Network nodes

Introducing Partner Guardians

3 Aug 2023

How Partner Guardians add layers of security to Gridlock's crypto wallet experience

Partner Guardians are a fundamental component of Gridlock’s secure, scalable, and accessible blockchain ecosystem. They consist of entities from the wider crypto community that operate as nodes in Gridlock's distributed network and contribute to Gridlock’s self-custodial wallet service

What is a Partner Guardian?

Partner Guardians in the Gridlock system are highly available cloud-based servers that are owned and run by organizations other than Gridlock. Each new Partner Guardian adds another node to Gridlock’s distributed network, increasing its diversity while heightening security.

a digital network of devices

The function of a Partner Guardian is to contribute to the transaction signing process in a threshold signature scheme. If a Partner Guardian node is compromised or offline, other nodes are used. The distributed nature of the Gridlock system means that even if one node is compromised, the potential thief would need to compromise enough nodes to reach the threshold to be able to steal a user's funds.

As part of their function, Partner Guardians hold a single encrypted key share for each user. They do not have direct access to user funds. Instead, they contribute to the signing of transactions via a threshold signature scheme, which requires a certain number of nodes (Guardians) to agree for a transaction or change to occur. This scheme ensures security, even in situations where some nodes may go offline or become compromised.

There are no specific technical requirements for Partner Guardians, other than the ability to run the provided base code. They are expected to stay updated with system changes, which Gridlock communicates through the release of new Docker containers. Partner Guardians do not have the ability to alter the base code.

Data Protection

Partner Guardians are expected to comply with government regulations regarding privacy and data protection. Despite this, Gridlock does not enforce any additional data handling requirements and does not directly oversee the proof-of-identity frameworks that Partner Guardians provide. There are no universal obligations for Partner Guardians to delete user-encrypted key share data when a user switches Guardians. However, legal requirements may necessitate this in certain jurisdictions.

  • While Partner Guardians can refuse to provide service to a particular user, this does not prevent the user from accessing their funds. The user can still reach the required threshold for transactions with other Guardians. 
  • If a Partner Guardian is found to be malicious or non-compliant, Gridlock can remove them from the communication layer, thereby protecting the integrity of the overall system.

A laptop showing a digital network with a padlock in the middle to denote network security

How Partner Guardians work

Gridlock’s Partner Guardian system enables a wallet-signing network that self-manages risk, a distributed function for removing bad actors, and access to code updates while protecting the code base. 

Self-governed network

Partner Guardians provide their proof-of-identity framework without Gridlock directly overseeing the process. Gridlock does not manage the risks associated with opening up the Partner Guardian network to anyone in the future – the distributed system itself mitigates the risks. Similarly, Partner Guardians can refuse to serve a particular user based on their own criteria.

Threshold consensus 

If a Partner Guardian is found to be involved in malicious activities, Gridlock can remove them from their permissioned list of Guardians, though this would require threshold consensus. The removal of a Partner Guardian from the network or their refusal to serve a user does not prevent the user from accessing their funds, as they can still access funds with a threshold of other Guardians.

Streamlined yet secure technical set-up

There are no particular technical requirements for a Partner Guardian other than they must be able to run the provided base code. If any update or change is made to the system, Gridlock communicates this to Partner Guardians by releasing new Partner Guardian docker containers. Partner Guardians are not given the liberty to make changes to the base code.

Partner Guardians may have knowledge of the users they are serving due to their proof-of-identity process. But they do not have any obligations to delete the user's encrypted key share when a user switches Guardians. However, they may be legally required to do so depending on their jurisdiction.

Partner Guardians compared with Social Guardians

Partner Guardians are distinct from Social Guardians, which are selected by the users from their network of trust (e.g., friends and family). While Social Guardians offer the benefit of human checks and social verification, Partner Guardians offer professional maintenance and high availability, which can be beneficial for users who require round-the-clock transaction authorizations.

A table describing the differences between Partner Guardians and Social Guardians

Partner Guardians are professionally run nodes that are typically more available but they lack the benefits of social verification. Instead, they use a proof-of-identity framework to verify the owner.

As with Social Guardians, Partner Guardians only have access to their single encrypted key share, not the user's funds directly. 

Benefits of having Partner Guardians

Partner Guardians contribute significantly to the robustness, resilience, and diversity of the Gridlock ecosystem. The advantages for users who include Partner Guardians include:

Professional Level of Maintenance: Partner Guardians, which typically are managed by reputable organizations in the crypto space, will likely have professional IT teams maintaining their systems. This means they are constantly monitored, regularly updated, and promptly patched against potential vulnerabilities. This level of maintenance is generally higher than what can be expected from Social Guardians.

Increased Availability: Partner Guardians are expected to have high availability due to their professional management, likely ensuring their servers are online 24/7. This can be beneficial for users who require prompt transaction authorizations at any time of the day, compared to Social Guardians, who may not always be available.

Scaling the Network: By involving more organizations as Partner Guardians, Gridlock can potentially scale its network more quickly, increasing the robustness and reliability of the system.

Adding Redundancy: The addition of more Partner Guardians increases the redundancy of the network. If a Social Guardian or another Partner Guardian goes offline, the presence of other Partner Guardians ensures the system continues to function.

Increasing Trust: The involvement of well-established organizations as Partner Guardians can provide additional trust to users. Knowing that their transactions are also guarded by professional organizations, rather than solely by their personal contacts, can be reassuring.

Promoting Best Practices: As Partner Guardians are vetted and selected by Gridlock, they likely follow the industry's best practices in terms of security, confidentiality, and other relevant aspects. This not only contributes to overall security but also sets a benchmark for other potential Partner Guardians.

Increased Capacity for New Collaborations: The introduction of Partner Guardians could also open up possibilities for collaborations between Gridlock and these partner organizations, potentially leading to new innovations and advancements in the blockchain and crypto industry.

Availability for Gridlock Pro users

Gridlock Pro users can choose from a variety of Partner Guardians and switch between them as they see fit.

  • All transactions and changes, including switching Guardians, are secure due to the threshold signature scheme.
  • Partner Guardians do not have the ability to impede a user's access to their funds and cannot be involved in malicious activities without risking expulsion by Gridlock.

There are no stringent criteria for selecting Partner Guardians except that they must be reputable companies in the crypto space. Users, particularly those who upgrade to Gridlock Pro, can choose which nodes they wish to use for protecting their assets.

Partner Guardians - Network diversity at its best

Gridlock logo

In conclusion, Partner Guardians are an essential part of Gridlock's distributed security model, adding to the network's diversity, resilience, and overall security. Operating alongside Social Guardians, Partner Guardians offer a more technical and robust alternative, contributing to Gridlock's goal of creating the most secure and accessible wallet ecosystem.

Download Gridlock today and start building your network of Guardians!

- - -

Written by Reid Zedkongor

a6 (1).jpg

Reid Zedkongor is peeling away layers of confusion around blockchain and cybersecurity. With a computer engineering background, he can dive into the details of crypto complexities to make crypto adoption easy for everyone. In his free time, he often reads fiction or enjoys a good laugh over a beer.

Don't miss out on new features and special events