Helping the Blockchain Ecosystem Grow by Developing some Fundamental Cybersecurity Building Blocks
Projects
Measuring Workers in PoS Networks
Proof of Stake (PoS) networks usually require worker nodes to do some work in order to keep or increase their stake. Measuring the amount of work performed by each node in a secured and truly decentralized way is a huge challenge. We have implemented a proof of concept (PoC) side chain to report the worker nodes that are actively participating in the NuCypher network, using the same principles of Optimistic Rollups. We use Ethermint (now Evmos) and BLS signatures to implement a NuCypher private blockchain that aggregates workers’ commitment. This aggregated commitment can then be sent to the Ethereum smart contract for verification of all workers’ commitment using a single Ethereum transaction.
BLS Hardware Security Module
BLS signatures will become one of the fundamental building BLS signatures will become one of the fundamental building blocks for ETH 2.0. However, this particular scheme is not yet supported by commercial HSM. By developing an open source BLS HSM, we give ETH 2.0 node operators the opportunity to easily incorporate higher security measures. We base our solution in ARM TrustZone technology to protect validators’ private keys.
For our PoC, we have selected the nrf9160 Development Board, that, in addition to an ARM Cortex M33, includes an LTE modem that could allow us to implement the remote signer server completely inside the board.
Gasless Policies for NuCypher
The gas’ cost incurred for policy issuance is a limiting factor for the success of the NuCypher network. Ultimately, NuCypher nodes can ignore the policies, as they own all the pieces needed to perform the cryptographic operations of the network. Hence, moving re-encryption policies to a private NuCypher blockchain formed by all its nodes (NUChain) does not lessen the security of the NuCypher network. The main advantage of moving policies to NUChain is that users do not need to own and spend any ETH gas to issue and manage new policies.
We are working on a PoC for a NUChain that can run and manage NuCypher policies. Moreover, we will also implement in this PoC, a mechanism to report node availability and apply the corresponding slashing policies.
Research
Digital Asset Custody Using Secure Multi-Party Computation
One of the main advantages of cryptocurrencies is that, by using non-custodial wallets, the holders retain full control over their assets. However, there is also an associated risk of losing all the assets. One alternative is to use a custodial web wallet, at the cost of relying completely on the wallet provider for the management of the assets (e.g. Coinbase Custody). There are other alternatives that involve multiple custodians, implementing some kind of multi-party computation protocol to move assets (e.g. tBTC).
We believe SMPC is essential to the development of the blockchain ecosystem and there will be more and more situations where SMPC is used as a building block to enable new exciting features. For this reason, we are investigating how SMPC can be applied to blockchain use cases, analyzing the suitability of different protocols beyond threshold ECDSA signatures.
Privacy and Traceability in Blockchain
Transparency is a fundamental property of blockchain. Every transaction is recorded in the blockchain, and anyone can inspect it. This is a nice feature to have in many situations, but for some use cases, privacy is also a requirement. Finding the proper trade-off between privacy and transparency is complicated and will highly depend on the particular application. If we think about crypto payments, from a government perspective it could be useful to be able to track every transaction back to its source, but from the individual perspective, it seems reasonable to assume some kind of privacy, allowing individuals to decide who should be able to trace back their payment. There are already solutions in place such as TornadoCash or Zcash in the Ethereum ecosystem, but most crypto payments remain completely traceable.
This situation is not exclusive to crypto payments. Recently, the Ethereum Name Service (ENS) and the Ethereum Foundation awarded a development RFP to login.xyz, an initiative to use an Ethereum wallet to easily login to web2 applications. This raises some privacy concerns too, because it can lead to linking the blockchain history associated to a ethreum address, particularly its balance, with some personal data. Proposals such as Verifiable Credentials, a W3C standard promoted by companies such as Evernym, could help alleviate those concerns.