The 12th KIR: TEEware_Threshold Signature Scheme Wallet for Klaytn

Summary

KLAY Funding

  • Proposed: KLAY worth USD 303,900

Proposal

Brief Introduction of the Project

In order to fully utilize the features of the blockchain ecosystem, cryptocurrency wallets that include DApp browsers such as MetaMask and KAIKAS are gaining traction. Of paramount importance in this ecosystem is the safe and secure storage of private keys. However, news reports detailing lost or stolen wallets, demonstrate that securing the wallet can be extremely difficult for users.
Threshold signature scheme (TSS) is a state-of-the-art technology that enables distributed key generation and signing in multiple devices without storing the private key in each device, eliminating the weaknesses of single-sig and even multi-sig wallets.
We propose designing and implementing a TSS-enabled Klaytn wallet to improve security and usability of the wallet. The TSS wallet provides the following enhanced functionalities: 1) secure key generation, 2) secure sign transaction, and 3) secure key recovery and refresh. Moreover, the wallet supports secure wallet migration, allowing the user to access the same wallet on multiple devices.
The deliverables will be open-sourced to support possible further developments in Klaytn wallets.

Key Deliverables

Three key deliverables are listed below.

  1. Technical report
    • A survey report of Threshold Signature Scheme (TSS)
    • Design specification of Klaytn TSS wallet
  2. TSS wallet library
    • TSS library API documentation
    • TSS wallet relay server API documentation
    • Sample CLI app for TSS wallet
    • Sample Relay server for TSS wallet
  3. Sample TSS wallet application and benchmark report
    • Sample TSS wallet as a browser extension
    • Sample Android application working as TSS participants
    • Benchmark report of sample TSS wallet

Hi, the security is indeed a big concern!
I got some questions :smiley:

  1. I found the open-source TSS libraries.

    There will be a lot more of such.

    While there are existing TSS libraries,
    what expectations should we have on your deliverables compared to those?

  2. What are the goals here? After the completion of this proposal in 6 months, can the normal users actually use the TSS wallet service? I really want to use a safe wallet service :smiley:

Thanks!

Thank you for your interest.

Most open-source TSS libraries are implementations of research papers on threshold signature schemes. These libraries may not be directly used to develop a blockchain wallet.

Our main purpose with this proposal is to provide a two-factor authentication method for a self-custodial wallet by using the user’s everyday devices, such as a computer and a mobile phone. As a result, we expect Klaytn users to have substantially more security in their wallets.

The majority of the codes are designed and developed within our company. However, if necessary, we can use the open-source codes. If possible, we will utilize security-audited open source projects.

In response to your second question, we can’t tell how the wallet will be serviced after the project is completed. Our main goal is to design and develop the TSS wallet. Anyone with an interest in the wallet will be able to use it because it will be open-sourced.

Thanks for your prompt response.
The two examples for the open-source projects look strong and
I believe they are not research toys. They have been developed and maintained for more than 2~3 years.

I just wanted to see in what perspectives your implementation would bring better security and user experiences.

Thanks!