waxwing on Nostr: So I guess, first we talk about being 2/5 in a fixed set of 5, and we say something ...

So I guess, first we talk about being 2/5 in a fixed set of 5, and we say something like "continuous receipt of signature shares from other parties isn't insecure as long as each signature has its own nonce" (in FROST the nonces are pairs (d,e) not single values k, but for these purposes that's irrelevant I think). The logic for that is the same as for base Schnorr, because what the other parties give you is exactly a base Schnorr signature on their share of the secret. Then you're thinking, what about the case where it's the same 2 but not the same 5, so I keep using the same secret key (note, "secret key" is a much more complicated concept in FROST than in schnorr or musig: you start by generating n polynomial coefficients, then *after an interactive setup process* it boils down to one number, the evaluation of the *shared* polynomial (not your poly. ; the one shared amongst all the parties) at an x value of x=i where you are the i-th participant).

So as per my parentheses, if you choose a new 5, you're going to get a new "secret share". F(x) is the overall shared poly, and it's the sum of f1(x), f2(x),..f5(x), let's say. If f1 and f2 are kept the same, but f3, f4 and f5 are different, then your secret share which may be for example f1(1) + f2(1) + f3(1) + f4(1) + f5(1) will be different in an unpredictable/uncontrollable way because the other polynomials are random. So what I'm basically saying is that every new group of 5 will create a completely unrelated context, the overall private key (which nobody ever sees) will be unrelated. So I can't see anything to analyze there.