QSign
Introduction
Technology Preview
Please note that QSign is currently in Technology Preview. This means that the features, functionality, and performance of QSign are subject to change and may not yet be fully stable and are not production-ready. The purpose of this Technology Preview is to gather user feedback, identify issues, and make improvements before the official release. We encourage you to provide feedback on QSign: raise issues on GitHub or join our Discord channel.
Disclaimer
By using the QSign Smart Contract, you acknowledge that you are aware of the risks associated with using smart contracts and blockchain technology and that you assume full responsibility for any loss or damage that may occur as a result. This smart contract is provided “as is” without any warranties or guarantees of any kind. The developer of this smart contract will not be liable for any damages of any kind arising from its use
TL;DR
- QSign allows a user to establish communication between smart contracts living on different chains
- Interaction with the QSign is done via calling the service (instructor) contract
- The only thing required for integrating QSign is to support the interaction interface in the user-owned smart contracts
- QSign uses a dMPC module for wallet generation and signing
Motivation
Today we see a lot of emerging L1 blockchains and scaling L2 solutions and yet more new networks to come. Storage of assets and running dApps on such emerging chains or building cross-chain dApps are challenging due to several reasons:
Issues with bootstrapping liquidity on new chains
User experience: Technical knowledge required to engage with different networks and cross-chain activities can be a barrier to entry for many users, especially when it requires managing multiple wallets or navigating complex transaction processes.
Associated risk: Some chains, especially new ones, can carry higher operational and security risks. Each blockchain in a cross-chain environment has its own unique characteristics, such as its consensus mechanism, transaction format, smart contract language, and more. Keeping up with the updates, fixes, and changes in each of these blockchains can be a non-trivial task.
Challenges related to maintenance of cross-chain applications
Maintaining a cross-chain application involves substantial engineering and operational efforts. Developers need to understand the intricacies of multiple blockchains and, potentially, multiple smart contract languages. Coordinating operations across multiple chains can be logistically challenging and require substantial resources. To manage the complexity of this task, developers may resort to centralized or semi-centralized components. While this can simplify development and maintenance, it can also introduce central points of failure.
Lack of flexibility and tooling for secure cross-chain messaging
Each blockchain has its own unique technical characteristics, including its consensus mechanism, data structure, and transaction validation process. There are currently no widely accepted standards for cross-chain messaging, which means each project might implement its own methods, which increases potential attack vectors.
QSign allows creating wallets programmatically controlled by smart contracts and Qredo MPC network. Users can manage accounts on other supported blockchains as well, which enables dApp developers and blockchain platform teams to build cross-chain.
An EVM contract isn't able to generate signatures for transactions. QSign aims to fix this shortcoming by enabling contracts to trigger generation of keys and signatures outside of the contract. This is achieved by levering the existing Qredo MPC architecture together with the CCO technology.
QSign, therefore, allows you to manage multiple assets on many different chains within one smart contract.
You avoid dealing with key management of programmatically generated addresses by trusting Qredo's MPC architecture. This takes one of the biggest burdens off the shoulders of blockchain users.
Use cases
QSign allows you to build applications for various use cases:
QSign enables secure programmable storage of funds and other on-chain assets with arbitrary administration and logic.
QSign can create a set of wallets on different chains, and you can control these wallets by a smart contract from a single chain. Therefore, Qsign creates a custody layer out of any blockchain. QSign currently supports other EVM-based blockchains, and soon it will also support broadcasting to non-EVM blockchains like Bitcoin.
We can prove the custody of funds and other assets across many different blockchains (proof of state). It's useful when you need to delegate intense on-chain computations, like generation of ZK proofs, to cheaper networks.
QSign further allows bootstrapping TVL for cross-chain dApps on matured chains while being primarily deployed on emerging chains.
Technical introduction
QSign is Qredo's solution for cross-chain interoperability between blockchains. It allows you to manage funds and assets on different chains by interacting with QSign Smart Contracts through a single instructor smart contract.
The QSign system includes the following key elements:
QSign Smart Contracts
QSign Smart Contracts, written in Solidity, work on any EVM-compatible blockchain, facilitating key creation, signature requests, and transaction broadcasting on supported L1 chains. For a list of QSign Smart Contracts on different chains, see QSign addresses.
Qredo MPC network
The Qredo MPC network listens to events from the Smart Contract, generating and returning signatures. The MPC network consists of secure cloud-based MPC clusters.
Cross-Chain Oracle (CCO)
Cross-chain interoperability is enabled by the decentralized Cross-Chain Oracle (CCO). It relays signed data from the QSign Smart Contract to the target blockchain, supporting various message types. Users have the option to run their own CCO for relaying messages across blockchains.
By combining QSign Smart Contracts, the MPC network, and the Cross-Chain Oracle, Qredo ensures advanced programmable signing and seamless interaction between different blockchains.
QSign architecture
The following diagram shows the solution architecture of QSign:
1. The QSign Smart Contract is a go-to access point for users to interact with QSign services:
- The
QKey
function allows you to generate keys. - The
QSignData
function allows you to request signatures for plain data. - The
QSignHash
function allows you to sign data for encrypted data or hashes. - The QSign Smart Contract also provides the option to sign and broadcast a transaction, which will get picked up by the CCO.
Note that the QSign Smart Contract deployment is currently primarily focusing on EVM blockchains such as Ethereum and Polygon.
2. The MPC network is listening to key generation or signature request events emitted by the QSign Smart Contract(s).
Once an event has been detected, the MPC network automatically processes the request and returns the value back to the user. It can create signatures only for keys previously generated by the MPC network.
3. The Cross-Chain Oracle (CCO) is listening solely to broadcast requests emitted by the QSignTx
function of the QSign Smart Contract(s). The user inputs unsigned transactions generated in the previous steps. The MPC creates a signature for this transaction and publishes it on the Smart Contract as a broadcast event. Then this event is picked up by the CCO, which acts as a relayer and submits the signed transaction on the given destination blockchain.
Security considerations
The logic of QSign is built with keyless infrastructure in mind enabled by the MPC network. However, initially you may want to use your own private key to interact with QSign. If you lose it, you will also lose access to your funds in other wallets. QSign is therefore prone to general smart contract risks as well as risks associated with managing private keys.
The Cross-Chain Oracle is currently a separate component and a potential single point of failure. The CCO is designed to be decentralized, meaning you could run your individual CCO instance managing your individual requests or projects. If you deploy QSign and the CCO to your own projects, your need to assure high availability of the CCO to not miss broadcasting events.