A few weeks ago, we shared a blog post about the first ever Tezos Threshold Signatures Scheme (TSS) transaction. Today, we are open-sourcing the code to the community so that everyone can create such TSS transactions.
By using TSS, we remove the burden of having a single atomic private key and split the responsibility between multiple parties.
In this blog post, we at Zengo would like to share some details about this project executed by our blockchain research team.
Threshold Signatures Scheme (TSS)
For this Proof-of-Concept (PoC) project we used our open source implementation of TSS for EdDSA signatures.
We have invested a lot of resources in implementing TSS and making it compatible and reusable for different kinds of blockchains and digital signatures algorithms. This compatibility allows us to rapidly onboard and integrate TSS support with new blockchains.
We choose Tezos for the following main reasons:
- Tezos’ trust in our project: The Tezos Foundation recognized the importance of our work early-on and awarded us a grant to develop TSS support for their blockchain.
- Economic novelty: Tezos users are rewarded for actively participating in the consensus (“staking”) and thus, help to secure the network. Making money is always a welcomed feature for users.
- Technical maturity: To implement a TSS wallet with a blockchain, we need a mature enough developer environment. Tezos network had all the required ingredients in its testnet:
- a faucet service so we could test everything without risking real money
- a blockchain explorer so that we could confirm that our transactions were successfully recorded on the blockchain
- Access to the testnet which was provided via API and an Open source SDK which was far more comfortable than setting up a full node)
- Signature algorithm support: It seems modern blockchains such as Tezos, Libra and Cardano prefer using EdDSA algorithm and the Ed25519 curve instead of ECDSA and the secp256k1 curve. Therefore TSS support for EdDSA is mandatory for supporting modern blockchains and cryptocurrencies.
TSS is needed even if Tezos Supports MultiSig
It’s worth noting that even though Tezos supports smart contracts which allow users to add multi-signature security, there are still distinct advantages to using TSS. One main advantage is that TSS transactions look exactly the same as regular transactions. Unlike with MultiSig transactions, the TSS “magic” is applied in the mathematical layer and not in the application layer. Additional advantages are:
- If MultiSig is realized through smart contracts it may incur additional fees for the smart contract executer. Additionally, MultiSig smart contract functionality might be difficult to verify, as shown by the multiple incidents suffered by some Ethereum-based MultiSig smart contracts.
- The control mechanism is not exposed to the world: With TSS, the signing parties are never exposed and therefore, adversaries cannot learn about the various parties or their control structure, nor can they monitor changes to them.
- Comprehensive control mechanisms: Using TSS, the user can create all kinds of comprehensive arbitrary control mechanisms (e.g. combine a few parties from one group and a few parties from another group).
The fact that Tezos has funded the KZen research team demonstrates their interest in integrating TSS functionalities with Tezos.
The Proof of Concept
Tezos’ blockchain network is innovative, introducing concepts such as staking and baking to support Proof-of-Stake consensus. However, because TSS is blockchain agnostic, it is able to easily integrate with this unique architecture. This compatibility is what allowed us to complete this PoC in one day with no need for “integration” on the Tezos side.
Using the Sotez library, we first made sure that we can generate a normal transaction.
Then we needed to change it by applying TSS generation and signing.
- Generation: We changed the code so that the public key is generated by KZen TSS setup and exported to the Tezos client instead of being computed from a private key. Of course, this part does not prove anything as any random string can be successfully converted into an address. The real challenge now is to sign a transaction from this address. During this process, we learned that the first transaction for a newly created address requires some fees for storage.
- Signing: This part was a bit more complicated from an engineering point of view, as the existing code assumes that there is a private key and uses it in multiple functions (reminder – there’s no private key). However, the main change was in the signing function; we changed how the message was exported so that it was signed by our TSS demo instead of a private key. During this process, we learned that for an address to send money, it must be “revealed,” which is just another message on the Tezos blockchain that we had to create and sign (Using TSS, naturally). As a by-product, this shows that we can create any Tezos messages, including the Origination and Delegation messages involved with the staking process.
We then verified that TSS works with the Tezos blockchain by getting successful results from the API and verifying the transactions in the explorer (see above).
Using the code
We use a client and server architecture. The server acts solely as the co-signer in the two-party protocol and holds no logic specific to Tezos.
You can play with the SDK using the command-line, as shown in the demo below.
Naturally, you can interact with the SDK via your code.
To launch the server:
To launch the client (API is almost identical to the original Sotez library):
Conclusions and Future plans
All in all, it was very rewarding for us to add TSS support to a relevant crypto asset. It only took us several working hours to create the initial PoC and a few more working days to make it developer-ready by leveraging our previous experience with generic TSS infrastructure.
Our work with TSS is not done. We plan to continue to extend this project in the future. We plan to work with Tezos community to provide TSS support for the more advanced use cases enabled by Tezos, such as delegation and staking. We will also continue to bring TSS to other chains and coins.