From dcd909a83976ce11b0ea95bae82514b7d2691c36 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sat, 14 May 2022 15:04:08 -0400
Subject: [PATCH] Allow offsetting FROST keys multiple times

---
 crypto/frost/src/lib.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/frost/src/lib.rs b/crypto/frost/src/lib.rs
index 5d7f9af3..550b28cc 100644
--- a/crypto/frost/src/lib.rs
+++ b/crypto/frost/src/lib.rs
@@ -239,7 +239,10 @@ pub struct MultisigKeys<C: Curve> {
 impl<C: Curve> MultisigKeys<C> {
   pub fn offset(&self, offset: C::F) -> MultisigKeys<C> {
     let mut res = self.clone();
-    res.offset = Some(offset);
+    // Carry any existing offset
+    // Enables schemes like Monero's subaddresses which have a per-subaddress offset and then a
+    // one-time-key offset
+    res.offset = Some(offset + res.offset.unwrap_or(C::F::zero()));
     res
   }