benlaw.eth

Posted on Feb 16, 2022Read on Mirror.xyz

Keyless and storage solution - Arcana

What's Arcana?

"Arcana is a decentralised privacy stack to help developers build secure and privacy preserving applications ."

Basically this is a framework designed for Web3/blockchain developers, facilitating them to build the following system:

  • Keyless Wallet & OAuth: Generate public/private key in a decentralized, non-custodial mannaer and bind the key you generated to Web2 account (Google, Github, etc.), enabling users to access blockchain services via OAuth of their Web2 accounts.
  • Decentralised File Storage and Encryption: Store encrypted files in a verifiable decentralised way. The storage servers are independent 3rd party servers and distributed across the globe, enabling developers and users to choose based on thier geo location.

We've been used to decentralised file storage projects like IPFS, Filecoin and Arweave, so personally I'm more interested in the Decentralised Identification features(keyless, OAuth, etc.).

Basic Info

Fundraise

Closed: Private Sale Round 1, $0.025/XAR, $2.3M raised. Current: Private Sale Round 2, $0.12/XAR, fund raising target $10M.

Investors

VCs are familiar. If you don't know the team at least you can evaluate by their VCs.

Team

Architecture

Modules

DKG Scheme & OAuth

Nowadays crypto wallets use private key/seed phrase system to access blockchains. This could be a resistance for mass adoption since it's hard to record/memorize those key info.

To solve this problem, the Keyless Wallet conception emerged and some criteria should be met:

  1. DKG, decentralised key generation: Generate private key in a decentralised manner
  2. Linker: New form of link between the private key and the user. Users access their private keys via Web2 account OAuth, facial recognition, etc. instead of recording their private keys or seed phrases.
  3. Security and usability. Though we don't expect this as secure as the ordinary way(and we don't have proof it's worse either) it still need to meet the generalized security standard while achieving substantial usability.

It's obvious the 3rd point is just a stretch from 1 and 2. To evaluate a keyless scheme's fundamentals we need to dig into their 1 and 2 implementation.

Arcana utlizes Asynchronous Verifiable Secret Sharing(AVSS) to generate private keys and OAuth as the linker between users and keys.

The AVSS working process:

If you want to fully understand the mechanism you have to read the AVSS paper linked above. Here I only introduce the general view:

  1. In the sharing stage, decentralised nodes generate the secret(here the secret of course is the user's private key) together. No one single node know the whole picutre about the secret, everyone only holds a part of it.
  2. In the reconstruction stage, the private key is reconstructed inside user's wallet within the memory of PC/phone.

And by linking user's Web2 OAuth with the distributed shared secret, it enables the keyless feature.

It sounds pretty cool but I have some different naive thoughts:

  1. With homomorphic encryption we actually don't have to reconstuct the private key anywhere but still remain the ability to sign transactions, just like the current implementations in many projects using threshold signatures.
  2. We can get rid of the Dealer by means of Fast Multiparty Threshold ECDSA with Fast Trustless Setup, though it's a different scheme from AVSS. According to Arcana the dealer is decentralised but I personally prefer a scheme without any prominent standing role since I have no proof whether there will be a security breach in these special roles in real implementation.

Currently we don't have any open source repo or technical details published by Arcana so there's no way to evaluate further. I believe the team will build a robust system to meet the criteria above.

There are also other keyless soultions differing from DKG scheme and Linker. I will compare them in later articles.

File Storage, PoRep and DID

Arcana file storage utlizes Proof of Replication, PoRep for short to ensure storage validity. PoRep was designed by Protocol Labs, the developer of IPFS/Filecoin.

Key points are:

  1. Files are stored with Verifiable Delay Encoding(VDE) to form a verifaible proof.
  2. Challenge-response scheme. Validators will challenge the storage works and storage nodes are responsible for presenting proof in time.
  3. Use Directed Acyclic Graph instead of linear chain pattern to avoid JIT cheating, which only stores half content and compose proof while needed.

Linear pattern

In a linear encoding pattern, cheaters can delete D2 D4 D6 to store only half of the actual data and still generate correct proof by interpolation. 

