Skip to content
Gotham city is a fully functional project to demonstrate real-life example of minimalist Bitcoin decentralized HD wallet using 2 party ECDSA
Branch: master
Clone or download
Latest commit f837f9d Mar 18, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
gotham-client Adding recid signature Mar 18, 2019
gotham-server Adding recid signature Mar 18, 2019
gotham-utilities/server Adding sign for ffi Mar 11, 2019
integration-tests AWS Integration (#11) Mar 4, 2019
misc Adding demo to readme Dec 23, 2018
white-paper Delete .DS_Store Jan 19, 2019
.gitignore
LICENSE
README.md Update READMEs Mar 13, 2019
iclient.sh Headers and small fixes Dec 20, 2018
launch-server.sh Headers and small fixes Dec 20, 2018

README.md

Gotham City

Gotham city is a fully functional client/server application of a minimalist decentralized HD wallet using 2 party ECDSA.

Supported Blockchain(s) / Coin(s)

Server

Gotham server is coin / blockchain agnostic but Elliptic Curve specific.

List of supported Curve(s):

  • secp256k1

Client

Gotham client is coin / blockchain specific.

List of supported Coin(s):

  • BTC

Extending the client to support more coin(s) is easy as long as the Elliptic Curve and signing scheme of the new blockchain are supported. In the case a blockchain is using secp256k1 together with ECDSA, the same keygen and signing code can be reused.

Demo

Disclaimer

USE AT YOUR OWN RISK, we are not responsible for software/hardware and/or any transactional issues that may occur while using Gotham city.

Project Status

The project is currently work in progress. For more information you can email us.

Elements

Gotham Server Gotham Client
Description RESTful web service exposing APIs for two party ECDSA key generation and signing Bitcoin minimalist decentralized wallet CLI app
Instructions View View

Project Description

Design Overview

ECDSA Keygen and Signing

ECDSA

Cryptographic libraries

  • secp256k1: Rust language bindings for Bitcoin secp256k1 library.
  • curv : basic ECC primitives using secp256k1
  • rust-paillier: A pure-Rust implementation of the Paillier encryption scheme
  • zk-paillier: A collection of zero knowledge proofs using Paillier cryptosystem
  • multi-party-ecdsa: Rust implelemtation of Lindell's Crypto17 paper: Fast Secure Two-Party ECDSA Signing
  • kms: Two party key managament system (master keys, 2p-HD, shares rotation) for secp256k1 based two party digital sigantures

White paper overview

Abstract

We demonstrate a Bitcoin wallet that utilizes two party ECDSA (2P-ECDSA). Our architecture relies on a simple client-server communication model. We show support for 2 party deterministic child derivation (2P-HD), secret share rotation and verifiable recovery. We discuss the opportunities and challenges of using a multi-party wallet.

Background

For end-users, cryptocurrencies and blockchain-based assets are hard to store and manage. One of the reasons is the tradeoff between security and availability. Storing private keys safely requires dedicated hardware or extreme security measures which make using the coins on a daily basis difficult. Threshold cryptography provides ways to distribute the private key and digital signing. This can potentially benefit security but at the same time reveal new challenges such as availability, ownership and recovery. Bitcoin is utilizing ECDSA as the signing scheme. There is an active line of research for practical and efficient multi-party ECDSA schemes.

For more information, see our white paper.

Comperative Performance

The comparison was done on an Intel i9-8950HK (2.9GHz) using localhost for server (no real network). The numbers are mean for 20 runs of 2P-ECDSA KeyGen and 50 runs for 2P-ECDSA Signing. Standard deviation is inconsistent but for both implementations it is order of magnitude smaller than mean value.

Implementation Gotham city (this repo) Unbound
2P-ECDSA KeyGen 1.05 s 0.813 s
2P-ECDSA Signing 0.153 s 0.206 s

License

Gotham City is released under the terms of the GPL-3.0 license. See LICENSE for more information.

Contact

For any questions, feel free to email us.

You can’t perform that action at this time.