How Mithril facilitates strong security settings
Built on Cardano, Mithril prioritizes security while aiming to enhance the efficiency of chain synchronization and state bootstrapping – find out how
23 August 2023 5 mins read
Security is of the utmost importance in any cryptographic protocol for safeguarding the integrity, confidentiality, and authenticity of transactions and user data.
Mithril is the protocol built on Cardano that prioritizes security while aiming to enhance the efficiency of chain synchronization and state bootstrapping. Mithril introduces a stake-based threshold multi-signature (STM) scheme that significantly reduces the time required for node synchronization by retrieving a snapshot of the current blockchain state. But how does the protocol manage to maintain robust security without compromising speed and scalability?
This article delves into the security settings employed by Mithril, unraveling the mechanisms that ensure its resilience.
Mithril facilitates strong security settings based on the technical protocol characteristics and stake participation.
On Cardano, Ouroboros randomly selects nodes to serve as block producers based on the stake they hold. Certain messages or actions require a specific number of stakeholders to provide their cryptographic signatures.
To enhance scalability in a blockchain environment, it is crucial to address the complexity of critical operations that grow linearly with the number of participants. As the number of participants increases, the process of efficiently aggregating their signatures becomes more complex. In a typical scenario, each stakeholder would need to individually sign the relevant message to ensure a signature representing the majority of stakeholders. While this approach is feasible, it is inefficient in terms of scalability and speed.
Mithril is designed to leverage stake and ensure efficient multi-signature aggregation without compromising security in blockchain systems. It addresses the scalability challenge of aggregating numerous signatures by using a stake-based threshold: instead of requiring a fixed number of participants to validate a message, Mithril requires a fraction of the total stake to generate a correct signature. This allows for efficient aggregation and improves performance.
The Mithril protocol operates in a non-interactive way, eg signers do not need to directly communicate with each other. The aggregation process combines all the signatures into one, with a logarithmic complexity based on the number of signatures.
How does the protocol maintain security?
Mithril leverages Cardano’s proof-of-stake mechanism, which can be integrated into different solutions (eg, wallet as a service). Additionally, Mithril enables fast chain state bootstrapping by allowing stakeholders to validate specific checkpoints of the chain, either by reducing the process of full transaction history verification or accelerating it. This is advantageous for lightweight applications like light wallets and can facilitate efficient tally verification or governance decision-making, for example.
The following diagram illustrates the signing process:
- Mithril signers generate a pair of keys and distribute their verification keys to the aggregator and other signers.
- When it's time to sign, each signer computes a digest of the data to sign and generates up to m signatures, where m is a parameter of the protocol. The number of produced signatures depends on each signer's stake and a verifiable random function, thus combining signing and selection in a single ‘lottery’.
- Signatures are sent to the aggregator, which selects k signatures among all the candidates received, where k is also a predefined protocol parameter.
- Signatures and verification keys are combined into a Merkle tree in such a way that the verification process requires a single elliptic curve operation.
The aggregator can then distribute a snapshot made of the certificate and the actual data signed.
The following features contribute to Mithril’s security:
- Eligibility predicate and stake-based filtering: by controlling the eligibility of signers based on their stake, Mithril ensures that the signing process remains manageable and efficient.
- Combining random selection and signatures: Mithril combines the random selection process with the signature mechanism. This approach ensures that signatures are generated by users who are selected through a fair, verifiable, and pseudo random process.
- Signature aggregation and verification: Mithril requires at least k unique lottery indices gathered from all the signing sessions to produce successful multi-signatures. This aggregated signature can be verified efficiently using a single elliptic curve operation, thus reducing computational overhead.
- Key registration and Merkle tree organization: To minimize computational costs, Mithril organizes participants' verification keys in a Merkle tree structure. Verifiers only need to be aware of the Merkle tree root, reducing the information they need to access. This ensures that the verification process remains efficient even in large communities.
By incorporating these design elements and techniques, Mithril ensures the security of its STM scheme, providing efficient and scalable cryptographic operations while leveraging the stake-based setting of Cardano.
Mithril's security model relies on the active involvement of stakeholders in producing signatures for certificates. A higher stake participation rate from honest and cooperative stakeholders strengthens the security guarantees provided by the certificates. This means that the more stakeholders contribute to the signing process, the more resilient and secure the network becomes against potential attacks.
In the Mithril framework, adversaries cannot produce incorrect or false certificates. However, adversaries can either abstain or deny signing the certificates, which can disrupt the smooth functioning and increase the time it takes for a certificate to be signed.
By fostering a robust network with significant participation from stakeholders, Mithril ensures the integrity and trustworthiness of the blockchain. This active engagement and commitment to security form the backbone of Mithril's approach to stake participation.
Mithril’s stake participation approach
IOG’s approach to establishing the honest majority implies:
- Inviting known stake pool operators (SPOs) to take part in the mainnet beta launch
- Providing audit and behavior monitoring of Mithril participants
Incentivizing good behavior. If the participant does not behave honestly, they will not get their rewards, for instance.
To find out more about becoming a network participant, see this Mithril SPO onboarding guide.