Skip to main content

Glossary

This page contains explanations of common terms used within Fairblock.

General

Threshold IBE

Identity-based encryption is a form of encryption based on some identifying conditions. Fairblock uses threshold IBE so that no single party controls the decryption keys. Instead of "Identity", Fairblock uses "conditional ids" which are less about actual identity, and more about a range of different variables, often related to a chain's global state, such as block height.

Threshold encryption

Threshold encryption is a form of cryptography that allows a private key to be derived as long as a certain threshold of network participants come together to aggregate their private keyshares. Fairblock uses Threshold IBE, which allows validators to generate a share of the private key using their Master Secret Keyshare once a condition (ID) is met on-chain. Validators then submit their derived private keyshares to fairyring, which can construct the derived private key once the threshold of validator keyshare submissions is met.

Public key

A public key is a large cryptographic value that is used to encrypt data. The public key is publicly visible and used to identify some encrypted data. The public key is derived from the private key, a randomly generated cryptographic value that is needed to decrypt data. In asymmetric encryption and its derivatives, public keys are openly known, while private keys are only made available to owners or receivers of some dataset and signify true owners of data. In Fairblock, we use a Master Public Key (MPK) that is used to encrypt every transaction within an epoch. The MPK is discarded after the end of an epoch.

Block height

The block height is the current length of the blockchain network. It is the number of blocks preceding the current block in a network. The height of the genesis block of a blockchain is zero.

Derived private key

The derived private key is a unique key corresponding to a certain encryption condition (ID) and is required for a chain to decrypt encrypted transactions. The derived private key is obtained by aggregating a threshold number of derived private keyshares.

Frontrunning

Frontrunning is an example of bad-MEV (maximal extractable value) where MEV searchers can observe a user's unexecuted profitable trade in a mempool and manipulate the ordering of transactions within a block. The most common type of frontrunning is sandwich attacks.

Public keys

Active public key

The active public key is the Master Public Key (MPK) that is being used to encrypt every transaction during the current epoch of fairyring. The active public key (ActivePubKey) is replaced by the queued public key (QueuedPubKey) at the beginning of a new epoch. The MPKs are derived from the Master Secret Key, which is generated by the ShareGenerationClient.

Queued public key

The queued public Key (QueuedPubKey) is the queued MPK that will replace the ActivePubKey at the start of a new epoch.

Keyshares

fairyringclient

Every validator on fairyring runs fairyringclient, which is responsible for updating the MSK share each time it changes, deriving the private keyshare from the MSK for each ID (condition for which transactions are encrypted/decrypted), and then sending that derived private keyshare to fairyring. The submitted keyshares are then used to construct the derived private key.

ShareGenerationClient

The ShareGenerationClient is responsible for generating the MSK and distributing it to the validator network using VSS (Verifiable Secret Sharing). Refer to ShareGenerationClient for more details.

Note: The ShareGenerationClient will soon be replaced by distributed key generation (DKG).

Malicious validators

Malicious validators in fairyring are designated as malicious if they send incorrect private keyshares to fairyring or skip blocks.

Proof of authority

Proof of authority (POA) is a consensus mechanism that gives a vetted, designated number of validators permission to validate transactions on the network.

FairyPort - TODO

The FairyPort is a messaging bridge, often referred to as an off-chain relayer. It reads state of the destination chain and FairyRing and is used to communicate between the two networks for passing of keys for decryption.

  • Each tx has a respective ID. That corresponds to a respective keyshare. That keyshare is used to decrypt on the destination chain, and thus enact execution of some sort for the respective tx.