Secure re-use of private key for dynamic group of nodes

The invention claimed is: 1. A computer-implemented method comprising: broadcasting, by a node in a blockchain network, a transaction to transfer one or more digital assets to a public group address associated with a congress public key, the public group address being associated with one or more other digital assets associated with other members of a congress; generating a private key share to be used in a threshold signature scheme in which at least a threshold of private key shares must be used to generate a valid signature through combination of partial signatures on behalf of the congress, wherein other holders of the private key shares are the other members of the congress who have joined the congress by transfer of respective digital assets to the public group address; and using the private key share to cooperatively generate a valid signature for a further transaction from the public group address to a further public group address for the congress, said further public group address being associated with a further congress public key, wherein the further transaction is configured to transfer control of the digital assets from the public group address to the further public group address; detecting malicious activity by a malicious party, wherein the malicious party is one of the other members of the congress, wherein malicious behavior is identified in a node providing inconsistent key shares to different nodes; and confiscating at least a portion of digital assets previously transferred to the public group address by the malicious party. 2. The computer-implemented method of claim 1 , wherein the threshold signature scheme is an Elliptic Curve Digital Signature Algorithm. 3. The computer-implemented method of claim 1 , wherein confiscating comprises transferring to an unspendable address. 4. The computer-implemented method of claim 3 , wherein confiscating comprises using the private key share in cooperation with other members of the congress to generate a valid signature for the transaction to the unspendable address. 5. The computer-implemented method of claim 1 , further comprising: detecting a redistribution request; collaborating with other congress members to transfer all digital assets in the public group address to a new public address associated with a new public key; and generating a new private key share. 6. The computer-implemented method of claim 1 , further comprising: detecting a request to allocate new key shares; and collaborating with other members of the congress to issue private key shares for the same public key to new members of the congress. 7. The computer-implemented method of claim 6 , further comprising confirming that a private key share previously held by a member who has left the congress has been deleted from a node associated with that member. 8. The computer-implemented method of claim 7 , wherein the node associated with the member who has left the congress includes a trusted execution environment which provides attestation of deletion of the private key share previously held by that member. 9. The computer-implemented method of claim 6 , wherein: the congress public key encumbers digital assets received from group members and non-group members; and detecting a request to allocate new key shares includes identifying congress members using attributes included in at least some transactions of digital assets to the public group address. 10. The computer-implemented method of claim 1 , wherein generating the private key share and using the private key share is performed on a trusted execution environment within the node. 11. The computer-implemented method of claim 1 , further comprising: receiving a request from a requestor who is a congress member for a withdrawal of digital assets previously deposited by the requestor and currently controlled by the congress; evaluating the request against determined criteria; and using the private key share to cooperatively generate a digital signature and using the digital signature to transfer the digital assets previously deposited by the requestor back to the requestor. 12. A computer readable storage medium comprising computer-executable instructions that, if executed, cause a processor to perform the computer-implemented method of claim 1 . 13. An electronic device comprising: an interface device; a processor coupled to the interface device; and a memory coupled to the processor, the memory having stored thereon computer executable instructions that, if executed, cause the processor to perform a computer-implemented method of claim 1 . 14. The electronic device of claim 13 , wherein the processor includes a trusted execution environment and wherein the computer executable instructions are executed within the trusted execution environment.