Multi-signature management

Re-signature management plan and security measures

In Diamonde's decentralized perpetual financial derivatives (DEX), the security of smart contracts is the cornerstone of the platform's operation. We are committed to building a secure, transparent, and efficient decentralized perpetual contract trading financial infrastructure, so we have adopted a strict re-signature management and authority control plan for permissions involving treasury assets and contract management. The following is Diamonde's re-signature management plan and its security measures.

1,Permission management and multi-signature scheme

1.1 Introduction of Multi-Signature

For key assets and contract management permissions, Diamonde adopts a multi-signature mechanism, requiring multiple authorized parties to jointly sign operation instructions to complete tasks. This mechanism ensures the decentralization of permissions and reduces the risks of single point failures and single operators.

Scope of application:

  • Minting Contracts

  • Treasury Contracts

  • Risk Control Parameter Adjustment Contracts

  • Protocol Upgrade and Major Function Change Contracts

  • Improved se7curity: By introducing multi-signature thresholds such as 7/13 and 13/21, it ensures that even if the private keys of some signers are leaked, they cannot perform any operations on the contract alone.

1.2 Dynamic management of developer contract permissions

During the development phase, key contract permissions (such as upgrade permissions and parameter adjustment permissions) are managed through multiple signatures.

After the contract deployment is stable, Diamonde will regularly discard unnecessary permissions, especially those involving treasury assets and user funds, and hand them over to decentralized governance modules or completely discard permissions to ensure security.

2,Strategy for discarding minting contract permissions

In the protocol design of Diamonde, the minting contract involves the generation and destruction of platform tokens, which is extremely sensitive. In order to maximize the transparency and security of the token economy, we have formulated the following measures:

1、Permission discard process:

  • After the contract goes online, the multi-signature account confirms the end of token distribution.

  • After confirming the distribution, the minting authority is immediately discarded or transferred to the on-chain governance module.

2、On-chain verifiability:

All permission abandonment operations are recorded on the chain as transactions. Users can verify whether the permission has been abandoned through the block browser to ensure transparency.

3、Anti-tampering measures:

Permission abandonment is completed through a decentralized contract, does not rely on any centralized entity or account, and eliminates the possibility of tampering.

3,Smart contract audit and insurance mechanism

To further improve the security of Diamonde, the following mechanisms are incorporated into the system:

3.1 Smart Contract Audit

  • All contracts involving fund security (including loan contracts, treasury contracts, and pledge contracts) are audited by top blockchain security companies.

  • Regular audit reports are made public to ensure the community and users’ trust in the security of the platform.

3.2 Security architecture of the fund pool model

  • Isolated fund pool: separate assets of different risk levels into independent fund pools to prevent the risk of a single asset from affecting the whole system.

  • Emergency reserve: Each fund pool has an independent emergency reserve to cover the potential risk of smart contract vulnerabilities.

3.3 Insurance Fund

Diamonde Protocol has established an insurance fund to provide additional security for users. In the event of unforeseen vulnerabilities or hacker attacks in smart contracts, the insurance fund will serve as the last line of defense to compensate affected users.

4,Decentralized governance and authority transfer

Diamonde is governed by DAO (decentralized autonomous organization) to achieve true user autonomy. The governance rules regarding re-signing and permissions include:

  • Governance proposal approval conditions: Any proposal involving the treasury or asset contracts must be voted on by the DAO, and the voting results will be uploaded to the chain and made public.

  • Authority transfer plan: The authority will be managed by the development team during the development phase, and will be gradually transferred to the DAO after the protocol is launched to ensure decentralized control.

5,Logical assurance and implementation

Underlying security logic:

  • All permission abandonment, transfer and operation records can be verified through on-chain data.

  • The system combines the decentralization of permissions, permission abandonment and governance modules to ensure that asset security is still controllable even in the most extreme cases.

