Spatium Protocol: SMPC on your guard

In our first article, we explored the problem of private keys, and in the second one, we covered the three principles, which could be used to solve it. Now let’s discuss in detail how Spatium implements in its product the first principle — transactions signing without the private keys.

The protocol logic

Spatium Protocol is an open cryptographic protocol, which allows to sign transactions on the blockchain in a distributed way with the use of Secure Multi-Party Computation (SMPC). Within this architecture, we incorporate a variety of well-proven algorithms: Elliptic Curve Diffie-Hellman exchange algorithm, Paillier homomorphic encryption scheme, and Elliptic Curve Digital Signature Algorithm (ECDSA) extension under the name of Threshold Signature (TS).

A generalized scheme of the interaction between parties is as follows:

1. Each party uses its own partial (as in “belonging to the party” rather than “being a part of something”) secret independently generated and stored separately from other parties (i.e., on separate devices).
2. Wallet addresses are formed and transactions are created as a result of the interaction between K out of N parties. Private keys are never generated and used, which eliminates the possibility of secret data loss due to one of the parties getting compromised.

Spatium’s Protocol has been designed in compliance with the concept of “zero trust”: every party/device is assumed to be trustless, so access to user data is managed by SMPC. The formation of ECDSA signatures is performed through a distributed signature algorithm over the partial secrets, which eliminates the possibility of constructing a private key on one of the devices without compromising every single device. This technology allows users to arbitrarily set the number of parties needed to form a correct transaction. Step-by-step inspection of a transaction formation can also be maintained.

To obtain unauthorized access to the funds, an adversary must simultaneously compromise each of the parties participating in our protocol, which is extremely unlikely.

Simplified plain-english explanation of the tech

The secret participating in transactions signing and a public key generation does not leave the device where it is stored. And the secret cannot be figured out even if one were to hack the transaction process by compromising one of the devices. So, since one cannot maliciously collect all the secrets in one place (unless every single device is compromised — which is practically impossible), the attacker cannot construct a private key out of those secrets. Moreover, due to the distributed nature of our signing algorithm, the private key is never actually used.

How are transactions signed, then? Since signing process usually involves some mathematical manipulation of data using a private key (and since secrets are not a key though they can be used to get one), we get the following:

A transaction data is partially signed (via certain mathematical manipulation) by the first secret. After that, the data is encrypted and passed to the next device, where it is also partially signed without decrypting, and so forth. Encrypting ensures that no party has access to the secret of another party. Once all of the devices have participated in the algorithm based on Spatium Protocol, a result is obtained equal to the result of the mathematical manipulations that would be received using the ephemeral private key, but without such private key. The public key is generated in the same way.

To illustrate the above explanation, let’s consider an extremely simple example in terms of natural numbers. Note: this example does not represent the actual algorithm used.

Imagine there are two secrets. Secret 1: 13 and Secret 2: 11.

A private key created from these two secrets is 11*13=143.

Let’s say we need to sign the number 2 (where “2” stands in for the transaction). We need to get 143*2=286 for a successful signing. The first party generates a random number 3, performs the following calculation:

13*2*3=78, and sends the result to the second party. This party generates a random number 5, calculates 78*11*5=4290, and sends it back to the first secret. Then, the first party performs the calculation 4290/3=1430 and passes the result to the second party that performs the calculation 1430/5=286 and sends it back to the first party. As a result, we get a transaction (the “2”) signed with the private key (“143”) without passing the actual secrets anywhere.

Use cases and benefits

We see two general ways for this technology usage. Let’s explore what benefits (beyond the elimination of a single point of failure and the security level increase) both of them bring to the market.

Case A: secrets are distributed between devices of funds owner.

Today, to perform actions with funds, the user must employ various technological solutions for each use case: online payments (web wallets and software wallets mostly), offline payments (software wallets), work with dApps (software wallets), trading and token sale participation (software and hardware wallets), long-term HODLing (hardware wallets and cold storage). Each technological solution has its own number of authentication factors, keys management approaches, and their reservation methods. Such fragmentation is highly inconvenient from the UX point of view and negatively affects the funds’ safety, as people tend to sacrifice the security for management comfort.

