How to redistribute shares for Distributed Shamir Secret Sharing?

I'm working on a Distributed Key Generation protocol. The idea is similar to this.

TLDR: Aggregated Shamir Secret Sharing, each participant acts as a dealer & distributed the secret shares of its secret polynomial to the rest of the participants. Finally, the actual secret can be constructed by aggregating the secret shares of all the participants. I understand how this DKG works & have implemented it.

Requirement: The shares should be "refreshed" after each epoch and new participants can be added and older ones can be removed in epoch transition. How can I change the above DKG protocol to incorporate this?

My attempt: Say there are initially n participants with a threshold of k. The DKG between them is successful & all the participants have their respective key shares from the rest of the participants. The final secret is the aggregation of all the n secrets.

In the next epoch a new participant wants to be added to the network and the threshold also increases by 1 i.e. (n+1, k+1). All the previous participants from 1 to n use their respective secrets to create new shares for n+1 participants with the updated threshold & distribute them to the rest. The aggregation of the n secrets should still be the same as above. The new participant thus needs to contribute an identity secret such that the final secret isn't changed. It generates the secret shares from the identity secret & distributes to everyone else. Now the DKG should work with the updated participant & threshold. I wondering what's the point of adding an identity secret?

Is there an issue with this approach or is there a better approach to the Aggregated Shamir Secret Sharing problem? I'm novice at cryptography so kindly excuse any obvious mistakes or lack of knowledge on this topic.

Why do you want to refresh the shares? Why can't you simply do a new DKG altogether with the updated parameters & distribute the new shares to the participants?

and older ones can be removed

If the key stays the same, parties can use a set of k shares from a previous epoch. Shares from a protocol epoch can't really be "invalidated" except by having enough key share holders for that epoch securely delete their shares so fewer than k such shares exist.

The key can be aggregated in more than one way

You could have all n participants together to do a new DKG round but this is not nessesary. The whole point of Shamir secret sharing is that only k participants are required to generate a set of scalars whose sum is the distributed secret key. These k participants can evaluate a new polynomial point to generate a key share for a new participant (k of n --> k of n+1) or do another full DKG round to set the parameters arbitrarily. Shares for participants not present can of course be encrypted to their public keys and stored for later delivery. The end result is that you only need k participants online at once to transition to a new protocol epoch.

For more see this paper "Extensible Decentralized Secret Sharing and Application to Schnorr Signatures"