Within a DAG structure, data and proof are linked in an anfractuosity where it's impossible to do so.

To locate files, Arcana implmented DID URI scheme. Though the DID here is not the users' decentralised identities we generally talk about.

DID URI scheme

SDK

Easy part to understand. I just copy&paste the explanations from official tech whitepaper without further elaboration:

  • Managing public/private key pairs in-app memory . • Fetching and decoding key shares shared by Arcana DKMS nodes. • Signing transactions to be forwarded to gateway nodes or to the Arcana blockchain. • Generating upload, download and delete requests to Arcana storage nodes • Generating share and revoke requests to Arcana blockchain.

Roles and Entities

Arcana Blockchain & Validators

An EVM-compitable PoS chain mainly focus on tracking and verifying states related to:

  • Arcana system usage.
  • DID documents. The DID here is related DID of files, not the generalised meaning of decentralised identity in Web3. Besides, unlike some other file storage systems, files aren't stored on the Arcana Blockchain.
  • Access control lists.

And of course, the validators are responsible for securing the whole blockchain by staking native token and verifying like other PoS chain, and also for:

  • Participating in DKG scheme, storing key shares and responding to requests for keys from clients. This is critical for keyless implementation. For now, Arcana hasn't revealed the details about the form of storage of key shares and how they're distributed among validators.
  • Verify storage validity. Validators are acting as challengers to challenge the validity of storage nodes, who need to prove their storage works when being challegend.

Gateway Nodes

Gateway Nodes are another group of participants of the Arcana ecosystem. Like validators they're also from 3rd party and independent.

Its name implies they are something like a bridge between different roles for connection and gate keeping.

For users, they act as a relayer to broadcast transacations to Arcana Blockchain. As we mentioned above, the Arcana Blockchain is aimmed to verify state and record related events but not trading, so users' submission to Arcana normally will be only related to events like register(private key generation)/upload files.

Note, not Gateway Nodes nor do any other roles in the Arcana system will perform transactions for other blockchains, since usres can use the composed private key generated from DKG to sign transactions directly on other chains. The reason txs on Arcana need to be delegated by Gateway Nodes should be: Users do not need to perceive Arcana Blockchains' existence to get involved in the ecosystem and most of them don't have XAR token on Arcana Blockchain to send transcations.

The cost of relayer submission should be compsentated by token emission to nodes.

For developers and storage nodes, Gateway Nodes will:

  • Monitor storage nodes for performance and uptime
  • Authenticate and facilitate upload, download and delete requests from clients
  • Track developer accounts for usage and billing

Storage Nodes

Easy part to understand. I just copy&paste the explanations from official tech whitepaper without further elaboration:

  • Provide storage for encrypted file shares
  • Provide bandwidth for when encrypted file shares are requested from clients
  • Deallocate storage for when encrypted file shares are deleted
  • Participate in our proof of replication scheme and submit timely proofs when challenged

Tokenomics $XAR

I didn't see any new points worthy to mention about Arcana's tokenomics, just the usual way as all basic infrastructure projects have:

  • Staking to secure the network
  • Incentivize participants like validators and nodes
  • and etc.

No fancy token model is good because the team is not playing some fancy DeFi or financial games, thus they focus on the basic infrastructure consturtion.

Right now $XAR is not in circulation yet and still in private sale round 2.

If you want to learn more about tokenomics like inflation and usage please visit Arcana - Technical Paper.

Summary

Arcana is a brand new project trying to solve the onboarding friction for crypto users and provide a way for decentralised storage and privacy. It's still in the early stage, but with credible team and investors and clear technical solution we expect it to play a great part. If you are interested in the new Web3 infrastructure, Arcana and similar projcets should be in your research list.

ARWEAVE TX

s1EhVCj3JGAe8k6euSIqsM3AG_Hi0by2Ka0lP8UwyMc

ETHEREUM ADDRESS

0x630664594134b641D78c9D2823385d8BAC63d4fF

CONTENT DIGEST

SHQReg2r8DUwm5-Ua6O9eeLhNKADGm-mnVBIthpW_BY

Recommended Reading
🚀TrendX Financing Daily News 04/13/2024