Open in app

Sign in

Write

Sign in

Chain Abstraction and MPC Protocols

Chain Abstraction

yh
Blockchain at Yonsei
12 min read3 days ago

--

Chain abstraction refers to the concept of hiding the complexities of blockchain technology from the user experience. The goal is for users to interact with applications without realizing they are using a blockchain or knowing which specific blockchain is being used.

Challenges in Current User Experiences

1. Key Management Issues:

  • Not Truly Seedless: Users still need to manage key shares for recovery or device authentication.
  • Inflexible: Authentication and recovery policies are rigid, and user input is always required for key operations like signing.

2. Fragmentation Problems:

  • Wallet Management: Users must create new wallets for each blockchain or decentralized application (dapp).
  • Asset Fragmentation: Assets are scattered across different dapps, rollups, appchains, and ecosystems.
  • Cold Start: Users must learn about gas tokens and bridging to participate in new ecosystems.

Multi-Party Computation (MPC)

MPC is a cryptographic protocol allowing multiple parties to collaboratively compute a function while keeping their inputs private. It enables secure collaboration without revealing individual data.

Threshold Signature Scheme (TSS)

TSS is a cryptographic method used for distributed key generation and signing, falling under the broader category of MPC. It requires a subset of authorized parties to produce signatures on behalf of the group. A message is considered signed only if a threshold number of signers (e.g., 2 out of 3) sign off on it.

Decentralized MPC

In first-generation MPC protocols (e.g., 2 of 3 schemes), three key shares are generated and held by the user, vendor, and a backup (also managed by the user). Two out of three shares are needed to sign transactions, offering better security than a single private key. However, this still requires trust in a third party and the burden of managing key shares.

Next-generation MPC protocols improve on this by using a network of nodes to manage key shares. Instead of fixed parties, keys are distributed among nodes, and signing occurs when a threshold of nodes agrees. This model enhances security and flexibility, and if the network is permissionless and open-source, it provides a trustless infrastructure for applications like crypto wallets.

Decentralized MPC Protocols

1. Lit Protocol

Lit Protocol is a decentralized key management and compute network designed to enhance digital ownership through cryptographic keys and private, immutable programs. It uses advanced cryptography, sealed confidential hardware, and peer-to-peer networking to provide maximum control and privacy to developers.

Key Features

1. Encryption and Access Control

Lit Protocol offers encryption for storing private data on the open web using an identity-based encryption scheme. Decryption is permitted only to those meeting specific identity parameters.

  • Encryption Process:
  1. Alice creates Access Control Conditions and combines them with her private data to construct an identity parameter.
  2. She encrypts the data and identity parameter using the shared Lit BLS key, producing a ciphertext.
  3. Alice stores the encryption metadata and ciphertext on a chosen storage provider (e.g., IPFS, Ceramic).
  • Decryption Process:
  1. Bob retrieves the ciphertext and metadata from the storage provider.
  2. He presents the metadata to the BLS network and requests signature shares over the identity parameter.
  3. The Lit nodes verify that Bob satisfies the Access Control Conditions.
  4. Bob assembles the signature shares into a decryption key and decrypts the ciphertext.

2. User Wallets

Lit Protocol enables the creation of seamless, non-custodial wallets and onboarding experiences using Programmable Key Pairs (PKPs).

PKPs: ECDSA public/private key pairs created by the Lit network via Distributed Key Generation (DKG).

Features: Blockchain agnostic, programmable, and non-custodial.

Examples:

  • Minting a PKP.
  • Assigning an authentication method.
  • Signing transactions using Lit Actions.
  • Connecting to dApps via WalletConnect.

3. Domain Wallets: Simplifying Web3 Identity

Domain Wallets combine crypto domains (like alice.eth) with crypto wallets, creating a unified and portable web3 identity.

Key Points: Interoperable, intuitive, extensible, and powerful.

Use Case Example: Alice buys BigBob.eth for Bob’s birthday and associates it with Bob’s email, enabling him to claim the Domain Wallet.

4. Wrapped Keys

Wrapped Keys are private keys that are either imported into the Lit network or generated within the trusted execution environment (TEE) of a Lit node via a Lit Action. These keys are encrypted using Lit’s BLS key and stored securely, allowing for signing messages and transactions.

Core Architecture

  1. Lit Nodes: Sealed encrypted virtual machines running on independently operated servers.
  2. Threshold Keys and DKG: Key shares are distributed among nodes, requiring two-thirds participation.
  3. Sealed Confidential Hardware: Uses AMD’s SEV-SNP for hardware-level isolation.
  4. JavaScript Execution Environment: Developers write immutable programs called Lit Actions.

