For information about launch and configuration check the README file
.
To perform cross-chain transfers, all operations should be signed with ECDSA secp256k1 threshold (t-n) signature. This signature is produced by core multi-sig services depending on the core validated state. All public signature parameters (including public key) should be defined and stored on the core system.
During parties work they should connect to the core to receive the new events of operation entry creation. That operation will be put into the mempool sorted by operation timestamp. After that some set of operations will be extracted from the mempool and signed by parties. After producing the signature the confirmation message will be sent to the core with the information about the signed operation.
Core operation entry contains the information about some data to sign. Operation can have the following types:
To reach the consensus and prevent system failures all steps should depend on any time source. Unfortunately, using timestamps is not possible because it can create lots of troubles with defining current time between parties, so we will use block number from core to define the time position of the current step. Every party should be connected to the core validator and synchronize their block number to use it like a timestamp in the whole process. Also, all steps will have strongly defined time bounds in blocks. We will define the following time bounds:
We are defining the constant bounds for every session stage so the result session duration is also constant.
Also, there will be such situations where some parties lost their connections or some requests have not reached them for some reasons. To come back into the flow that parties can calculate current session id and session time bounds depending on setup information (start block and start id) and current id. If some party can not continue participating in the current session it will request other parties about the session info and sleep until they finish the current session. Current session will be finished after the session deadline (can be derived from steps time bounds).
To perform the correct signature the parties should reach a consensus on what operations to sign in the current session. To get an agreement on that the deterministic defined party should propose the pool before the signing process will be launched.
Let’s define the function f(prev_sign, parties, session_id)
that accepts the last produced signature, parties set and the session id and produces the proposer of the next pool. Session id is an incremental value.
Every party will calculate that value and accept the pool only from the defined proposer. If the party has not received the pool from the proposer, it will catch up with the other parties and sleep until they finish that session.
After receiving the pool every party shares with other parties their acceptances - the ECDSA signed pool hash with the party private key. For processing the next step parties should receive minimum t exceptions. If party has not received a minimum amount of acceptances, it will catch up with the other parties and sleep until they finish that session.
Every party should have the following public endpoints:
Every party should have the following protected endpoints (reachable by other parties with their ECDSA signature)
From the core side, every party should have an opportunity to fetch the last block information and last produced signature and also, submit the confirmation message.
Every submit request will contain next values: sender (derived from signature), request type, request body. Parties will parse request body using request type descriptor. Supported request types are:
The first key generation requires a launched core with a preconfigured set of parties. Parties information contains the ip address of the party service, Rarimo core account address and trial public key. Also, all parties have the raw flag set as true.
Until at least one party has as enabled raw flag there will not be possible to submit any confirmation.
f(prev_signature, parties, session_id)
.The rarimocore
module functionality provides parties with opportunity to report about malicious party behaviour.
It works in the following way:
maxViolationsCount
(in params) then change party status to Frozen
and set UpdateIsRequired
flag.Currently, parties support only following violations: