Popular Science | Improving the ETH 2.0 Validator Experience with Key Splitting

- (Source: Ethos, 2018) -

Third-party staking services on ETH 2.0

Currently, there are 120,000 Ethereum addresses holding the 32 ETH required to become an ETH 2.0 validator. Of course, not all ETH holders have the technical ability and willingness to run a validator client node to protect the security of the Ethereum network.

Fortunately, interested stakers can choose to delegate their ETH to a "staking as a service" provider or exchange to stake and run a validator node on their behalf. In a large-scale survey we conducted, more than 1/3 of the respondents expressed interest in delegating staking to a third-party service provider. If you are one of them, this article is for you!

To participate in the ETH 2.0 consensus mechanism and receive rewards, validators need to use their validator private keys to sign attestations and propose blocks. If you don’t want to run the infrastructure yourself but want to participate in staking, the validator private key will be handed over to a third-party staking service provider to operate.

It is important to note that by entrusting your validator private key to a company, you are granting that company unilateral control over your validator node. If that company goes down due to a malfunction, triggers a slashing mechanism intentionally or accidentally, or has to permanently exit the system due to bankruptcy, your funds may be lost (this is also the so-called "single point of failure" problem).

Exchanges with a large number of users, such as Binance and Coinbase, have a clear advantage and can use their existing customer acquisition portals and reputation to expand existing business categories and provide ETH 2.0 staking delegation services. Compared with small providers, large companies may have large enough economies of scale and other revenue streams to subsidize staking services to make them lower than the market average, or even implement "0 commission" promotions in order to attract users or seize a larger market share.

If a company attracts so many delegators that it holds a large percentage of the network’s stake, it could pose a significant risk to the entire network. Given that infrastructure providers typically run nodes for multiple clients on the same infrastructure, simultaneous shutdowns and coordinated attacks are possible. Additionally, due to the anti-correlation penalty structure built into the ETH 2.0 protocol, your penalty could increase by 3x if you are penalized at the same time as many validators. If a staking service provider, client, or cloud service provider (such as Amazon) with a large stake unexpectedly goes offline or triggers a slashing mechanism, the penalty for being a delegator would be heavier than for being a standalone validator.

Private key splitting and multi-party computation

Before we dive into the advantages of a split-key validator, let’s quickly review the basic mechanics of a split-key validator on ETH 2.0. The calculation of the private key relies on two core cryptographic components.

The first element is secret sharing. Secret sharing is a mechanism where a private key is split and distributed among different participants, each of whom holds a portion of the key. The portion held by an individual cannot be used to reconstruct the private key. The private key can only be reconstructed by combining a predetermined number (threshold) of individual portions.

The second element is secure multi-party computation (MPC). MPC enables multiple participants to secretly compute a function using their input values. If we combine MPC with private key splitting, we can disperse the private keys among different participants, who can perform decentralized computations using their input values ​​and generate private key split output values ​​without having to reconstruct the private keys on a single device.

Key Splitting Validators on ETH 2.0

ETH 2.0 uses the BLS signature mechanism defined on the elliptic curve (ETH 2.0 uses BLS12–381). BLS signatures are polynomial, which means that this type of signature supports aggregation and can combine multiple signatures into one.

Thanks to the polynomial property, a shared private key (e.g., using Shamir's key splitting mechanism) can sign messages directly without reconstructing the private key or performing a full MPC. By using a threshold signature scheme, you can set how many copies of the validator's private key are split into, and how many copies of the private key signature are required to calculate the complete BLS signature.

For example, if Alice wants to spread the risk and contribute to the security and anti-attack of the ETH 2.0 network, she can decide to split her validator private key into three parts and give them to the service providers of her choice, and require a 2/3 signature mechanism to reconstruct the full signature. No single provider can unilaterally control its validator nodes, so there is no single point of failure.

So who are the winners of the split-key validator mechanism? Everyone.

The added value of ETH 2.0 private key split validator mechanism

For stakeholders:

• Spread your risk! This mechanism can eliminate the risk of unilateral control and single point failure of validator nodes. In addition, this mechanism can also be used to meet anti-collusion strategies, for example, selecting nodes from small providers to reduce the probability of correlated failures.

For staking service providers:

• Reduce your liability! The ETH 2.0 protocol incentivizes validators (especially large validators) to reduce the likelihood of their validator nodes failing at the same time as other validator nodes. Allowing operators to spread their validator nodes across multiple hardware devices or even multiple data centers can reduce risk and reduce liability.

• Level the playing field! Small validators with simpler signing strategies may not behave in a manner that correlates with larger validators — thus, service providers of different sizes can mutually benefit from collaborating and gaining stake by providing split-key validator services.

For the entire network:

• Enhanced security! Centralization introduces potential risks and attack vectors to the entire network and its participants. Security directly impacts the value of Ethereum as a new global settlement layer. By focusing on the development of private key split validators, we can enhance the decentralization of the system and achieve the anti-correlation goals of the ETH 2.0 protocol, benefiting all stakeholders in the network.

Specific implementation

According to Joseph Chow’s popular science, the implementation of the ETH 2.0 private key split validator mechanism must meet the following conditions:

• Specification for the Private Key Split Validator Client

• Implementation of Private Key Split Validator Client

• Standards for running key-split validators between different service providers

• Provide end-user friendly UX/UI to split private keys among different service providers

As the official testnet of ETH 2.0 is about to be launched, it is not a good time for the community to work together to standardize, implement and fully test the private key split validator mechanism before the mainnet is launched.

The PlatON team, supported by the Ethereum Foundation, has achieved the goal of designing secure MPC algorithms using the SCALE-MAMBA implementation optimized for both feasibility and performance. The project focuses on the MPC implementation of the Proof of Custody mechanism on ETH 2.0. For more information, see GitHub.

If you would like to contribute to the project, please email [email protected].

Thanks to Ben Edgington, Dankrad Feist, Joseph Chow, and Collin Myers for their reviews and feedback.

(over)

Original link: https://medium.com/coinmonks/secret-shared-validators-on-ethereum-2-0-ea29ab380016 Author: Mara Schmiedt Translation & proofreading: Min Min & A Jian

Link to this article: https://www.8btc.com/article/616933
Please indicate the source of the article when reprinting