Arcana Auth: Technical Paper v1.0.3

Arcana Auth is a privacy-centric, non-custodial, decentralized, asynchronous, distributed key generator-powered solution targeted at Web3 application developers to speed up and simplify user onboarding and signing of blockchain transactions. Users benefit from this self-sovereign identity as they can use it to prove their identity across any application that is integrated with Arcana Auth.

Presented by:

Garry FC Ranee | Cryptography Research, Arcana

Mayur Relekar | Founder, Arcana | LinkedIn

Abhishek Chaudhary | CTO, Arcana | LinkedIn

Saurav Kanchan - Blockchain Lead, Arcana | LinkedIn

Non-Custodial Wallet Key Management

I. Abstract

Web3 is a user-centric platform where users own their personal information and data. Authenticated users can interact with Web3 applications, other users, and blockchains using public wallet addresses. User Authentication is the Web3 gateway to data ownership, privacy, accessing Web3 applications (dApps), and interacting with the blockchains. For a traditional Web2 user, all these privacy and security benefits of Web3 come at the cost of significantly increased complexity involved in generating and managing cryptographic keys, especially in current times fraught with cryptocurrency frauds and hacks.

Looking at the cryptocurrency madness, scams, churn and accompanying noise from a wider perspective, one could perceive that some of this chaos is rather an essential artifact of any fast evolving technology. Churn can cleanse any system of its bad actors and bring the ones with mettle to BUIDL into the fore and seize the opportunities. Web3 core infrastructure and technology continues to drive the global blockchain market expectations. Crypto wallet market size is pegged at USD 48.27 billion by 2030, registering a CAGR of 24.4% and the global blockchain market size is expected to grow from $10.13 billion in 2022 to $17.21 billion in 2023 at a compound annual growth rate (CAGR) of 70.0%. Given all the good and not so good attention garnered by Web3 and the growing importance of Web3 user authentication, the barrier to entry in Web3 ecosystem is relatively much higher, both for application users as well as the developers. The existing solutions in the market leave much to be desired when it comes to addressing both ends of the requirements spectrum, the users as well as the developers, especially for Web3 onboarding and user experience in signing blockchain transactions.

This is where Arcana Auth is well positioned to make a huge difference and be a game changer. In this paper, we talk about how Arcana Auth enables application developers to lower the barriers to entry for Web3 users by simplifying Web3 authentication, speeding up user onboarding and reducing the friction involved in getting started with dApps and blockchain interactions. We present our manifesto, design goals, core concepts, system architecture and future work.

II. Manifesto

Arcana Network is committed to simplifying user data privacy with complete security from the ground up. Besides user authentication, we have also set our eyes on data privacy and access control as outlined in our earlier paper here. For now, in the interest of judiciously utilizing our time and resources, we have narrowed down our focus to first solving user authentication and then retraining our guns towards a holistic, decentralized Web3 data storage platform. In that spirit, driven by the principles of Privacy by Design [7] and our personal outlook towards how user data should be stored/shared, we have arrived at a set of principles to guide us on our journey:

Privacy as the default End-users of applications and developers of these applications, leveraging the Arcana platform, should not be required to take any additional steps to safeguard data.

Positive sum Ensure full functionality on the bedrock of privacy. No trade-offs, no surrendering to false dichotomies.

Data Ownership Where possible, enable developers to easily allow users to own their data. This fosters trust and positive feedback loops that would benefit applications and their developers.

Public Verifiability Allow easy verification without compromising on user privacy. Usage and access audits should be made possible by design.

Evolution, not revolution Be pragmatic when enforcing system rules. Optimize for usability.

Ease of use Make no assumptions about users. Every direct/indirect user touchpoint should be intuitive and simple

III. Design Goals

Sovereignty A sovereign chain with our set of distributed key generation validators and network actors will allow Arcana to reach its other goals of providing superior user experience, control over the network in the early days, censorship resistance and modular architecture.

Economic Security and Ease Enable users to onboard applications irrespective of whether they have cryptocurrency or not. Enable easy on-ramp solutions to onboard users and get them started with wallet operations by using Fiat currency where preferable.

