmarshalProofBob() (*mta.ProofBob, error) {
 	return mta.ProofBobFromBytes(m.ProofBob)
 }

-func (m *SignRound2Message) UnmarshalProofBobWC() (*mta.ProofBobWC, error) {
-	return mta.ProofBobWCFromBytes(m.ProofBobWc)
+func (m *SignRound2Message) UnmarshalProofBobWC(ec elliptic.Curve) (*mta.ProofBobWC, error) {
+	return mta.ProofBobWCFromBytes(ec, m.ProofBobWc)
 }

 // ----- //
@@ -211,9 +197,9 @@ func (m *SignRound4Message) UnmarshalDeCommitment() []*big.Int {
 	return cmt.NewHashDeCommitmentFromBytes(deComBzs)
 }

-func (m *SignRound4Message) UnmarshalZKProof() (*schnorr.ZKProof, error) {
+func (m *SignRound4Message) UnmarshalZKProof(ec elliptic.Curve) (*schnorr.ZKProof, error) {
 	point, err := crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.GetProofAlphaX()),
 		new(big.Int).SetBytes(m.GetProofAlphaY()))
 	if err != nil {
@@ -295,9 +281,9 @@ func (m *SignRound6Message) UnmarshalDeCommitment() []*big.Int {
 	return cmt.NewHashDeCommitmentFromBytes(deComBzs)
 }

-func (m *SignRound6Message) UnmarshalZKProof() (*schnorr.ZKProof, error) {
+func (m *SignRound6Message) UnmarshalZKProof(ec elliptic.Curve) (*schnorr.ZKProof, error) {
 	point, err := crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.GetProofAlphaX()),
 		new(big.Int).SetBytes(m.GetProofAlphaY()))
 	if err != nil {
@@ -309,9 +295,9 @@ func (m *SignRound6Message) UnmarshalZKProof() (*schnorr.ZKProof, error) {
 	}, nil
 }

-func (m *SignRound6Message) UnmarshalZKVProof() (*schnorr.ZKVProof, error) {
+func (m *SignRound6Message) UnmarshalZKVProof(ec elliptic.Curve) (*schnorr.ZKVProof, error) {
 	point, err := crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.GetVProofAlphaX()),
 		new(big.Int).SetBytes(m.GetVProofAlphaY()))
 	if err != nil {
--- a/ecdsa/signing/prepare.go
+++ b/ecdsa/signing/prepare.go
@@ -7,17 +7,17 @@
 package signing

 import (
+	"crypto/elliptic"
 	"fmt"
 	"math/big"

 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
-	"github.com/binance-chain/tss-lib/tss"
 )

 // PrepareForSigning(), GG18Spec (11) Fig. 14
-func PrepareForSigning(i, pax int, xi *big.Int, ks []*big.Int, bigXs []*crypto.ECPoint) (wi *big.Int, bigWs []*crypto.ECPoint) {
-	modQ := common.ModInt(tss.EC().Params().N)
+func PrepareForSigning(ec elliptic.Curve, i, pax int, xi *big.Int, ks []*big.Int, bigXs []*crypto.ECPoint) (wi *big.Int, bigWs []*crypto.ECPoint) {
+	modQ := common.ModInt(ec.Params().N)
 	if len(ks) != len(bigXs) {
 		panic(fmt.Errorf("PrepareForSigning: len(ks) != len(bigXs) (%d != %d)", len(ks), len(bigXs)))
 	}
--- a/ecdsa/signing/round_1.go
+++ b/ecdsa/signing/round_1.go
@@ -38,7 +38,7 @@ func (round *round1) Start() *tss.Error {
 	// but considered different blockchain use different hash function we accept the converted big.Int
 	// if this big.Int is not belongs to Zq, the client might not comply with common rule (for ECDSA):
 	// https://github.com/btcsuite/btcd/blob/c26ffa870fd817666a857af1bf6498fabba1ffe3/btcec/signature.go#L263
-	if round.temp.m.Cmp(tss.EC().Params().N) >= 0 {
+	if round.temp.m.Cmp(round.Params().EC().Params().N) >= 0 {
 		return round.WrapError(errors.New("hashed message is not valid"))
 	}

@@ -46,10 +46,10 @@ func (round *round1) Start() *tss.Error {
 	round.started = true
 	round.resetOK()

-	k := common.GetRandomPositiveInt(tss.EC().Params().N)
-	gamma := common.GetRandomPositiveInt(tss.EC().Params().N)
+	k := common.GetRandomPositiveInt(round.Params().EC().Params().N)
+	gamma := common.GetRandomPositiveInt(round.Params().EC().Params().N)

-	pointGamma := crypto.ScalarBaseMult(tss.EC(), gamma)
+	pointGamma := crypto.ScalarBaseMult(round.Params().EC(), gamma)
 	cmt := commitments.NewHashCommitment(pointGamma.X(), pointGamma.Y())
 	round.temp.k = k
 	round.temp.gamma = gamma
@@ -63,7 +63,7 @@ func (round *round1) Start() *tss.Error {
 		if j == i {
 			continue
 		}
-		cA, pi, err := mta.AliceInit(round.key.PaillierPKs[i], k, round.key.NTildej[j], round.key.H1j[j], round.key.H2j[j])
+		cA, pi, err := mta.AliceInit(round.Params().EC(), round.key.PaillierPKs[i], k, round.key.NTildej[j], round.key.H1j[j], round.key.H2j[j])
 		if err != nil {
 			return round.WrapError(fmt.Errorf("failed to init mta: %v", err))
 		}
@@ -124,7 +124,7 @@ func (round *round1) prepare() error {
 	if round.Threshold()+1 > len(ks) {
 		return fmt.Errorf("t+1=%d is not satisfied by the key count of %d", round.Threshold()+1, len(ks))
 	}
-	wi, bigWs := PrepareForSigning(i, len(ks), xi, ks, bigXs)
+	wi, bigWs := PrepareForSigning(round.Params().EC(), i, len(ks), xi, ks, bigXs)

 	round.temp.w = wi
 	round.temp.bigWs = bigWs
--- a/ecdsa/signing/round_2.go
+++ b/ecdsa/signing/round_2.go
@@ -44,6 +44,7 @@ func (round *round2) Start() *tss.Error {
 				return
 			}
 			beta, c1ji, _, pi1ji, err := mta.BobMid(
+				round.Parameters.EC(),
 				round.key.PaillierPKs[j],
 				rangeProofAliceJ,
 				round.temp.gamma,
@@ -72,6 +73,7 @@ func (round *round2) Start() *tss.Error {
 				return
 			}
 			v, c2ji, _, pi2ji, err := mta.BobMidWC(
+				round.Parameters.EC(),
 				round.key.PaillierPKs[j],
 				rangeProofAliceJ,
 				round.temp.w,
--- a/ecdsa/signing/round_3.go
+++ b/ecdsa/signing/round_3.go
@@ -48,6 +48,7 @@ func (round *round3) Start() *tss.Error {
 				return
 			}
 			alphaIj, err := mta.AliceEnd(
+				round.Params().EC(),
 				round.key.PaillierPKs[i],
 				proofBob,
 				round.key.H1j[i],
@@ -65,12 +66,13 @@ func (round *round3) Start() *tss.Error {
 		go func(j int, Pj *tss.PartyID) {
 			defer wg.Done()
 			r2msg := round.temp.signRound2Messages[j].Content().(*SignRound2Message)
-			proofBobWC, err := r2msg.UnmarshalProofBobWC()
+			proofBobWC, err := r2msg.UnmarshalProofBobWC(round.Parameters.EC())
 			if err != nil {
 				errChs <- round.WrapError(errorspkg.Wrapf(err, "UnmarshalProofBobWC failed"), Pj)
 				return
 			}
 			uIj, err := mta.AliceEndWC(
+				round.Params().EC(),
 				round.key.PaillierPKs[i],
 				proofBobWC,
 				round.temp.bigWs[j],
@@ -98,7 +100,7 @@ func (round *round3) Start() *tss.Error {
 		return round.WrapError(errors.New("failed to calculate Alice_end or Alice_end_wc"), culprits...)
 	}

-	modN := common.ModInt(tss.EC().Params().N)
+	modN := common.ModInt(round.Params().EC().Params().N)
 	thelta := modN.Mul(round.temp.k, round.temp.gamma)
 	sigma := modN.Mul(round.temp.k, round.temp.w)

--- a/ecdsa/signing/round_4.go
+++ b/ecdsa/signing/round_4.go
@@ -28,7 +28,7 @@ func (round *round4) Start() *tss.Error {
 	theta := *round.temp.theta
 	thetaInverse := &theta

-	modN := common.ModInt(tss.EC().Params().N)
+	modN := common.ModInt(round.Params().EC().Params().N)

 	for j := range round.Parties().IDs() {
 		if j == round.PartyID().Index {
--- a/ecdsa/signing/round_5.go
+++ b/ecdsa/signing/round_5.go
@@ -38,11 +38,11 @@ func (round *round5) Start() *tss.Error {
 		if !ok || len(bigGammaJ) != 2 {
 			return round.WrapError(errors.New("commitment verify failed"), Pj)
 		}
-		bigGammaJPoint, err := crypto.NewECPoint(tss.EC(), bigGammaJ[0], bigGammaJ[1])
+		bigGammaJPoint, err := crypto.NewECPoint(round.Params().EC(), bigGammaJ[0], bigGammaJ[1])
 		if err != nil {
 			return round.WrapError(errors2.Wrapf(err, "NewECPoint(bigGammaJ)"), Pj)
 		}
-		proof, err := r4msg.UnmarshalZKProof()
+		proof, err := r4msg.UnmarshalZKProof(round.Params().EC())
 		if err != nil {
 			return round.WrapError(errors.New("failed to unmarshal bigGamma proof"), Pj)
 		}
@@ -57,7 +57,7 @@ func (round *round5) Start() *tss.Error {
 	}

