The collective authority (cothority) project provides a framework for development, analysis, and deployment of decentralized, distributed (cryptographic) protocols. A given set of servers running these protocols is referred to as a collective authority or cothority. Individual servers are called cothority servers or conodes. The code in this repository allows you to access the services of a cothority and/or run your own conode. The cothority project is developed and maintained by the DEDIS lab at EPFL.
Table of Contents
- Getting Started
The software in this repository is highly experimental and under heavy development. Do not use it for anything security-critical yet.
All usage is at your own risk!
This repository has the following main components:
||The cothority server|
||Request and verify collective signatures|
||Manage identity skipchains|
||Query status of a cothority server|
||Protect passwords with threshold cryptography (experimental)|
To use the code of this repository you need to:
Cothority Client - CoSi
A cothority provides several services to its clients. As an example, we illustrate how a client can use an existing cothority to generate a collective (Schnorr) signature on a file using the CoSi protocol. For more details on CoSi, refer to the research paper.
To build and install the CoSi client, execute:
go get -u github.com/dedis/cothority/cosi
To tell the CoSi client which existing cothority (public key) it should use for signing requests (signature verification), you need to specify a configuration file. For example, you could use the DEDIS cothority configuration file which is included in this repository. To have a shortcut for later on, set:
To request a collective (Schnorr) signature
file.sig on a
file from the DEDIS cothority, use:
cosi sign -g $COTHORITY -o file.sig file
To verify a collective (Schnorr) signature
file.sig of the
cosi verify -g $COTHORITY -s file.sig file
Conodes are linked together to form cothorities, run decentralized protocols, and offer services to clients.
To build and install the conode binary, execute:
go get -u github.com/dedis/cothority/conode
To get an overview on the functionality of a conode, type:
To configure your conode you need to open two consecutive ports (e.g., 6879 and 6880) on your machine, then execute
and follow the instructions of the dialog. After a successful setup there should be two configuration files:
- The public configuration file of your cothority server is located at
$HOME/.config/conode/public.toml. Adapt the
descriptionvariable to your liking and send the file to other cothority operators to request access to the cothority.
- The private configuration file of your cothoriy server is located at
Warning: Never (!!!) share the file
private.toml with anybody, as it contains the private key of your conode.
- The public configuration file of the DEDIS cothority provides an example of how such a file with multiple conodes usually looks like.
- On macOS the configuration files are located at
To start your conode with the default (private) configuration file, located at
Each of the parts of the cothority project has a corresponding wiki which are worth checking out if you are interested in more details:
- The cothority wiki provides an overview on supported protocols, services, and applications.
- The cothority template wiki shows how you can develop your own protocols, services, and applications such that they can be integrated into the cothority project.
- The cothority network library wiki presents details on the inner workings of the cothority framework.
The research behind the cothority project has been published in several academic papers:
- Keeping Authorities “Honest or Bust” with Decentralized Witness Cosigning (pdf); Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Bryan Ford; IEEE Symposium on Security and Privacy, 2016.
- Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing (pdf); Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Ismail Khoffi, Linus Gasser, Bryan Ford; USENIX Security, 2016.
- Scalable Bias-Resistant Distributed Randomness (pdf); Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J. Fischer, Bryan Ford; IACR Cryptology ePrint Archive, Report 2016/1067.
The software in this repository is put under a dual-licensing scheme: In general all of the provided code is open source via GNU/AGPL 3.0, please see the LICENSE file for more details. If you intend to use the cothority code for commercial purposes, please contact us to get a commercial license.