A Deep Dive in Muon’s Modular Security Structure: Threshold Signature Scheme
Securing the transfer of data with a decentralized network
Many blockchain projects are constantly in need of data feeds from oracle services which are supposed to securely transfer accurate data into the blockchain ecosystem. To ensure the security and accuracy of the data feeds the Muon oracle network provides, our tech team has designed a multi-layer security mechanism. In a series of articles, we are going to elaborate on these layers. In this article, our fundamental security layer, Threshold Signature Scheme, is presented.
Oracles’ Long-standing Problem
Many blockchain projects run their own servers to send off-chain data to their smart contracts. Such a server obtains data from different sources, signs it and sends it with the signature to the smart contract. This approach, however, poses the risk of a “single point of failure”, that is, since such a server is centralized, it can be hacked. Technically speaking, the key pair can be used by attackers to sign manipulated data which results in the breaking of the system.
Multisig: A Partial Solution
Increasing the number of signers is the solution. If, instead of one signer, there are n signers and when a t number of them sign the data, there won’t be a single point of failure any more. The more signers there are, the lower is the probability of a hack and majority collusion.
Nevertheless, there is a technical problem in the way of increasing signers; including more signatures increases transaction costs. This is because the size of transaction data and required verification process increases linearly in proportion to the number of signatures. This considerably raises the costs and consequently decreases scalability.
A Decentralized, Cost-effective Solution
Threshold Signature Scheme (TSS) is an innovation aiming to solve the oracles’ problems of cost and scalability while retaining or even strengthening their security. In TSS, signatures are not produced individually by the signer and then collected and submitted to smart contracts in a transaction as is common in the Multisig approach. Rather, signers collaborate off-chain to produce a single signature whose sending and on-chain verification have a low fee regardless of the number of signers. For instance, instead of having 10 nodes produce 10 signatures separately, in an off-chain collaboration, they together produce one signature. In practice, TSS is an upgraded cost-effective version of multisig.
Having numerous signers at the cost of only one allows the Muon oracle network to make use of more nodes, which leads to higher security and scalability. TSS was deployed¹ in Muon V.2 and several apps using Muon services have been using TSS for quite a while now.
Implementing Threshold Signature Scheme was a major milestone for Muon oracle network, but Muon has not stopped there; stay tuned for more articles on Muon’s multilayer security measures.
Pion is the Muon ecosystem’s Canary and first mainnet. It is a chain-independent and stateless DON (Decentralized Oracle Network) that enables dApps to make their off-chain components decentralized. By incorporating Pion (by Muon), the manner in which decentralized applications store, process, and access data will be fundamentally transformed.
Run a Pion node.
Twitter | Telegram | Discord | Website | Medium | GitBook | Developer’s Guide
[1]- TSS has a variety of versions and the one implemented in Muon is Schnorr TSS, which is the most secure.
