Wormhole: The First Distributed Secure Service (DSS) on Karak
Karak is thrilled to expand its vision of universal security by integrating Wormhole as its first Distributed Secure Service (DSS). Wormhole, the leading interoperability platform, facilitates the secure transfer of arbitrary messages across chains, supporting the transfer of tokens and data across blockchains such as Ethereum, Solana, Sui, Injective, and many more.
Wormhole is developing two essential Distributed Secure Services (DSS) on Karak:- Decentralized Validator Network for Wormhole Native Token Transfers (NTT)
- Decentralized Relay Network
A Distributed Secure Service (DSS) is a decentralized software service built on Karak, leveraging restaked assets to provide additional economic security and scalability for supported services. This concept is highly flexible, not bound to any specific architecture, and designed to accommodate a wide range of applications. The DSS architecture itself is flexible, extensible, and scalable, making it suitable for everything from basic utilities, like calculators, to helping scale sophisticated protocols and infrastructure designs, such as Wormhole. In the case of Wormhole, building a DSS is a perfect fit, especially for use cases such as a decentralized validator network for NTT or a decentralized relay network, which both require the highest levels of security, incentive alignment, and decentralization.
This strategic integration accelerates our vision for universal security. Wormhole’s multichain capabilities not only empower developers on Karak but also unlock a new design space where new infrastructure designs flourish. Some designs include the utilization of exotic assets and enhanced crypto-economic security for other networks by leveraging existing protocols. We look forward to sharing more in the coming months as we continue to push the boundaries of security and efficiency.
Decentralized Validator Network For NTT
The decentralized validator network for the Wormhole’s Native Token Transfers (NTT) framework is designed to work in parallel with the Guardian Network to create an even more secure and decentralized bridge for tokens. This DSS creates a second set of validators, with voting weight proportional to assets restaked with them, that come to a consensus about token bridge requests. The validators produce their own aggregate signature, which is combined on the destination chain with the VAA produced by the Guardian Network to release user funds ultimately.
Architecture
Flow
-
The transceiver contract on the source chain emits a token transfer or burn event.
-
The DSS operators, running full nodes for enhanced security, listen for the event on the source chain and wait for that block’s finalization.
-
Upon confirmation of the validity and accuracy of the event and block, the operators send their approval in the form of a BLS signature to the aggregator.
-
The aggregator aggregates all the BLS signatures. If the combined stake of the validating operators is more than 50%, then the event is considered valid and relayed to the Transceiver contract on the destination chain. Note that relaying can be done by the Decentralized Relay Network.
-
Once the Guardian Network submits its VAA to the Transceiver, the funds are released as the 2/2 requirement has been met.
-
If one or more operators fail to attest valid events, a challenger can slash them by submitting proof that the event was emitted and that the operator failed to participate.
Participants
-
Aggregator: Aggregates the BLS signatures and checks if the validation is backed by a majority portion of the stake.
-
Operators: Listens for emitted token events from the source chain and attests them if valid.
-
Challenger: Individuals who dispute and slash operators for failing to participate honestly.
Decentralized Relay Network
The Decentralized Relay Network is designed to securely relay Verifiable Action Approvals (VAA) from Wormhole validators to the destination chain in a decentralized and permissionless way. Ultimately, bridge users are given a superior bridging experience at a lower cost.
Architecture
Flow
-
A client, either the bridger themselves or an automated observer, initiates an off-chain request to relay a VAA through the DSS.
-
The aggregator receives the message and distributes it to all operators within the DSS network.
-
Operators receive and price the task. If interested, operators work rapidly to submit the message to the destination chain’s transceiver contract. The first operator to successfully submit the VAA gets the reward.
-
In the case where an otherwise relayable VAA isn’t relayed within a timely manner, a challenger can come and relay the VAA for a higher reward and slash the operators by proving the misbehavior to the DSS contract.
-
Operators are paid their rewards in batches on the source chain.
Participants
-
Client: Initiates request to relay message using the DSS.
-
Aggregator: Manages task requests, task distribution, and the bidding process
-
Operators: Bids for tasks it is interested in relaying and is responsible for actually performing the message relay.
-
Challengers: Individuals who watch for and dispute operator failures.
Conclusion
Karak is built for developers by developers. Integrating Wormhole on Karak is a natural fit that accelerates the vision of universal security for everyone, everywhere. Wormhole’s multichain capabilities, combined with the development of the Decentralized Validator Network for NTT and Decentralized Relay Network, showcase the DSS architecture’s flexibility and scalability. This integration also opens new possibilities such as enabling exotic assets and leveraging existing protocols to strengthen crypto-economic security for other protocols. We are excited about the future and remain committed to pushing the boundaries of security and efficiency with all of you.
About Karak
Karak is the universal, verifiable cloud platform that makes it easy to provide universal security with any asset on any network, and unlocks a new design space for developers to seamlessly and securely create innovative distributed networks. Karak is designed to be inherently flexible, extensible, and scalable, making it the only platform for any distributed service to be secured with any asset on any network.
Website | X (Twitter) | Discord | Telegram | Documentation