Introducing Post-quantum Security to Signatures on Substrate
ChainSafe worked with xx Network to bring post-quantum security to Substrate chains, developing a Rust W-OTS+ library, Substrate pallet, and Placard generation for quantum-resistant, privacy-focused blockchain tech.
Written by Elizabeth Binks
ChainSafe is proud to announce it finished a collaboration with xx network. The xx network is one of the world's first quantum-resistant and privacy-focused blockchain ecosystems.
A few months ago, xx network asked us to help implement Winternitz One Time Signatures (W-OTS+) for Substrate-based chains. We also automated Placards generation. The main goal of this project was to add post-quantum security to signatures on Substrate.
Technical Features of W-OTS+ and XX Network
For context, W-OTS+ is a quantum-resistant digital signature scheme that uses relatively small key and signature sizes. And the xx network is a layer one blockchain co-founded by cryptography pioneer David Chaum. XX network is unique in its efforts to guard against cryptography-breaking quantum computing.
This collaboration had two focal points. The first is an implementation of an independent W-OTS+ crypto library that can be used in any context. The second is a Substrate Pallet. It includes an Off Chain-Worker Implementation to add the W-OTS+ signature scheme and Placards into a Substrate runtime environment.
Both implementations are new to the Rust-Substrate ecosystem. There is a Golang implementation already. To support interoperability with Substrate-based chains, the W-OTS+ scheme was rewritten in Rust.
This package of technologies, therefore, can be regarded as an attractive option for future implementers from various language backgrounds.
Post-Quantum Security Advantages of W-OTS+
W-OTS+ is suitable for post-quantum environments as it’s a hash-based signature scheme. Current signature schemes used in blockchains, like ECDSA, Schnorr, and BLS, rely on the difficulty of the discrete logarithm problem. Hash-based schemes rely on the difficulty of finding the preimage of a hash.
Unlike the former, there is no efficient quantum algorithm for the latter, making hash-based signature schemes quantum-resistant.
Hash-based cryptography is not the only approach being proposed for a post-quantum world. Isogeny and lattice-based approaches both try to fix the one-time-use limit of hash-based signature schemes.
Recently, people found unexpected critical vulnerabilities in SIDH, a NIST finalist. Because of this, hash-based cryptography remains a safe method.
Given that W-OTS+ are one-time signatures, each time a signature is revealed, part of the private key can potentially be recovered. Thus, re-using a private key for multiple signatures eventually leaks the entire private key.
To work around this issue, for the xx network’s use case, a set of keys derived from the same seed and merkleized is published as a validator’s public key. Then, to validate a signature, a merkle proof of inclusion within the tree with the published root is used. The merkle tree of keys is referred to as a “Placard” in the implementation, which can be seen as a simplified version of the XMSS signature scheme.
XX Network's Quantum-Secure Privacy Technology
As the need for post-quantum cryptography approaches, the xx network is making sure its privacy-preserving tech stack is quantum-secure.
This stack includes a private messenger app backed by a mixnet. It also has a new wallet generation method called Sleeve. Sleeve lets you embed a W-OTS+ public key as a backup for any other cryptocurrency wallet. Now, it takes the first step to add quantum secure cryptography into the xx network's Substrate-based blockchain.
The newly developed W-OTS+ crypto library helped the xx network team implement Sleeve wallet generation in Rust. They also cross-compiled it to WASM for use in web browsers. Any user can now create a quantum-ready wallet for any cryptocurrency. They can do this directly in the xx network web-based wallet and staking app.
About ChainSafe
ChainSafe is a leading blockchain research and development firm. It focuses on protocol engineering and infrastructure development. It also works on co-development and web3-enabled gaming.
ChainSafe contributes to major ecosystems. These include Ethereum, Polkadot, and Filecoin. It also creates solutions for developers and teams across web3.
ChainSafe wants to build accessible and better tools for developers. It follows an open source and community-guided approach to advance the future of the internet.