 	R = R.ScalarMult(round.temp.thetaInverse)
-	N := tss.EC().Params().N
+	N := round.Params().EC().Params().N
 	modN := common.ModInt(N)
 	rx := R.X()
 	ry := R.Y()
@@ -70,8 +70,8 @@ func (round *round5) Start() *tss.Error {
 	li := common.GetRandomPositiveInt(N)  // li
 	roI := common.GetRandomPositiveInt(N) // pi
 	rToSi := R.ScalarMult(si)
-	liPoint := crypto.ScalarBaseMult(tss.EC(), li)
-	bigAi := crypto.ScalarBaseMult(tss.EC(), roI)
+	liPoint := crypto.ScalarBaseMult(round.Params().EC(), li)
+	bigAi := crypto.ScalarBaseMult(round.Params().EC(), roI)
 	bigVi, err := rToSi.Add(liPoint)
 	if err != nil {
 		return round.WrapError(errors2.Wrapf(err, "rToSi.Add(li)"))
--- a/ecdsa/signing/round_7.go
+++ b/ecdsa/signing/round_7.go
@@ -41,47 +41,47 @@ func (round *round7) Start() *tss.Error {
 			return round.WrapError(errors.New("de-commitment for bigVj and bigAj failed"), Pj)
 		}
 		bigVjX, bigVjY, bigAjX, bigAjY := values[0], values[1], values[2], values[3]
-		bigVj, err := crypto.NewECPoint(tss.EC(), bigVjX, bigVjY)
+		bigVj, err := crypto.NewECPoint(round.Params().EC(), bigVjX, bigVjY)
 		if err != nil {
 			return round.WrapError(errors2.Wrapf(err, "NewECPoint(bigVj)"), Pj)
 		}
 		bigVjs[j] = bigVj
-		bigAj, err := crypto.NewECPoint(tss.EC(), bigAjX, bigAjY)
+		bigAj, err := crypto.NewECPoint(round.Params().EC(), bigAjX, bigAjY)
 		if err != nil {
 			return round.WrapError(errors2.Wrapf(err, "NewECPoint(bigAj)"), Pj)
 		}
 		bigAjs[j] = bigAj
-		pijA, err := r6msg.UnmarshalZKProof()
+		pijA, err := r6msg.UnmarshalZKProof(round.Params().EC())
 		if err != nil || !pijA.Verify(bigAj) {
 			return round.WrapError(errors.New("schnorr verify for Aj failed"), Pj)
 		}
-		pijV, err := r6msg.UnmarshalZKVProof()
+		pijV, err := r6msg.UnmarshalZKVProof(round.Params().EC())
 		if err != nil || !pijV.Verify(bigVj, round.temp.bigR) {
 			return round.WrapError(errors.New("vverify for Vj failed"), Pj)
 		}
 	}

-	modN := common.ModInt(tss.EC().Params().N)
+	modN := common.ModInt(round.Params().EC().Params().N)
 	AX, AY := round.temp.bigAi.X(), round.temp.bigAi.Y()
 	minusM := modN.Sub(big.NewInt(0), round.temp.m)
-	gToMInvX, gToMInvY := tss.EC().ScalarBaseMult(minusM.Bytes())
+	gToMInvX, gToMInvY := round.Params().EC().ScalarBaseMult(minusM.Bytes())
 	minusR := modN.Sub(big.NewInt(0), round.temp.rx)
-	yToRInvX, yToRInvY := tss.EC().ScalarMult(round.key.ECDSAPub.X(), round.key.ECDSAPub.Y(), minusR.Bytes())
-	VX, VY := tss.EC().Add(gToMInvX, gToMInvY, yToRInvX, yToRInvY)
-	VX, VY = tss.EC().Add(VX, VY, round.temp.bigVi.X(), round.temp.bigVi.Y())
+	yToRInvX, yToRInvY := round.Params().EC().ScalarMult(round.key.ECDSAPub.X(), round.key.ECDSAPub.Y(), minusR.Bytes())
+	VX, VY := round.Params().EC().Add(gToMInvX, gToMInvY, yToRInvX, yToRInvY)
+	VX, VY = round.Params().EC().Add(VX, VY, round.temp.bigVi.X(), round.temp.bigVi.Y())

 	for j := range round.Parties().IDs() {
 		if j == round.PartyID().Index {
 			continue
 		}
-		VX, VY = tss.EC().Add(VX, VY, bigVjs[j].X(), bigVjs[j].Y())
-		AX, AY = tss.EC().Add(AX, AY, bigAjs[j].X(), bigAjs[j].Y())
+		VX, VY = round.Params().EC().Add(VX, VY, bigVjs[j].X(), bigVjs[j].Y())
+		AX, AY = round.Params().EC().Add(AX, AY, bigAjs[j].X(), bigAjs[j].Y())
 	}

-	UiX, UiY := tss.EC().ScalarMult(VX, VY, round.temp.roi.Bytes())
-	TiX, TiY := tss.EC().ScalarMult(AX, AY, round.temp.li.Bytes())
-	round.temp.Ui = crypto.NewECPointNoCurveCheck(tss.EC(), UiX, UiY)
-	round.temp.Ti = crypto.NewECPointNoCurveCheck(tss.EC(), TiX, TiY)
+	UiX, UiY := round.Params().EC().ScalarMult(VX, VY, round.temp.roi.Bytes())
+	TiX, TiY := round.Params().EC().ScalarMult(AX, AY, round.temp.li.Bytes())
+	round.temp.Ui = crypto.NewECPointNoCurveCheck(round.Params().EC(), UiX, UiY)
+	round.temp.Ti = crypto.NewECPointNoCurveCheck(round.Params().EC(), TiX, TiY)
 	cmt := commitments.NewHashCommitment(UiX, UiY, TiX, TiY)
 	r7msg := NewSignRound7Message(round.PartyID(), cmt.C)
 	round.temp.signRound7Messages[round.PartyID().Index] = r7msg
--- a/ecdsa/signing/round_9.go
+++ b/ecdsa/signing/round_9.go
@@ -37,8 +37,8 @@ func (round *round9) Start() *tss.Error {
 			return round.WrapError(errors.New("de-commitment for bigVj and bigAj failed"), Pj)
 		}
 		UjX, UjY, TjX, TjY := values[0], values[1], values[2], values[3]
-		UX, UY = tss.EC().Add(UX, UY, UjX, UjY)
-		TX, TY = tss.EC().Add(TX, TY, TjX, TjY)
+		UX, UY = round.Params().EC().Add(UX, UY, UjX, UjY)
+		TX, TY = round.Params().EC().Add(TX, TY, TjX, TjY)
 	}
 	if UX.Cmp(TX) != 0 || UY.Cmp(TY) != 0 {
 		return round.WrapError(errors.New("U doesn't equal T"), round.PartyID())
--- a/eddsa/keygen/eddsa-keygen.pb.go
+++ b/eddsa/keygen/eddsa-keygen.pb.go
@@ -168,26 +168,27 @@ func (m *KGRound2Message2) GetProofT() []byte {
 }

 func init() {
-	proto.RegisterType((*KGRound1Message)(nil), "KGRound1Message")
-	proto.RegisterType((*KGRound2Message1)(nil), "KGRound2Message1")
-	proto.RegisterType((*KGRound2Message2)(nil), "KGRound2Message2")
+	proto.RegisterType((*KGRound1Message)(nil), "binance.tsslib.eddsa.keygen.KGRound1Message")
+	proto.RegisterType((*KGRound2Message1)(nil), "binance.tsslib.eddsa.keygen.KGRound2Message1")
+	proto.RegisterType((*KGRound2Message2)(nil), "binance.tsslib.eddsa.keygen.KGRound2Message2")
 }

 func init() { proto.RegisterFile("eddsa-keygen.proto", fileDescriptor_87f3b4615ca57212) }

 var fileDescriptor_87f3b4615ca57212 = []byte{
-	// 200 bytes of a gzipped FileDescriptorProto
+	// 222 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x4a, 0x4d, 0x49, 0x29,
-	0x4e, 0xd4, 0xcd, 0x4e, 0xad, 0x4c, 0x4f, 0xcd, 0xd3, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x57, 0x32,
-	0xe4, 0xe2, 0xf7, 0x76, 0x0f, 0xca, 0x2f, 0xcd, 0x4b, 0x31, 0xf4, 0x4d, 0x2d, 0x2e, 0x4e, 0x4c,
-	0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x4a, 0xce, 0xcf, 0xcd, 0xcd, 0x2c, 0xc9, 0x4d, 0xcd, 0x2b, 0x91,
-	0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0x42, 0x12, 0x51, 0xd2, 0xe0, 0x12, 0x80, 0x6a, 0x31, 0x82,
-	0x6a, 0x31, 0x14, 0x12, 0xe1, 0x62, 0x2d, 0xce, 0x48, 0x2c, 0x4a, 0x85, 0x2a, 0x87, 0x70, 0x94,
-	0x66, 0x30, 0x62, 0x28, 0x35, 0x12, 0x52, 0xe6, 0xe2, 0x4d, 0x49, 0x8d, 0x47, 0xb1, 0x81, 0x59,
-	0x83, 0x27, 0x88, 0x27, 0x25, 0xd5, 0x19, 0x2e, 0x26, 0xa4, 0xc4, 0xc5, 0x5b, 0x50, 0x94, 0x9f,
-	0x9f, 0x16, 0x9f, 0x98, 0x53, 0x90, 0x91, 0x18, 0x5f, 0x21, 0xc1, 0x04, 0x36, 0x97, 0x1b, 0x2c,
-	0xe8, 0x08, 0x12, 0x8b, 0x40, 0x57, 0x53, 0x29, 0xc1, 0x8c, 0xae, 0x26, 0x52, 0x48, 0x9c, 0x8b,
-	0x1d, 0xa2, 0xa6, 0x44, 0x82, 0x05, 0x2c, 0xcb, 0x06, 0xe6, 0x86, 0x38, 0xf1, 0x45, 0xf1, 0x80,
-	0x43, 0x43, 0x1f, 0x12, 0x1a, 0x49, 0x6c, 0xe0, 0xe0, 0x30, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff,
-	0x61, 0x46, 0xe6, 0x18, 0x24, 0x01, 0x00, 0x00,
+	0x4e, 0xd4, 0xcd, 0x4e, 0xad, 0x4c, 0x4f, 0xcd, 0xd3, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x92,
+	0x4e, 0xca, 0xcc, 0x4b, 0xcc, 0x4b, 0x4e, 0xd5, 0x2b, 0x29, 0x2e, 0xce, 0xc9, 0x4c, 0xd2, 0x03,
+	0x2b, 0xd1, 0x83, 0x28, 0x51, 0x32, 0xe4, 0xe2, 0xf7, 0x76, 0x0f, 0xca, 0x2f, 0xcd, 0x4b, 0x31,
+	0xf4, 0x4d, 0x2d, 0x2e, 0x4e, 0x4c, 0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x4a, 0xce, 0xcf, 0xcd, 0xcd,
+	0x2c, 0xc9, 0x4d, 0xcd, 0x2b, 0x91, 0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0x42, 0x12, 0x51, 0xd2,
+	0xe0, 0x12, 0x80, 0x6a, 0x31, 0x82, 0x6a, 0x31, 0x14, 0x12, 0xe1, 0x62, 0x2d, 0xce, 0x48, 0x2c,
+	0x4a, 0x85, 0x2a, 0x87, 0x70, 0x94, 0x66, 0x30, 0x62, 0x28, 0x35, 0x12, 0x52, 0xe6, 0xe2, 0x4d,
+	0x49, 0x8d, 0x47, 0xb1, 0x81, 0x59, 0x83, 0x27, 0x88, 0x27, 0x25, 0xd5, 0x19, 0x2e, 0x26, 0xa4,
+	0xc4, 0xc5, 0x5b, 0x50, 0x94, 0x9f, 0x9f, 0x16, 0x9f, 0x98, 0x53, 0x90, 0x91, 0x18, 0x5f, 0x21,
+	0xc1, 0x04, 0x36, 0x97, 0x1b, 0x2c, 0xe8, 0x08, 0x12, 0x8b, 0x40, 0x57, 0x53, 0x29, 0xc1, 0x8c,
+	0xae, 0x26, 0x52, 0x48, 0x9c, 0x8b, 0x1d, 0xa2, 0xa6, 0x44, 0x82, 0x05, 0x2c, 0xcb, 0x06, 0xe6,
+	0x86, 0x38, 0xf1, 0x45, 0xf1, 0x80, 0xc3, 0x41, 0x1f, 0x12, 0x0e, 0x49, 0x6c, 0xe0, 0xb0, 0x32,
+	0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xcd, 0xf7, 0x07, 0xe1, 0x41, 0x01, 0x00, 0x00,
 }
--- a/eddsa/keygen/local_party_test.go
+++ b/eddsa/keygen/local_party_test.go
@@ -40,8 +40,6 @@ func setUp(level string) {
 func TestE2EConcurrentAndSaveFixtures(t *testing.T) {
 	setUp("info")