Execution strategy:

  • The selection of signatories for multi-signature accounts has been strictly verified, including foundations, community representatives and third-party security agencies.

  • Important operations are set to delay execution (Time Lock) to provide sufficient time for community review.

Diamonde's re-signature management solution combines multi-signature mechanism, smart contract audit, decentralized governance and asset authority abandonment to fully guarantee the security and transparency of the platform. This solution not only reflects the high attention paid to asset security, but also lays a solid foundation for the platform under the decentralized management logic of the chain.

Diamonde L1 multi-signature function and workflow description

Diamonde L1 not only supports conventional L1 operations, but also natively integrates multi-signature functions, providing higher security and flexibility for account management and operations. Unlike most blockchains that rely on smart contracts to implement multi-signature functions, Diamonde L1 uses multi-signature as the underlying primitive, natively built into the protocol layer, to ensure efficient performance and reliable functions. The following is a complete working mechanism and process description of Diamonde L1's multi-signature function.

1、Core functional advantages

Built-in support: Multi-signature operation is a native function of L1, which reduces the reliance on smart contracts, reduces complexity and security risks.

Enhanced security: Allow multiple private keys to jointly control an account, and the leakage of a single key does not affect the overall security of the account.

Flexible configuration: Supports dynamic adjustment of authorized users and operation signing thresholds to meet the needs of different business scenarios.

2、Detailed explanation of multi-signature function

2.1 Convert to a multi-signature user

Users can convert a normal user account to a multi-signature account by sending the ConvertToMultiSigUser operation. This operation needs to include the following:

Authorized user list: specify multiple authorized users, which must be accounts that already exist on Diamonde L1.

Operation signature threshold (Threshold): defines the minimum number of authorized user signatures required to perform an operation.

Once a user account is successfully converted to a multi-signature account, all subsequent operations must be completed through the multi-signature mechanism.

2.2 Multi-signature operation process

The process of sending a multi-signature operation is as follows:

1、Generate payload (Payload):

Each authorized user needs to sign the payload of the operation to generate a signature list of the operation. The payload contains the following information:

  • Target multi-signature user address

  • Specific operation instructions (such as transfer, contract call, etc.)

  • Current random number (Nonce) to ensure the uniqueness of the operation

2、Submit multi-signature operation:

An authorized user acts as the "leader" of the operation, packages the payload and signature list and submits it to the chain.

  • Leader requirements: The leader must be an authorized user of the target multi-signature user, and his signature must be included in the signature list.

  • Verification process: The chain verifies whether the number of authorized users in the signature list reaches the signing threshold and the legitimacy of each signature.

3、Random number update:

Only the random number of the operation leader will be verified and updated when submitting the transaction, thereby simplifying the random number management logic on the chain.

2.3 Dynamically update multi-signature configuration

Multi-signature users can update the set of authorized users and/or signing thresholds by sending a new ConvertToMultiSigUser operation.

  • Add or remove authorized users

  • Raise or lower the signing threshold for an operation

The update operation must be completed through the authorization process of the current multi-signature user, and the updated status must be recorded on the chain.

Safeguards

Nested multi-signature relationships:

  • A single user can be an authorized user of multiple multi-signature users at the same time.

  • A multi-signature user can be an authorized user of another multi-signature user.

Limit on the number of authorized users:

Each multi-signature user can support up to 10 authorized users. Creation or update operations exceeding this limit will be rejected.

Random number management:

  • Each authorized user has an independent random number sequence to ensure the uniqueness of operations.

  • For API wallets, the chain will automatically verify and update its random number to maintain consistency.

Diamonde L1's multi-signature function is designed to be natively built-in, combining efficiency and security, and providing users with flexible account management capabilities. Whether it is an individual user, a corporate user, or a DAO organization, Diamonde L1's multi-signature function provides a solid guarantee for asset security, and at the same time, its modular and dynamically adjusted features meet the needs of complex on-chain application scenarios.

Last updated