AMIS is a financial technology company creating bonds between traditional and decentralized worlds. For a traditional financial company, it’s vital to avoid single points of failure and establish accountability.
Comparing to Threshold Signature Scheme (TSS), shares in this Hierarchical Threshold Signature Scheme (HTSS) are allowed to have different ranks. The main merit of this scheme is vertical access control such that it has “partial accountability”. Although TSS achieves joint control to disperse risk among the participants and avoid single points of failure, the level of all shares are equal. It is impossible to distinguish which share getting involved in an unexpected signature. It is because TSS only supports horizontal access control.
For example, an important contract not only requires enough signatures, but also needs to be signed by a manager. In HTSS framework, through assigning different ranks of each share induces that any valid signature generated includes the share of the manager.
Therefore, AMIS developed a HTSS library and called it, Alice.
Security
For a crypto library, security is always our first priority for AMIS. To improve Alice, we decide to open source and invite Kudelski Security, which is a leading 3rd party auditor cybersecurity industry, to audit the source code of Alice. The full audit report can be downloaded here.
In the audit report, Kudelski Security points out Alice’s uniqueness compared to other TSS libraries:
Compared to other threshold signature scheme solutions, different levels of authorization are possible in Alice, where holders of the secret shares can have different “weights” in respect to the ability to generate a valid signature.
No high severity security issues are found in the audit report, but there’re some medium and low severity security issues. With Kudelski Security’s great help, we’ve fixed most of them and the audit history can be found in this branch and in the report.
Before using Alice
Please read the document carefully before you use it into your production. The most things are:
- Use end-to-end encryption to transfer messages between two parties.
- Stop and restart it if any error messages occur during execution Alice.
Conclusion
Thanks for Kudelski Security’s auditing, Alice becomes safer and more robust. AMIS will keep working on Alice to develop more Hierarchical Threshold Signature features. If you have any ideas or questions, please contact us. We’re glad to hear from you.
