The Crypto Stack

The Crypto Stack features the cryptographic elements in Blockchain Commons’ stack, including seeds, sharding, and DKG systems.

The CKM Layer

The CKM layer is an area for future development. It will shift from the CSR model of creating a key and then splitting it to the CKM model of keeping a key split at all times.

• Collaborative Key Management (CKM). A next-generation key-management solution, CKM uses Secure Multi Party Computation (SMPC) to keep a key separated, rather than having it all in one place. Currently, ZF FROST is the only production-ready implemention of CKM, so it’s likely CKM and FROST will go hand in hand.
  • See our CKM page

• Distributed Key Generation (DKG). A cryptographic process where portions of a key are kept separate in separate locations, never combining them until necessary.

• FROST. FROST is a Schnorr-based signature system that offers more robust multisigs. It also has the advantage of optionally integrating Distributed Key Generation (DKG), where portions of a key are held by different devices.
  • See our FROST page
• MuSIG2. MuSIG 2 is another Schnorr-based signature method for creating multisigs. Although it doesn’t support threshold signing like FROST does, it instead offers strong accountability.
  • See our MuSIG2 page

The Sharding Layer

Sharding is a process by which a key is separated into parts that can then be recombined to reconstruct the key.

• SSKR. Sharded Secret Key Reconstruction (SSKR) is Blockchain Commons’ methodology & library for empowing secret sharding, currently focused on a variant of Shamir’s Secret Sharing with expansions for two-level shares. URs allow the encoding of SSKR shares as ur:sskr (though Envelopes are now preferred).
  • See our SSKR page.
• VSS. Verifiable Secret Sharing (VSS) is a next-generation sharding method where the existence of shards can be verified without having to reconstuct the secret.

The Seed Layer

Much of Blockchain Commons’ work is focused on providing users with secure & resilient protection of their cryptographi secrets.

• Aymmetric Keys. Private and public keys are generated from seeds using specific derivation paths. They enable encryption and signing.

• Seeds. Seeds are the foundation of digital-asset security, as they’re used to generate signing keys and auth keys, often in a hierarchical manner. URs allow the encoding of seeds as ur:seed, but Envelopes are now preferred because they can store metadata and also allow for encryption or elision. Blockchain Commons’ seedtool-cli-rust and Seedtool for iOS offer best practices for the management of seeds.
  • See our 128-bit test seed
  • See our 256-bit test seed
• Entropy. The randomness used to create seeds is Entropy.

Cryptographic secrets can be stored in one of two ways: as simple text-based URs, or as more descriptive Envelopes.