Key Management
Last updated
Last updated
When users register for a Sodium Wallet account, a smart contract will be deployed on the chain for each user, which will store the data and logic related to the account.
In the Sodium Wallet smart contract, users manage their accounts with session keys. When users log in on a new device, a session key will be generated locally and the public key of the session key will be submitted to the Sodium Network for decentralized identity authentication and MPC signature. The session key and MPC signature will be encrypted and stored locally in a secure storage (keychain).
Non-Custodial Solution
With Sodium, users maintain full control over the ownership and access to their cryptographic key pair. Login services only ever have access to one share, making it impossible for the provider to obtain the user's private key independently.
Web 2.0-like Login Experience
On a day-to-day basis, Sodium allows access to a user's key pair through login flows that closely resemble those of Web 2.0, significantly enhancing user experience and facilitating onboarding.
Enhanced Key Recovery and Redundancy
In case of a lost device or share, the built-in redundancy of the share threshold enables users to recover their keys. Moreover, it is possible to refresh shares, effectively revoking lost ones.
This method is more robust than relying on a seed phrase written on paper. While losing a seed phrase grants full access to the private key, losing a share is acceptable as long as the user does not lose more than one share without refreshing the existing ones.
Incremental Security
Users can boost the security of their key by raising the 2/3 threshold to a higher value. For instance, increasing the threshold from 2/3 to 3/4 and adding another authentication factor, such as a hardware device, can provide additional protection. This may be necessary if the user's private key holds substantial amounts of cryptocurrency.
Chain/Platform Agnostic via Native Signatures
Sodium's resulting interface is a native cryptographic key pair, ensuring compatibility with a wide range of cryptographic constructs across various platforms and elliptic curves. Off-chain secret sharing and share refresh further broaden Sodium's applicability, even on blockchains with limited smart contract functionality.
Censorship Resistance
The 2/3 threshold also offers resistance against censorship by Torus nodes. If nodes refuse to return the user's private key share after successful authentication, the user can still reconstruct their private key using ShareA (device share) and ShareC (recovery share).