-	tss.SetCurve(edwards.Edwards())
-
 	threshold := testThreshold
 	fixtures, pIDs, err := LoadKeygenTestFixtures(testParticipants)
 	if err != nil {
@@ -63,7 +61,7 @@ func TestE2EConcurrentAndSaveFixtures(t *testing.T) {
 	// init the parties
 	for i := 0; i < len(pIDs); i++ {
 		var P *LocalParty
-		params := tss.NewParameters(p2pCtx, pIDs[i], len(pIDs), threshold)
+		params := tss.NewParameters(tss.Edwards(), p2pCtx, pIDs[i], len(pIDs), threshold)
 		if i < len(fixtures) {
 			P = NewLocalParty(params, outCh, endCh).(*LocalParty)
 		} else {
@@ -133,17 +131,17 @@ keygen:
 						}
 						pShares = append(pShares, shareStruct)
 					}
-					uj, err := pShares[:threshold+1].ReConstruct()
+					uj, err := pShares[:threshold+1].ReConstruct(tss.Edwards())
 					assert.NoError(t, err, "vss.ReConstruct should not throw error")

 					// uG test: u*G[j] == V[0]
 					assert.Equal(t, uj, Pj.temp.ui)
-					uG := crypto.ScalarBaseMult(tss.EC(), uj)
+					uG := crypto.ScalarBaseMult(tss.Edwards(), uj)
 					assert.True(t, uG.Equals(Pj.temp.vs[0]), "ensure u*G[j] == V_0")

 					// xj tests: BigXj == xj*G
 					xj := Pj.data.Xi
-					gXj := crypto.ScalarBaseMult(tss.EC(), xj)
+					gXj := crypto.ScalarBaseMult(tss.Edwards(), xj)
 					BigXj := Pj.data.BigXj[j]
 					assert.True(t, BigXj.Equals(gXj), "ensure BigX_j == g^x_j")

@@ -151,23 +149,23 @@ keygen:
 					{
 						badShares := pShares[:threshold]
 						badShares[len(badShares)-1].Share.Set(big.NewInt(0))
-						uj, err := pShares[:threshold].ReConstruct()
+						uj, err := pShares[:threshold].ReConstruct(tss.Edwards())
 						assert.NoError(t, err)
 						assert.NotEqual(t, parties[j].temp.ui, uj)
-						BigXjX, BigXjY := tss.EC().ScalarBaseMult(uj.Bytes())
+						BigXjX, BigXjY := tss.Edwards().ScalarBaseMult(uj.Bytes())
 						assert.NotEqual(t, BigXjX, Pj.temp.vs[0].X())
 						assert.NotEqual(t, BigXjY, Pj.temp.vs[0].Y())
 					}
 					u = new(big.Int).Add(u, uj)
 				}
-				u = new(big.Int).Mod(u, tss.EC().Params().N)
+				u = new(big.Int).Mod(u, tss.Edwards().Params().N)
 				scalar := make([]byte, 0, 32)
 				copy(scalar, u.Bytes())

 				// build eddsa key pair
 				pkX, pkY := save.EDDSAPub.X(), save.EDDSAPub.Y()
 				pk := edwards.PublicKey{
-					Curve: tss.EC(),
+					Curve: tss.Edwards(),
 					X:     pkX,
 					Y:     pkY,
 				}
@@ -180,7 +178,7 @@ keygen:

 				// public key tests
 				assert.NotZero(t, u, "u should not be zero")
-				ourPkX, ourPkY := tss.EC().ScalarBaseMult(u.Bytes())
+				ourPkX, ourPkY := tss.Edwards().ScalarBaseMult(u.Bytes())
 				assert.Equal(t, pkX, ourPkX, "pkX should match expected pk derived from u")
 				assert.Equal(t, pkY, ourPkY, "pkY should match expected pk derived from u")
 				t.Log("Public key tests done.")
--- a/eddsa/keygen/messages.go
+++ b/eddsa/keygen/messages.go
@@ -7,10 +7,9 @@
 package keygen

 import (
+	"crypto/elliptic"
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
@@ -31,12 +30,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*KGRound1Message)(nil), tss.EDDSAProtoNamePrefix+"keygen.KGRound1Message")
-	proto.RegisterType((*KGRound2Message1)(nil), tss.EDDSAProtoNamePrefix+"keygen.KGRound2Message1")
-	proto.RegisterType((*KGRound2Message2)(nil), tss.EDDSAProtoNamePrefix+"keygen.KGRound2Message2")
-}
-
 // ----- //

 func NewKGRound1Message(from *tss.PartyID, ct cmt.HashCommitment) tss.ParsedMessage {
@@ -118,9 +111,9 @@ func (m *KGRound2Message2) UnmarshalDeCommitment() []*big.Int {
 	return cmt.NewHashDeCommitmentFromBytes(deComBzs)
 }

-func (m *KGRound2Message2) UnmarshalZKProof() (*schnorr.ZKProof, error) {
+func (m *KGRound2Message2) UnmarshalZKProof(ec elliptic.Curve) (*schnorr.ZKProof, error) {
 	point, err := crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.GetProofAlphaX()),
 		new(big.Int).SetBytes(m.GetProofAlphaY()))
 	if err != nil {
--- a/eddsa/keygen/round_1.go
+++ b/eddsa/keygen/round_1.go
@@ -39,12 +39,12 @@ func (round *round1) Start() *tss.Error {
 	i := Pi.Index

 	// 1. calculate "partial" key share ui
-	ui := common.GetRandomPositiveInt(tss.EC().Params().N)
+	ui := common.GetRandomPositiveInt(round.Params().EC().Params().N)
 	round.temp.ui = ui

 	// 2. compute the vss shares
 	ids := round.Parties().IDs().Keys()
-	vs, shares, err := vss.Create(round.Threshold(), ui, ids)
+	vs, shares, err := vss.Create(round.Params().EC(), round.Threshold(), ui, ids)
 	if err != nil {
 		return round.WrapError(err, Pi)
 	}
--- a/eddsa/keygen/round_3.go
+++ b/eddsa/keygen/round_3.go
@@ -41,7 +41,7 @@ func (round *round3) Start() *tss.Error {
 		share := r2msg1.UnmarshalShare()
 		xi = new(big.Int).Add(xi, share)
 	}
-	round.save.Xi = new(big.Int).Mod(xi, tss.EC().Params().N)
+	round.save.Xi = new(big.Int).Mod(xi, round.Params().EC().Params().N)

 	// 2-3.
 	Vc := make(vss.Vs, round.Threshold()+1)
@@ -77,12 +77,12 @@ func (round *round3) Start() *tss.Error {
 				ch <- vssOut{errors.New("de-commitment verify failed"), nil}
 				return
 			}
-			PjVs, err := crypto.UnFlattenECPoints(tss.EC(), flatPolyGs)
+			PjVs, err := crypto.UnFlattenECPoints(round.Params().EC(), flatPolyGs)
 			if err != nil {
 				ch <- vssOut{err, nil}
 				return
 			}
-			proof, err := r2msg2.UnmarshalZKProof()
+			proof, err := r2msg2.UnmarshalZKProof(round.Params().EC())
 			if err != nil {
 				ch <- vssOut{errors.New("failed to unmarshal schnorr proof"), nil}
 				return
@@ -98,7 +98,7 @@ func (round *round3) Start() *tss.Error {
 				ID:        round.PartyID().KeyInt(),
 				Share:     r2msg1.UnmarshalShare(),
 			}
-			if ok = PjShare.Verify(round.Threshold(), PjVs); !ok {
+			if ok = PjShare.Verify(round.Params().EC(), round.Threshold(), PjVs); !ok {
 				ch <- vssOut{errors.New("vss verify failed"), nil}
 				return
 			}
@@ -156,7 +156,7 @@ func (round *round3) Start() *tss.Error {
 	// 13-17. compute Xj for each Pj
 	{
 		var err error
-		modQ := common.ModInt(tss.EC().Params().N)
+		modQ := common.ModInt(round.Params().EC().Params().N)
 		culprits := make([]*tss.PartyID, 0, len(Ps)) // who caused the error(s)
 		bigXj := round.save.BigXj
 		for j := 0; j < round.PartyCount(); j++ {
@@ -180,7 +180,7 @@ func (round *round3) Start() *tss.Error {
 	}