Ease of use Stable payments in USD, standard integration design patterns, meta transactions, non-custodial and distributed key management are all key to providing a superior user experience to our customers. This will, in turn, help developers focus on their application and use case instead of worrying about on-ramping and onboarding.

Decentralization Our vision for the decentralization of the Arcana network is evolutionary. It is a necessary trade-off that helps build more robust and mature software systems that can last several years and is something that aligns with our overall manifesto and long term outlook towards the project. While core portions of the networks such as transaction validation, block proposal/commitment, key generation and management... will be fully decentralized from day 1, certain other components like gateway nodes will be eventually decentralized.

Security Secure by design. There are multiple types and levels of security that needs to be considered for Web3 authentication. It not only involves data encryption for data at rest and in motion but also deploying adequate measures for protection against maleficent actors, reducing the surface area of attack and using a trust-less system where access is only granted to the owner once proven.

Privacy Privacy by design. Every user of every app is assigned a set of keys that are used as the starting point for every interaction on the Arcana network. But simply using these keys interaction still means anyone can still derive usage graphs, breaching user privacy. Additional measures to ensure greater anonymity and forward/backward secrecy are key.

Robust Key Generation

Robustness refers to the quality whereby the system can handle a threshold set of failures, bad actors and continue to work in a decentralized manner.

Efficient Onboarding

By efficiency, we refer to simplifying user onboarding without slowing down user login experience. The underlying Web3 authentication system should handle user’s cryptographic key assignment without trading off security and privacy with the speed of login.

IV. Core Concepts

Web3 Authentication

Web3 applications are built using decentralized networks and blockchain technology with a brand new approach to authentication. In Web3 authentication, users don’t need to expose their personal information to access applications or interact with the blockchains. Users have the sole power to choose which applications or third parties to share their data with or withdraw access whenever they deem appropriate. Web3 authentication requires the user’s public wallet address as the identifier and the user needs to prove their ownership of the wallet cryptographically by signing a message with their private key. Users are in charge of the security and privacy of their keys and are not supposed to share private keys to ensure full privacy and security of user data. The benefit of user owned identity and complete privacy makes user onboarding and authentication fairly complex in Web3.

Arcana Auth makes Web3 authentication a breeze, both for the users and Web3 application developers. It provides Web2-like social login, and password-free sign-in while ensuring the necessary security and privacy associated with Web3 authentication and digital wallets. It abstracts the complexities involved in key generation and management for onboarding blockchain applications through the state-of-the-art implementation of distributed key generation protocol combined with the cutting-edge non-custodial, embedded Arcana wallet. Arcana Auth has all the simplicity without compromising on user data security and privacy.

Non-Custodial Wallet Key Management

Arcana provides developers with a decentralized, non-custodial public key infrastructure(PKI) which allows users of their apps to claim a public-private key pair on some user event, typically a signup/register event. Developers can choose from a variety of OAuth based user signup options like Gmail, Facebook, Twitter, Discord, Twitch and even password-free mechanism.

To achieve this Arcana has implemented an asynchronous distributed key generation (ADKG) subsystem, a highly secure protocol using a verifiable secret sharing protocol that works in asynchronous networks.

Arcana’s ADKG implementation solves several of the issues that plague the commonly implemented DKG subsystems in other Web3 offerings. Refer to the next section for details on Arcana’s asynchronous DKG implementation.

Asynchronous DKG

Arcana has implemented state-of-the-art asynchronous, distributed key generation that is very secure and efficient for a low-threshold key generation protocol. It offers the following key features:

Secure

Keys are never shared

Key shares are available with multiple nodes and no single node has access to all key shares

Fast & Efficient

Unlike synchronous DKG and partially synchronous DKG implementations out there, Arcana’s DKG implementation is asynchronous and hence does depend on network assumptions, it is also the most efficient and fast protocol available today for a low threshold ,

n

node system that can tolerate up to

t < n / 3

malicious nodes. It has an expected

O (κ n^{3})

communication cost, where κ is the security parameter.

It uses a buffered key generation for instant key assignment

End user assurance

User doesn’t have to wait for key assignment, ever

User’s private key is only reconstructed in the user’s local browser context and not stored in Arcana ecosystem

ADKG Algorithm

Asynchronous Distributed Key Generation (ADKG) is a building block for any decentralized protocol that allows a set of mutually non-trusting nodes to jointly generate a public/private key pair.

