When a user creates a new safe on the platform, the following things take place on both offchain and onchain:
Offchain safe creation
- A new safe safe secret (A symmetric key) is generated.
- The symmetric key is encrypted (Using PKI) to the beneficiery user (Using public key) and self.
- The guardians are appointed randomly from the guardians list.
- The encrypted safe secret is split into shares. The number of shares depends on the number of guardians selected.
- The shares are encrypted for each guardian (Using the public key). The encrypted shares are then stored on a decentralized storage network and on the Textile threadDB record. To maintain the durability of the shares, we will also make a deal to the Filecoin network to put it in cold storage.
Onchain safe creation
When the safe creation is initiated, the user may also pay the safe maintenance fee to the Safient incentivization contract on the Ethereim network. The fee can also be paid anytime before the safe is claimed.
If the safe creator wishes to pay a safe maintenance fee in the future, the onchain interaction will be skipped.
If the onchain interaction for safe creation is skipped, a safe creation proof is generated and stored off-chain on Textile ThreadDB that can be verified later by the contract.
The beneficiary for whom the safe is assigned may claim the safe at any time. Once the safe claim is initiated, the following onchain and off-chain events take place:
Onchain safe claim:
- A claim is created on the Kleros arbitration platform with the type of claim, description, and evidence.
- The safe maintenance fee is sent to the contract if not already done by the safe creator.
Ofchain safe claim:
- The safe claim information is updated for the safe on the Textile ThreadDB.
- The safe recovery should be enabled once the claim is passed.
The safe recovery will be initiated by the trustless guardians once the claim has passed.
Offchain safe recovery:
- Each appointed guardian will perform a one step recovery by decrypting the encrypted share that is assigned to them.
- Once all the encrypted safe secret shares have been recovered, the safe can be claimed by the beneficiary.
Safe recovery incentivization:
The safe recovery incentivization is one of the crucial concepts for the functioning of the Safient protocol. The incentivization for the trustless guardians ensures that they act fairly to guard and recover the safe.
The following events are carried out for a safe guardian incentivization.
- A safe maintenance fee should be deposited into the contract either during the creation of safe or any time before the safe claim. If the fee isn't paid during the creation of the safe, a safe creation proof is created and stored on the Textile ThreadDB that is used anytime later whenever the fee is paid.
- Once the safe claim has been verified and accepted, the guardians may recover the safe by decrypting the encrypted share and also will generate a safe recovery proof and store it on ThreadDB.
- An executor will submit all the safe recovery proofs disclosed by the guardians to the Safient incentivization contract.
- The incentivization will be disbursed to all the guardians once all the safe recovery proofs have been verified.
Safe creation proof: An off-chain proof generated by the safe creator along with a digital signature to prove that the safe was created at a specified time.
Safe recovery proof: An off-chain proof that consists of the share secret message from the safe creator to prove that the share was indeed recovered.
Secure crypto secret Exchange and Inheritance Protocol
A secure object that is maintained on a decentralized storage that can only be claimed by the safe beneficiary with the help of guardians.
Safe guardians are responsible for guarding and recovering the safes.
Request to access the safe by the beneficiary.
- Active: The safe is created but not yet claimed by the beneficiary.
- Claiming: The beneficiary has initiated the safe claim.
- Recovering: The safe claim is verified and the guardians have begun to recover the safes.
- Recovered: The required number of guardians have recovered the safe.
- Claimed: The safe has been claimed by the beneficiary.
Arbitration claim states:
- Pending: The claim is under review.
- Passed (Accepted): The claim has been accepted.
- Failed (Rejected): The claim is rejected.
Safe maintanance fee:
The fee that is required to maintain and recover the safe. The fee can be paid by either the safe creator or the beneficiary. The fee is used to incentivize the safe guardians and claim arbitrators.
Safe claim type:
Claim type is selected when the user creates the safe. Claims can be either automatic or manual. Automatic claims are the simplest claim that doesn't requires a basic verification. As soon as the beneficiary claims the safe, a notification will be sent to the safe creator. If the creator doesn't respond within a specified time, the claim will be accepted. Manual claims are the ones that requires evidence and will enter the arbitration phase in Kleros court.