Lit Network

The network is composed of nodes that stake tokens to participate, providing security. It is currently in Mainnet Beta, with node operators including partners, investors, and professional operators.

(2024–7–10) Arbitrum Orbit migration has just begun, so there may be changes. For more details, please refer to the article below.

https://spark.litprotocol.com/introducing-the-datil-networks/

2. dWallet

dWallets offer a secure method for achieving multi-chain interoperability using a signature-based authentication method. The 2PC-MPC protocol ensures user control over assets and non-collusivity, making it a decentralized solution for interoperability across multiple blockchain networks.

Key Features

  1. Attributes:
  • Noncollusive: Ensures user ownership and consent for signatures.
  • Massively Decentralized: Utilizes many nodes for the signature process.
  • Programmable: Allows custom logic for transaction signatures.
  • Transferable: Supports ownership transfer, enabling advanced access control and marketplace features.
  • Universal Signing Mechanism: Capable of signing transactions for various blockchains.

2. Use Cases:

  • Multi-Chain Interoperability: Secure interoperability for decentralized custody, DAOs, and DeFi applications.
  • Decentralized Custody: Enhances security for multi-chain interactions, making DAOs and DeFi applications natively interoperable.

Cryptography of dWallets — 2PC-MPC

The 2PC-MPC protocol is a two-party ECDSA protocol where the second party is a network of nodes, achieving scalable and secure signature processes.

dWallet Network Structure

  • Composable Modular Signature Network: Forked from Sui, implementing 2PC-MPC with disabled smart contracts.
  • Light Clients: Ethereum and Sui light clients allow smart contracts on these chains to control dWallets.
  • Native Token (DWLT): Used for gas fees and delegated stake on authorities.

Acknowledgement

dWallet Network builds on the work of Mysten Labs, Inc., and Facebook, Inc., leveraging their high-quality infrastructure and open-source development. The network is currently in Testnet.

3. Entropy

Entropy is a layer-one blockchain providing decentralized signing infrastructure through threshold signing as a service. Built with Substrate, it uses a proof-of-stake mechanism where validator nodes deploy threshold signing clients holding secret key shares. Signing decisions are determined by predefined programs.

Key Features

1. Threshold Signature Scheme (TSS): Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to support signing EVM transactions and arbitrary data.
2. Programs: Stored on-chain as WebAssembly, these programs are mutable and can be updated.
3. Consensus Mechanism: Ensures validators adhere to the signing protocol and manages key-shares distribution.

Use Cases

1. Decentralized Asset Custodian: Manages funds and assets under defined conditions.
2. Intent Settlement: Automates agreements between parties.
3. Attestations: Provides verified proofs and claims.

Core Architecture

Entropy’s architecture emphasizes decentralized, secure, and efficient signing infrastructure facilitated by threshold signature schemes.

  1. Joining the Network:
  • New validators run an Entropy chain node and threshold server.
  • Register with the chain and join a signing subgroup.
  • Request and sync key shares from current validators.

2. Validator Requirements: Endpoint IP, X25519PublicKey, and Threshold Server Signing Account.

3. Node Encryption and Authentication: Authentication via SR25519, encryption using X25519 public key and Hybrid Public Key Encryption (HPKE).

4. Proactive Refresh: Regular key share refresh every session to maintain security.

5. Programs: Evaluate signature requests with WebAssembly components.

6. Registering: Submit a transaction containing the account key, programs data, and access mode.

7. Signing: User selects a signing committee based on the message hash and contacts the threshold servers for validation.

Threshold Signature Scheme (TSS)

Implemented using Synedrion, based on the CGGMP21 scheme, with identifiable aborts, non-interactive pre-signing, and proactive security against adaptive attackers.

Validators

  • Entropy Core: Two binaries: the Entropy blockchain and the threshold signature server.
  • Blockchain Functionality: Uses Substrate with BABE consensus and Grandpa for finality.
  • Threshold Signature Server: Handles the threshold signing protocol and secure key-value storage.

4. Internet Computer Protocol (ICP)

The Internet Computer Protocol (ICP) implements a threshold ECDSA protocol based on the work by Groth and Shoup. This protocol suite includes key generation, key resharing, pre-signature computation, signing, and public key retrieval. The private key never exists in a reconstructed form, ensuring high security.

Key Features

  1. Key Generation: Generates a new threshold ECDSA key secret-shared over subnet replicas.
  2. XNet Key Re-sharing: Re-shares an ECDSA key from one subnet to another, ensuring different random secret sharing.
  3. Periodic Key Re-sharing: Periodically re-shares keys within a subnet to protect against adaptive attacks.
  4. Pre-signature and Signing: Precomputes quadruples for efficient signature computation. Signatures are generated upon canister requests.
  5. Public Key Retrieval: Allows retrieval of canister public keys, supporting BIP-32-like key derivation.

