TLOSGovernanceHSM.sol - DAO-controlled signing key example #49
Description
Parent Issue
Closes part of #47
Description
Build a governance-controlled HSM contract where a signing key is embedded in TLOS and can only be used when governance conditions are met.
Use Case (from iO "DAO Signing")
Traditional DAOs use multisig for cross-chain operations. TLOS enables:
- Single signing key hidden in obfuscated circuit
- Key can only sign when on-chain governance predicate passes
- Works like a software HSM with policy enforcement
Example Flow
Governor Contract External Chain
| | |
| propose(action) | |
|------------------------------->| |
| | |
| [voting period] | |
| | |
| execute(proposalId, puzzle) | |
|------------------------------->| |
| | verify vote passed |
| | verify puzzle solution |
| | sign(action) with hidden key |
| |-------- signature ---------------->|
Key Features
- Embedded ECDSA/Ed25519 signing key (or simpler: output a "signed" hash)
- Governance predicate: vote threshold, timelock, quorum
- Puzzle integration to prevent real-time brute-force during execution
- Signature output for off-chain verification
Security Model
- What's hidden: The signing private key
- What's public: Governance rules, proposals, votes
- Guarantee: 2^76 puzzle + ~2^112 LWE to extract key
- Limitation: NOT for high-value, long-term keys (bridges, treasuries)
Suitable Use Cases
- Low-limit emergency keys
- Governance-only operations (parameter changes)
- Experimental cross-chain signing
- Short-lived keys with rotation
NOT Suitable For
- Bridge keys with significant TVL
- Root governance keys
- Multi-year key lifetimes
Implementation Notes
- Simplified signing: output
keccak256(action, hiddenKey)as "signature" - Real ECDSA would require secp256k1 in circuit (complex, high gas)
- Focus on demonstrating the governance + puzzle pattern
Acceptance Criteria
- Contract compiles and passes tests
- Clear security warnings about key lifetime limits
- Governance flow fully tested
- Gas benchmark documented