Cryptographic Operations

The Builder Vault TSM supports the following cryptographic signing operations:

OperationParameters
ECDSAsecp256k1
ECDSAP-224
ECDSAP-256
ECDSAP-384
ECDSAP-521
Schnorr (EdDSA)Ed25519
Schnorr (EdDSA)Ed448
Schnorr (BIP340, "Taproot")secp256k1
RSA PKCS#1v1.52048, 3072, 4096 bit keys
RSA PSS2048, 3072, 4096 bit keys

In addition, the TSM also supports other cryptographic operations:

PrimitiveParametersOperations
AES-CTRKey size 128, 192, 256Keystream
AES-CBCKey size 128, 192, 256Encrypt, Decrypt
AES-GCMKey size 128, 192, 256Encrypt, Decrypt
AES-CMACKey size 128Digest
HMAC-SHA2-256Key size 1-256 bytesDigest
HMAC-SHA2-512Key size 1-256 bytesDigest
RSA OAEPKey size 2048, 3072, 4096Encrypt, Decrypt
RSA x.509 (raw)Key size 2048, 3072, 4096Encrypt, Sign
ECDHCurves: secp256k1, P-256, P-384, P-521Key agreement
RFC 5649Key size 128AES Key Wrap with Padding
AN10922Key size 128Symmetric Key Derivation

The CMAC, RFC5649 and AN10922 operations are currently only available in the Builder Vault SDKv1. Note that the symmetric operations (AES, HMAC, RFC5649, AN10922) only work for specific threshold settings.

MPC Protocols

Blockdaemon Builder Vault MPC solutions are based on public research (some of which was performed by the Blockdaemon team), this includes protocols from the following research papers:

  • [MRZ15] Payman Mohassel, Mike Rosulek, Ye Zhang: Fast and Secure Three-party Computation: The Garbled Circuit Approach. CCS 2015: 591-602
  • [DJNP+18] Ivan DamgÃ¥rd, Thomas Pelle Jakobsen, Jesper Buus Nielsen, Jakob Illeborg Pagter, Michael Bæksvang ØstergÃ¥rd: Fast Threshold ECDSA with Honest Majority. SCN 2020: 382-400
  • [DKLs19] Jack Doerner, Yashvanth Kondi, Eysa Lee, Abhi Shelat: Threshold ECDSA from ECDSA Assumptions: The Multiparty Case. IEEE Symposium on Security and Privacy 2019: 1051-1066

Additional Features

In addition to the cryptographic operations, the TSM has a number of features: