Under the Hood: Asgard Vaults, TSS and Node Churns
Have you ever wondered how THORChain works under the hood? Below you can find a simplified explanation of some of the elegant and mathematically-brilliant designs powering THORChain.
Asgard Vaults
THORChain is its own blockchain (built on Cosmos SDK Tendermint) and operated by up to 120 validator nodes. The beauty of THORChain is that these nodes collectively control addresses (private keys) on the external blockchains that THORChain have integrated (Bitcoin, Ethereum, etc.). These are called the “Asgard Vaults”, which are used to both receive assets (e.g. swaps in, or LP deposits) and send assets (e.g. swaps out, or LP withdrawals). Think of these vaults as just regular BTC or ETH addresses, but collectively and trustlessly managed by the anonymous validator nodes running THORChain.
https://docs.thorchain.org/how-it-works/technology
Threshold Signature Scheme (TSS)
A regular user generates their random seed words, which then generates the private key, and finally the public key or address used to control his assets on the blockchain. This is the basic “one private key — one address” scheme. Extensions to enable multi-party control of an address include Multi-sigs and Secret Sharing Schemes (SSS); but it was not until the development of the Multi-Party Computation-based (MPC) Threshold Signature Scheme (TSS) that THORChain finally had the suitable tool set to manage the Asgard Vaults.
Threshold Signatures Vault: Two (or more) Keys, One Lock.
Below is a great article on the differences between Multi-sigs vs SSS vs TSS:
https://medium.com/zengo/threshold-signatures-private-key-the-next-generation-f27b30793b)
This means that all the THORChain nodes are part of the TSS which generates and controls each of the Asgard Vaults. In fact, each Asgard Vault is limited to a maximum of 20 nodes, which means when there are more than 100 total nodes, they would be split into six Asgard Vaults. There would then be six BTC addresses, six Ethereum addresses, and so on. Every time THORChain needs to send some assets from one of the Asgard Vaults, at least 2/3rds of the nodes in that Asgard Vault need to successfully perform a TSS KeySign ceremony to sign that specific transaction. All of these transactions are trustless and decentralized as each individual node operator would not know exactly which transactions they are signing. The private keys are never known by any party, thus reducing the chance of exploits or rug-pulls.
Node Churns
THORChain also has a Node Churning protocol. Every three days, some validator nodes will leave (churn out), replaced by some standby nodes joining (churn in). The new set of validator nodes will generate a new set of Asgard Vaults, via the TSS KeyGen ceremony. All the assets from the old Asgard Vaults will then be sent to the new Asgard Vaults. Everything happens on-chain, and therefore is a great way to ensure all of THORChain’s funds on all the external chains are indeed still available/solvent. This node churn mechanism also drives increased nodes bonding, and vastly increases the difficulty of any single party attempting to control 67% of the nodes.
Node Churn times can be observed at: https://thorchain.net/nodes
https://docs.thorchain.org/thornodes/overview
Anatomy of a Swap
Now, let’s try to walk through the mechanics of swapping on THORChain, e.g. native BTC to native ETH swap.
Firstly, the user send some BTC to one of THORChain’s Asgard Vault’s BTC address, with a specific memo attached to that transaction, which are the instructions to THORChain (these memos are usually handled by the frontend interfaces, although advanced users can try to craft these manually). THORChain’s validator nodes individually observe this transaction, and when 67% of nodes agree that the transaction is valid, the nodes will then calculate the corresponding amount of ETH (based on both the BTC and ETH liquidity pool ratios). One of the Asgard Vaults will be assigned to send the ETH to the user (from the ETH address that this vault controls, to the user’s ETH address that was specified in the memo). The nodes which are members of this particular Asgard Vault will perform the TSS KeySign, proving they collectively have the correct private key for this ETH address, and thus this ETH outbound transaction can finally be executed.
Feel free to hop into the TC University Discord to chat about this, or any other THORChain questions that you may have.
Explore THORChain: Website, X, Telegram, Developer Discord.
Explore Maya Protocol, the first friendly fork of THORChain: Website, X, Discord, Telegram.
Decentralized, permissionless, non-custodial, trust-minimized, open-sourced, economic-secured, non-wrapped, native-to-native cross-chain swaps, savings and soon, lending!