Securing the Future: Openfort's SSS Library Audit and Open Source Commitment
At Openfort, our mission is to empower developers to create great games with seamless blockchain integration. Today, we're excited to share a significant milestone in our journey towards more secure and transparent infrastructure: the results of our recent security audit for our Shamir's Secret Sharing (SSS) library, implemented in Go.
You can find our Go SSS library and the full audit report.
The Importance of Shamir's Secret Sharing
Shamir's Secret Sharing Scheme (SSS) is a cryptographic primitive that allows a secret to be divided into multiple parts, or shares, with a threshold number required to reconstruct the original secret. This technique is crucial for secure key management and distribution in various cryptographic applications, including blockchain wallets and secure multi-party computation.
Fun Fact: Shamir's Secret Sharing Scheme was invented by Adi Shamir, one of the creators of the RSA algorithm, in 1979. It's a testament to its robustness that it remains a crucial part of modern cryptography over four decades later!
Deep Dive: How SSS Works
At its core, SSS relies on a fascinating property of polynomials: any degree-k polynomial can be uniquely identified by any set of k+1 distinct points. Here's how it works:
-
Encoding the Secret: The secret S is encoded into a polynomial f(x) of degree k-1 over a finite field Fp. The polynomial takes the form:
f(x) = S + r₁x + r₂x² + ... + rₖ₋₁xᵏ⁻¹
where S is the secret (constant term) and r₁, r₂, ..., rₖ₋₁ are random coefficients.
-
Generating Shares: n distinct shares are generated by evaluating f(x) at different points. Each share is an ordered pair (xᵢ, f(xᵢ)).
-
Recovering the Secret: Any k shares can reconstruct the original polynomial using Lagrange interpolation, allowing recovery of the secret S by evaluating f(0).
Our Audit Journey
In our commitment to security and transparency, we engaged Cure53, a renowned security firm, to conduct a thorough cryptography review and source code audit of our Go SSS library. The audit, completed in August 2024, focused on ensuring the correctness and security of our implementation.
Key Findings and Implemented Solutions
-
Overall Soundness: The audit revealed that our SSS library is generally sound and correctly implemented. The use of GF(2^8) for the underlying field was noted as a good choice for simplification and future-proofing.
-
Timing Variance Resolution: A low-severity issue (OFT-01-001) was identified, showing a small timing variance in the GF256 multiplication. We've addressed this by implementing a constant-time solution, enhancing the library's resistance to potential timing attacks.
-
Enhanced Input Validation: Following the auditors' suggestion (OFT-01-002), we've implemented more robust input validation during the reconstruction process. This improvement enhances the library's resilience against potential attacks and ensures smoother error handling.
Technical Deep Dive: Ensuring Implementation Security
One critical aspect of SSS implementation that our library carefully addresses is the "zero share problem". This occurs when a share's x-coordinate is zero, potentially revealing the secret directly. Our Go implementation includes safeguards against common pitfalls:
- Counter-based shares: We ensure our share generation starts from 1, not 0, avoiding accidental zero shares.
- User input handling: Our library implements strict checks to prevent user-supplied values or identifiers that could lead to zero shares.
- Secure random number generation: We use Go's crypto/rand package to generate secure random numbers, mitigating the risk of zero or predictable shares.
These measures, along with the improvements suggested by the audit, make our SSS library a robust and secure choice for developers. If you're curious, check how we're combining the SSS library with Shield and our security approach at Openfort.
Our Commitment to Open Source
We're excited to announce that we're open-sourcing both our SSS library and the full audit report. As the first of its kind implemented in Go, we believe this library will be a valuable addition to the cryptographic community.
By making our library and audit results public, we aim to:
- Contribute to the broader understanding of secure SSS implementations
- Invite peer review and continuous improvement of our codebase
- Provide a valuable resource for developers and researchers in the field, especially those working with Go
Fun Fact: The concept of open-source security is often referred to as "Linus's Law", named after Linus Torvalds: "Given enough eyeballs, all bugs are shallow."
Looking Ahead
The audit results have provided us with valuable insights, and we've already implemented the suggested improvements. We're committed to maintaining the highest standards of security and will continue to invest in regular audits and open collaboration.
We encourage the community to review our library, provide feedback, and contribute to its ongoing development. Together, we can build a more secure and robust foundation for the future of decentralized applications.
Join us in our mission to make blockchain integration safer and more accessible for game developers worldwide. Let's build the future of gaming, securely and transparently, together.