This key pair is used to bootstrap cryptosystems without a trusted third party.

Arcana Network implements the Practical Asynchronous Distributed Key Generation protocol for generating non-custodial keys meant for the SDK users that can be used to sign blockchain transactions.

How is ADKG better?

Earlier, the Arcana Network protocol used a key generation algorithm with a trusted dealer mechanism which had its shortcomings such as:

Dealer has access to all keys as they are the ones generating the keys.

Regeneration of lost shares by a node going down or exiting the network was not automated

The new ADKG implementation is more robust than Arcana Network’s previous DKG implementation as it does not involve any trusted dealer or a third party.

Also, unlike the other synchronous DKG protocol models, ADKG protocol is immune to any underlying synchronous network assumptions. By asynchronous network, we mean a network where the presence of a malicious adversary can corrupt a threshold of nodes and delay message sharing but must eventually deliver all messages sent between honest nodes.

For more details about various phases of asynchronous DKG and how Arcana ADKG is implemented, see Arcana ADKG Implementation Note.

Security

Arcana Auth is designed to prioritize the privacy and security of user data. It uses self-sovereign identity management, which means that users don't have to store their private keys or remember any passwords or passphrases. This makes the onboarding process as simple as traditional web applications, but with all the essential security measures that are hallmark of blockchain and Web3 technologies. The following are the main measures that are in place to protect Arcana Auth from malicious actors:

Non-custodial and decentralized identity: The Auth subsystem does not have access to users' private keys and they are not stored in any database or smart contract. Nor does the user need to store any private keys to prove their identity.

Encryption: Arcana Auth supports data encryption at rest and in motion to protect user information.

Protection against Phishing: Arcana Auth ensures protection against phishing. For example, it ensures that the password-free links cannot be used if stolen, and verifies that the login requests is either from the same device or browsing context that initiated the request.

TLS Security: Arcana Auth and associated components use E2E HTTPS for secure data transmission.

Security Level: By default, Arcana Auth is programmed for the highest level of security. This ensures that user’s private keys are not shared across apps. What this means is, the user’s wallet address is different across different applications in the Arcana ecosystem. For a simpler user experience if a developer or partner requires that the user’s wallet address remains the same across multiple applications, then they need to subscribe to whitelisting and shared key space such that wallet address is the same for users across

CSRF & XSS: Arcana Auth is designed and implemented with protection against Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) attacks.

Backend Security: We take utmost care to maintain a fully secure hosting of Arcana backend on AWS.

Hardening: We are working on multi-factor authentication (MFA) and multi-pParty computation (MPC) level security for user authentication and signing transactions in the future.

Audit: Arcana ecosystem is powered by DKG and Arcana smart contracts. These are both successfully audited for vulnerabilities and certified by Certik.

V. Architecture

Arcana Auth comprises of several components. Two of these components are used by Developers for using Arcana Auth, others are internal to the Arcana Network protocol implementation. Arcana DKG component is decentralized. In addition to Arcana, we have trusted partners who run the DKG nodes that participate in distributed key generation protocol.

Components

Developer Dashboard

Auth SDK

Gateway

ADKG

Smart Contracts

Developer Dashboard

The Dashboard is meant to register applications with the Arcana Network. Developers can create application profile for ‘Testnet/’Mainnet’ and provide appropriate user onboarding settings as per for the application use case. The Dashboard works in tandem with the Gateway node to process application configuration inputs and collect and display application usage data. Arcana Network manages application configuration using smart contracts. In the forthcoming releases, billing information will also be captured by the Dashboard.

Auth SDK

This is the client side JS SDK that provides user onboarding and blockchain transaction signing functionality. Developers must first register and configure their applications using the dashboard and then install and integrate the Auth SDK into their apps. Auth SDK takes care of the following functionalities:

Managing public/private key pairs in-app memory

Fetching and decoding key shares shared by Arcana DKMS nodes

Signing transactions to be forwarded to gateway nodes or to the Arcana blockchain

Gateway Nodes

Arcana Gateway node is the key component that handles meta-transactions and enables gas-less blockchain transactions. It captures Auth SDK usage settings for different developer accounts and applications and communicates with Arcana Network platform smart contracts and blockchain elements to implement the following functionality:

Submit signed client transactions to the Arcana blockchain (meta transactions)

Track developer accounts for usage and billing

ADKG Subsystem

The ADKG subsystem implements Arcana’s distributed key generation protocol. It comprises of seven nodes out of which 3 are run by trusted partners ensuring the ADKG subsystem is decentralized.