Use Cases

  • Canisters Holding Bitcoin: Canisters can natively hold and transact in Bitcoin.
  • Integration with Ethereum and EVM Chains: Enables interactions with Ethereum and other EVM-based chains.
  • Integration with Other Blockchains: Supports blockchains using ECDSA for signing transactions.
  • Decentralized Certification Authority: Enables decentralized issuance of certificates using threshold ECDSA.

Deployment

  • Chromium Release (Beta): Deploys a test key on a 13-node subnet for development and testing.
  • General Availability Release: Deploys a production key on two high-replication subnets for better key availability.

Further Aspects

  • Requests to the threshold ECDSA API are always XNet requests, causing some latency due to cross-subnet communication.
  • Future support for additional elliptic curves like secp256r1 is possible.

API Fees

  • Test Key: 10,000,000,000 cycles per signature (~$0.013).
  • Production Key: 26,153,846,153 cycles per signature (~$0.034).

5. Passport Protocol

Passport Protocol is an innovative, programmable, and MPC-based distributed key management network. It leverages secure enclaves and MPC algorithms to provide a non-custodial infrastructure with customizable authentication and programmable transactions.

Key Features

  1. Non-Custodial and Secure by Design:
  • Uses secure enclaves and MPC algorithms
  • Key shares are distributed among network nodes, ensuring no single entity has access to the private key.

2. Customizable Authentication and Social Logins:

  • Developers can create custom authentication rules via DOA(Developer Owned Auth) signer, enabling social logins and multiple authentication methods.

3. Passkeys Logins:

  • Passkeys are tied to the user’s device authenticator, ensuring secure and personalized authentication.
  • Passport supports TypeScript SDK, and API for passkeys implementation

4. Programmable Transactions:

  • Transactions can be automated, scheduled, and governed by off-chain programs.
  • Enables pre-approved transactions based on immutable rules.

5. Seamless Key Recovery:

  • Programmable authentication and recovery methods allow users to recover keys without handling user shares or codes.

6. Programmable Interoperability:

  • Developers can create interoperable wallets, allowing users to use new apps without onboarding or topping up assets repeatedly.

Protocol Architecture

  1. Key Creation and Management:
  • Private keys are divided into shares and distributed across multiple nodes.
  • Each share is stored in an encrypted database through secure enclaves.

2. Programmability Through Scopes:

  • Key pairs are governed by authentication and verification rules set by the scope owner.
  • Ensures trustlessness by eliminating centralized elements.

3. Security and Performance:

  • Utilizes DKLS23 for threshold signatures, offering high performance and low latency.
  • Avoids computationally intensive operations like Paillier.

4. Metadata and Node Operation:

  • Early stages use replicated internal databases for metadata and states.
  • Future plans include using external node operators and on-chain state managers for enhanced decentralization.

Highlights and Implications

  • Security: Strong fault tolerance and resilience, with no single point of compromise.
  • Flexibility: Fully customizable authentication and transaction governance.
  • User Experience: Seamless key recovery and programmable transactions for a superior user experience.
  • Interoperability: Ensures users don’t need to repeatedly onboard or top up assets for new apps.

6. NEAR Protocol

Chain Abstraction

NEAR Protocol aims to enhance user experience by abstracting blockchain complexities, enabling seamless interaction with blockchain apps without users needing to understand the underlying technology.

Key Features

  1. Meta Transaction Relayer: Allow developers to subsidize gas fees for users.
  2. FastAuth: Enables account creation and recovery using email and multi-party computation (MPC).
  3. Multi-chain Signatures: Users can sign transactions on other blockchains using their NEAR account.
  4. Multichain Gas Relayer: facilitate cross-chain transactions by managing gas fees and transaction relays across different blockchain networks.

Use cases

  • Users can create accounts with just an email, without managing seed phrases or acquiring funds.
  • Apps can facilitate transactions via relayers who handle gas fees.
  • Multi-chain interactions are simplified, allowing users to control assets across various blockchains without additional accounts or crypto acquisition.

Meta Transactions

Meta transactions allow users to execute transactions without owning gas or tokens by using relayers to cover the fees.

How It Works

  • Users create a `DelegateAction` off-chain and forward it to a relayer.
  • The relayer wraps it in a transaction, covers the fees, and submits it to the network.

Limitations

  • Single receiver per meta transaction.
  • Accounts must be initialized to avoid replay attacks.
  • Only one delegate action is allowed per transaction.

Gas Costs

  • Relayers pay for gas, including both the delegate action and inner actions.
  • Gas refunds go to the relayer who paid initially.

