Spatium SDK & Cloud is a set of extensible software modules and services that form a flexible and easily configurable system, supporting a wide range of use cases. The modular architecture of the system also provides developers with opportunities to create unique usage scenarios. However, the system supports a number of common use cases out-of-the-box through additional modules and services.
Within the context of an SMPC system with distributed storage of cryptographic data, the concept of a "secret" is introduced. A "secret" is a unique set of binary data that is not a private key itself but serves as the source of entropy for fragments of a private key within SMPC computations. Each participant in SMPC procedures is unambiguously identified by their "secret" and must ensure the security of storing this "secret" and restrict external access to it.
At its core, Spatium SDK & Cloud has the following elementary components:
As can be seen, the SDK and Cloud do not interact directly, which significantly increases the number of possible integration options.
Spatium SDK Components:
- Spatium Protocol - the core element of Spatium SDK that implements the programmatic interface for distributed signing (ECDSA and EDDSA algorithms). It relies on the Crypto Driver for performing SMPC cryptography and the Transport Driver for interaction with other instances of Spatium SDK.
- Crypto Driver - the interface for connecting SMPC cryptography implementations. The specific cryptography implementation depends on the environment. For example, a software implementation relies on the Storage Driver to store information and performs calculations in memory, while an HSM/TEE implementation uses secure storage and memory, respectively.
- Spatium Crypto - a software implementation of cryptography that utilizes a configurable Storage Driver to store permanent and temporary data.
- Transport Driver - the interface for connecting data transmission implementations between Spatium SDK instances. The specific implementation depends on the solution architecture and operating conditions. Any variation of socket-like transport is well-suited for implementation, but other methods of interaction are also possible.
- Storage Driver - the interface for connecting storage data implementation within a specific SMPC procedure (temporary storage) and in the long term (permanent storage). Typically, the Storage Driver is the sole source of state in the SDK.
Spatium Cloud Components:
- Auth Service - multi-factor authentication service within Spatium Cloud. It controls access to the other services and is responsible for management user accounts;
- Address Info Service - service, which aggregates address and blockchain data from different data providers. It allows you to get detailed statistics on the provided address's current assets and their transaction history upon request;
- Asset Info Service - service, which manages all found asssts metadata. It allows you to get supported assets lists with their metadata upon request;
- Rate Info Service - service, which aggregates all supported assets current and historical exchange rates info against global fiat currencies;
- Blockchain Connector Service - service, which provides blockchain-specific algorithms to form transactions and send them to the blockchain.
To facilitate the support of common usage scenarios, Spatium also provides a range of specific modules and services.
Spatium Signer Service
In scenarios where it is preferable to use an external secret storage or there is an option to use a shared base of existing users, Spatium SDK & Cloud offers the Spatium Signer Service responsible for storing the second secret in a 2-of-2 scheme with a centralized signing service. To restrict access to the secret and ensure compliance with transaction formation policies, this service utilizes existing elements of the Spatium Cloud infrastructure.
Spatium Signer Client
In scenarios where it is preferable to use an external secret storage or there is an option to use a shared base of existing users, Spatium SDK & Cloud offers the Spatium Signer Client to interact with the Spatium Signer Service. Thus, to start using SMPC signatures in the end product, it is sufficient to provide a reliable storage mechanism for persistent data in the form of a Storage Driver implementation.
The specific module SSE+HTTP(S) transport is designed for simplified interaction between the Spatium Signer Client and the Spatium Signer Service.