 	// 18. compute and SAVE the EDDSA public key `y`
-	eddsaPubKey, err := crypto.NewECPoint(tss.EC(), Vc[0].X(), Vc[0].Y())
+	eddsaPubKey, err := crypto.NewECPoint(round.Params().EC(), Vc[0].X(), Vc[0].Y())
 	if err != nil {
 		return round.WrapError(errors2.Wrapf(err, "public key is not on the curve"))
 	}
--- a/eddsa/keygen/test_utils.go
+++ b/eddsa/keygen/test_utils.go
@@ -52,6 +52,10 @@ func LoadKeygenTestFixtures(qty int, optionalStart ...int) ([]LocalPartySaveData
 				"could not unmarshal fixture data for party %d located at: %s",
 				i, fixtureFilePath)
 		}
+		for _, kbxj := range key.BigXj {
+			kbxj.SetCurve(tss.Edwards())
+		}
+		key.EDDSAPub.SetCurve(tss.Edwards())
 		keys = append(keys, key)
 	}
 	partyIDs := make(tss.UnSortedPartyIDs, len(keys))
@@ -86,6 +90,10 @@ func LoadKeygenTestFixturesRandomSet(qty, fixtureCount int) ([]LocalPartySaveDat
 				"could not unmarshal fixture data for party %d located at: %s",
 				i, fixtureFilePath)
 		}
+		for _, kbxj := range key.BigXj {
+			kbxj.SetCurve(tss.Edwards())
+		}
+		key.EDDSAPub.SetCurve(tss.Edwards())
 		keys = append(keys, key)
 	}
 	partyIDs := make(tss.UnSortedPartyIDs, len(keys))
--- a/eddsa/resharing/eddsa-resharing.pb.go
+++ b/eddsa/resharing/eddsa-resharing.pb.go
@@ -5,9 +5,8 @@ package resharing

 import (
 	fmt "fmt"
-	math "math"
-
 	proto "github.com/golang/protobuf/proto"
+	math "math"
 )

 // Reference imports to suppress errors if they are not otherwise used.
@@ -94,22 +93,22 @@ func (*DGRound2Message) Descriptor() ([]byte, []int) {
 }

 func (m *DGRound2Message) XXX_Unmarshal(b []byte) error {
-	return xxx_messageInfo_DGRound2Message2.Unmarshal(m, b)
+	return xxx_messageInfo_DGRound2Message.Unmarshal(m, b)
 }
 func (m *DGRound2Message) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
-	return xxx_messageInfo_DGRound2Message2.Marshal(b, m, deterministic)
+	return xxx_messageInfo_DGRound2Message.Marshal(b, m, deterministic)
 }
 func (m *DGRound2Message) XXX_Merge(src proto.Message) {
-	xxx_messageInfo_DGRound2Message2.Merge(m, src)
+	xxx_messageInfo_DGRound2Message.Merge(m, src)
 }
 func (m *DGRound2Message) XXX_Size() int {
-	return xxx_messageInfo_DGRound2Message2.Size(m)
+	return xxx_messageInfo_DGRound2Message.Size(m)
 }
 func (m *DGRound2Message) XXX_DiscardUnknown() {
-	xxx_messageInfo_DGRound2Message2.DiscardUnknown(m)
+	xxx_messageInfo_DGRound2Message.DiscardUnknown(m)
 }

-var xxx_messageInfo_DGRound2Message2 proto.InternalMessageInfo
+var xxx_messageInfo_DGRound2Message proto.InternalMessageInfo

 //
 // The Round 3 data is sent to peers of the New Committee in this message.
@@ -227,28 +226,29 @@ func (m *DGRound4Message) XXX_DiscardUnknown() {
 var xxx_messageInfo_DGRound4Message proto.InternalMessageInfo

 func init() {
-	proto.RegisterType((*DGRound1Message)(nil), "DGRound1Message")
-	proto.RegisterType((*DGRound2Message)(nil), "DGRound2Message")
-	proto.RegisterType((*DGRound3Message1)(nil), "DGRound3Message1")
-	proto.RegisterType((*DGRound3Message2)(nil), "DGRound3Message2")
-	proto.RegisterType((*DGRound4Message)(nil), "DGRound4Message")
+	proto.RegisterType((*DGRound1Message)(nil), "binance.tsslib.eddsa.resharing.DGRound1Message")
+	proto.RegisterType((*DGRound2Message)(nil), "binance.tsslib.eddsa.resharing.DGRound2Message")
+	proto.RegisterType((*DGRound3Message1)(nil), "binance.tsslib.eddsa.resharing.DGRound3Message1")
+	proto.RegisterType((*DGRound3Message2)(nil), "binance.tsslib.eddsa.resharing.DGRound3Message2")
+	proto.RegisterType((*DGRound4Message)(nil), "binance.tsslib.eddsa.resharing.DGRound4Message")
 }

 func init() { proto.RegisterFile("eddsa-resharing.proto", fileDescriptor_d6ac4d7ec55a8fe1) }

 var fileDescriptor_d6ac4d7ec55a8fe1 = []byte{
-	// 203 bytes of a gzipped FileDescriptorProto
+	// 222 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x4d, 0x4d, 0x49, 0x29,
 	0x4e, 0xd4, 0x2d, 0x4a, 0x2d, 0xce, 0x48, 0x2c, 0xca, 0xcc, 0x4b, 0xd7, 0x2b, 0x28, 0xca, 0x2f,
-	0xc9, 0x57, 0x2a, 0xe1, 0xe2, 0x77, 0x71, 0x0f, 0xca, 0x2f, 0xcd, 0x4b, 0x31, 0xf4, 0x4d, 0x2d,
-	0x2e, 0x4e, 0x4c, 0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x06, 0xab, 0x8d, 0x2f, 0x28, 0x4d, 0x8a, 0xaf,
-	0x90, 0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0xe2, 0x04, 0x0b, 0x05, 0x94, 0x26, 0x45, 0xa0, 0xca,
-	0x57, 0x4a, 0x30, 0xa1, 0xca, 0x47, 0x0a, 0x29, 0x72, 0xf1, 0x94, 0xc5, 0x27, 0xe7, 0xe7, 0xe6,
-	0x66, 0x96, 0xe4, 0xa6, 0xe6, 0x95, 0x48, 0x30, 0x83, 0x15, 0x70, 0x97, 0x39, 0xc3, 0x85, 0x94,
-	0x84, 0xb8, 0x04, 0xa0, 0xb6, 0x1a, 0x41, 0x6d, 0x35, 0x52, 0xd2, 0x80, 0x8b, 0x19, 0x43, 0xc5,
-	0x0c, 0x85, 0x44, 0xb8, 0x58, 0x41, 0xce, 0x4d, 0x85, 0x3a, 0x02, 0xc2, 0x51, 0xb2, 0xc4, 0x50,
-	0x69, 0x24, 0xa4, 0xca, 0xc5, 0x57, 0x16, 0x9f, 0x92, 0x8a, 0x64, 0x2d, 0xa3, 0x02, 0xb3, 0x06,
-	0x4f, 0x10, 0x6f, 0x99, 0x0b, 0x92, 0xa0, 0x92, 0x20, 0xdc, 0xbb, 0x26, 0x50, 0xad, 0x4e, 0x82,
-	0x51, 0xfc, 0x60, 0xb7, 0xeb, 0xc3, 0x83, 0x26, 0x89, 0x0d, 0x1c, 0x36, 0xc6, 0x80, 0x00, 0x00,
-	0x00, 0xff, 0xff, 0x76, 0xdf, 0xde, 0x85, 0x34, 0x01, 0x00, 0x00,
+	0xc9, 0x17, 0x92, 0x4b, 0xca, 0xcc, 0x4b, 0xcc, 0x4b, 0x4e, 0xd5, 0x2b, 0x29, 0x2e, 0xce, 0xc9,
+	0x4c, 0xd2, 0x03, 0xab, 0xd2, 0x83, 0xab, 0x52, 0x2a, 0xe1, 0xe2, 0x77, 0x71, 0x0f, 0xca, 0x2f,
+	0xcd, 0x4b, 0x31, 0xf4, 0x4d, 0x2d, 0x2e, 0x4e, 0x4c, 0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x06, 0xab,
+	0x8a, 0x2f, 0x28, 0x4d, 0x8a, 0xaf, 0x90, 0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0xe2, 0x04, 0x0b,
+	0x05, 0x94, 0x26, 0x45, 0xa0, 0xca, 0x57, 0x4a, 0x30, 0xa1, 0xca, 0x47, 0x0a, 0x29, 0x72, 0xf1,
+	0x94, 0xc5, 0x27, 0xe7, 0xe7, 0xe6, 0x66, 0x96, 0xe4, 0xa6, 0xe6, 0x95, 0x48, 0x30, 0x83, 0x15,
+	0x70, 0x97, 0x39, 0xc3, 0x85, 0x94, 0x04, 0xe1, 0xb6, 0x1a, 0x41, 0x6d, 0x55, 0xd2, 0xe0, 0x12,
+	0x80, 0x0a, 0x19, 0x43, 0x85, 0x0c, 0x85, 0x44, 0xb8, 0x58, 0x41, 0xee, 0x4c, 0x85, 0xba, 0x01,
+	0xc2, 0x51, 0xb2, 0xc4, 0x50, 0x69, 0x24, 0xa4, 0xca, 0xc5, 0x57, 0x16, 0x9f, 0x92, 0x8a, 0x64,
+	0x2b, 0xa3, 0x02, 0xb3, 0x06, 0x4f, 0x10, 0x6f, 0x99, 0x0b, 0x92, 0x20, 0x92, 0xbd, 0x26, 0x50,
+	0xad, 0x4e, 0x82, 0x51, 0xfc, 0x60, 0xa7, 0xeb, 0xc3, 0xc3, 0x24, 0x89, 0x0d, 0x1c, 0x74, 0xc6,
+	0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x54, 0x3e, 0x50, 0x06, 0x53, 0x01, 0x00, 0x00,
 }
--- a/eddsa/resharing/local_party_test.go
+++ b/eddsa/resharing/local_party_test.go
@@ -33,13 +33,14 @@ func setUp(level string) {
 	if err := log.SetLogLevel("tss-lib", level); err != nil {
 		panic(err)
 	}
+
+	// only for test
+	tss.SetCurve(tss.Edwards())
 }

 func TestE2EConcurrent(t *testing.T) {
 	setUp("info")

-	tss.SetCurve(edwards.Edwards())
-
 	threshold, newThreshold := testThreshold, testThreshold

 	// PHASE: load keygen fixtures
@@ -67,14 +68,14 @@ func TestE2EConcurrent(t *testing.T) {

 	// init the old parties first
 	for j, pID := range oldPIDs {
-		params := tss.NewReSharingParameters(oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
+		params := tss.NewReSharingParameters(tss.Edwards(), oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
 		P := NewLocalParty(params, oldKeys[j], outCh, endCh).(*LocalParty) // discard old key data
 		oldCommittee = append(oldCommittee, P)
 	}

