SSV DKG Client
What is Distributed Key Generation (DKG)
Distributed Key Generation is a cryptographic process that aims to solve the problem of coordinating N
parties to cryptographically sign and verify signatures without relying on Trusted Third Parties. The process is demonstrated to be successful in computing a key pair in the presence of a number T
attackers in a decentralized network. To do so, this algorithm generates a public key, and a secret key of which no single party knows, but has some share of. The involvement of many parties requires Distributed key generation to ensure secrecy in the presence of malicious contributions to the key calculation.
For more information about DKG in general, please visit this page.
SSV-DKG Client
SSV DKG leverages drand's DKG protocol implementation, which traditionally relies on a peer-to-peer network for operator communication.
The ssv-dkg
introduces a communication layer centered around an Initiator figure to facilitate inter-operator communication, eliminating the reliance on a fully decentralized network.
To mitigate potential centralization risks and malicious actors, the system employs a robust mechanism of signatures and signature verifications, as elaborated in the Security notes section.
Through the ssv-dkg
client, stakers can initiate DKG ceremonies to generate new BLS key pairs for Ethereum validators and the key shares required for SSV network registration.
Overview
In order for the DKG protocol to execute successfully:
all the chosen Operators must be running the
ssv-dkg
tool as Operatorsseparately, an Initiator (one of the Operators, or a separate entity), starts the DKG ceremony by running the
ssv-dkg
tool with theinit
parameterthe tool automatically exchange data between the interested parties, as outlined in the Architecture section, until the key shares are created
For details on how to run the tool as an Operator, please head over to this sub-page containing the related instructions.
Similarly, head over to this other sub-page for instructions on how to launch the tool as the Initiator of the DKG ceremony.
NOTE: Threshold is computed automatically using 3f+1 tolerance.
Flow Description
The Initiator creates an initiation (
init
) message, signs it and sends it to all OperatorsUpon receiving initiation message, the Operators check Initiator message signature and create their own DKG identity:
new DKG secrets created
if a new
init
message with ID [24]byte is received and at least 5 minutes have passed from the lastinit
message with the same ID, the DKG instance is recreatedExchange
signed message containing the DKG identity is createdOperator replies to
init
message with the createdExchange
message
The Initiator collects all responses into one combined message and verifies signatures
The Initiator sends back the combined message to all Operators
Each Operator receives combined
exchange
message and starts the DKG process, responding back to Initiator with a signeddkg
deal bundleThe Initiator packs the deal bundles together and sends them back to all Operators
Operators process
dkg
bundles and finish the DKG protocol of creating a shared key. After DKG process is finished each Operator has a share of the shared key which can be used for signingEach Operator signs a deposit root, using its share of the shared key, then encrypts the share with the initial RSA key and sends it to the Initiator
Initiator receives all messages from Operators with signatures/encrypted shares and prepares the deposit data with a signature and save it as JSON file
Initiator prepares a
keyshares.json
and adeposit_data.json
file to register to SSV contract, and activate the validator(s) on the beacon chain, respectively.After the deposit is successful and validator has registered to SSV contract, SSV Node Operators will accomplish validator duties using their share of the distributes key(s)
Note on DKG instance management
A ssv-dkg
can handle multiple DKG instances, it saves up to MaxInstances
(1024) up to MaxInstanceTime
(5 minutes). If a new Init
arrives the ssv-dkg
tries to clean instances older than MaxInstanceTime
from the list. If any of them are found, they are removed and the incoming is added, otherwise it responds with an error, saying that the maximum number of instances is already running.
Security Notes
The ssv-dkg
tool has recently been audited, you can find more details about it on the Security page.
It is important to briefly explain how the communication between DKG ceremony Initiator and Operators is secured:
Initiator is using RSA key (2048 bits) to sign
init
message sent to Operators. Upon receiving the signature, Operators verify it using public key included in theinit
message. If the signature is valid, Operators store this pub key for further verification of messages coming from the Initiator(s).Operators are using RSA key (SSV Operator key - 2048 bits) to sign every message sent back to Initiator.
Initiator verifies every incoming message from any Operator using ID and Public Key provided by Operators' info file, then Initiator creates a combined message and signs it.
Operators verify each of the messages from other Operators participating in the ceremony and verifies Initiator's signature of the combined message.
During the DKG protocol execution, the BLS auth scheme is used - G2 for its signature space and G1 for its public keys
Last updated