In-depth Analysis | How to provide greater security for sidechain and multi-chain scenarios
On March 29, Ronin, the cross-chain bridge of the popular chain game Axie Infinity, officially issued a statement that the sidechain had lost about $616 million in the biggest-ever DeFi hacking incident, more than the $611 million hacked from Poly Network last August.
Sidechain technology uses cross-chain bridges to transfer funds on Ethereum, allowing users to enjoy abundant decentralized applications with lower fees. In this case, hackers breached the private keys of multiple validators, thereby illegally stealing the ether on the sidechain.
Withdrawals require signatures from multiple nodes, which is the multi-signature technology as we know. Based on scripts or smart contracts, multi-signature technology needs to implement different smart contracts for different chains. Deploying applications for multiple chains in that case could incur a high labor cost. A bigger problem lies in security, as frequently observed in the contract of some blockchain projects in recent years.
For users, managing signatures is actually managing keys. On a multi-chain platform, multi-signature by means of contracts may not be the best choice for key management as it is costly and prone to security hazards.
In addition to multi-signature technology, the emerging threshold signature also serves as an important consensus tool.
Threshold signature is a cryptographic technology based on secure multi-party computation (MPC). It is noteworthy that in this technology, a signature must be generated by one private key, which, however, is not mastered by anyone but somehow “fragmented”. These fragments can be held by many people at the same time, and then generate a legal signature through a set of MPC protocols instead of being put together. In other words, the real private key does not, and will never, appear.
The threshold signature is superior in that the signature is a standard one generated through the off-chain MPC protocol. The MPC-based threshold signature is completely decoupled from the contract which does not need to understand the signature protocol but just confirm the validity of the signature, exactly the same as how the traditional contract verifies a signature. As long as the signature algorithm is natively supported by the chain, the threshold signature technology can function well. There are already abundant threshold signature technologies for the prevailing signature algorithms such as ECDSA, Schnorr, and BLS, and the compatibility with these signature systems make them also compatible with many chains. Such MPC-based private key management can be multi-chain friendly, which proves to be a big boon.
Another advantage is that the threshold signature is off-chain, making it safe from hacking. In addition, the contract can be designed more flexibly, because most parts of the process, except for signature verification, are moved off-chain, so that users can formulate their own fragment management strategies as needed.
In addition to its role in simplifying the logic of smart contracts as mentioned above, the threshold signature is widely applied in the blockchain field, such as MPC-based Key Management Services (MPC-KMS) and MPC-based Cross-chain Bridges (MPC-Bridge).
Besides keeping private keys safe, MPC-KMS also allows individuals or enterprises to use keys at ease and become business-savvy. It has multiple advantages. On the one hand, MPC-KMS provides good custody of the private key or assets and is thus safe. The loss of a single or a few fragments will do no harm to the security of the private key. On the other hand, individuals or enterprises can rest assured to use the private key more conveniently, since it enables diversified management strategies and empowers business flexibly.
As a new type of cross-chain solution, MPC-Bridge is on the rise. The underlying MPC technology guarantees absolute decentralization. Its main advantages are:
1. It supports native assets and deposit methods of any public chain;
2. The cryptography-based MPC ensures security, without depending on the deployment of contracts;
3. The asset transfer process is completely open and transparent.
MPC-based blockchain technology benefits multi-chain applications in many ways (including improved security), and the application of MPC in the blockchain field also facilitates cryptography research.
Our technical strength:
PlatON focuses on the exploration and practice of cryptography in the blockchain field. It has registered two innovative MPC-related achievements and published academic papers at top conferences on cryptography and security (i.e. Efficient Online-friendly Two-Party ECDSA Signature  published at ACM CCS 2021, which involves two-party ECDSA signatures, and Promise Σ-Protocol: How to Construct Efficient Threshold ECDSA from Encryptions Based on Class Groups  published on ASIACRYPT 2021, which designs two- and multi-party ECDSA signatures).