Multisig opps with renVM/sMPC

These two tweets made me think a bit, hoping to hear a bit more from the community and team on their thoughts around this.

image

image

Later when renVM supports smart contracts, should it not be possible for projects to use the sMPC tech of renVM to host DAO’s where no individuals need to hold any private keys but the DAO body does instead?

Also how big can the set of m-of-n sigs be? is it possible to support thousands of signers or is there a limit to it?

When protocols would like to use the sMPC tech of renVM for various purposes but not necessarily to move tokens between chains, is there any way for them to “pay” for those API calls? Since no token is being locked and fees can be taken from that, can they just pay renVM to use its tech? This would boost the node revenues beyond just interop functionalities.

This question kinda also relates to my other post about NFT’s here, renVM supporting NFT assets , will there be functionality to pay for usage of renVM with REN, DAI, renBTC or any other token?

3 Likes

Another question, can renVM in future support multi-sig type of control to node operators? Not sure how necessary that is but multi party ownership could possibly be useful…

This could also be build on Ethereum directly by writing a smart contract that controls the Darknode, instead of tying it to an address directly. I don’t think any changes on the part of RenVM are necessary to make that work.

Vitalik recently wrote a blog about some other neat things you can do when a smart contract (address) is in control: https://vitalik.ca/general/2021/01/11/recovery.html

The whole issue on ethereum recently seems to be that these people with “master keys” (multisig keys) have full control in case something would go wrong with the protocol and so on. Thats what crisblec is referring to in the tweet i screenshotted above (there is no solution for that on ethereum right now). Same example last year when sushiswap rug pulled and Sam was chosen by the community to take over the keys since he was a public figure and could be “trusted”. You want to achieve these things without trust.

With the sMPC tech of renVM you wont need to have any individuals with those keys, a DAO can control those keys through renVM nodes (since nodes dont know what they process they cannot breach the DAO and steal anything with the private keys of the multisig setup). The DAO itself can have any type of governance setups like we already see on ethereum, they just wont have any worries about “master keys” which will make them even more decentralized. A project that immediately comes to mind who focuses on DAO’s is Aragon, if I’m not mistaken they even run on tendermint themselves (same as renVM).

This is a huge benefit, imagine a protocol that can “repair” itself by the governing body (federated or decentralized) and never have the risk of centralized private keys. In a multisig setup you can even have several protocols interact with each other and share governance or any type of decisions between each other (like YFI, Cream, BadgerDAO, Alpha and similar projects).

This is not possible on ethereum, there is no privacy on ethereum baselayer and there is also no MPC possibilities (break up a private key, spread out between nodes and still be able to use the key for whatever purpose, with privacy).

Just want to flag that you can already have DAOs control stuff without multisigs on Ethereum, on-chain voting is an example of that. The reason projects use multisigs is not because there is no other solution but because it’s faster and more reliable than having many participants. If you give participation rights to 100 folks and 75 of them aren’t active, you killed your control of the system as you can’t reach quorum (notably Swerve died this way). More of a democracy/passiveness/bad incentivization problem than a technical one, and I don’t think RenVM would solve those social governance problems.

2 Likes

I see, both @Thomm and yourself make good points.

The part I dont fully follow with your example is that the DAO who controls the the private keys, how are those keys kept secret? Through other privacy tech such as rollups? (assuming private keys are needed in their structure)

My main point was that a group (whether small or big, size wasnt my concern) will be able to control keys which are broken in pieces and spread out (MPC), hidden and yet transparent with full control to the group/DAO.

So it wasnt as much the control itself but the ability to have private keys in open but yet with privacy if that makes sense…

I’m not sure I understand your question, if you, me, and Loong manage a multisig that controls a smart contract, we all three keep our private keys secret, they aren’t exposed anyway by signing a transaction. So I’m not sure what the benefit would be for us to give those private keys to darknodes.

ok so in your example me, you and loong manage the multisig and each one of us keeps the private keys offline and secure. In that situation there needs to be trust in us, which we ideally want to remove from in a decentralized project.

Lets say a project on top of ethereum manages a vault of bitcoins on the bitcoin network. the private keys to that address/vault need to be kept somewhere right? My question was how are those private keys kept secret on ethereum when a DAO is in control of that vault/private keys?

It could be any type of vault, lets just say as an example it is a developers fund which would need the communitys approval for any expenditure. then a multisig could be setup where the devs have keys and community has keys and they can sign using renVM’s MPC tech since the private keys are kept secret.

This goes beyond the scope of just moving coins/tokens between chains. This is about paying renVM fees to use the MPC tech (API calls, private key management etc.) in a decentralized fashion which could be a huge usecase.

My main point was to be able to, as a big group, manage private keys for multiple chains without having to worry about any exploits of those private keys (privacy). And reason I say private keys and not some smart contract is that private keys give FULL control. Will be very difficult to achieve full control to that degree with smart contracts (getting smart contracts with flexibility to be bulletproof is not easy).

Let me know if that makes sense, I could be missing sth, is there already some privacy tech on ethreum to manage private keys for multiple chains in the open? (including the capacity to use those private keys to sign things without the need of extracting/revealing the private keys?)

RenVM could hold keys yes but you are still left with the problem of how the DAO manages those assets controlled by the private key split up in RenVM. If RenVM stores BTC for a DAO, how does the DAO tell RenVM what to do with those BTC? With a multisig themselves or voting or something like that, as RenVM won’t make decisions for the DAO obviously, it needs instructions.

Otherwise if I’m a member of that DAO, what stops me from telling RenVM to send the assets on that private key over to my address?

Yes exactly that’s what I was alluding to in my initial post with the question “should it not be possible for projects to use the sMPC tech of renVM to host DAO’s where no individuals need to hold any private keys but the DAO body does instead?”

And yes ofc renVM will not be able to take any decisions on behalf of other projects, especially since they wont know what they process. Kinda ties back to the NFT discussion where alternatives of payment can be introduced when the token or private key itself is not fungible. Only difference here is that the private key has unknown value.

The tricky part becomes how to seperate those actions. Maybe that can be through isolated specific interactions with renVM where fixed fees are charged and not a %? Maybe more complex interactions can be supported when renVM also supports smart contracts?

I’m not sure tbh, was playing with the idea of functionalities beyond asset movement between chains since the MPC tech in combination with consensus layer is quite unique.