• No single point of failure
Generate threshold keys where the secret never exists in one place—not during setup, not ever. No trusted dealer. No "we promise not to look."
This is for you if...
Decentralized Networks
You're building protocols where multiple validators need to sign together—but nobody trusts anyone else to hold the master key.
No ceremony coordinator who "promises" to delete their copy.
Threshold signatures that are actually threshold from the start.
Multi-Org Consortia
You're running a consortium where three banks, two regulators, and a tech company need to jointly control encryption keys.
No single entity can act alone (not even "temporarily").
Generate keys collaboratively without revealing shares to a dealer.
Privacy Infrastructure Builders
You're shipping products where "trusted setup" makes your entire security model a lie.
Cryptographic guarantees, not policy promises.
Sleep at night knowing the architecture prevents betrayal, not just discourages it.
What makes this different
Most key generation ceremonies require a trusted dealer who temporarily holds god-mode access. That's the vulnerability. Here's how we actually solve it.
No single point of betrayal
The secret key never exists in one place—not during generation, not after.
Asynchronous Distributed Key Generation (ADKG) at the protocol level
No dealer to compromise, no coordinator who could leak shares
"The math makes it impossible" beats "we promise we won't look"
Doesn't fail when someone's late
Asynchronous by design—participants join when they can, network hiccups don't kill progress.
No "everyone online at exactly 3pm UTC" coordination nightmare
Fault-tolerant liveness even when nodes are slow or offline
Ceremonies complete without perfect synchronization
Works with your existing stack
Drop into your current threshold signature or encryption infrastructure without rewriting everything.
Standard share formats, no proprietary lock-in
Compatible with existing threshold crypto libraries
Production-ready, not a research experiment
What you actually get
ADKG module (Stoffel Lang)
The cryptographic core that handles distributed key generation—so you're not implementing research papers at 2am.
VM orchestration
Manages asynchronous progress and verification automatically. No manual coordination, no timing bugs.
Ceremony SDK
Init, join, derive, re-share—everything you need for the full key lifecycle. None of the ceremony coordinator bullshit.
Verifiable share exchange
Parties exchange and verify shares cryptographically. If someone cheats, everyone knows immediately.
Published public keys
Standard output formats for threshold operations. Use with any compatible threshold crypto stack.
Threshold share management
Each participant holds their share securely. No single party can act alone, no party knows the full key.
Ship like a normal developer
Privacy tech that doesn't wreck your velocity
You shouldn't need a PhD in cryptography to generate threshold keys securely. The complexity lives in the protocol. Your integration stays simple.
How it actually works
Start the ceremony
Initialize in Stoffel Lang. Participants join via SDK when they're ready—no synchronization dance required.
Generate keys without a dealer
Parties exchange verifiable shares using asynchronous distributed key generation. The full secret is never assembled anywhere—not in memory, not on disk, not "temporarily during setup." The threshold structure is baked in from the start.
Use the keys
Publish the public key. Each participant keeps their share. Run threshold signatures, encryption, or randomness generation—no party can act alone, no party knows the full key.
The Part That Matters: If someone compromises one participant, they get one share. Useless without the threshold. If someone demands you hand over "the master key," you can honestly say it doesn't exist.
FAQ
Have more questions? Contact our team with any questions you may have.