 	// init the new parties
 	for _, pID := range newPIDs {
-		params := tss.NewReSharingParameters(oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
+		params := tss.NewReSharingParameters(tss.Edwards(), oldP2PCtx, newP2PCtx, pID, testParticipants, threshold, newPCount, newThreshold)
 		save := keygen.NewLocalPartySaveData(newPCount)
 		P := NewLocalParty(params, save, outCh, endCh).(*LocalParty)
 		newCommittee = append(newCommittee, P)
@@ -141,7 +142,7 @@ func TestE2EConcurrent(t *testing.T) {
 				for j, key := range newKeys {
 					// xj test: BigXj == xj*G
 					xj := key.Xi
-					gXj := crypto.ScalarBaseMult(tss.EC(), xj)
+					gXj := crypto.ScalarBaseMult(tss.Edwards(), xj)
 					BigXj := key.BigXj[j]
 					assert.True(t, BigXj.Equals(gXj), "ensure BigX_j == g^x_j")
 				}
@@ -163,7 +164,7 @@ signing:
 	signEndCh := make(chan common.SignatureData, len(signPIDs))

 	for j, signPID := range signPIDs {
-		params := tss.NewParameters(signP2pCtx, signPID, len(signPIDs), newThreshold)
+		params := tss.NewParameters(tss.Edwards(), signP2pCtx, signPID, len(signPIDs), newThreshold)
 		P := signing.NewLocalParty(big.NewInt(42).Bytes(), params, signKeys[j], signOutCh, signEndCh).(*signing.LocalParty)
 		signParties = append(signParties, P)
 		go func(P *signing.LocalParty) {
@@ -205,7 +206,7 @@ signing:
 				// BEGIN EDDSA verify
 				pkX, pkY := signKeys[0].EDDSAPub.X(), signKeys[0].EDDSAPub.Y()
 				pk := edwards.PublicKey{
-					Curve: tss.EC(),
+					Curve: tss.Edwards(),
 					X:     pkX,
 					Y:     pkY,
 				}
--- a/eddsa/resharing/messages.go
+++ b/eddsa/resharing/messages.go
@@ -7,10 +7,9 @@
 package resharing

 import (
+	"crypto/elliptic"
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
@@ -30,14 +29,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*DGRound1Message)(nil), tss.EDDSAProtoNamePrefix+"resharing.DGRound1Message")
-	proto.RegisterType((*DGRound2Message)(nil), tss.EDDSAProtoNamePrefix+"resharing.DGRound2Message")
-	proto.RegisterType((*DGRound3Message1)(nil), tss.EDDSAProtoNamePrefix+"resharing.DGRound3Message1")
-	proto.RegisterType((*DGRound3Message2)(nil), tss.EDDSAProtoNamePrefix+"resharing.DGRound3Message2")
-	proto.RegisterType((*DGRound4Message)(nil), tss.EDDSAProtoNamePrefix+"resharing.DGRound4Message")
-}
-
 // ----- //

 func NewDGRound1Message(
@@ -68,9 +59,9 @@ func (m *DGRound1Message) ValidateBasic() bool {
 		common.NonEmptyBytes(m.VCommitment)
 }

-func (m *DGRound1Message) UnmarshalEDDSAPub() (*crypto.ECPoint, error) {
+func (m *DGRound1Message) UnmarshalEDDSAPub(ec elliptic.Curve) (*crypto.ECPoint, error) {
 	return crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.EddsaPubX),
 		new(big.Int).SetBytes(m.EddsaPubY))
 }
--- a/eddsa/resharing/round_1_old_step_1.go
+++ b/eddsa/resharing/round_1_old_step_1.go
@@ -47,10 +47,10 @@ func (round *round1) Start() *tss.Error {
 		return round.WrapError(fmt.Errorf("t+1=%d is not satisfied by the key count of %d", round.Threshold()+1, len(ks)), round.PartyID())
 	}
 	newKs := round.NewParties().IDs().Keys()
-	wi := signing.PrepareForSigning(i, len(round.OldParties().IDs()), xi, ks)
+	wi := signing.PrepareForSigning(round.Params().EC(), i, len(round.OldParties().IDs()), xi, ks)

 	// 2.
-	vi, shares, err := vss.Create(round.NewThreshold(), wi, newKs)
+	vi, shares, err := vss.Create(round.Params().EC(), round.NewThreshold(), wi, newKs)
 	if err != nil {
 		return round.WrapError(err, round.PartyID())
 	}
@@ -101,7 +101,7 @@ func (round *round1) Update() (bool, *tss.Error) {

 		// save the eddsa pub received from the old committee
 		r1msg := round.temp.dgRound1Messages[0].Content().(*DGRound1Message)
-		candidate, err := r1msg.UnmarshalEDDSAPub()
+		candidate, err := r1msg.UnmarshalEDDSAPub(round.Params().EC())
 		if err != nil {
 			return false, round.WrapError(errors.New("unable to unmarshal the eddsa pub key"), msg.GetFrom())
 		}
--- a/eddsa/resharing/round_4_new_step_2.go
+++ b/eddsa/resharing/round_4_new_step_2.go
@@ -40,7 +40,7 @@ func (round *round4) Start() *tss.Error {
 	newXi := big.NewInt(0)

 	// 2-8.
-	modQ := common.ModInt(tss.EC().Params().N)
+	modQ := common.ModInt(round.Params().EC().Params().N)
 	vjc := make([][]*crypto.ECPoint, len(round.OldParties().IDs()))
 	for j := 0; j <= len(vjc)-1; j++ { // P1..P_t+1. Ps are indexed from 0 here
 		r1msg := round.temp.dgRound1Messages[j].Content().(*DGRound1Message)
@@ -55,7 +55,7 @@ func (round *round4) Start() *tss.Error {
 			// TODO collect culprits and return a list of them as per convention
 			return round.WrapError(errors.New("de-commitment of v_j0..v_jt failed"), round.Parties().IDs()[j])
 		}
-		vj, err := crypto.UnFlattenECPoints(tss.EC(), flatVs)
+		vj, err := crypto.UnFlattenECPoints(round.Params().EC(), flatVs)
 		if err != nil {
 			return round.WrapError(err, round.Parties().IDs()[j])
 		}
@@ -67,7 +67,7 @@ func (round *round4) Start() *tss.Error {
 			ID:        round.PartyID().KeyInt(),
 			Share:     new(big.Int).SetBytes(r3msg1.Share),
 		}
-		if ok := sharej.Verify(round.NewThreshold(), vj); !ok {
+		if ok := sharej.Verify(round.Params().EC(), round.NewThreshold(), vj); !ok {
 			return round.WrapError(errors.New("share from old committee did not pass Verify()"), round.Parties().IDs()[j])
 		}

--- a/eddsa/signing/eddsa-signing.pb.go
+++ b/eddsa/signing/eddsa-signing.pb.go
@@ -168,26 +168,27 @@ func (m *SignRound3Message) GetS() []byte {
 }

 func init() {
-	proto.RegisterType((*SignRound1Message)(nil), "SignRound1Message")
-	proto.RegisterType((*SignRound2Message)(nil), "SignRound2Message")
-	proto.RegisterType((*SignRound3Message)(nil), "SignRound3Message")
+	proto.RegisterType((*SignRound1Message)(nil), "binance.tsslib.eddsa.signing.SignRound1Message")
+	proto.RegisterType((*SignRound2Message)(nil), "binance.tsslib.eddsa.signing.SignRound2Message")
+	proto.RegisterType((*SignRound3Message)(nil), "binance.tsslib.eddsa.signing.SignRound3Message")
 }

 func init() { proto.RegisterFile("eddsa-signing.proto", fileDescriptor_cf83f80fc7454980) }

 var fileDescriptor_cf83f80fc7454980 = []byte{
-	// 197 bytes of a gzipped FileDescriptorProto
+	// 219 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x4e, 0x4d, 0x49, 0x29,
-	0x4e, 0xd4, 0x2d, 0xce, 0x4c, 0xcf, 0xcb, 0xcc, 0x4b, 0xd7, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x57,
-	0x32, 0xe6, 0x12, 0x0c, 0xce, 0x4c, 0xcf, 0x0b, 0xca, 0x2f, 0xcd, 0x4b, 0x31, 0xf4, 0x4d, 0x2d,
-	0x2e, 0x4e, 0x4c, 0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x4a, 0xce, 0xcf, 0xcd, 0xcd, 0x2c, 0xc9, 0x4d,
-	0xcd, 0x2b, 0x91, 0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0x42, 0x12, 0x51, 0x9a, 0xc9, 0x88, 0xa4,
-	0xcb, 0x08, 0xa6, 0x4b, 0x99, 0x8b, 0x37, 0x25, 0x35, 0x1e, 0x45, 0x23, 0xb3, 0x06, 0x4f, 0x10,
-	0x4f, 0x4a, 0xaa, 0x33, 0x5c, 0x4c, 0x48, 0x89, 0x8b, 0xb7, 0xa0, 0x28, 0x3f, 0x3f, 0x2d, 0x3e,
-	0x31, 0xa7, 0x20, 0x23, 0x31, 0xbe, 0x42, 0x82, 0x09, 0x6c, 0x3a, 0x37, 0x58, 0xd0, 0x11, 0x24,
-	0x16, 0x81, 0xae, 0xa6, 0x52, 0x82, 0x19, 0x5d, 0x4d, 0xa4, 0x90, 0x38, 0x17, 0x3b, 0x44, 0x4d,
-	0x89, 0x04, 0x0b, 0x58, 0x96, 0x0d, 0xcc, 0x0d, 0x51, 0x52, 0x44, 0x72, 0x9a, 0x31, 0xcc, 0x69,
-	0x3c, 0x5c, 0x8c, 0xc5, 0x50, 0x7f, 0x30, 0x16, 0x3b, 0xf1, 0x47, 0xf1, 0x82, 0x83, 0x42, 0x1f,
-	0x1a, 0x14, 0x49, 0x6c, 0xe0, 0xb0, 0x30, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0x0a, 0x36, 0x85,
-	0xc1, 0x22, 0x01, 0x00, 0x00,
+	0x4e, 0xd4, 0x2d, 0xce, 0x4c, 0xcf, 0xcb, 0xcc, 0x4b, 0xd7, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17,
+	0x92, 0x49, 0xca, 0xcc, 0x4b, 0xcc, 0x4b, 0x4e, 0xd5, 0x2b, 0x29, 0x2e, 0xce, 0xc9, 0x4c, 0xd2,
+	0x03, 0xab, 0xd1, 0x83, 0xaa, 0x51, 0x32, 0xe6, 0x12, 0x0c, 0xce, 0x4c, 0xcf, 0x0b, 0xca, 0x2f,
+	0xcd, 0x4b, 0x31, 0xf4, 0x4d, 0x2d, 0x2e, 0x4e, 0x4c, 0x4f, 0x15, 0x92, 0xe3, 0xe2, 0x4a, 0xce,
+	0xcf, 0xcd, 0xcd, 0x2c, 0xc9, 0x4d, 0xcd, 0x2b, 0x91, 0x60, 0x54, 0x60, 0xd4, 0xe0, 0x09, 0x42,
+	0x12, 0x51, 0x9a, 0xc9, 0x88, 0xa4, 0xcb, 0x08, 0xa6, 0x4b, 0x99, 0x8b, 0x37, 0x25, 0x35, 0x1e,
+	0x45, 0x23, 0xb3, 0x06, 0x4f, 0x10, 0x4f, 0x4a, 0xaa, 0x33, 0x5c, 0x4c, 0x48, 0x89, 0x8b, 0xb7,
+	0xa0, 0x28, 0x3f, 0x3f, 0x2d, 0x3e, 0x31, 0xa7, 0x20, 0x23, 0x31, 0xbe, 0x42, 0x82, 0x09, 0x6c,
+	0x3a, 0x37, 0x58, 0xd0, 0x11, 0x24, 0x16, 0x81, 0xae, 0xa6, 0x52, 0x82, 0x19, 0x5d, 0x4d, 0xa4,
+	0x90, 0x38, 0x17, 0x3b, 0x44, 0x4d, 0x89, 0x04, 0x0b, 0x58, 0x96, 0x0d, 0xcc, 0x0d, 0x51, 0x52,
+	0x44, 0x72, 0x9a, 0x31, 0xcc, 0x69, 0x3c, 0x5c, 0x8c, 0xc5, 0x50, 0x7f, 0x30, 0x16, 0x3b, 0xf1,
+	0x47, 0xf1, 0x82, 0x03, 0x41, 0x1f, 0x1a, 0x08, 0x49, 0x6c, 0xe0, 0x90, 0x32, 0x06, 0x04, 0x00,
+	0x00, 0xff, 0xff, 0x26, 0xfd, 0x9b, 0xd6, 0x40, 0x01, 0x00, 0x00,
 }
--- a/eddsa/signing/finalize.go
+++ b/eddsa/signing/finalize.go
@@ -46,7 +46,7 @@ func (round *finalization) Start() *tss.Error {
 	round.data.M = round.temp.m

