Multisig - proof of concept

Multisig - a proof of concept

First, let me introduce three rather ordinary accounts: ak_vfWbz…, ak_dQvJH…, and ak_2aDMa….
They are not very active, and not very fat, but what is interesting is the following:

30> A = <<"ak_vfWbz6Sg1iesGWtMXmgb2RXyLbsiRTjgraD8CvZoCRKtN9zPi">>.
<<"ak_vfWbz6Sg1iesGWtMXmgb2RXyLbsiRTjgraD8CvZoCRKtN9zPi">>
31> B = <<"ak_dQvJHJRRRNn1tkPincb9exxNcd4FPMBCTbFydngr4999x3LjV">>.
<<"ak_dQvJHJRRRNn1tkPincb9exxNcd4FPMBCTbFydngr4999x3LjV">>
32> {ok, ABin} = aeser_api_encoder:safe_decode(account_pubkey, A). 
{ok,<<121,217,193,218,163,75,47,195,4,168,114,105,186,7,76,188,33,100,128,49,248,234,250,65,2,104,230,...>>}
33> {ok, BBin} = aeser_api_encoder:safe_decode(account_pubkey, B).
{ok,<<82,173,197,181,238,197,103,222,101,192,80,17,170,163,132,20,141,176,165,62,159,253,193,153,36,134,182,...>>}
34> AplusBBin = enacl:crypto_ed25519_add(ABin, BBin).
<<207,28,61,15,29,61,151,18,23,141,185,198,184,123,249,22,79,48,83,111,153,25,14,156,197,14,25,167,203,...>>
([email protected])35> aeser_api_encoder:encode(account_pubkey, AplusBBin).
<<"ak_2aDMabFds4dK1XLTRT26aznU42WM7AxgmYZvuLDmvw5WiA6WPM">>

It turns out the third account is the sum of the other two accounts - and this is not by accident (the odds of that happening would be astronomically small) and also if it wasn’t by construction there would not be a way to sign transactions on behalf of this account.

Taking a step back, æternity blockchain is based on ed25519 cryptography, and signing. Signatures (which is what is used to protect/verify transactions on the chain) in ed25519 is a closely related to Schnorr signatures - and this means that with a bit of elliptic curve magic it should be possible to do (n-out-of-n) multisig with normal transactions and a cleverly constructed account.

Earlier today I sat down with @dimitar.chain and we each created an account (ak_vfWbz... is mine and ak_dQvJHJ... is Dimitar’s) - only I know the private key of my account and only Dimitar knows his private key. Then, with an elaborate song and dance number that included sending 4 different partial results (two in each direction) , we managed to produce a (valid) signature of a SpendTx from our multi-sig account ak_2aDMa... - namely th_NLHUV…v1U.

It would be unfair to say that the process is simple and smooth, and I will not go into details on how to replicate this, there is a bit of work remaining before the concept is production ready for the mass market :sweat_smile: … But this little experiment proves that the cryptography works, and that multi-signed transactions are accepted by the network without any changes necessary.

Thanks to @dimitar.chain for helping out in the experiment. We used an extended version of the enacl library which is in a PR here - and the multisig scheme we used is outlined in this post.

17 Likes

This is awesome stuff, thanks for sharing that story! Would be great to get this production ready in the future :sunglasses:

Actually some screencast or sth like that would be great to see what you were doing there :grin:

6 Likes

Well if you produce such account and corresponding signatures - this is already in production - as you can see the transaction is on main net already. All of this is already supported by the nodes. It is up to clients and wallets to be able to produce such accounts and signatures, the multi sig is already in production :tada:

8 Likes

Do we have somebody here in the community with expertise in that area who wants to make this usable for everybody? If so please let me know here or DM me directly :slight_smile:

8 Likes