Skip to content

Decentralization

Decentralization of Operations

Third-party Attestation Protocols rely on sets of independent parties. For example, in a Proof of Authority protocol messages are deemed valid if at least M of N parties sign messages. The Third-party Attestation Protocols section described a set of considerations that should be taken into account when reviewing these protocols. This section highlights the critical importance of ensuring the operation of a protocol delivers on the security guarantees of the protocol design.

When external parties attempt to audit the security of the protocol deployment, they will reason about the security of the protocol based on the threshold number of signers (M) and the total number of signers (N). They will expect that at least M parties would need to be compromised, or choose to maliciously sign a value, for a malicious message to be trusted. If one party controls multiple signers, then the true security of the system is different to what it first appears. For example, if one party controls M - 1 signers, then an attacker would only need to compromise that party, and one of the other independent parties. This is what occurred in the Ronin bridge hack.

Another operational consideration is latency and compensation. Parties might only be compensated if they sign messages. If a message is submitted to a contract immediately after (M) parties have signed a message, then it may be that the (M) parties that have lowest latency between each other sign most or all of the messages. In this situation, parties with high latency relative to other parties are not as heavily incentivized as parties that have low latency.

All parties could be compensated to participate, whether their signature is one of the M signatures used or not. In this situation, parties that have high latency relative to other parties are still compensated. Additionally, this means that parties that are temporarily offline are also compensated. A challenge for protocols like this is to prove that all N signers are usually online and are actively participating in the protocol.

Complex inter-node communications mechanisms can be setup to ping nodes, to check that the parties are participating in the protocol. However, the question then is how to prove that a party did not reply and how to prove this in a forum, probably on-chain, that can be used to slash parties not following the protocol.

Last update: October 13, 2023
Created: October 13, 2023