 	pk := edwards.PublicKey{
-		Curve: tss.EC(),
+		Curve: round.Params().EC(),
 		X:     round.key.EDDSAPub.X(),
 		Y:     round.key.EDDSAPub.Y(),
 	}
--- a/eddsa/signing/local_party_test.go
+++ b/eddsa/signing/local_party_test.go
@@ -32,13 +32,14 @@ func setUp(level string) {
 	if err := log.SetLogLevel("tss-lib", level); err != nil {
 		panic(err)
 	}
+
+	// only for test
+	tss.SetCurve(tss.Edwards())
 }

 func TestE2EConcurrent(t *testing.T) {
 	setUp("info")

-	tss.SetCurve(edwards.Edwards())
-
 	threshold := testThreshold

 	// PHASE: load keygen fixtures
@@ -61,7 +62,7 @@ func TestE2EConcurrent(t *testing.T) {
 	msg := big.NewInt(200).Bytes()
 	// init the parties
 	for i := 0; i < len(signPIDs); i++ {
-		params := tss.NewParameters(p2pCtx, signPIDs[i], len(signPIDs), threshold)
+		params := tss.NewParameters(tss.Edwards(), p2pCtx, signPIDs[i], len(signPIDs), threshold)

 		P := NewLocalParty(msg, params, keys[i], outCh, endCh).(*LocalParty)
 		parties = append(parties, P)
@@ -121,7 +122,7 @@ signing:
 				// BEGIN EDDSA verify
 				pkX, pkY := keys[0].EDDSAPub.X(), keys[0].EDDSAPub.Y()
 				pk := edwards.PublicKey{
-					Curve: tss.EC(),
+					Curve: tss.Edwards(),
 					X:     pkX,
 					Y:     pkY,
 				}
--- a/eddsa/signing/messages.go
+++ b/eddsa/signing/messages.go
@@ -7,10 +7,9 @@
 package signing

 import (
+	"crypto/elliptic"
 	"math/big"

-	"github.com/golang/protobuf/proto"
-
 	"github.com/binance-chain/tss-lib/common"
 	"github.com/binance-chain/tss-lib/crypto"
 	cmt "github.com/binance-chain/tss-lib/crypto/commitments"
@@ -30,12 +29,6 @@ var (
 	}
 )

-func init() {
-	proto.RegisterType((*SignRound1Message)(nil), tss.EDDSAProtoNamePrefix+"signing.SignRound1Message")
-	proto.RegisterType((*SignRound2Message)(nil), tss.EDDSAProtoNamePrefix+"signing.SignRound2Message")
-	proto.RegisterType((*SignRound3Message)(nil), tss.EDDSAProtoNamePrefix+"signing.SignRound3Message")
-}
-
 // ----- //

 func NewSignRound1Message(
@@ -97,9 +90,9 @@ func (m *SignRound2Message) UnmarshalDeCommitment() []*big.Int {
 	return cmt.NewHashDeCommitmentFromBytes(deComBzs)
 }

-func (m *SignRound2Message) UnmarshalZKProof() (*schnorr.ZKProof, error) {
+func (m *SignRound2Message) UnmarshalZKProof(ec elliptic.Curve) (*schnorr.ZKProof, error) {
 	point, err := crypto.NewECPoint(
-		tss.EC(),
+		ec,
 		new(big.Int).SetBytes(m.GetProofAlphaX()),
 		new(big.Int).SetBytes(m.GetProofAlphaY()))
 	if err != nil {
--- a/eddsa/signing/prepare.go
+++ b/eddsa/signing/prepare.go
@@ -7,16 +7,16 @@
 package signing

 import (
+	"crypto/elliptic"
 	"fmt"
 	"math/big"

 	"github.com/binance-chain/tss-lib/common"
-	"github.com/binance-chain/tss-lib/tss"
 )

 // PrepareForSigning(), Fig. 7
-func PrepareForSigning(i, pax int, xi *big.Int, ks []*big.Int) (wi *big.Int) {
-	modQ := common.ModInt(tss.EC().Params().N)
+func PrepareForSigning(ec elliptic.Curve, i, pax int, xi *big.Int, ks []*big.Int) (wi *big.Int) {
+	modQ := common.ModInt(ec.Params().N)
 	if len(ks) != pax {
 		panic(fmt.Errorf("PrepareForSigning: len(ks) != pax (%d != %d)", len(ks), pax))
 	}
--- a/eddsa/signing/round_1.go
+++ b/eddsa/signing/round_1.go
@@ -38,10 +38,10 @@ func (round *round1) Start() *tss.Error {
 	round.resetOK()

 	// 1. select ri
-	ri := common.GetRandomPositiveInt(tss.EC().Params().N)
+	ri := common.GetRandomPositiveInt(round.Params().EC().Params().N)

 	// 2. make commitment
-	pointRi := crypto.ScalarBaseMult(tss.EC(), ri)
+	pointRi := crypto.ScalarBaseMult(round.Params().EC(), ri)
 	cmt := commitments.NewHashCommitment(pointRi.X(), pointRi.Y())

 	// 3. store r1 message pieces
@@ -98,7 +98,7 @@ func (round *round1) prepare() error {
 		// TODO: this should not panic
 		return fmt.Errorf("t+1=%d is not consistent with the key count %d", round.Threshold()+1, len(ks))
 	}
-	wi := PrepareForSigning(i, len(ks), xi, ks)
+	wi := PrepareForSigning(round.Params().EC(), i, len(ks), xi, ks)

 	round.temp.wi = wi
 	return nil
--- a/eddsa/signing/round_3.go
+++ b/eddsa/signing/round_3.go
@@ -49,11 +49,11 @@ func (round *round3) Start() *tss.Error {
 			return round.WrapError(errors.New("length of de-commitment should be 2"))
 		}

-		Rj, err := crypto.NewECPoint(tss.EC(), coordinates[0], coordinates[1])
+		Rj, err := crypto.NewECPoint(round.Params().EC(), coordinates[0], coordinates[1])
 		if err != nil {
 			return round.WrapError(errors.Wrapf(err, "NewECPoint(Rj)"), Pj)
 		}
-		proof, err := r2msg.UnmarshalZKProof()
+		proof, err := r2msg.UnmarshalZKProof(round.Params().EC())
 		if err != nil {
 			return round.WrapError(errors.New("failed to unmarshal Rj proof"), Pj)
 		}
@@ -62,7 +62,7 @@ func (round *round3) Start() *tss.Error {
 			return round.WrapError(errors.New("failed to prove Rj"), Pj)
 		}

-		extendedRj := ecPointToExtendedElement(Rj.X(), Rj.Y())
+		extendedRj := ecPointToExtendedElement(round.Params().EC(), Rj.X(), Rj.Y())
 		R = addExtendedElements(R, extendedRj)
 	}

--- a/eddsa/signing/utils.go
+++ b/eddsa/signing/utils.go
@@ -7,12 +7,12 @@
 package signing

 import (
+	"crypto/elliptic"
 	"math/big"

 	"github.com/agl/ed25519/edwards25519"

 	"github.com/binance-chain/tss-lib/common"
-	"github.com/binance-chain/tss-lib/tss"
 )

 func encodedBytesToBigInt(s *[32]byte) *big.Int {
@@ -100,11 +100,11 @@ func addExtendedElements(p, q edwards25519.ExtendedGroupElement) edwards25519.Ex
 	return result
 }

-func ecPointToExtendedElement(x *big.Int, y *big.Int) edwards25519.ExtendedGroupElement {
+func ecPointToExtendedElement(ec elliptic.Curve, x *big.Int, y *big.Int) edwards25519.ExtendedGroupElement {
 	encodedXBytes := bigIntToEncodedBytes(x)
 	encodedYBytes := bigIntToEncodedBytes(y)

