Hello,
Today we are providing Deliverable 3.1, “A written analysis posted to the forum of whether or not FROST should replace BLS for threshold signature signing, and if so, a redesign of UML diagrams to reflect this change.” Analysis follows. This will also be our update for this sprint.
In our initial design, we had assumed that we would be using BLS threshold signatures in the ZavaX bridge on red·bridge design because BLS was already being used by Avalanchego, the Avalanche node software, and is also used by Ethereum. FROST was also being considered, as it was first brought to my attention as a viable solution by @nathan-at-least at Zcon4.
Since then, after analysis, we have decided to use FROST threshold signatures instead. We have decided to do so for three reasons:
-
We had been under the impression that because Avalanche used BLS signatures, it also used threshold BLS signatures. We assumed that audited libraries for threshold BLS signing, and signing group creation and maintenance, would already be available to us in Avalanchego. However, after showing the design to people deeply familiar with the Avalanchego codebase, I was informed that this assumption was incorrect. Avalanchego does support BLS, but it does not support threshold BLS. While it would be possible to implement threshold BLS from another codebase, it may not have been audited, and it would introduce another possible attack vector and complexity. Tight integration with Avalanchego was a major selling point for using threshold BLS, and with this not actually possible, other threshold signing options such as FROST looked more appealing.
-
The Zcash Foundation has created and supports audited FROST libraries specifically for use with Zcash transactions. In our consideration of FROST, we have found the Zcash-FROST development team from ZF extremely accessible and helpful to us. We are a small team, so having support around us as we build is crucial for the bridge’s success. Also, Zcash-FROST was written to integrate with bridges such as ZavaX. It has everything we need for decentralized signature generation and threshold signing. Also, like BLS, it is scalable for our needs, supporting one thousand signature groups easily.
-
We are funded by the Zcash community through @ZcashGrants, and as such, it makes sense for us to help strengthen Zcash software. The ZavaX bridge will be one of the first implementations of Zcash-FROST and as such can serve as a reference implementation for other projects. We hope this will help to expand the Zcash-FROST user base.
With the decision made to switch to FROST, we revised the ZavaX Bridge architectural documents, and you can find them here. Much thanks to @pacu (also funded by ZCG) for his invaluable help with these revisions. Also thanks to @conradoplg and @nsheep (on Discord) from ZF!