Collusiveness of the network

Hello everyone,

I’m currently conducting research on the wallet generation and signing mechanisms employed by Layer 2 solutions on Bitcoin and have been exploring various networks for a deeper understanding. Your network has caught my attention due to its innovative approach, but I’ve had some trouble finding specific details in the documentation regarding the wallet signing process, particularly around the security mechanisms and node collaboration.

Could you please shed some light on how your network handles wallet generation and signing? Specifically, I’m interested in understanding:

How many signers (nodes) are typically involved in the signing process for a transaction or contract interaction?
What is the ‘n out of t’ threshold for these signers to successfully execute a signature?
Are the signers pre-selected or chosen randomly? If they’re chosen randomly, could you explain the mechanism ensuring this randomness?
How does the network mitigate the risk of collusion among signers? What are the key security measures in place to maintain robustness against potential threats?
Lastly, I’m curious about the path to permissionlessness within your network or is it already permissionless. How do you envision the transition to a fully permissionless (if it is not that yet) system where any participant can potentially become a signer?

Thanks for the questions, will do my best to answer them all here.

First, you can read about a lot of the Nakamoto designs and how the network signs and processes blocks in the docs: What is the Nakamoto Release? | Stacks Documentation

Next, some context, all of the functionality you are referring to is part of the Nakamoto release, which is currently in the process of being deployed to testnet, so the answer to how many signers are typically involved in the signing process is still unknown.

The threshold for these signers is that 70% of them need to agree on a block for it to be included.

The network is already permissionless as it stands today and anybody can become a signer.

Because of this, signers are not pre-selected or chosen at random, they voluntarily choose to participate as a signer.

As for collusion mitigation, the network is permissionless and has a 70% threshold, so collusion is already extremely difficult.

Beyond that, collusion is mitigated with the reputable signer rollout strategy. Currently, several known, reputable signers are being onboarded that are not anonymous and have their company reputation at stake to reputably sign blocks.

As long as >30% of the signers are these known, reputable signers, we have the dual benefit of having collusion mitigated by these known signers and the decentralized, permissionless group of anonymous signers participating as the please.

You can read a lengthy discussion about this strategy here: sBTC Research - Cap on BTC in Peg Wallet · stacks-network/sbtc · Discussion #316 · GitHub