Circle Internet Financial
Circle Internet Financial Logo

Sep 16, 2024

November 10, 2023

Robust Thresholds ECDSA Signatures for Identifying Misbehaving Signers in Real-Time

what you’ll learn

Circle Research has improved security by combining the CGG+21 signing protocol with the CGG+21 traitor tracing protocol. Learn more.

Robust Thresholds ECDSA Signatures for Identifying Misbehaving Signers in Real-Time

TL;DR: Circle Research has improved blockchain transaction security by combining the CGG+21 signing protocol with the CGG+21 traitor tracing protocol. This lets 3rd party observers identify malicious signers in real time - helping to mitigate malicious attacks. 

  • Circle Research releases open-source Golang implementation of CGG+21 threshold signatures to support Web3 developers.
  • The CGG+21 signing algorithm is the recommended update to GG18. Users of the popular Binance tss-lib GG18 library can switch to the Circle Research cggplus signing module while keeping their existing keys.
  • CGG+21 requires fewer rounds of communication than GG18 making it faster for cold storage scenarios.

Securing Transaction Signatures

High-stakes blockchain transactions often require multiple parties to cosign. While many newer blockchains support multiple signers for a single transaction with a native multi-signature feature, this is not the case for some older and more established blockchains such as Ethereum. Threshold signatures are an off-chain workaround utilized when multi-signatures are not available on-chain. In this approach, multiple participants divide the signing key associated with a single address off-chain. This makes multi-sig available to Web3 developers regardless of the underlying blockchain. Threshold signatures offer the added advantage of protecting signer privacy. Since they look like ordinary signatures, viewers cannot ascertain who signed the transaction or even how many signers there were, thereby upholding a fundamental tenet of Web3 - the protection of user privacy. Threshold signatures also cost less gas to verify than native multi- signatures or multi-signature smart contracts.

Security Upgrade

The widely used GG18 protocol has been found to have many security flaws. Library developers have been working hard to keep up with each new vulnerability fix. The authors of GG18 recommend that developers switch to CGG+21 as it solves many of the underlying issues. Circle Research is excited to release an implementation of CGG+21 in the programming language Golang. To our knowledge, this is the first open source Golang implementation of CGG+21. We integrated our implementation into the widely used Binance tss-lib GG18 library. Importantly, existing tss-lib deployments can continue using the same keys and just upgrade the signing software to use the Circle Research cggplus module instead of the original signing module. 

Detect Misbehavior in Real-Time

CGG+21 detects malevolent signers in real-time. Circle Research has chosen to move the zero-knowledge proofs of correct behavior from the traitor-tracing rounds into the main protocol. The total number of rounds is the same, but the messages are now longer. This change enables signers and even a 3rd party observer to detect misbehavior right away and identify the culprit, therefore improving overall security of blockchain transactions.

Optimized for Cold Storage

The most expensive step for signing transactions where keys are in cold storage is to actually go into the vault to access the offline key. CGG+21 requires only 4 rounds of communication, the first three of which are pre-computations that can be prepared in bulk in advance. Signers need to make only a single visit to the vault to actually sign the transaction.  Using CGG+21 allows cold storage users to significantly lower their signing times by reducing vault visits from 5 to 1.


We invite users of tss-lib to try the new cggplus module here: https://github.com/circlefin/robust-tss-lib

Researchers and developers can look at our whitepaper with the technical details here

Related posts

Circle Responds to Abu Dhabi’s Proposed Regulatory Framework for Fiat-Referenced Tokens

Circle Responds to Abu Dhabi’s Proposed Regulatory Framework for Fiat-Referenced Tokens

October 1, 2024
USDC now available in Brazil and Mexico through national payment systems, with local currency

USDC now available in Brazil and Mexico through national payment systems, with local currency

September 17, 2024
Why Drivers of Crypto and Traditional Asset Prices are Similar

Why Drivers of Crypto and Traditional Asset Prices are Similar

July 30, 2024