-	z := common.GetRandomPositiveInt(tss.EC().Params().N)
+	z := common.GetRandomPositiveInt(ec.Params().N)
 	encodedZBytes := bigIntToEncodedBytes(z)

 	var fx, fy, fxy edwards25519.FieldElement
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/btcsuite/btcd v0.0.0-20190629003639-c26ffa870fd8
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/dcrec/edwards/v2 v2.0.0
-	github.com/golang/protobuf v1.3.2
+	github.com/golang/protobuf v1.5.0
 	github.com/hashicorp/go-multierror v1.0.0
 	github.com/ipfs/go-log v0.0.1
 	github.com/mattn/go-colorable v0.1.2 // indirect
@@ -17,6 +17,7 @@ require (
 	github.com/pkg/errors v0.8.1
 	github.com/stretchr/testify v1.3.0
 	golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7 // indirect
+	google.golang.org/protobuf v1.27.1
 )

 replace github.com/agl/ed25519 => github.com/binance-chain/edwards25519 v0.0.0-20200305024217-f36fc4b53d43
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,3 @@
-bou.ke/monkey v1.0.1 h1:zEMLInw9xvNakzUUPjfS4Ds6jYPqCFx3m7bRmG5NH2U=
 bou.ke/monkey v1.0.1/go.mod h1:FgHuK96Rv2Nlf+0u1OOVDpCMdsWyOFmeeketDHE7LIg=
 github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII=
 github.com/binance-chain/edwards25519 v0.0.0-20200305024217-f36fc4b53d43 h1:Vkf7rtHx8uHx8gDfkQaCdVfc+gfrF9v6sR6xJy7RXNg=
@@ -24,6 +23,9 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.5.0 h1:LUVKkCeviFUMKqHa4tXIIij/lbhnMbP7Fn5wKdKkRh4=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o=
@@ -48,11 +50,8 @@ github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa
 github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/opentracing/opentracing-go v1.1.0 h1:pWlfV3Bxv7k65HYwkikxat0+s3pV4bsqf19k25Ur8rU=
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
-github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95 h1:+OLn68pqasWca0z5ryit9KGfp3sUsW4Lqg32iRMJyzs=
 github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE=
-github.com/otiai10/mint v1.2.4 h1:DxYL0itZyPaR5Z9HILdxSoHx+gNs6Yx+neOGS3IVUk0=
 github.com/otiai10/mint v1.2.4/go.mod h1:d+b7n/0R3tdyUYYylALXpWQ/kTN+QobSq/4SRGBkR3M=
-github.com/otiai10/primes v0.0.0-20180210170552-f6d2a1ba97c4 h1:blMAhTXF6uL1+e3eVSajjLT43Cc0U8mU1gcigbbolJM=
 github.com/otiai10/primes v0.0.0-20180210170552-f6d2a1ba97c4/go.mod h1:UmSP7QeU3XmAdGu5+dnrTJqjBc+IscpVZkQzk473cjM=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -69,10 +68,13 @@ golang.org/x/net v0.0.0-20190227160552-c95aed5357e7/go.mod h1:mL1N/T3taQHkDXs73r
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7 h1:LepdCS8Gf/MVejFIt8lsiexZATdoGVyp5bcyS+rYoUI=
 golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
+google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
--- a/protob/ecdsa-keygen.proto
+++ b/protob/ecdsa-keygen.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.ecdsa.keygen;
 option go_package = "ecdsa/keygen";

 /*
--- a/protob/ecdsa-resharing.proto
+++ b/protob/ecdsa-resharing.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.ecdsa.resharing;
 option go_package = "ecdsa/resharing";

 /*
--- a/protob/ecdsa-signing.proto
+++ b/protob/ecdsa-signing.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.ecdsa.signing;
 option go_package = "ecdsa/signing";

 /*
--- a/protob/eddsa-keygen.proto
+++ b/protob/eddsa-keygen.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.eddsa.keygen;
 option go_package = "eddsa/keygen";

 /*
--- a/protob/eddsa-resharing.proto
+++ b/protob/eddsa-resharing.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.eddsa.resharing;
 option go_package = "eddsa/resharing";

 /*
@@ -20,7 +20,7 @@ message DGRound1Message {
 /*
 * The Round 2 "ACK" is broadcast to peers of the Old Committee in this message.
 */
-message DGRound2Message2 {
+message DGRound2Message {
 }

 /*
--- a/protob/eddsa-signing.proto
+++ b/protob/eddsa-signing.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib.eddsa.signing;
 option go_package = "eddsa/signing";

 /*
--- a/protob/message.proto
+++ b/protob/message.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib;
 option go_package = "./tss";

 import "google/protobuf/any.proto";
--- a/protob/signature.proto
+++ b/protob/signature.proto
@@ -5,7 +5,7 @@
 // file LICENSE at the root of the source code distribution tree.

 syntax = "proto3";
-
+package binance.tsslib;
 option go_package = "common";

 /*
--- a/tss/curve.go
+++ b/tss/curve.go
@@ -9,17 +9,55 @@ package tss
 import (
 	"crypto/elliptic"
 	"errors"
+	"reflect"

 	s256k1 "github.com/btcsuite/btcd/btcec"
+	"github.com/decred/dcrd/dcrec/edwards/v2"
+)
+
+type CurveName string
+
+const (
+	Secp256k1 CurveName = "secp256k1"
+	Ed25519 CurveName = "ed25519"
 )

 var (
 	ec elliptic.Curve
+	registry map[CurveName]elliptic.Curve
 )

 // Init default curve (secp256k1)
 func init() {
 	ec = s256k1.S256()
+
+	registry = make(map[CurveName]elliptic.Curve)
+	registry[Secp256k1]=s256k1.S256()
+	registry[Ed25519]=edwards.Edwards()
+}
+
+func RegisterCurve(name CurveName, curve elliptic.Curve) {
+	registry[name]=curve
+}
+
+// return curve, exist(bool)
+func GetCurveByName(name CurveName) (elliptic.Curve, bool) {
+	if val, exist := registry[name]; exist {
+		return val, true
+	}
+
+	return nil, false
+}
+
+// return name, exist(bool)
+func GetCurveName(curve elliptic.Curve) (CurveName, bool) {
+	for name, e := range registry {
+		if reflect.TypeOf(curve) == reflect.TypeOf(e) {
+			return name, true
+		}
+	}
+
+	return "", false
 }

 // EC returns the current elliptic curve in use. The default is secp256k1
@@ -28,9 +66,19 @@ func EC() elliptic.Curve {
 }

 // SetCurve sets the curve used by TSS. Must be called before Start. The default is secp256k1
+// Deprecated
 func SetCurve(curve elliptic.Curve) {
 	if curve == nil {
 		panic(errors.New("SetCurve received a nil curve"))
 	}
 	ec = curve
 }
+
+// secp256k1
+func S256() elliptic.Curve {
+	return s256k1.S256()
+}
+
+func Edwards() elliptic.Curve {
+	return edwards.Edwards()
+}
--- a/tss/message.pb.go
+++ b/tss/message.pb.go
@@ -1,12 +1,12 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
-// source: protob/message.proto
+// source: message.proto

 package tss

 import (
 	fmt "fmt"
 	proto "github.com/golang/protobuf/proto"
-	any "github.com/golang/protobuf/ptypes/any"
+	anypb "google.golang.org/protobuf/types/known/anypb"
 	math "math"
 )

@@ -37,17 +37,17 @@ type MessageWrapper struct {
 	// This field is actually what is sent through the wire and consumed on the other end by UpdateFromBytes.
 	// An Any contains an arbitrary serialized message as bytes, along with a URL that
 	// acts as a globally unique identifier for and resolves to that message's type.
-	Message              *any.Any `protobuf:"bytes,10,opt,name=message,proto3" json:"message,omitempty"`
-	XXX_NoUnkeyedLiteral struct{} `json:"-"`
-	XXX_unrecognized     []byte   `json:"-"`
-	XXX_sizecache        int32    `json:"-"`
+	Message              *anypb.Any `protobuf:"bytes,10,opt,name=message,proto3" json:"message,omitempty"`
+	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
+	XXX_unrecognized     []byte     `json:"-"`
+	XXX_sizecache        int32      `json:"-"`
 }

 func (m *MessageWrapper) Reset()         { *m = MessageWrapper{} }
 func (m *MessageWrapper) String() string { return proto.CompactTextString(m) }
 func (*MessageWrapper) ProtoMessage()    {}
 func (*MessageWrapper) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5be430ad0e7f3d12, []int{0}
+	return fileDescriptor_33c57e4bae7b9afd, []int{0}
 }

 func (m *MessageWrapper) XXX_Unmarshal(b []byte) error {
@@ -103,7 +103,7 @@ func (m *MessageWrapper) GetTo() []*MessageWrapper_PartyID {
 	return nil
 }

-func (m *MessageWrapper) GetMessage() *any.Any {
+func (m *MessageWrapper) GetMessage() *anypb.Any {
 	if m != nil {
 		return m.Message
 	}
@@ -126,7 +126,7 @@ func (m *MessageWrapper_PartyID) Reset()         { *m = MessageWrapper_PartyID{}
 func (m *MessageWrapper_PartyID) String() string { return proto.CompactTextString(m) }
 func (*MessageWrapper_PartyID) ProtoMessage()    {}
 func (*MessageWrapper_PartyID) Descriptor() ([]byte, []int) {
-	return fileDescriptor_5be430ad0e7f3d12, []int{0, 0}
+	return fileDescriptor_33c57e4bae7b9afd, []int{0, 0}
 }

 func (m *MessageWrapper_PartyID) XXX_Unmarshal(b []byte) error {
@@ -169,31 +169,32 @@ func (m *MessageWrapper_PartyID) GetKey() []byte {
 }

 func init() {
-	proto.RegisterType((*MessageWrapper)(nil), "MessageWrapper")
-	proto.RegisterType((*MessageWrapper_PartyID)(nil), "MessageWrapper.PartyID")
+	proto.RegisterType((*MessageWrapper)(nil), "binance.tsslib.MessageWrapper")
+	proto.RegisterType((*MessageWrapper_PartyID)(nil), "binance.tsslib.MessageWrapper.PartyID")
 }

-func init() { proto.RegisterFile("protob/message.proto", fileDescriptor_5be430ad0e7f3d12) }
+func init() { proto.RegisterFile("message.proto", fileDescriptor_33c57e4bae7b9afd) }

