/cothority

Scalable collective authority prototype

Primary LanguageGoOtherNOASSERTION

Build Status Coverage Status

Cothority

WARNING: The master branch is currently unstable, as it is in development phase. If you are starting new work with this repository, use gopkg.in/dedis/cothority.v1 instead. The source code for this stable branch is here.

The collective authority (cothority) project provides a framework for development, analysis, and deployment of decentralized, distributed (cryptographic) protocols. A given set of servers running these protocols is referred to as a collective authority or cothority. Individual servers are called cothority servers or conodes. The code in this repository allows you to access the services of a cothority and/or run your own conode. The cothority project is developed and maintained by the DEDIS lab at EPFL.

Table of Contents

Disclaimer

The software in this repository is highly experimental and under heavy development. Do not use it for anything security-critical yet.

All usage is at your own risk!

Overview

This repository has the following main components:

Name Description
conode The cothority server
cosi Request and verify collective signatures
cisc Manage identity skipchains
status Query status of a cothority server
guard Protect passwords with threshold cryptography (experimental)

Getting Started

To use the code of this repository you need to:

  • Install Golang
  • Optional: Set $GOPATH to point to your workspace directory
  • Put $GOPATH/bin in your PATH: export PATH=$PATH:$(go env GOPATH)/bin

Cothority Client - CoSi

A cothority provides several services to its clients. As an example, we illustrate how a client can use an existing cothority to generate a collective (Schnorr) signature on a file using the CoSi protocol. For more details on CoSi, refer to the research paper.

Installation

To build and install the CoSi client, execute:

go get -u github.com/dedis/cothority/cosi

Configuration

To tell the CoSi client which existing cothority (public key) it should use for signing requests (signature verification), you need to specify a configuration file. For example, you could use the DEDIS cothority configuration file which is included in this repository. To have a shortcut for later on, set:

export COTHORITY=$(go env GOPATH)/src/github.com/dedis/cothority/dedis-cothority.toml 

Usage

To request a collective (Schnorr) signature file.sig on a file from the DEDIS cothority, use:

cosi sign -g $COTHORITY -o file.sig file

To verify a collective (Schnorr) signature file.sig of the file, use:

cosi verify -g $COTHORITY -s file.sig file

Cothority Server

Conodes are linked together to form cothorities, run decentralized protocols, and offer services to clients.

Installation

To build and install the conode binary, execute:

go get -u github.com/dedis/cothority/conode

To get an overview on the functionality of a conode, type:

conode help

Configuration

To configure your conode you need to open two consecutive ports (e.g., 6879 and 6880) on your machine, then execute

conode setup

and follow the instructions of the dialog. After a successful setup there should be two configuration files:

  • The public configuration file of your cothority server is located at $HOME/.config/conode/public.toml. Adapt the description variable to your liking and send the file to other cothority operators to request access to the cothority.
  • The private configuration file of your cothoriy server is located at $HOME/.config/conode/private.toml.

Warning: Never (!!!) share the file private.toml with anybody, as it contains the private key of your conode.

Note:

  • The public configuration file of the DEDIS cothority provides an example of how such a file with multiple conodes usually looks like.
  • On macOS the configuration files are located at $HOME/Library/cosi/{public,private}.toml.

Usage

To start your conode with the default (private) configuration file, located at $HOME/.config/conode/private.toml, execute:

conode

Documentation

Each of the parts of the cothority project has a corresponding wiki which are worth checking out if you are interested in more details:

  • The cothority wiki provides an overview on supported protocols, services, and applications.
  • The cothority template wiki shows how you can develop your own protocols, services, and applications such that they can be integrated into the cothority project.
  • The cothority network library wiki presents details on the inner workings of the cothority framework.

Research

The research behind the cothority project has been published in several academic papers:

  • Keeping Authorities “Honest or Bust” with Decentralized Witness Cosigning (pdf); Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Bryan Ford; IEEE Symposium on Security and Privacy, 2016.
  • Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing (pdf); Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Ismail Khoffi, Linus Gasser, Bryan Ford; USENIX Security, 2016.
  • Scalable Bias-Resistant Distributed Randomness (pdf); Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J. Fischer, Bryan Ford; IACR Cryptology ePrint Archive, Report 2016/1067.

Contributing

If you are interested in contributing to the cothority project, please check our guidlines found at CONTRIBUTION, CLAC, and CLAI. Make also sure to have a look at our coding guidelines.

License

The software in this repository is put under a dual-licensing scheme: In general all of the provided code is open source via GNU/AGPL 3.0, please see the LICENSE file for more details. If you intend to use the cothority code for commercial purposes, please contact us to get a commercial license.

Contact

We are always happy to hear about your experiences with the cothority project. Feel free to contact us on our mailing list or by email.