doormat blog
Doormat is a new trading terminal designed for bull markets that works with Solana and all EVM based chains. What makes the architecture most interesting is a custom-engineered key management system designed to make the user’s life simple and unlock advanced functionality. This post will dive into the architecture and how it works.
MPC stands for ‘multi party compute’. Here at doormat we only use one facet of MPC — ‘threshold signature signing’ and ‘distributed key generation’.
To explain threshold signature signing, it makes sense to start with Shamir secret sharing, which is the core of most cold storage systems. Shamir lets you split a secret into n shards, of which any t of them can be used to recreate the secret (t,n). Behind the scenes whats happening is n points are given on a line, in which t are needed to determine the y intercept (the secret). To sign, one must bring the shards in one location, recreate the key, and then sign.
Threshold signature signing takes this process a step further. Rather than combine the keys, we can run a distributed protocol between the shard holders that generates a signature without ever recreating the key. Distributed key generation lets us create shards without ever having a key to split up in the first place!
We didn’t want Doormat to be tied to the technology available on any one particular chain. Thus, it made sense to build a wallet management system based off cryptography rather than onchain primitives. Additionally, MPC based wallets present the user with an EOA which they are familiar with. Future account abstraction based benefits should be able to easily be built on top of doormat wallets.
Your relationship with your wallet is that whoever built it are in charge of your funds. It is the core technology that shouldn’t be outsourced. Using an externally-produced key management system means users are at the mercy of a third party they did not knowingly sign up to trust, and as a product you become reliant on a vendor. In order to build the most interesting and novel features, we have always wanted to offer users the ability to manage unlimited keys. Most key management services charge per key, which would explode our costs. Ultimately, running our own system made sense.
To use Doormat, users choose a google account to login with and a backup password. No seed phrase necessary! We use a (2,2) MPC based key management system. This means that each key is split up into two shards (generated independently via a process called distributed key generation), of which two are needed to communicate in order to sign transactions. We do this so that Doormat itself never has access to the users key, while keeping the experience simple for the user.
The server shard (also known as the bob shard) is stored by Doormat. We will let users participate in signing with it if they are logged in via oath (right now we just support google login). The client shard (also known as the alice shard) is stored locally by the client on device.
However we back this up in a few ways:
Each user has a private key generated on sign up that is then encrypted by an AES encryption key generated from the user’s password. This key is used to encrypt each alice shard which is stored on Doormat’s side. When a user logs in on a new device, they are prompted for their password. This then is used to decrypt the user’s private key and locally decrypt all their alice shards, giving them access to their keys.
The users devices have their own key pair. The server keeps track of all the device public keys that have been registered and distributes this list to clients. When a user creates a key on a device, we encrypt the alice shard with elliptic curve diffie hellman to all the devices. This way they can login and have access to the key without having to re-enter their password each time
Doormat is designed to work on any chain our users want to use - we can slot in different MPC algorithms and manage different types of keys / shard pairs as we need.
The first version of Doormat just supported secp256 keys via dkls18 from kryptology a library open sourced and produced by Coinbase. We actually extended this lib to provide extra functionality (key import and export). However, kryptology is long deprecated, so while we still support it, we have moved away from this implementation for all Doormat user keys.
We have since added support for secp256 dkls19 keys and ed25519 FROST keys via Sodot. Sodot provides closed source MPC algorithm implementations. All current keys for Doormat users are managed with the sodot MPC libs. Sodot libraries are super powerful and provide a host of very useful functionality we did not have prior.
Doormat itself is split into two major parts. The wallet / web interface / terminal / frontend etc are all built in next js and typescript. However the key management system is all quarantined and written in golang (client code runs in wasm).
We split it up like this to ensure the core key management code is simple and not intermixed with rapidly changing frontend / product code. Also on a subjective note — we prefer to work with cryptographic primitives in golang vs javascript.
We work with Highland Security to check our security as we build — they embed a security lead within our team who acts as a part time CSO, reviewing the design of new features and our overall architecture. As the platform becomes more stable and core features are more consistent, we will begin to conduct a formal audit.
Doormat is an evergreen key management system designed to let our users interact do what they want onchain without feeling like a regular wallet.
We plan to keep expanding this tech down the line:
Device Revocation
Automated Actions (let your wallet do things for you while you sleep)
Passkey support
Over 100 subscribers
