Some projects delegate verification rights to a few entities or third parties to improve efficiency, which poses certain security risks. We integrate distributed key generation (DKG), Byzantine fault tolerance (BFT), and proof-of-authority (POA) to achieve decentralized verifiers.

DKG:

This process generates a shared public key and private key set collectively calculated by the verifiers. Each verifier has a part of the private key to ensure that no single operator can affect or control the entire private key and make unilateral decisions, improving efficiency.

Quorum:

The Quorum protocol is used to ensure data redundancy and a voting algorithm for eventual consistency, ensuring that more than 2/3 of validators can jointly complete the signing process. The benefit is to avoid single point of failure and be able to quickly complete signature verification.

POA:

For verifiers, we refer to Proof-of-authority consensus proposed by Gavin Wood, co-founder of Ethereum, to invite industry authorities to participate in voting to avoid large capital controlling the market.

In addition to verifier voting governance, we have introduced an external oversight mechanism called Sentinels. Sentinels monitor relayer transactions and ensure transparent parity of cross-chain amounts. They play an important role as neutral watchdogs.

In the future, we will further consider how to implement privacy solutions. By associating the nullifierHash and commitment on the chain through ZKP, the association's role is to prove the hash relationship between nullifierHash and nullifier, and that the nullifier+secret generated commitment is indeed in the merkle tree, thereby ensuring that users can achieve anonymous cross-chain deposits and withdrawals. But this solution is still under discussion and improvement.

Furthermore, we are exploring privacy solutions where core on-chain data like nullifier hashes and commitments can be associated through zero-knowledge proofs (ZKPs). ZKPs will prove the hash relationship between a nullifier hash and nullifier, and that a nullifier and secret together generate a valid commitment within the Merkle tree. This can enable anonymous cross-chain deposits and withdrawals, but the solution is still under development and improvement.