SafeStake — The first protocol to deploy DKG in DVT segment
Abstract
One of the advancements in blockchain technology that is expected to be a trend in 2023 is the adoption of Distributed Validator Technology (DVT) in the Ethereum Proof-of-Stake ecosystem.
With the upcoming Ethereum update known as ‘Shanghai’ that will finally allow the withdrawal of staking deposits from the initial Beacon Chain contract after two years, interest is growing about all the options that exist for staking ETH.
As interest grows, the fear of losing funds remains as strong as ever after some of the recent events with FTX, BlockFi, and Geminis, to name a few.
Security is now becoming a key factor for users in choosing how they will stake their ETH.
Enter DKG (Distributed Key Generation)
DVT is one of the most important developments in the Ethereum roadmap. It allows a validator key to be split into a multi-signature construct (multiple key shares) and makes it possible for two or more participants to sign messages as a group. The key shares are securely distributed among independent nodes operating under consensus to secure the Ethereum network and earn rewards for the validators they represent.
Because DVT is brand new, there are relatively few options that apply it to their ETH staking offering: SafeStake, SSV.Network, and Obol Tech.
However, SafeStake will be the first protocol in the DVT segment to deploy true Distributed Key Generation (DKG).
SafeStake’s core consists of a set of on-chain smart contracts, with its native STATE token and network validator clients connected through a permissionless public network.
This approach offers a trust minimized middle-layer that fosters the decentralization of ETH2.0 staking. To achieve this decentralization securely, SafeStake employs distributed key generation (DKG) during validator key management under the name of threshold signature scheme without a trusted distributor. .
Using DKG, SafeStake organizes the threshold signature scheme of the validator private key in a way that prevents any single entity from ever owning or handling it.
The goal of DKG is to agree on an accepted secret/public key pair and share the secret key among a set of ’n’ participants. DKG adds an additional layer of security by minimizing trust between unknown third parties (operators).
How Does SafeStake DKG Work?
SafeStake’s DKG process is achieved through a non-interactive threshold signing scheme that allows operators to collectively sign messages without the need for direct communication between them.
However, the concept of a threshold signature scheme based on Shamir’s Secret Sharing (SSS) presents a weakness — for a very short time period, the initial secret distributor has knowledge of the secret. This vulnerability may allow malicious actors the opportunity to gain access to keys needed to withdraw funds from the SafeStake staking pool.
To shield SafeStake from this vulnerability, the protocol employs DKG in a way that eliminates the trusted distributor.
This added layer of security in validator key management is one of the fundamental reasons SafeStake is different from the other DVT staking protocols.
Benefits of SafeStake DKG
- Unlike secret sharing, where a dealer generates a secret and distributes its shares among the nodes, our DKG requires no trusted party. This allows SafeStake to eliminate points of failure in the management of private keys.
- The goal of DKG is to agree on an accepted secret/public key pair and share the secret key among a set of n participants.
- The key can be stored safely offline and our tech stack ensures no single operator or bad actor can recreate it.
- From a security standpoint, our implementation of DKG eliminates the failure point seen in other DVT protocols, making SafeStake the first fail-safe DVT staking solution for Ethereum.
- SafeStake’s DKG is built into the protocol and fully automatic, requiring no additional configuration on the part of operators.
- In the future, SafeStake’s implementation of DKG will allow completely untrusted sfETH Liquid Staking features in the protocol.
- With SafeStake, the DKG protocol is automatically started when an ‘Initiators’ stakes 8 ETH.
Conclusion
The implementation of the DKG protocol for configuring private/public key pairs in the threshold signing scheme without relying on a trusted distributor is a critical technology feature in SafeStake that enables a fully decentralized, non-custodial solution for ETH2.0 staking.
The DKG protocol has been shown to eliminate the potential points of failure inherent in secret sharding-based schemes, providing an extra layer of security. This contributes to SafeStake’s mission to increase the number of validators on the Ethereum network and make it more decentralized and secure.
About ParaState
ParaState is participating in ETH2.0 PoS Staking with a new tech stack called SafeStake, a trust-minimized, middle-layer fostering the decentralization of ETH2.0 staking. SafeStake is a non-custodial infrastructure for distributed validator technology written in Rust, implementing HotStuff consensus and Threshold signing architecture to provide more robust security for ETH 2.0 PoS.
