UC-secure Distributed Key Generation for Hardware-Bound Shares Bridging multi-device wallets and non-exportable key isolation

Star DKG is a protocol developed to address the limitations of traditional Distributed Key Generation (DKG) when used with hardware-enforced non-exportable key (NXK) systems, which are widely implemented in multi-party computation (MPC) wallets. These wallets split a private key into shares held across multiple devices, preventing any single device from holding the entire key, and require a service provider to co-sign transactions for compliance and security purposes. The Star DKG protocol is designed to maintain security even when composed with other elements of the wallet system, addressing the challenges posed by NXK hardware's restriction on exporting key shares and its resistance to state rewinding. The protocol introduces mechanisms like Unique Structure Verification (USV) and Straight-Line Extractable Proofs to ensure confidentiality and consistency without traditional share exportation or rewinding. Additionally, it supports dynamic device enrollment post-DKG, allowing the inclusion of redundant recovery devices without altering the existing public key. This work highlights the need for secure and composable solutions in environments where cryptographic operations are bound within hardware constraints, offering a concrete alternative for the mandatory co-signer architecture in such a setting.