By Wanchain’s Chief Cryptographer and designer of Galaxy Consensus, Demmon Zhong
Security is always the first consideration in the design of blockchain system. Without security, any design or implementation is meaningless. However, the concept of security in blockchain area is complex, for blockchain is a combination of cryptography, computer network and economy. Thus, security is reflected in multiple aspects in blockchain. Wanchain 5.0 relies on Storeman group to provide crosschain functionality, including locking crosschain assets and verifying crosschain information. Therefore, the security of crosschain mechanism can be simplified to the security of Storeman group. In the remainder of this article, we show how Wanchain 5.0 ensures the security of Storeman group from the perspective of cryptography and economy.
Storeman nodes (or cross-chain nodes) are determined through the community selection campaign. Every 25 Storeman nodes form a Storeman group and build a crosschain bridge. In the two specified WAN Bridge between two public chains (e.g., In order to build 10 Wanchain-Ethereum bridges, a total of 10 Storeman groups with 210 Storeman nodes are required.), the grouping results from all of those involved Storeman nodes affect the crosschain security directly. For example, if all the Storeman nodes controlled by the adversary are divided into the same Storeman group, then there is a large chance that the secret will be reconstructed and the locked assets will be stolen. Therefore, the grouping result is required to satisfy unpredictability and bias-resistance. Unpredictability ensures the adversary can not predict the grouping result and perform a targeted attack. Bias-resistance ensures the adversary can not influence the grouping result to his or her advantage. Wanchain 5.0 takes a random number as the input of grouping algorithm to achieve unpredictability and bias-resistance. The random number is generated by SecRand, which is a distributed randomness generation algorithm with provable security and provides entropy of high quality in the grouping process.
Most of the crosschain projects use TSS schemes which are not threshold optimal. As is written in the article of “Wanchain 5.0 Cryptographic Foundation”, this will increase the risk of collusion. With a fixed threshold, a non-threshold-optimal TSS scheme requires the secret key being distributed to about 2 times threshold nodes. For example, assuming the threshold is 5, a total number of 9 nodes are needed to complete the threshold signature in non-threshold-optimal TSS schemes, but only a total number of 5 nodes are needed in threshold-optimal TSS schemes. Obviously, the probability that 5 out of 9 nodes collude together is bigger than that 5 out of 5 nodes collude together. Therefore, Wanchain 5.0 applies threshold optimal TSS scheme to improve the difficulty of collusion and ensure the security of the assets in locked account.
Wanchain 5.0 improves the Shamir’s secret sharing used in TSS scheme to Feldman secret sharing, which ensures the exchanged data between the Storeman nodes are publicly verifiable. Therefore, the malicious Storeman node will be filtered out once he or she sends invalid data during the TSS scheme. Moreover, the invalid data will not be used in the reconstruction of signature and thus do not affect the signing process. Finally, the malicious Storeman node will be punished due to his or her malicious behaviors.
Deposits increase the cost of the Storeman node’s malicious behaviors and decrease the motivation of being malicious. The more deposits, the more secure the crosschain assets are. But excessive deposits improves the “participation threshold”, which may result in most of Storeman nodes being controlled by “rich” people. The deposit calculation formular in Wanchain 5.0 is shown as below:
Cis the capacity of the bridge (The capacity of the bridge refers to a reasonable maximum amount threshold at which Storeman nodes still don’t have the motivation to directly give up the deposits and take the cross-chain assets for profits because the cross-chain assets value in total is equal or less than the deposits value when this capacity hits. ),
tis the threshold in TSS scheme,
ris the amount of required deposits,
αis the adjustment factor and is bigger than 1. Obviously, the cost of stealing the assets in the locked account is
r x t, which equals to
α x C. With
α>1, the adversary’s profit
Cis always less than its cost
α x C.
Wanchain 5.0 provides a complete incentive mechanism to ensure the Storeman nodes follow the protocol strictly. Specifically, Storeman nodes’ good behaviors will be rewarded and malicious behaviors will be punished. Under the assumption of rational person, Storeman nodes will behave honestly to maximize their reward.
Even there is little chance that the assets in the locked account is stolen, we still provide a solution for this extreme case — a falling-price auction, which is used to pay the users for their lost assets in the locked account. Once the assets in the locked account are moved Illegally, then all Storeman nodes’ deposits will be locked and will not be returned to their accounts after the working cycle. These deposits will be sold through a falling-price auction, and the money will be used to pay the users who have assets in the locked account. Due to the adjustment factor
α, the deposits are always enough to pay user’s loss. The remainder will be rewarded to the person who triggers this mechanism. So anyone can audit behaviors of the Storeman nodes.