Relayers

Relayers receive signed transactions from users and relay them to the network, attaching tokens to sponsor gas expenses.

Benefits

  • Users new to NEAR can transact without gas.
  • Enterprises can onboard users without requiring them to handle gas costs or seed phrases.
  • Relayers can manage large user activity spikes, acting as a queue for low-urgency transactions.

FastAuth

FastAuth is a key management system that allows users to recover or sign-up for a NEAR account using their email address. Furthermore, it allows to subsidize gas for a certain smart contract, so users can interact with it without having to fund their account.

Chain Signatures

Chain signatures enable NEAR accounts to sign and execute transactions across multiple blockchain protocols.

Components

  1. Derivation Paths: Generate unique addresses on target blockchains from a NEAR account.
  2. Multichain Smart Contract: Requests and manages signatures for transactions on other blockchains.
  3. MPC Service: Independent nodes perform shared computations to sign transactions securely.

Use Cases

  • Trade assets across blockchains without transactions using NEAR accounts.
  • Onboard users via OAuth-controlled blockchain accounts.
  • Enable cross-chain zero-friction onboarding.
  • Implement DeFi on non-smart contract chains like Bitcoin.
  • Ensure decentralized clients are tamper-proof.
  • Facilitate communication with private NEAR shards.

Multichain Gas Relayer

The Multichain Gas Relayer on NEAR is a mechanism that facilitates gas fee payments and transaction relays across multiple blockchain networks. It aims to remove barriers to interoperability by managing these fees and relays efficiently.

Benefits

  • Interoperability: Enables seamless transactions between different blockchains without requiring users to hold native tokens for gas fees.
  • Cost Efficiency: Optimizes gas fee management to reduce overall transaction costs.
  • User Experience: Simplifies the process for users by abstracting the complexity of gas fee management across multiple blockchains.

Use Cases

  • Cross-Chain Asset Transfers: Facilitates the movement of assets like tokens and NFTs between blockchains.
  • Interoperable Applications: Supports DApps that function seamlessly across multiple blockchains.
  • Arbitrage and Trading: Enables strategies and opportunities in DeFi protocols across different blockchains.

Key Features

  • Paymaster Accounts: Accounts on destination chains holding native gas tokens to ensure transaction completion.
  • Manual Settlement: Regularly needed to maintain sufficient funds in paymaster accounts, involving swapping NEAR tokens for foreign chain tokens.
  • Supported Chains: Initially supports BSC and Ethereum, with plans to expand to other chains.

System Design

The system is composed of several components and follows a specific workflow to achieve its goals.

System Components:

  1. Multichain Relayer Server: Coordinates transaction relays between NEAR and other blockchains by handling signed transaction payloads.
  2. Gas Station Contract: Manages transaction creation, signing, and relaying to foreign chains, including gas fee calculations.
  3. MPC Signing Service: A network of trusted signers that securely sign transactions on NEAR before relaying them to other blockchains.

Benchmarks

GitHub — yhl125/mpc-benchmarks

Contribute to yhl125/mpc-benchmarks development by creating an account on GitHub.

github.com

(2024–7–27) update Passport Protocol to mainnet benchmark

Conclusion

Among the MPC protocols, Lit Protocol stands out as the most mature and production-ready option. With decent speed, a wide range of features, and an established mainnet, Lit Protocol is leading the pack.

Passport Protocol is available on the mainnet and very promising due to its sub-second speed, automation capabilities via Lambda, and direct support for passkeys in Passport nodes. This design ensures no single point of compromise, making it a robust choice for secure applications.

ICP is available on the mainnet with its General Availability Release, but it still requires improvements in speed to be fully competitive.

Entropy, dWallet, and NEAR are in their early stages. While they currently lack some features and robustness, they show significant potential for future decentralized applications.

NEAR, in particular, has a high base of Unique Active Wallets (UAW) and allows for easy integration with existing wallets. If NEAR can enhance its speed and fully leverage its Multichain Gas Relayer and NFT Chain Keys, it could emerge as a powerful contender in the Chain Abstraction space.

Reference

https://medium.com/@johnny.nan.jiang/decentralized-mpc-the-future-infrastructure-for-crypto-wallets-1fe9f32c5a0b
https://developer.litprotocol.com/
https://docs.dwallet.io/
https://docs.entropy.xyz/
https://internetcomputer.org/docs
https://docs.0xpass.io/
https://docs.near.org/
https://blog.0xpass.io/p/our-vision-beyond-key-management

Chain Abstraction
Mpc
Near Protocol

--

--

yh
Blockchain at Yonsei

Written by yh

0 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams