Extending key refresh to t/n setting

[becgabri]

While the existing codebase supports key refresh for additively shared ECDSA private keys, it does not yet provide support for other thresholds. Supporting t/n for t < n does requires the following changes:

• Add a higher level functionality that runs TShare where each party specifies as part of their Input a share that is equal to a modification of their pre-existing share of the private key x_i. To be precise, share should be equal to L_i(0) * x_i where L_i(0) is the lagrangian coefficient.
• Modify the TShare protocol so that parties can check if everyone is sharing the correct value. At the beginning of TShare each party should know X_j or be able to derive X_j which is P_j's public share of the ECDSA public key. In the third round of TShare when parties decommit Feldman's VSS, they should check that the constant term of the polynomial is equal to X_j^{L_j(0)}*** TShare should still be able to work without this verification check so that it can still be used for threshold key generation

*** - this is multiplicative notation for elliptic curve points, which some people may find objectionable. In additive notation, it would be L_j(0)*X_j

Copy of file on t/n key generation and key refresh: ThresholdCGGMP-1.pdf