The Importance of Randomness: Keep’s Role in tBTC
15 Apr

How Keep contributes to the first app that lets people earn with their Bitcoin on Ethereum

Keep is one of the three projects contributing to tBTC, which will launch April 27 and allow Bitcoin holders to use Ethereum decentralized finance applications for the first time. Keep, Summa, and Cross-Chain Group are each responsible for at least one of the technical elements of the open-source project, which enables users to earn safely on Ethereum with their Bitcoin. Keep’s specific contribution is the random beacon that selects the signers for deposits of TBTC, which are ERC-20 tokens. tBTC needs a system with its own work token for Sybil resistance. The signers themselves are also selected from among a pool of candidates on the Keep network.

Keep is about privacy

Keep is designed as a privacy solution. Specifically, Keep enables privacy around essential network components. Signing groups can’t operate unless they’re signing from a key that nobody knows; this applies to the random beacon as well. At the core of Keep’s solution is the ability to keep small amounts of data (such as a private key) actually private in order to do things with that data. This is why true randomness is so important in Keep. All parties would have to collude to know what a user is working on, and collusion becomes almost impossible when signer selection is truly random.

Threshold ECDSA “keeps” protect users’ Bitcoin

The distinction between on-chain and off-chain is important here. tBTC is entirely on-chain. But Keep stores private information, such as keys, in off-chain “keeps” that use threshold ECDSA — which is audited and used by top crypto wallets and exchanges including Binance. These “keeps,” which are named after the most secure part of a castle, communicate via the Ethereum chain but exist apart from it. tBTC’s smart contracts interact with the smart contracts on the Keep network, which touch the off-chain keeps.

The concepts Keep employs aren’t new. What’s novel, and special, about the way Keep acts within tBTC is the specific assembly of the concepts. The ideas are put together with smart contracts in a defined and secure way. The design is rooted in an ethos that prioritizes giving the token holder the maximum degree of autonomy. Holders and operators can decide where they want to put their risk and how to manage it, rather than the network deciding for them. All of this is done in a trustless environment.

Random beacon selects signers

A key way tBTC ensures trustlessness is by addressing counterparty risk. It uses a system of “signers’ groups” that allows tBTC to process transactions without a trusted middleman. Signer selection is therefore essential to tBTC’s proper functioning. The idea is that no one knows who the signers will be — including the signers themselves until the moment they are selected by the random beacon. This is to ensure that signers are not able to collude to steal funds or attack the network, and it’s why the true randomness supplied by the beacon is so important.

We can compare Keep’s random beacon to other trustless proof constructions such as zk-SNARKs. The two concepts can be thought of as providing different approaches to the same problem. With zkSNARKs, a user sees proof that an action was completed correctly, without having the details of the transaction or the counterparty revealed. In essence, zk-SNARKs say, “I did this thing. Here is proof that I did this thing correctly.”

Keep’s random beacon effectively approaches this from the opposite direction, using randomness to ensure that a task will be completed in a trustless way. So Keep says, “Please do this thing on my behalf with information, such that no one can know what that information is.”

Sybil resistance

An important element of security is sybil resistance. In a sybil attack, a user creates multiple accounts that together constitute a critical mass that can take control of the network. For tBTC to have effective sybil resistance, the negative implications of these attacks must outweigh the positive. It must be prohibitively expensive to successfully take control of a given signing group, and therefore to attack the system.

As the first app built on Keep, tBTC’s first iteration is designed with an assumption that Keep is imperfect at providing sybil resistance, since there will be fewer users at launch than later in the network’s development, making the resources required for a successful attack lower as well. As Keep matures, however, future versions of tBTC will be able to leverage improved sybil resistance to reduce the cost of operating on and using tBTC.

Keep helps enable trustlessness in tBTC

The team at Keep has thought hard about how to provide true randomness, and therefore trustlessness. The random beacon is designed as an engine that can power many apps addressing many different use cases. In tBTC, it provides the key component that ensures users’ BTC is safe when deposited — that they can trust the system without having to trust middlemen, because there are no middlemen. We believe in privacy and in finance as human rights, and in tBTC, we’re demonstrating that they can strengthen one another.