🔐

Preliminary Design notes

Participants

Threshold contract writers: Users that are interested in requesting threshold computation; they write contracts in EVM-based language and they post their contracts (or a reference to) on-chain.
Threshold committee members: Participants in the threshold computation network; at every anchor-chain block (e.g. Ethereum), they read the list of threshold contracts from the chain and compute them.
Interacting accounts: users or other contracts submitting run-time transactions to threshold contracts

Components

Smart contracts

G-RAND Contract

Registration of threshold members
Run: generates events and handle payments
VerifySig: verifies a signature

Threshold Cron Registry (TCR)

Creation of new threshold contracts

Only needed for the 'drand-style' contracts that should be evaluated every block.

DAO Governance

governance contract that allows G-RAND token holders to vote on governance decisions, treasury, parameters, and threshold membership

Token

Threshold shares distribution

Centralized website aggregating shares: Committee members share their results to an agreed upon set of http endpoints (as specified by e.g. governance contract) when done.
Gossip network for share distribution: Committee members share their results via a gossip network when done.
On Chain distribution: committee members share results through a transaction to the threshold contract when done.

Protocol Flow

Threshold Committee Registration

Threshold Committee members candidate as members (might require staking).
The DAO votes/approves the change.
Existing members watching the chain see the DAO event, which triggers a re-sharing ceremony to allocate a shard to the changed membership

Threshold Contract Creation

There are two types of contracts:

Event-based contracts: Smart contracts on the anchor chain emit events via Grand.run(). Committee listens to these events and runs the requested functions.
Cron-based contracts: At the end of a block, the committee runs all the tasks enrolled in the Threshold Cron Registry.

Contract Writer writes a threshold contract as a smart contract on Ethereum. All the data necessary should be in the contract.

If the contract requires the committee to perform threshold operation on some user-input, then they will use the G-RAND contract utility Grand.Run
If the contract requires the committee to perform an operation at every block, then the contract must be registered with the Threshold Cron registry.

Initialization of secret material for the committee in regards to the given contract

Threshold Contract Execution

Committee executes both event-based and cron-based contracts (see Contract types)
They run the computations needed
They post the outcomes on a centralized website and p2p gossip network
(option) Either the committes or any node can perform the On-chain Writebacks if specified by the contract.

Threshold Primitives

The following are the operations that the committee can perform:

Threshold Signature TSign(data, share)
Threshold Decryption TDecrypt(data, share)
Threshold Proxy ReEncryption TProxyReEncrypt(data, share)
(v2) Threshold Encrypt TEncrypt(data, share)
(v2) Secret share
(v2) Threshold Compute

Event-based contracts

Example: Releasing encrypted content on payment

// The album is released if we are paid X
contract ReleaseAlbum {
	const data = 'encryptedAlbumKey'
  pub main () {
		if (artistWallet.balance >= X) {
			GRAND.Run('ThresholdDecrypt', data)
		}
	}
	// This contract doesn't require any write or read since it will become public
}

Example: Access to private newsletter after payment

// The album is released if we are paid X
contract AddMemberToPrivateNewsletter {
	const data = 'encryptedSecretNewsletterKey'
  pub main () {
	}
	pub release () {
		if (message.value == X) {
			GRAND.Run('ThresholdProxyReEncrypt', data, msg.sender)
		}
	}
}
// TODO: we need to make sure GRAND.run also sends the info of this contrat

Cron-based contracts

Example: Random beacon

// Random beacon released at every block
contract DrandRandomBeacon {
	mapping randMap
// Note: this 'auto cron' functionality used in the beacon example
// may be deferred until a future version.
	pub main () {
		GRAND.Run('TresholdSign', currentBlock)
	}
	pub paymentMode () {
		return "on-read"
	}
  pub write (sig, randomness) {
		GRAND.Verify(randomness, sig, currentBlock)
	  randMap[currentBlock] = randomness
  }
  pub read (block) {
		// send payment to drand network
		return randMap[block]
  }
}

Payments

There are three ways that the G-RAND network can be paid:

Payment on method calls: Users calling Grand.Run() and Grand.Verify and threshold contract's read() pay to use these services (similar to chainlink).
Payment on writebacks: Users requesting writebacks at the end of some computation place bounties for reporting the outcome of the threshold network on chain.
Payment for Cron-based Contracts: Users pay ahead of time for running a task

DAO Governance

Voting for membership

TODO: are committees self forming? what does organization of a threshold committee look like? (e.g. how do you get to a 'more expensive but also more secure' commitee where some process (votes by either token holders or the committee members self-organizing) implies a minimum security bar or other expectations.

Future

Transaction triggered actions (via an oracle)
Sampling threshold committees

May have 1 implicit committee as in current drand
or could sample them (eg heiarchical, random, based on stake) - an evolution of the current 'multi-beacon' work in drand

Secret sharing
Multiple committees
governance contract that allows G-RAND token holders to vote on governance decisions, treasury, parameters, and threshold membership

Signing & Decryption network