Sekai Bridge Node

The Sekai Bridge Node is the core component enabling secure multi-party signing for cross-chain transfers. It leverages the tss-lib library to implement a Multi-Party Threshold Signature Scheme (TSS) for both ECDSA and EdDSA, following the principles of Gennaro and Goldfeder 2020. This design ensures that no single entity controls the entire key.

Deployment

git clone https://github.com/KiraCore/torii.git
cd torii/sekai_bridge

Run Docker

make docker-build
make docker-run

Standalone

make build
make run

Configuration

The configuration file config.yml sets up the various operational aspects of the bridge service.

• common: Configures general server options for the service. It sets HTTP with enabled true and port 8885, WebSocket with enabled false and port 9080, and a log_mode of debug.
• p2p: Manages peer-to-peer communications using saiP2P-go. It defines the main communication port as 9000, the number of connection slots as 4, and an HTTP port for P2P operations as 8886.
• http: Specifies the primary API endpoint for the bridge service with a port of 8080.
• udp: Provides settings for fast, low-overhead messaging between nodes. It sets the bufferSize to 40000 bytes and the interval to 100ms.
• peers: Specifies the list of peer nodes for P2P communication, intended to be populated with peer addresses as needed.
• tss: Configures the Threshold Signature Scheme operations for secure multi-party signing. It includes a public_key (e.g., "1"), the number of participating nodes (parties) set to 3, a threshold of 2, and a signing quorum of 2.
• token: Provides a security token used for authenticating internal API calls or inter-service communications.
• debug: A Boolean flag that toggles detailed logging. When true, it enables extensive diagnostic logs.
• cache: Improves performance by temporarily storing data. It defines a ttl (time-to-live) of 120 seconds for cache entries and a clean interval of 240 seconds to purge expired data.
• sekai: Integrates the Cosmos-side component (Sekai) of the bridge. It sets the service url to "http://localhost:1317", specifies the wallet address used for signing transactions, identifies the target network (e.g., "testnet-1"), and configures transaction parameters like gas_limit (100000) and fee (750).
• interaction: Defines endpoints for cross-chain interactions. It includes an ethereum endpoint (e.g., "http://localhost:8882") and a cosmos endpoint (e.g., "http://localhost:8884").

Api Reference

Get Stats for Node (for Debugging Purposes)

curl --location --request GET 'http://<host:port>' \
--header 'Content-Type: application/json' \
--data-raw '{"method":"stats"}'

Keygen

curl --location --request GET 'http://<host:port>' \
--header 'Content-Type: application/json' \
--data-raw '{"method": "keygen", "data": {}}'

Keysign

curl --location --request GET 'http://<host:port>' \
--header 'Content-Type: application/json' \
--data-raw '{"method": "sign", "data": {"msg":"test"}}'

Keysign One Round

curl --location --request GET 'http://<host:port>' \
--header 'Content-Type: application/json' \
--data-raw '{"method": "sign", "data": {"msg":"test","one_round_signing":true}}'

Verify Signature

curl --location --request GET 'http://<host:port>' \
--header 'Content-Type: application/json' \
--data-raw '{"method": "verify", "data": {"msg":"test","signature":"eyJzaWduYXR1cmUiOiJmK013d0NscTl1OGpmNzJnWEFjTnVqTjU2OWdkMTNod0x6QzQwTFB3RzdnOGVjZU50VFUzY1lmQzFRekNwQ0xGZWxjM0Nkcy9OajRqTzNmL0E3R043UT09Iiwic2lnbmF0dXJlX3JlY292ZXJ5IjoiQVE9PSIsInIiOiJmK013d0NscTl1OGpmNzJnWEFjTnVqTjU2OWdkMTNod0x6QzQwTFB3RzdnPSIsInMiOiJQSG5IamJVMU4zR0h3dFVNd3FRaXhYcFhOd25iUHpZK0l6dDMvd094amUwPSIsIm0iOiJNVEF4TUE9PSJ9"}}'