Meta description (140-163 characters): Threshold empowers user sovereignty by delivering a suite of threshold cryptography services for web3 applications through a decentralized network of nodes.
TL;DR
Threshold empowers user sovereignty by delivering a suite of threshold cryptography services for web3 applications through a decentralized network of nodes.
In today’s world, we often make tradeoffs between privacy and usability. We give up our private real-time location data so we can hail a ride, our social security number and spending information to access credit, and our photos and browsing data to stay more connected online. The consequences of these tradeoffs are real and measurable. Millions of login credentials have been leaked, bank accounts and phone numbers have been compromised, our views have been subtly influenced by aggregated data profiles, and algorithms now know more about us than we know about ourselves. But what if we didn’t have to make this tradeoff?
Threshold aims to solve this tradeoff by using threshold cryptography to unlock greater utility for digital assets without intervention from or trust in a centralized authority.
Threshold cryptography distributes sensitive operations across multiple independent entities – like nodes in a network. For an operation to be successful, it needs a threshold or a minimum number of these entities to cooperate with each other. This simple idea increases an information system’s security and availability. It also reduces the reliance on trusted parties since no single actor can corrupt the system. Even if there are a few malicious individuals, the system will continue to function safely and correctly as long as a minimum number of participants follow the rules. For example, with a centralized custodian, only one person needs to be a bad actor to run away with user funds. Threshold cryptosystems protect against this single point of failure.
The Threshold ecosystem was created from the merger of NuCypher and Keep Networks into a single decentralized network. Threshold delivers a suite of threshold cryptography services for web3 applications through a decentralized network of nodes. Services on the Threshold Network include a proxy re-encryption service for user-controlled secrets management and dynamic access control, and tBTC v2, a decentralized and permissionless Bitcoin-to-Ethereum asset bridge.
While the blockchain revolution unlocks the power of decentralized apps, Web3 platforms built on public blockchains can present significant risks to user privacy. The Threshold Network, through its use of threshold cryptography, provides a unique solution to the challenges of user privacy for Web3 platforms.
Threshold’s Proxy Re-Encryption service, PRE, is cryptographic middleware for user privacy-preserving applications. Proxy Re-encryption is a scalable end-to-end encryption protocol that allows a proxy entity to transform (or re-encrypt) encrypted data from one encryption key to another without revealing the plaintext data. The nodes on the Threshold Network act as these proxy entities and use threshold cryptography to securely and cooperatively re-encrypt data for recipients based on access conditions defined by the data owner.
PRE is directly applicable to use cases that aim to maintain data ownership while facilitating data sharing capabilities, such as paid subscriptions to encrypted content or the transfer of data ownership for encrypted NFTs. Data, wherever stored, remains private and encrypted while data owners maintain the ability to share that data and cryptographically enforce access controls.
To envision how this works, imagine a user named Alice who would like to securely share data with another user or application. To do so, Alice would traditionally entrust a centralized service with unencrypted data or private encryption keys. Through Threshold’s PRE Service, Web3 applications can enable Alice to store her encrypted data anywhere, create custom access policies on the blockchain that determine who can access what data, and do so in a secure and decentralized way.
Access to this data is gated by the decentralized nodes on the Threshold Network that enforce Alices’ access policies and stand ready to re-encrypt data for the intended recipients. These decentralized nodes are unable to access the underlying data since the re-encryption process cannot decrypt the data. When the intended recipient wants to access the shared data, they first obtain it from storage and then request re-encryption from the nodes. Each node can only re-encrypt a fragment of the data, and the recipient must collect a threshold number of the re-encryption fragments to decrypt the data.
Thanks to the unique design of Threshold Proxy Re-Encryption, web3 applications can ensure that a user’s data is under their full control while operating on a public blockchain.
The existing solutions that bridge Bitcoin to Ethereum require users to send their Bitcoin to an intermediary, who then issues an Ethereum token of equal value. This centralized model requires you to trust a third party and is prone to censorship, sacrificing Bitcoin's idea of secure, permissionless decentralization.