RFP-3: Chain-Key Signatures

domwoe commented 2 years ago

Overview

The Internet Computer implements a novel threshold ECDSA (tECDSA) protocol to produce chain-key signatures. In this protocol, the private ECDSA key is held in a secret-shared manner by multiple parties, namely the replicas of a threshold-ECDSA-enabled subnet on the IC, and signatures are computed using those secret shares without the private key ever being reconstructed. Each replica of such subnet holds a key share that provides no information about the key on its own, and at least one-third of the replicas are required to generate a threshold signature using their respective key shares. This allows each canister on any subnet of the Internet Computer to control a unique ECDSA key pair and request signatures.

ECDSA signatures are widely used within and outside the Blockchain ecosystem. Platforms/Ecosystems like Ethereum, Cosmos, Filecoin, or Polkadot among many others support ECDSA (on the same curve secp256k1) for signing transactions.

Furthermore, JSON Web Tokens (JWTs) support ECDSA and are widely used for authentication and authorization. More recent standards such as Verifiable Credentials which are heavily used in the Self-Sovereign Identity (SSI) ecosystem can also be used with ECDSA signatures.

Lastly, Public Key Infrastructure (PKI) based on Certificate Authorities and x.509 certificates support ECDSA. However, the Web PKI underlying HTTPS and TLS uses another curve and is not directly compatible today.

Areas for Proposals

Novel applications and infrastructure

Integrations with other Blockchains

Chain-key signatures allow a canister to effect actions on other blockchains. The signed transactions can be either submitted using HTTPS outcalls or introducing (incentivized) relayers.

JWT AuthZ canister

Chain-key signatures allow canisters to issue JWTs. This allows the Internet Computer to be used as an authorization server for microservices and other resource servers outside the IC.

Decentralized Certificate Authority

Chain-key signatures allow canisters to issue x.509 certificates used in Public Key Infrastructures (PKIs). Hence, a canister can serve the role of a decentralized certificate authority. An interesting project would be to investigate if a canister using chain-key signatures and HTTP outcalls, potentially using a custom gateway, could serve as an ACME server similar to Let's encrypt.

Your unique idea

Of course, we are also excited to support you in the implementation of novel use cases that we haven't thought of.

Libraries and Tooling

Libraries to simplify the issuance of JWTs, Verifiable Credentials, and x.509 certificates in Motoko

Tutorials and well-documented Sample Applications

Tutorials in written and/or video form as well as well-documented example applications help new developers get started.

How to apply?

Please submit your application at https://dfinity.org/grants

References

Developer docs
Sample app
Specification of ecdsa_public_key and sign_with_ecdsa

Rishabh0712 commented 7 months ago

@domwoe, wanted to check whether this RFP is still open. The idea of hosting an ACME server over Internet Computer looks interesting and promising to me. Would be coming up with a proposal soon :)

domwoe commented 7 months ago

@Rishabh0712 Looking forward to your proposal.

dfinity / grant-rfps