Term Structure Key

Why do we need Term Structure Key

In Ethereum, a user uses a unique key pair (private key and public key) based on the ECDSA algorithm to sign and verify every transaction as the guarantee of security. However, the ECDSA algorithm is not a zk-friendly signature algorithm, thus zkTrue-up applies another secure and zk-friendly signature algorithm - EdDSA to generate the Term Structure Key Pair for the verification and execution.

tsKey

In Term Structure, users use Term Structure Key Pair (including tsPubKey and tsPrivKey), known as tsKey, to sign and verify transactions. The key is generated with an externally owned account (EOA) signature. Users need to create tsKey by signing Authentication on Term Structure whenever they connect wallets. The signature is based on EIP-712 format, and the message is shown below:

typedData = {
  domain: {
    name: 'Term Structure',
    version: '1',
    chainId: {VALID_CHAIN_ID},
    verifyingContract: {TS_CONTRACT_ADDRESS},
  },
  types: {
    Main: [
      { name: 'Authentication', type: 'string' },
      { name: 'Action', type: 'string' },
    ],
  },
  value: {
    Authentication: 'Term Structure',
    Action: 'Authentication on Term Structure',
  }
}

tsPrivKey & tsPubKey

tsPrivKey is first created through a series of keccak256 hash processes with the user's ECDSA signature. The tsPubKey is then derived from the tsPrivKey using the EdDSA algorithm. All transactions on the Term Structure protocol must be signed with the tsPrivKey and verified by Circom using the tsPubKey. The proof generated from this process will then be verified by the smart contract durning the rollup procedure. This ensures the security and integrity of transactions on the Term Structure protocol.

Term Structure will not store any user's tsKey. Instead, it will be generated on the user's browser each time when they connect their wallet and log in to Term Structure.

Double Signature Mechanism

Security is the top priority in Term Structure. To ensure the security of transactions, the Term Structure protocol uses a double signature system with both the EdDSA and ECDSA algorithms. This provides an additional layer of security and protects the protocol and users against potential attacks or fraudulent activity on the network.

EdDSA Signature

A signature from EdDSA is signed with tsPrivKey. The signature is used to verify transactions in the ZKP process. ZK-Rollup is believed to be secure because every transaction is verified by the circuit, which is a mathematical structure that describes the specific computations that need to be performed in order to prove the validity of a transaction. The proof is also verified by the smart contract after the rollup.

ECDSA Signature

Users need to sign their orders with EOA wallets by using ECDSA signature on Ethereum. When transactions are sent to Term Structure, they need to be checked and confirmed with the correct ECDSA signature before they can be verified in the circuit.

Currently, the Term Structure does not support multi-signature wallets such as the Gnosis Safe.

Security

The Double Signature Mechanism is a key security feature of the Term Structure. It increases the level of security significantly while maintaining a good user experience. By requiring transactions to have both signatures from the EdDSA and ECDSA algorithms, the Double Signature Mechanism helps to protect users' assets from phishing attacks. Even if a hacker were to obtain a user's tsKey, he would not be able to move the user's assets on the Term Structure without also having the user's ECDSA signature. This helps to ensure the security and integrity of transactions on the network.

It is very important to keep the private key of the user's EOA safe, as the tsKey is created using this private key. Protecting the private key of the EOA is crucial in order to keep assets secure.

Last updated