rmeissner
commented
5 years ago Hey @GuthL this is very interesting, but doesn't meet all our requirements. Since we are trying to enable every user to have a contract base wallet, it should be possible that contract based wallets can be owners of other contract based wallets. This is not possible with distributed private keys.
Also distributed private keys / signing are not as flexible when it comes to adding/ removing owners. All this is defined when creating the set of secrets (at least afaik).
It should still be possible to already make use of this with the current contracts (just create a Safe with 1 owner and threshold 1). The additional gas costs for the loop are very low. The only big difference is when creating the safe, as it would be possible to only store 1 variable (the owner) which would safe around 50k gas (1 time).
I will close this issue, since we will not change our contracts.
Context / issue
Right now, checkSignatures in Gnosis Safe uses a loop to define the threshold signature. This is inefficient and could be easily offloaded to the cryptographic protocol using a threshold signature requiring a single ECRECOVER instead of threshold times ECRECOVER.
Proposed solution
Replace the ECDSA verification loop by a simple ECDSA verification and off-loading the multisig using a cryptographic threshold signature
This would allow unlimited threshold size and cheaper contract executions. It was briefly discussed with @fleupold. Here an implementation that would work as his for the Ethereum blockchain: https://github.com/KZen-networks/multi-party-ecdsa