Everyday life is a trade-off between privacy and usability. People give up real-time location data to hail a ride, spending information to access credit, and personal photos to stay connected. As a result, there are real and measurable consequences—for instance, millions of leaked login credentials, compromised bank accounts, and malicious actors who know everything about you.
While the creation of Bitcoin was revolutionary, it does not fully solve the trade-off between security and usability. Millions of users would rather trust centralized platforms than manage their keys. These users risk censorship, data breaches, and governments freezing and seizing their assets.
Threshold aims to solve this trade-off dilemma. Threshold cryptography provides users with improved utility and usability for digital assets without trusting a centralized party.
Threshold cryptography distributes sensitive operations across multiple independent entities, like nodes in a network. A successful operation requires a threshold or a minimum number of entities to cooperate. This simple idea increases security and availability and reduces reliance on trusted parties. Even if some participants in a threshold cryptosystem are malicious, the system will still function correctly.
For example, with a centralized custodian, it only takes one bad actor to run away with stolen funds. Threshold cryptosystems aim to protect against this single point of failure.
In addition, the Threshold Network includes services like proxy re-encryption (PRE) and tBTC v2. The first provides user-controlled secrets management and dynamic access control. The second – tBTC v2 – is a unique, decentralized and permissionless Bitcoin-to-Ethereum asset bridge.
Threshold was created from the first-ever decentralized merger of the NuCypher and Keep Networks. It empowers user autonomy by delivering a suite of threshold cryptography services for web3 applications through a decentralized network of nodes.
Threshold is community-driven and governed by a DAO. To help power a one-stop platform for threshold cryptographic services, users can stake their T tokens and run a decentralized node on the network. Both active stakers and token holders can participate in DAO governance decisions on the future of the network.
The blockchain revolution unlocked the power of decentralized apps. However, without proper architecture, Web3 platforms built on public blockchains may present significant risks to user privacy.
The Threshold Network aims to provide a unique solution for user privacy on Web3 platforms.
Threshold’s Proxy Re-Encryption service, PRE, is a cryptographic middleware for developing privacy-preserving applications. Proxy Re-Encryption is a scalable end-to-end encryption protocol that allows a proxy entity to transform (or re-encrypt) encrypted data from one encryption key to another without revealing sensitive information.
The nodes on the Threshold Network act as proxy entities and use threshold cryptography to securely and cooperatively re-encrypt data for recipients based on access conditions defined by the data owner.
PRE is directly applicable to use cases that aim to maintain data ownership while facilitating data sharing capabilities, such as paid subscriptions to encrypted content or the transfer of data ownership for encrypted NFTs. The data remains private and encrypted, while data owners maintain the ability to share that data and cryptographically enforce access controls.
Imagine a user named Alice would like to securely share data with another user or application. To do so, Alice would traditionally entrust a centralized service with unencrypted data or private encryption keys. Through Threshold’s PRE Service, Web3 applications enable Alice to store her encrypted data anywhere and set custom access permissions — all in a secure and decentralized manner.
Access to this data is gated by the decentralized nodes on the Threshold Network, which also enforce Alices’ access policies and stand ready to re-encrypt data for the intended recipients. These decentralized nodes are unable to access the underlying data.
When the intended recipient wants to access the shared data, they first obtain it from storage and then request re-encryption from different nodes. Each node can only re-encrypt a fragment of the data, and the recipient must collect a threshold number of re-encryption fragments to fully decrypt the data.
Thanks to the unique design of Threshold Proxy Re-Encryption, web3 applications can ensure that a user’s data is under the user’s ultimate control while operating on a public blockchain.