DKG and FROST

Botanix uses advanced cryptographic techniques to secure Bitcoin custody without any single entity controlling user funds. This chapter provides an accessible introduction to Distributed Key Generation (DKG) and FROST signatures, explaining how these technologies enable the federation to collectively manage Bitcoin while maintaining security and operational efficiency.

What is Distributed Key Generation (DKG)?

Distributed Key Generation is a cryptographic process that allows multiple parties to collectively create a shared secret without any individual party ever knowing the complete secret. In Botanix's case, the 16 federation members use DKG to create the private keys needed to control Bitcoin without any single member having access to the full key.

Think of it like creating a master key that's split into 16 pieces, where any 12 pieces can be combined to unlock Bitcoin funds, but fewer than 12 pieces are completely useless. The crucial aspect is that no single member ever possesses the complete master key during the creation process.

This approach eliminates the trust issues that would arise if one entity generated the keys and distributed shares to others. Instead, the mathematical process ensures that the key generation is inherently distributed from the very beginning.

What is FROST?

FROST (Flexible Round-Optimized Schnorr Threshold signatures) is the signature scheme that allows the federation to spend Bitcoin using their distributed key shares. When the federation needs to sign a Bitcoin transaction, they use FROST to combine their individual key shares into a valid signature without ever reconstructing the complete private key.

The "threshold" aspect means that only 12 of the 16 federation members need to participate in creating each signature. This provides operational flexibility since not all members need to be online simultaneously, while maintaining security since no small group can create unauthorized signatures.

FROST is optimized for efficiency, requiring fewer communication rounds between federation members compared to older threshold signature schemes. This makes it practical for real-world operations where network latency and coordination overhead matter.

How They Work Together in Botanix

Initial Setup

When the Botanix federation was established, all 16 members participated in a DKG ceremony to create the Bitcoin custody keys. During this process, each member contributed randomness and performed cryptographic computations that resulted in everyone holding a unique key share.

The DKG ceremony ensures that the resulting Bitcoin addresses are controlled by the collective federation with a 12-of-16 threshold, meaning any 12 members can authorize Bitcoin transactions, but 11 or fewer cannot.

Daily Operations

For routine operations like processing user withdrawals, the federation uses FROST signatures. When users request peg-outs, at least 12 federation members must participate in the signing process to create valid Bitcoin transactions.

The FROST process involves multiple rounds of communication where members share partial signatures that are mathematically combined into complete transaction signatures. This happens without any member revealing their private key share or reconstructing the complete private key.

Security Benefits

This combination provides several important security properties. No single federation member can steal user funds since they don't have access to complete private keys. The system remains operational even if several members are offline or compromised, as long as at least 12 honest members remain available.

The cryptographic protocols ensure that even if attackers compromise some federation members, they cannot access Bitcoin funds without compromising at least 12 members simultaneously, which would require an unprecedented coordinated attack.

Practical Advantages

Operational Resilience

The threshold structure means that federation members can perform maintenance, handle emergencies, or deal with technical issues without disrupting Bitcoin custody operations. As long as 12 members remain available, the system continues functioning normally.

This resilience is crucial for a system that must operate 24/7 to serve users across global time zones and handle time-sensitive withdrawal requests.

No Single Points of Failure

Traditional multi-signature setups often involve trusted setup ceremonies or key dealers who have special privileges during key generation. DKG eliminates these trusted parties, ensuring that no entity has special access or control over the system.

Even the federation members themselves cannot individually compromise the system, as each member only holds a mathematically useless fragment of the complete key.