3.5.8 Multi signature
Multi-signature is an approach used in DGT to enhance security and enable collaborative decision-making in transactions. It involves multiple participants jointly authorizing and validating a transaction before it can be executed. This approach is particularly useful in scenarios where multiple parties need to collectively approve and authorize sensitive operations, such as fund transfers or asset issuance.
At the protocol level, DGT incorporates multi-signature functionality by implementing specific algorithms for critical operations. In the case of the DEC (banking) family, two algorithms are implemented: ThresholdSig and MultiSig (MuSig2).
ThresholdSig is used for consecutive transactions where each transaction has only one participant. The first participant determines the threshold, and once the threshold is reached, the transaction is executed. This scheme allows for deferred transactions and requires a predefined number of participants to reach a consensus before the transaction can proceed:
Determine the threshold value for the required number of participants.
Each participant signs the transaction individually.
Once the threshold number of signatures is reached, the transaction is considered valid and can be executed.
MultiSig -MuSig2, (Nick, Ruffing, & Seurin, 2021), is a two-round Schnorr multi-signature scheme. It allows multiple signers to collectively create a single signature for a transaction. This approach enhances security by requiring a threshold number of signers to create a valid signature, ensuring that no single participant can unilaterally authorize a transaction.
The Schnorr signature scheme is a digital signature scheme that provides strong security guarantees while offering efficiency in terms of signature size and verification. It is based on the discrete logarithm problem in a finite cyclic group. The scheme allows for the creation of compact and secure signatures using a single round of communication between the signer and verifier. In the Schnorr scheme, the signer generates a private-public key pair and commits to a specific message. The signer then computes a unique signature by combining their private key with the committed message and other relevant parameters. The resulting signature is a fixed-size value that can be easily verified by the verifier using the signer's public key and the committed message.
Multi-Hop Locks are a technique used in blockchain systems to enable atomic swaps or multi-party transactions across multiple blocks or channels. It allows participants to coordinate and synchronize their actions to ensure that the transaction is executed only if all conditions are met. In a multi-hop lock scenario, each participant involved in the transaction sets up a lock on their funds, specifying the conditions under which the funds can be spent. These locks are designed to be time-bound and require certain cryptographic proofs for unlocking.
Here is a table describing the steps involved in the two-round Schnorr multi-signature scheme (MuSig2) and the utilization of Multi-Hop Locks.
Step | Description |
1. Key Generation | Participants generate their own private and public keys. private_keys = [random.randint(1, 2**256) for _ in range(num_participants)] public_keys = [private_key * G for private_key in private_keys] |
The aggregated public key is computed from individual public keys: agg_public_key = sum(public_keys) | |
2. Message Preparation | Participants agree on the transaction details and create a message: nonces = [random.randint(1, 2**256) for _ in range(num_participants)] nonces_hash = hashlib.sha256(b''.join([pub_key.serialize() for pub_key in public_keys])).digest() commitments = [G * hmac.new(nonces_hash, pub_key.serialize(), hashlib.sha256).digest() for pub_key in public_keys] |
3. Partial Signature Generation | Participants generate partial signatures using their private keys and the aggregated public key: partial_sigs = [] for i in range(num_participants): r = (nonces[i] + agg_public_key * commitments[i].x) % curve_order e = int.from_bytes(hashlib.sha256(b''.join([commit.serialize() for commit in commitments])).digest(), 'big') partial_sigs.append((r, (nonces[i] - r * private_keys[i] * e) % curve_order)) |
4. Partial Signature Exchange | Participants exchange their partial signatures. |
5. Partial Signature Aggregation | Participants combine the received partial signatures to create an aggregated partial signature. agg_partial_sig = (sum([partial_sig[0] for partial_sig in partial_sigs]) % curve_order, sum([partial_sig[1] for partial_sig in partial_sigs]) % curve_order) |
6. Multi-Hop Locks | Multi-Hop Locks are utilized to ensure the aggregated partial signature can only be spent if certain conditions are met. |
7. Finalization | Participants add their contributions to the aggregated partial signature. s = (agg_partial_sig[0] + agg_partial_sig[1] * agg_public_key.x) % curve_order |
8. Signature Verification | The aggregated partial signature, along with the aggregated public key, is verified against the original message to ensure validity. e = int.from_bytes(hashlib.sha256(b''.join([commit.serialize() for commit in commitments])).digest(), 'big') R = agg_public_key assert (R * s).x == (commitments[0] + commitments[1]).x |
The multi-hop locks mechanism adds a layer of security and flexibility to the multi-signature scheme. It ensures that the aggregated partial signature can only be spent when specific conditions, defined by the participants, are met. This can include requirements such as time locks, spending limits, or multi-party consensus.
Last updated