The collective authority (cothority) project provides a framework for development, analysis, and deployment of decentralized, distributed (cryptographic) protocols. A given set of servers running these protocols is referred to as a collective authority or cothority. Individual servers are called cothority servers or conodes. The code in this repository allows you to access the services of a cothority and/or run your own conode. The cothority project is developed and maintained by the DEDIS lab at EPFL.
The software in this repository is highly experimental and under heavy development. Do not use it for anything security-critical yet.
All usage is at your own risk!
This repository has the following main components:
| Name | Description |
|---|---|
conode |
The cothority server |
cosi |
Request and verify collective signatures |
cisc |
Manage identity skipchains |
status |
Query status of a cothority server |
guard |
Protect passwords with threshold cryptography (experimental) |
To use the code of this repository you need to:
A cothority provides several services to its clients. As an example, we illustrate how a client can use an existing cothority to generate a collective (Schnorr) signature on a file using the CoSi protocol. For more details on CoSi, refer to the research paper.
To build and install the CoSi client, execute:
go get -u github.com/dedis/cothority/cosi
To tell the CoSi client which existing cothority (public key) it should use for signing requests (signature verification), you need to specify a configuration file. For example, you could use the DEDIS cothority configuration file which is included in this repository. To have a shortcut for later on, set:
export COTHORITY=$GOPATH/src/github.com/dedis/cothority/dedis-cothority.toml
To request a collective (Schnorr) signature file.sig on a file from the DEDIS cothority, use:
cosi sign -g $COTHORITY -o file.sig file
To verify a collective (Schnorr) signature file.sig of the file, use:
cosi verify -g $COTHORITY -s file.sig file
Conodes are linked together to form cothorities, run decentralized protocols, and offer services to clients.
To build and install the conode binary, execute:
go get -u github.com/dedis/cothority/conode
To get an overview on the functionality of a conode, type:
conode help
To configure your conode you need to open two consecutive ports (e.g., 6879 and 6880) on your machine, then execute
conode setup
and follow the instructions of the dialog. After a successful setup there should be two configuration files:
- The public configuration file of your cothority server is located at
$HOME/.config/conode/public.toml. Adapt thedescriptionvariable to your liking and send the file to other cothority operators to request access to the cothority. - The private configuration file of your cothoriy server is located at
$HOME/.config/conode/private.toml.
Warning: Never (!!!) share the file private.toml with anybody, as it contains the private key of your conode.
Note:
- The public configuration file of the DEDIS cothority provides an example of how such a file with multiple conodes usually looks like.
- On macOS the configuration files are located at
$HOME/Library/cosi/{public,private}.toml.
To start your conode with the default (private) configuration file, located at $HOME/.config/conode/private.toml, execute:
conode
Each of the parts of the cothority project has a corresponding wiki which are worth checking out if you are interested in more details:
- The cothority wiki provides an overview on supported protocols, services, and applications.
- The cothority template wiki shows how you can develop your own protocols, services, and applications such that they can be integrated into the cothority project.
- The cothority network library wiki presents details on the inner workings of the cothority framework.
The research behind the cothority project has been published in several academic papers:
- Keeping Authorities “Honest or Bust” with Decentralized Witness Cosigning (pdf); Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Bryan Ford; IEEE Symposium on Security and Privacy, 2016.
- Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing (pdf); Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Ismail Khoffi, Linus Gasser, Bryan Ford; USENIX Security, 2016.
- Scalable Bias-Resistant Distributed Randomness (pdf); Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J. Fischer, Bryan Ford; IACR Cryptology ePrint Archive, Report 2016/1067.
If you are interested in contributing to the cothority project, please check our guidlines found at CONTRIBUTION, CLAC, and CLAI. Make also sure to have a look at our coding guidelines.
The software in this repository is put under a dual-licensing scheme: In general all of the provided code is open source via GNU/AGPL 3.0, please see the LICENSE file for more details. If you intend to use the cothority code for commercial purposes, please contact us to get a commercial license.
We are always happy to hear about your experiences with the cothority project. Feel free to contact us on our mailing list or by email.