Hello everyone, you might have woken up to the news of a vulnerability affecting, among other things, Apache Milagro's MPC implementation https://www.cve.org/CVERecord?id=CVE-2023-33241.
Thanks to a confidential disclosure the vulnerability has been fixed since commit c6f6a5bd90a865029ac6118366a506505823f4ff (Jun 30th). Although the 0.1 release had been marked as experimental and not necessarily safe for production use, we invite all who are actively using either the GG18 or GG20 protocols in production to upgrade to CG21 and re-shard their keys. We will also soon be releasing version 0.2, which, among other things, will contain the relevant fixes. Riccardo