With the use of distributed secrets, Spatium protocol makes it possible to build a complex platform that will include benefits of different storage solutions. Users can create their own authorization methods, based on this platform, to access their digital assets.

Following the protocol, the user generates the secret on his device and specify devices to generate and then store additional secrets. The number of parties that can store secrets and participate in the transaction signing can be N-of-N or M-of-N, respectively. The customer can combine devices with secrets the way he wants to configure authorization requirements, optimal for each use-case: smartphone + smartwatches for shopping; laptop + smartphone for trading; all at the same time (inc. a biometric wallet) to store millions.

This approach provides simple accessibility: funds owner accesses his account with the number of digital assets’ addresses and manages conditions for a particular wallet access from the app.

Let’s save your money: with SMPC you can turn your old smartphone into a hardware wallet for free.

It is important to note, that such a technological solution is fully anonymous and provides a great level of autonomy for users with high requirements for decentralization.

Case B: secrets are distributed between the device of funds owner and counterparties.

This approach can be used when the user wants to share the responsibility for the funds’ safety with the entity, able to provide professional-level security for the secret on its side. As the security provider has only its own secret with the specific set of permissions, it can’t perform any action with funds without the user’s consent.

Beyond funds safety, this solution can provide users with a convenient way to manage funds: as a user and the security provider are connected (via the authorization and the split access to funds), it becomes possible to implement solutions, able to provide the opportunity for instant deposits/withdrawals/trades performing right from the users’ wallet with on-chain confirmations processed afterward.

We call this solution — Hybrid.

Let’s explore the example with Secret 1 kept on the user’s side and Secret 2 stored on the server-side of the security provider. Such counterparty can be a custodial service, exchange, bank, or Spatium itself. After the user generates Secret 1 on his side, he chooses the party for Secret 2 storing and sets permissions. When the institution generates Secret 2 on its side, the user can perform actions with the funds: Secret 1 on his device will be used to sign the transaction, while Secret 2 on the side of the professional security provider will be used to confirm the transaction.

Described architecture makes it possible to implement conditional authorization, which can not be implemented with private keys, because once the attacker gets access to them, he can use the keys outside the user’s security solution (software wallet/hardware wallet/etc.) and perform any action with funds without limitations.

Benefits of the Hybrid solution:

1. Enterprise-level security for funds with the full control on the user’s side;
2. The user can get the secret’s backup, stored on the security provider’s side, by request.
3. The user is provided with centralized-like experience, while funds are stored in a decentralized way (conditional authorization, 2FA, whitelist, withdrawal limits, etc. — any logic can be deployed on the server).

What is main here: SMPC provides the ability to distinguish the responsibility over funds from the control. This solves problems related to a (non) custodial storage. Services can offer for their users secure storage solutions, with the opportunity to manage funds in a fast and convenient way.

Outro

SMPC eliminates problems of private keys, brings its own benefits. Some of them (like hybrid approach) are unique on the market and can help the whole crypto industry to become more secure, convenient and foster its mass adoption.

In this article, we haven’t discussed how secrets can be reserved and how transactions are signed on the cryptography level. We will explore these subjects in detail in the following materials.

Stay tuned.

#spatium_vision

Spatium develops solutions to store and manage digital assets powered by SMPC and biometry. In our technology, the private key is replaced with the encrypted set of secrets, stored on behalf of funds owner’s devices, individuals and institutions, chosen by him. Even if some of the parties are compromised — funds will stay safe. Such an approach dramatically decreases the risk of theft and provides a previously unavailable level of flexibility and unique benefits for everyone on the market: no single point of failure, easy recovery, no need in backups, blockchain agnostic, access levels differentiation, instant crypto/crypto and crypto/fiat exchange, fully compliant solution, support of dApps and DeFi services, etc.