Building a vault using blinded co-signers

This innovative approach aims to protect fund movements on the blockchain by minimizing the information co-signers have about transactions. The system is structured around verifying the validity of transactions based on a specific policy before signing, especially focusing on the correctness of a transaction's timelock through Zero-Knowledge (ZK) proofs. Four key transaction types form the core of this setup: vault_deposit, vault_recovery, unvault, and unvault_recovery, each pre-signed to manage different scenarios regarding the deposit, recovery, and use of funds within the vault.

The implemented system provides fund owners, or their designated watchtowers, with the capability to intervene and redirect funds to a recovery address if unauthorized access attempts are detected. This safety mechanism is reliant on at least one signer strictly following the protocol, ensuring the security of the funds. For those interested in delving into the prototype further, comprehensive documentation and code are made available on GitHub, with links to both the documentation and the prototype. It is stressed that this prototype is intended for testing environments such as regtest and signet and not for transactions involving real funds until thoroughly examined. The VAULT_TOOL guide, accessible via a provided link, offers a simplified bash script for users to experiment with the workflow.

A notable challenge in the current implementation is the proving time required for ZK proofs, particularly when demonstrating that key and nonce aggregation complies with the protocol without disclosing sensitive details to the co-signers. On hardware like the Apple M1 Max, this process takes approximately four minutes per transaction, per signer, highlighting the need for future enhancements to reduce proving times and make the system more practical for a broader range of devices and policies.

Feedback from the community is crucial for refining and expanding this security framework. The email also reflects on the potential of blind co-signers to emulate functionalities akin to those seen in Bitcoin, despite the inherent challenges in establishing the trustworthiness of co-signers. Suggestions include leveraging co-signers to emulate necessary Bitcoin script’s op_codes to enable Elf-trace and other fraud proof applications, potentially without relying on specific technologies like Risc0. Making the execution of these opcodes visible on-chain could validate the demand for these features and contribute to the debate around Miner Extractable Value (MEV), while also tracking the honesty and liveness of co-signers. Emphasizing the importance of adoption and usage, the sender believes that bolstering the ecosystem with data on which opcodes merit inclusion in a soft fork next could facilitate this project's success.