1. What is Torus? (NOT TO BE SHARED)

###### tags: `spec` # 1. What is Torus? (NOT TO BE SHARED) Torus is a **decentralized key management system**. It is a blockchain infrastructure layer that allows wallets and dapps to easily leverage secret-sharing schemes to improve key security and reduce key loss, while still providing a seamless user-experience. Torus provides an abstraction over private keys that is extensible to arbitrary access structures, authentication methods, and permissions, allowing users to manage their keys across different dapps, blockchains, and wallets. With the growth of cryptographic applications, key management has become increasingly important. Mismanagement of private keys often results in considerable financial loss, and as usage of private keys become increasingly mainstream through applications like DeFi, P2P messaging, and Decentralised IDs (DIDs), key loss and misuse will become even more prevalent. Torus aims to solve this by introducing an open platform for decentralized key management with the following properties: - **Usability:** Users can access their keys using standard logins, without compromising on security or redundancy of their key. - **Incremental security:** Users can easily upgrade the security of their keys with more factors of authentication or scoped permissions. - **Composability:** Keys should be usable across blockchains and applications with minimal vendor lock-in. - **Self-custodial:** Users have exclusive control over their keys and how they are managed, without relying on centralised third-parties. - **Scalability:** Access controls for keys are optimistically evaluated off-chain, with fraud proofs on-chain upon detection, resulting in minimal overheads ## Recent news **April 2020**: Integration with Kyberswap, Yearn, Opensea **May 2020**: [DirectAuth Launch](https://www.nasdaq.com/articles/torus-goes-blockchain-agnostic-with-new-directauth-dapp-login-tool-2020-05-28), Pilot integrations with Sapiens, Gooddollar by Etoro, Skyweaver's Sequence **July 2020**: [Release Audit with Certik](https://github.com/torusresearch/audit) **July 2020**: Launch with [MyCryptoHeroes](https://www.mycryptoheroes.net/), [Augur v2](https://www.augur.net/) **November 2020** - Opensource SDK, tKey integration on Binance Chain, Blockfolio and others | TSS Signature release on tKey **Jan 2021**- Universal login launch **Feb 2021** - Audits for HTSS and other academic schemes **March 2021** - Testnet deployed for Torus V2 **May 2021**- Incentivized testnet and modeling **June 2021**- Worklock Launch **August 2021** - Mainnet Launch | Wallet release for ecosystem partners **September 2021** - Ecosystem Hackathons and SDK integrations ## 2. Existing products and ecosystem ### 2.1 Existing ecosystem The current Torus ecosystem exists as a permissioned network run by large ecosystem stakeholders like Ethereum Name Service (ENS), Binance, Etherscan, Cosmos, etc. These nodes jointly run a distributed key generation (DKG) protocol that generates shares, and independently verify 3rd-party authentication tokens submitted by users. Upon successful verification, a user is able to retrieve the key shares stored on the nodes. These key shares are combined with shares on the user's device to form the user's private key. ### 2.2 Existing products The **DirectAuth SDK** allows any wallet or dapp to create their own app-scoped namespace on the Torus Network, providing a self-managed solution that allows developers to handle their own user authentication flows. The SDK directly queries the Torus Network for user verification, and allows the application that is using DirectAuth to have full control over the user interface. The **Torus-Embed SDK** provides dapps developers a one line integration for their application that is compatible with the Ethereum provider specification ([EIP-1193](https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md)), and provides a pre-built wallet interface, with global default authentication providers. ## 3. Technical Infrastructure Torus implements several cryptographic schemes including threshold signatures, proactive secret sharing, and hierachical threshold secret sharing (HTSS). It enables applications/users to generate, store and use keys without ever actually reconstructing their key. The Torus Network is a Proof-of-Stake blockchain with generic smart contract functionality, as well as protocol-level opcodes for secret variables (SSSTORE) and oracle variables (OVAR). ![](https://hackmd.io/_uploads/HJmaTrb7v.png) Applications deploy verifier contracts on the Torus Network which then can be used to manage their user keys. Through a joint DKG protocol with the Torus Network, new users generate local shares which are stored on the device. Transaction signing requires at least one user-owned share to be used in the TSS protocol. Varied permissions can be encoded onto the smart contract layer allowing users to implement daily limits, restrictions on transaction types and more. The flexibility of keys also allows for users to adjust the level of security required, incrementing the threshold of shares required to use their key when necessary. In using Torus, applications can gurantee users with a higher level of security and that their interactions are always trustless. Since Torus governs the management of primative keys, it is blockchain agnostic and can even support non-blockchain cryptographic applications.