Binance has grown to be one of the firms which have taken the lead in innovation in the field of blockchain technology and cryptocurrency. It has focused on creation of core infrastructure services that would have a long-term effect on the crypto world. Binance has also made contributions to the Binance Chain blockchain software system and is now planning to do the same w.r.t. open-source ecosystem. The contributions of the open-source community have already been recognized and acknowledged in the crypto and blockchain realm. Binance has taken the first step towards making a mark in this field by launching the open-source implementation of a Threshold Signature Scheme (TSS) library for Elliptic Curve Digital Signature Algorithm (ECDSA). This will be of immense benefit to Wallet providers and custodians as they will be able to bypass single points of failure in private keys via distributed key management. With this implementation, Binance moves a step closer to providing better security of funds while at the same time generating greater awareness about Binance chain, Binance networks and so on.
Changpeng Zhao mentioned in a recent tweet about this as:
I believe TSS (threshold signatures scheme) will reshape the landscape for wallets and custodian services. It is far superior to multi-sig.
— CZ Binance (@cz_binance) November 6, 2019
A Brief Introduction to the Threshold Signature Scheme (TSS)
TSS is a cryptographic protocol used for signing and distributed key generation and enables users to outline a flexible threshold policy. This technology helps in substituting the signing commands with distributed computations so that one can avoid obstruction if the private key fails. In the case of individuals, threshold signatures enable the splitting of the signature between two or more devices. This poses a lower degree of risk because even if one device is compromised, the assets would not be adversely affected altogether. Threshold signatures also enable access control policies to be realized in their full potential which minimizes the chances of insider or outsider theft of corporate funds in case of corporate users. Unlike the convention Multisig (multi-signature), which uses cryptography on-chain, the TSS uses cryptography ‘off-chain.’ The advantage here vis-a-vis the on-chain is that this technique causes a higher consumption of resources, and signers can also become potential attack surfaces as they are left open in the blockchain network.
Features of the Binance TSS Solution
- Quick set up and signing- As it has been already pointed out, TSS enjoys more advantages than Multisig, as a single signature is required on the blockchain, which can be split for different uses. This makes it more swift and efficient than other key management systems that require multi signatures.
- Robust Security and Security First Policy – TSS offers high on security, too, again owing to its multiple private key sharing features. This allows distribution of the key among many parties and these keys are not reconstructed while being used to sign for any other transaction. TSS has been developed in a manner that it can provide improved safety for our funds. It also augments the level of protection for more efficient use of Bitcoin Chain/DEX and better wallet management spread across the various blockchain networks.
- Recovery Protection Guarantee- The private keys can be recovered in a hassle-free manner in certain cases through the feature of re-sharing, which implies the regeneration of private key shares.
- Security Audit- In order to ensure that no compromise is made on the security domain, a well known and an autonomous third-party auditor has been set to audit and make the cryptography and code in the Binance TSS library more robust. Kudelski Security would conduct the security audit, and the reports of the future audits would be made public and accessible to the Binance blockchain community.
How can TSS be implemented on the Binance Chain?
There are certain steps to be followed to complete the signing process for TSS, and the TSS library has been integrated with the Binance Chain blockchain to provide a complete guide. A few of the steps are:
- Vault Initialization– The concerned parties will be initialized with the establishment of an end-to-end encrypted communication medium
- Key Generation– If the secrets of the private key can be shared with 2 out of 3 TSS singers, in accordance with the diktat of the quorum policy, then the private key shares will be shared with 3 parties out of which any 2 can put their signatures on the transaction.
- Signing– The signatures of the parties concerned will be obtained and this digital signature will also reveal their shares of the secret.
- Vault Regroup– When two or more parties are involved, any one of the party may choose to leave the team, new secret shares will be created. This would be shared between the remaining or new parties involved.
The Road Ahead
Binance has just started its work with TSS and this seems to be only the beginning of this association. It has plans to continue this work in the future and also integrate with the Binance Chain community which would help to advance greater TSS support for higher-level use cases. Cryptocurrency and blockchain is a growing field, and Binance intends to continue its association with the community to create, develop and sustain a healthy and holistic open-source ecosystem on cryptography, which would help in the further development of this already dynamic field.