Any project/technology working on “compartmentalized permission” private keys?

Cryptocurrency News and Public Mining Pools

Any project/technology working on “compartmentalized permission” private keys?

Not sure how to describe this, because I didn't read about this somewhere. This just popped up as an original thought, but I'm confident someone has already thought of it and is either working on it or discovered it isn't feasible.

Anyways, here's the concept:

With the rise of DeFi, the crypto space has gotten increasingly complicated. It's not necessary to take part in all these complicated ecosystems (lending, yield farming…), but there are reasons to want to. It is however quite time intensive and often requires a lot of babysitting – to maximize yields and avoid liquidations. If someone has a considerable amount of assets and wants to provide liquidity to the system – and even understands how to actively manage it and make broad allocation decisions – they might want to hire or delegate to a day-to-day manager.

The problem is, in order to participate in DeFi you need to be able to move your assets around, and that requires the private keys. So giving access to a manager of your funds means that person could hypothetically embezzle the tokens away quite easily. Or make a costly mistake of getting hacked or sending to a wrong address.

Imagine if there were a solution where you could use your private keys (pk0) to generate a sort of layer 2 private key (pk1) with limited permissions. Protocols could verify that pk1 could have only been generated by pk0 without actually exposing pk0, in a similar way that signatures work. The owner of the pk1 would be able to do certain specified things with the tokens they control, but not everything. Maybe they're allowed to transfer to whitelisted contract addresses which are used by lending protocols, but nowhere else. Or some other method of compartmentalizing the permissions.

Such a system wouldn't need to be completely foolproof to be useful. Even if there ended up being some exploit that were discovered down the road where the limited permissions could be sidestepped, it creates at least some layer of security. If you already have someone you trust to manage your funds, this at least makes it exponentially less likely they would be the one to discover such an exploit. And would probably require a lot of steps that would nullify the plausible deniability of "I'm so sorry, I must have screwed up" when you can see the pk1 owner did a bunch of intentional sabotage to drain your funds.

So is there any development of such a concept happening anywhere?

submitted by /u/panduh9228
[link] [comments]