The Secrets behind Secret Shared Validator (SSV) Technology

Get a deeper insight into how SSV's distributed validator infrastructure works under the hood.


The Secrets behind Secret Shared Validator (SSV) Technology
The Secrets behind Secret Shared Validator (SSV) Technology

At the highest level, SSV (Secret Shared Validator) is a brand new, decentralized method of staking ETH for the coming transition of the Ethereum blockchain from a Proof of Work (PoW) to a Proof of Stake (PoS) consensus mechanism. It is not a staking service (i.e. Blox Staking, Coinbase, Stake.fish), but rather an open-source protocol that enables the distributed operation of an Ethereum validator across multiple non-trusting nodes.

On the surface, SSV provides access to a robust, decentralized staking ecosystem on the Ethereum blockchain. Diving a little deeper, SSV is a sophisticated multi-signature wallet, with a consensus layer, that acts as a buffer between a node on the Beacon Chain and a validator client.

So, what does this mean and why is everyone so excited about it?

As we mentioned, the Ethereum blockchain is transitioning from a PoW to PoS mechanism, eliminating the current energy-intensive system where miners compete for the rewards that come along with adding new blocks to the chain. This legacy system is being upgraded and replaced with a much more energy-efficient one where validators, representing a user’s “stake” or skin-in-the-game, will secure the network and reach consensus.

Proof-of-Stake (PoS) Challenges

In the Ethereum PoS model, the process goes like this… When a validator is called on to perform its duty to attest to or propose the addition of a new block to the chain, the validator key signs data. This happens once an “epoch” (about every 6.4 minutes). If the validator is both correct and timely with its response, the validator is rewarded with a small amount of ETH. And, in order to avoid incurring penalties, the validator key must be online at all times. This has presented a number of connectivity and security challenges, two of the biggest being:

Single Point of Failure / Validator Liveness

  • Currently, a validator exists and performs its duties from one single machine, or node. Strict protocol rules prohibit common forms of redundancy, such as running a validator client on multiple nodes, and doing so will likely result in the validator being “slashed”.
  • If using a staking service, the key is located on one cloud server (i.e. AWS). If something goes wrong with either of these components, the validator will stop attesting, resulting in penalties.

Custody & Management of Private Keys

  • Solo-stakers must manage their own keys. If using a staking service, the options of key ownership can be confusing, present potential security risks, and put the user at the mercy of the staking provider. Remember, not your keys, not your ETH.

It’s easy to understand why many potential stakers are overwhelmed by the risks of running a node on the Beacon Chain and therefore, just don’t stake at all.

Solving Staking Issues

To address these issues, the Ethereum Foundation originally conceived the idea for SSV/DVT back in 2019 and it now runs as an incentivized testnet anyone can join as a staker or operator, to help build and stress-test the network as it simulates real-world transactions.

SSV is a game-changer, effectively eliminating staking risks by easily allowing a user with no prior knowledge or understanding of the blockchain to securely create and distribute a validator over multiple nodes, instead of a single one, achieving active-active redundancy without violating Ethereum protocol rules. It provides a fault tolerant, slashing-free, decentralized security layer that allows stakers to sleep soundly at night knowing their validator is safely attesting online.

The secret that makes SSV so incredibly solid? distribution

Instead of the validator key being stored on one machine, SSV, aka DVT (Distributed Validator Technology), uses Distributed Key Generation to encrypt and split it into “KeyShares”. These KeyShares are then securely distributed between four non-trusting nodes, run by “operators”. “Non-trusting” means the operators do not need to know or trust each other to perform their duties and also that the network can tolerate a certain number of faulty or offline nodes (up to the threshold) without affecting validator performance or incurring slashing penalties.

With SSV, when a validator is called on to perform its duties, if one KeyShare is offline or faulty (due to scheduled maintenance, error, etc.), Shamir Secret Sharing, Multi Party Computation, and Istanbul Byzantine Fault Tolerance Consensus work together to allow the rest of the KeyShares to respond. As a result, the validator will continue to perform its duties without fault, pause, or penalties.

Enhanced Security

Security-conscious stakers (and who isn’t security conscious in crypto?) love SSV as they never have to give up their private key to operators. Instead, the validator private key is generated and stored securely offline while the KeyShares that represent it actually operate the validator.

As a result, theft of a key from a bad actor is much less likely. In fact, to cause any trouble with an SSV validator, a hacker would have to gain access to a majority of KeyShares running the validator. Shamir Secret Sharing and Multi-Party Computation also ensure that no single node can recreate a validator key signature on its own, preventing a bad actor or single operator from making unilateral decisions on behalf of a validator.

Operators — the Backbone of SSV

As the picture gets painted, it becomes easy to see that Operators are an extremely important component of ssv.network. They provide the hardware infrastructure, run the SSV protocol, and are responsible for maintaining validators and the overall health of the SSV network. Because the network literally relies on operators, a decentralized and transparent score of their quality, experience, and service is necessary. As such, they will be assessed and ranked on a scale of 0–100 by the DAO multi-sig committee.

It is important to note that anyone can become an operator on ssv.network, however, only a select few will become Verified Operators (VOs). VOs are a curated list of operators typically run by PoS professionals and are generally perceived as a “safer option” for stakers. (view DAO vote on VOs)

Stakers can view and use these rankings along with the VO list to choose the operators that will manage their validator(s), and can change operators anytime they wish, while each operator is free to determine their individual fees for services in SSV tokens (the native token for ssv.network) and charge stakers accordingly for operating and maintaining their validators.

Conclusion

In this case, the end result of challenges and amazing minds working together to solve those challenges is a new protocol that radically changes the narrative for private key security and validator liveness as they relate to ETH staking. It proposes new, innovative ways to stake Ethereum and profit as both a staker and operator that stay true to the core spirit of decentralization.