Split-Key Protocol for Authentication

Züs (formerly 0Chain) provides users with a safe and secure way to hold their tokens. 0Wallet simplifies the process of storing, sending, locking, and staking native tokens on the Züs Network. By using a split-key protocol, users are able to have peace of mind that their tokens are well protected like a hardware wallet. To learn more about the technical aspects of development and implementation, click here.

Current issues with cryptographic keys & signatures

Every user in the crypto world at some point deals with the challenges of maintaining and managing cryptographic keys. These challenges can include key generation, management, and maintenance. A major issue is the lack of wallet technology that makes it easy for existing and new users to safely manage their assets. Currently, digital signatures are one of the most computationally intense actions on the blockchain. Users need to generate and authenticate their transactions while miners verify and validate them. with the split-key protocol, we can solve some challenges presented by this process.

Safe storage and Preventing Hacks

There are currently a variety of wallets, both offline and online, that are used throughout the world. Each of these wallets contains its own unique issues that threaten the integrity of the contents within. Some require 2–Factor Authentication (2FA), which recently has been shown to be vulnerable to attacks and is also dependent on the uptime of the network and servers.

Due to the unsafe nature of current wallets, Züs has taken a new approach to key generation and management by using multiple devices. Typical users have more than one device at their disposal (such as a mobile device and laptop) in which their private key can generate multiple split keys and store them in each device respectively. By using the split-key protocol and splitting the key into multiple devices, four things are accomplished:

1. Adequate protection even if a component of the key is lost or corrupt
2. In the case of losing a device or theft, the key is protected
3. Signatures must contain all the split components
4. The components of signatures from each device are secure on their own and cannot be used for an attack or to expose other portions of the key.

It is worth emphasizing that if one of the devices is compromised, the user’s asset is still safe. They can regenerate a new set of keys with their original mnemonic (private key). In today’s implementation of theZüs Split Key Protocol for the 0Wallet app, there are two keys generated from your private key and split into a phone and laptop, so that every transaction needs authorization from the other device. In order for a hacker to gain control of the wallet, they need both of devices and their respective passwords.

Züs’ Approach to split-key protocol

Currently, it is estimated that nearly 40% of Bitcoin’s transcript space is occupied by signatures. Each block requires verification which is demanding on the system. On the contrary, aggregate verification offers an efficient solution. Züs combines several signatures into one “super” signature and thus, the verification is only carried out on the “super” signature, not each individual one. This saves significant space and computing time which in effect reduces verification cost and increase speed.

While aggregation is an efficient method, it presents itself with multiple issues on current systems and schemes, such as not being able to split the keys in a convenient way. However, by changing the configuration of the schemes, Züs is able to implement aggregation with key splitting. split-key protocol requires that the transaction is signed by all devices in order for the transaction to occur. By doing so, Züs implements a safe and secure wallet which also lightens the load on the blockchain network, and reduces computational strain.

BetaNet Progression: 0Wallet

BetaNet continues to roll out over the coming weeks via a series of releases. 0Wallet will be updated and released on mobile and desktop. This allows users to create a wallet, send test transactions, lock and stake tokens, and use our 2DA split-key protocol. To find out more on how to set up 0Wallet and 0Auth, click here.