-var fileDescriptor_5be430ad0e7f3d12 = []byte{
-	// 297 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x90, 0x4f, 0x4b, 0x33, 0x31,
-	0x10, 0x87, 0x69, 0xda, 0xbe, 0xfb, 0x76, 0x5a, 0x4a, 0x89, 0x85, 0xc6, 0xe2, 0xa1, 0x7a, 0xb1,
-	0x20, 0x66, 0x41, 0xcf, 0x1e, 0x5a, 0xf5, 0xe0, 0xc1, 0x3f, 0x04, 0x41, 0xf0, 0xb2, 0xa4, 0x4d,
-	0x5a, 0x42, 0xbb, 0x99, 0x92, 0x44, 0xca, 0x7e, 0x69, 0x3f, 0x83, 0x98, 0xdd, 0xb5, 0x78, 0xf1,
-	0x96, 0x99, 0x79, 0x7e, 0x99, 0xe1, 0x81, 0xe1, 0xce, 0x61, 0xc0, 0x45, 0x9a, 0x6b, 0xef, 0xe5,
-	0x5a, 0xf3, 0x58, 0x8e, 0x8f, 0xd7, 0x88, 0xeb, 0xad, 0x4e, 0xcb, 0xe1, 0xc7, 0x2a, 0x95, 0xb6,
-	0x28, 0x47, 0x67, 0x9f, 0x04, 0xfa, 0x8f, 0x25, 0xfc, 0xe6, 0xe4, 0x6e, 0xa7, 0x1d, 0x3d, 0x85,
-	0x9e, 0xf1, 0xd9, 0xc2, 0xa1, 0x54, 0x4b, 0xe9, 0x03, 0x6b, 0x4c, 0x1a, 0xd3, 0xff, 0xa2, 0x6b,
-	0xfc, 0xbc, 0x6e, 0xd1, 0x4b, 0x38, 0x32, 0x3e, 0x0b, 0x98, 0xe1, 0x56, 0x65, 0x4b, 0xcc, 0x73,
-	0x13, 0x82, 0xd6, 0x8c, 0x44, 0x72, 0x60, 0xfc, 0x2b, 0x3e, 0x6f, 0xd5, 0x6d, 0xdd, 0xa7, 0x37,
-	0x70, 0x72, 0xc0, 0xa5, 0x55, 0x99, 0xd5, 0xfb, 0x43, 0xcc, 0xb3, 0x76, 0xcc, 0x8d, 0xaa, 0xdc,
-	0xcc, 0xaa, 0x27, 0xbd, 0xff, 0x49, 0x7b, 0x7a, 0x01, 0xad, 0x95, 0xc3, 0x9c, 0x35, 0x27, 0x8d,
-	0x69, 0xf7, 0x6a, 0xc4, 0x7f, 0xdf, 0xcb, 0x5f, 0xa4, 0x0b, 0xc5, 0xc3, 0x9d, 0x88, 0x10, 0x3d,
-	0x07, 0x12, 0x90, 0xb5, 0x26, 0xcd, 0xbf, 0x50, 0x12, 0x90, 0x72, 0x48, 0x2a, 0x4b, 0x0c, 0xe2,
-	0xc7, 0x43, 0x5e, 0x6a, 0xe2, 0xb5, 0x26, 0x3e, 0xb3, 0x85, 0xa8, 0xa1, 0xf1, 0x3d, 0x24, 0x55,
-	0x9c, 0xf6, 0x81, 0x18, 0x15, 0xbd, 0x74, 0x04, 0x31, 0x8a, 0x32, 0x48, 0x72, 0xb4, 0x66, 0xa3,
-	0x5d, 0x54, 0xd0, 0x11, 0x75, 0x49, 0x07, 0xd0, 0xdc, 0xe8, 0x22, 0x5e, 0xde, 0x13, 0xdf, 0xcf,
-	0x79, 0xf2, 0xde, 0xe6, 0x69, 0xf0, 0x7e, 0xf1, 0x2f, 0xae, 0xb9, 0xfe, 0x0a, 0x00, 0x00, 0xff,
-	0xff, 0xac, 0xdd, 0x4e, 0x90, 0xb3, 0x01, 0x00, 0x00,
+var fileDescriptor_33c57e4bae7b9afd = []byte{
+	// 312 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x90, 0x4d, 0x4b, 0x2b, 0x31,
+	0x14, 0x86, 0xe9, 0x4c, 0x7b, 0xe7, 0xf6, 0xb4, 0xb7, 0x94, 0x5c, 0xc1, 0x58, 0x5c, 0x54, 0x17,
+	0xd2, 0x8d, 0x29, 0x28, 0xb8, 0x10, 0x5c, 0xb4, 0xea, 0xc2, 0x85, 0x1f, 0x0c, 0x82, 0xe0, 0x66,
+	0xc8, 0x34, 0x69, 0x09, 0x9d, 0xc9, 0x29, 0x39, 0x91, 0x32, 0xff, 0xc1, 0x1f, 0x2d, 0xa6, 0x1d,
+	0x4b, 0x97, 0xee, 0x92, 0x93, 0xf7, 0xe1, 0xe4, 0x7d, 0xe0, 0x5f, 0xa9, 0x89, 0xe4, 0x42, 0x8b,
+	0x95, 0x43, 0x8f, 0xac, 0x97, 0x1b, 0x2b, 0xed, 0x4c, 0x0b, 0x4f, 0x54, 0x98, 0x7c, 0x70, 0xb4,
+	0x40, 0x5c, 0x14, 0x7a, 0x1c, 0x5e, 0xf3, 0x8f, 0xf9, 0x58, 0xda, 0x6a, 0x13, 0x3d, 0xfd, 0x8c,
+	0xa1, 0xf7, 0xb8, 0x81, 0xdf, 0x9c, 0x5c, 0xad, 0xb4, 0x63, 0x27, 0xd0, 0x35, 0x94, 0xe5, 0x0e,
+	0xa5, 0x9a, 0x49, 0xf2, 0xbc, 0x31, 0x6c, 0x8c, 0xfe, 0xa6, 0x1d, 0x43, 0xd3, 0x7a, 0xc4, 0xce,
+	0xe1, 0xbf, 0xa1, 0xcc, 0x63, 0x86, 0x85, 0xca, 0x66, 0x58, 0x96, 0xc6, 0x7b, 0xad, 0x79, 0x14,
+	0x92, 0x7d, 0x43, 0xaf, 0xf8, 0x5c, 0xa8, 0xdb, 0x7a, 0xce, 0x6e, 0xe0, 0x78, 0x17, 0x97, 0x56,
+	0x65, 0x56, 0xaf, 0x77, 0x18, 0xf1, 0x56, 0xe0, 0x0e, 0xb7, 0xdc, 0xc4, 0xaa, 0x27, 0xbd, 0xfe,
+	0xa1, 0x89, 0x5d, 0x43, 0x73, 0xee, 0xb0, 0xe4, 0xf1, 0xb0, 0x31, 0xea, 0x5c, 0x9c, 0x89, 0xfd,
+	0x76, 0x62, 0xff, 0xfb, 0xe2, 0x45, 0x3a, 0x5f, 0x3d, 0xdc, 0xa5, 0x81, 0x61, 0x57, 0x10, 0x79,
+	0xe4, 0xcd, 0x61, 0xfc, 0x0b, 0x32, 0xf2, 0xc8, 0x04, 0x24, 0x5b, 0xa7, 0x1c, 0xc2, 0xda, 0x03,
+	0xb1, 0x91, 0x28, 0x6a, 0x89, 0x62, 0x62, 0xab, 0xb4, 0x0e, 0x0d, 0xee, 0x21, 0xd9, 0xe2, 0xac,
+	0x07, 0x91, 0x51, 0xc1, 0x5a, 0x3b, 0x8d, 0x8c, 0x62, 0x1c, 0x92, 0x12, 0xad, 0x59, 0x6a, 0x17,
+	0x04, 0xb5, 0xd3, 0xfa, 0xca, 0xfa, 0x10, 0x2f, 0x75, 0x15, 0x7a, 0x75, 0xd3, 0xef, 0xe3, 0x34,
+	0x79, 0x6f, 0x89, 0xb1, 0x27, 0xca, 0xff, 0x84, 0x35, 0x97, 0x5f, 0x01, 0x00, 0x00, 0xff, 0xff,
+	0x38, 0xe7, 0xf6, 0x88, 0xda, 0x01, 0x00, 0x00,
 }
--- a/tss/params.go
+++ b/tss/params.go
@@ -7,12 +7,14 @@
 package tss

 import (
+	"crypto/elliptic"
 	"errors"
 	"time"
 )

 type (
 	Parameters struct {
+		ec                  elliptic.Curve
 		partyID             *PartyID
 		parties             *PeerContext
 		partyCount          int
@@ -33,7 +35,7 @@ const (
 )

 // Exported, used in `tss` client
-func NewParameters(ctx *PeerContext, partyID *PartyID, partyCount, threshold int, optionalSafePrimeGenTimeout ...time.Duration) *Parameters {
+func NewParameters(ec elliptic.Curve, ctx *PeerContext, partyID *PartyID, partyCount, threshold int, optionalSafePrimeGenTimeout ...time.Duration) *Parameters {
 	var safePrimeGenTimeout time.Duration
 	if 0 < len(optionalSafePrimeGenTimeout) {
 		if 1 < len(optionalSafePrimeGenTimeout) {
@@ -44,6 +46,7 @@ func NewParameters(ctx *PeerContext, partyID *PartyID, partyCount, threshold int
 		safePrimeGenTimeout = defaultSafePrimeGenTimeout
 	}
 	return &Parameters{
+		ec:                  ec,
 		parties:             ctx,
 		partyID:             partyID,
 		partyCount:          partyCount,
@@ -52,6 +55,10 @@ func NewParameters(ctx *PeerContext, partyID *PartyID, partyCount, threshold int
 	}
 }

+func (params *Parameters) EC() elliptic.Curve {
+	return params.ec
+}
+
 func (params *Parameters) Parties() *PeerContext {
 	return params.parties
 }
@@ -75,8 +82,8 @@ func (params *Parameters) SafePrimeGenTimeout() time.Duration {
 // ----- //

 // Exported, used in `tss` client
-func NewReSharingParameters(ctx, newCtx *PeerContext, partyID *PartyID, partyCount, threshold, newPartyCount, newThreshold int) *ReSharingParameters {
-	params := NewParameters(ctx, partyID, partyCount, threshold)
+func NewReSharingParameters(ec elliptic.Curve, ctx, newCtx *PeerContext, partyID *PartyID, partyCount, threshold, newPartyCount, newThreshold int) *ReSharingParameters {
+	params := NewParameters(ec, ctx, partyID, partyCount, threshold)
 	return &ReSharingParameters{
 		Parameters:    params,
 		newParties:    newCtx,