Keyshares and Aggregation
Keyshares
Each MPK is derived from a Master Secret Key (MSK), which is generated each epoch by the Share Generation Client. Once the MSK is generated, the Share Generation Client then performs a function to
- Derive the MPK
- Splits up the MSK into individual keyshares encrypted by each validator's public key
- Submits the encrypted keyshares along with the MPK to
fairyring - Discards the full MSK.
Each validator stores its share of the MSK locally and uses the fairyringclient
to derive the private keyshare for each block height corresponding to the ActivePubKey.
After the private keyshare is generated, the validator submits it via a transaction to fairyring.
fairyring aggregates the private keyshares, and when the threshold for private key construction is met, derives the private key for the current block height.
Each validator needs to run the fairyringclient in order to receive their MSK share each time it changes,
derive their private keyshare according to the ActivePubKey for each condition,
and then submit the private keyshare to fairyring for private key construction.
The initial release will be a Proof of Authority (PoA) chain similar to the approach used by Noble. There are some simple slashing conditions implemented for now (such as submitting incorrect keyshares, or skipping blocks), but this may change.
Keyshare Aggregation
The key share aggregation process is made possible through threshold cryptography.
Once enough validators have submitted keyshares for a particular block,
the keyshares are aggregated to generate the derived private key for that block.
The derived private key can then be used to decrypt all encrypted transactions under a certain condition and execute them.
To create the aggregated keyshare, it is not required for every validator to submit their individual keyshares.
The aggregation can be performed as long as a threshold number of keyshares are submitted.
Currently, at least 2/3 + 1 of the validators have to submit keyshares to create the aggregated keyshare.