For details, see ADKG implementation note here.

ADKG Validators

Validators are trusted partners that independently run Arcana ADKG validator node functionality and manage, maintain the key generation protocol.

Participates in Arcana ADKG scheme

Stores key shares

Responds to requests for keys from clients

Smart Contracts

Arcana smart contracts are typical blockchain contracts. These are programs that encapsulate Arcana Network protocol logic and state information. These are deployed and run on the Polygon Network.

Arcana smart contracts define rules that are governed and enforced by Arcana Network. Like any other smart contract, these are deployed once and never deleted. All interactions with Arcana smart contracts are irreversible. They manage the logic and state for implementing user data privacy and access control. It requires that the dApp user data upload all data into the Arcana Store, as per the dApp configurations.

For details on various types of smart contracts implemented in the Arcana Auth, see here.

Using Arcana Auth

Web3 developers can leverage Arcana Auth in three simple steps. Register your dApp using the developer dashboard, get a unique App Address. Then configure social providers and auth settings. Lastly, install the Auth SDK and integrate your dApp. Use the Auth SDK to onboard users and allow authenticated users to sign blockchain transactions.

VII. Future Work

Following are some of the improvements that are lined up in our forthcoming releases. These are intended for making Arcana ADKG protocol more robust and secure.

Refresh

The Arcana ADKG subsystem has a feature that helps protect against mobile adversaries, which are hacking methods where bad actors hack a node and steal key shares without being detected by the system's corruption detection protocols. They then continue to steal shares over time until they have enough to generate keys. The subsystem uses a refresh mechanism to renew key shares with a random factor, making it harder for mobile adversaries to successfully steal shares and compromise the system.

Repair

The ADKG protocol has a feature called "repair" that helps it continue functioning even if a node goes down and comes back up or loses its key shares. When this happens, the other participating nodes help fix the missing shares so that the protocol can continue with the required number of nodes. This feature makes the protocol more resilient to intermittent node failures. The repair process can involve creating new key shares or redistributing existing shares, depending on protocol design choices and whether the number of nodes in the DKG subsystem has changed or remained the same.

Dynamic Scaling

The ADKG subsystem can expand or shrink smoothly if more nodes are added or if some nodes decide to leave. Having a greater number of nodes means the system can handle more corrupt nodes. However, just increasing the number of nodes is not enough for the system to be robust. To improve fault tolerance, key shares are also redistributed among a different group of nodes or a different number of nodes as part of dynamic scaling.

Batch Mode

Batch mode is a way of operating the ADKG system in order to increase the throughput of the system, the number of keys generated in a given amount of time. This can be done by generating multiple keys at the same time or by using techniques such as parallel processing. We are working on fine tuning some of the algorithms to make the most of the available resources while buffering keys for ensuring instant user login in dApps.

MFA

MFA or multi factor authentication ensures higher level of security for user’s private key in case any ADKG nodes collude and try to get access to user’s private key. With MFA, the user’s private key is not solely dependent upon the key shares generated using the ADKG subsystem but comprises of some additional key component that are dynamically generated and stored locally on the client’s device at the first login, along with some secret stored in a smart contract associated with the user’s identity. Unlike other popular MFA schemes, Arcana DKG does NOT require the user to remember any passphrase. If the user uses a different machine to authenticate, the local copy of the share is regenerated and previous one on the older machine is marked unusable. This ensures higher security for Web3 user authentication process without asking the users to depend solely on decentralized ADKG subsystem.

MPC

Multi-party computation helps to secure user’s digital assets such as private keys used to sign blockchain transactions by ensuring privacy and correctness. It involves taking inputs from ’n’ independent participants in a distributed network and computing an output function without revealing information on individual inputs. No trusted authority is required to collect the inputs, do the computations and declare the result.