Trust Model

This table defines the trust assumptions and failure boundaries of RAVID. Each subsystem is anchored to a distinct trust primitive, with explicit conditions under which that assumption would fail.

Component

Trust Anchor

Failure Mode

Network Identity

X.509 Certificates

Requires CA compromise

Compute

BFT Consensus (80%)

Requires 80%+ collusion

Key Material

Shamir (2-of-3)

Requires 2+ share compromise

Economics

Ethereum

Requires 51% attack

Randomness

Blockhash

Requires miner collusion

Shamir Secret Sharing is a well-established cryptographic primitive. By defining a concrete reconstruction threshold, RAVID avoids reliance on implicit operator trust.

// SHAMIR SECRET SHARING (2-of-3)

// Problem: Store secret S so that:
//   - No single party holds complete secret
//   - k-of-n parties can reconstruct
//   - k-1 parties learn nothing

function splitSecret(secret, k=2, n=3):
    // Create random polynomial of degree k-1
    // f(x) = secret + a₁x + a₂x² + ... + a_(k-1)x^(k-1)

    coefficients = [secret]
    for i in range(1, k):
        coefficients.append(randomFieldElement())

    // Generate shares: points on the polynomial
    shares = []
    for i in range(1, n+1):
        y = evaluatePolynomial(coefficients, i)
        shares.append((i, y))

    return shares  // [(1, f(1)), (2, f(2)), (3, f(3))]

function reconstructSecret(shares):
    // Lagrange interpolation to find f(0) = secret
    secret = 0
    for (i, y_i) in shares:
        L_i = lagrangeBasis(shares, i, 0)  // Basis polynomial at x=0
        secret += y_i * L_i
    return secret mod p

// Visual: 2-of-3 example (a line)
//     y
//     │      •(3, f(3))
//     │    •(2, f(2))
//     │  •(1, f(1))
//   S─•────────────  ← Secret is y-intercept
//     └────────────x
//
// Any 2 points define the line → can find S
// 1 point alone → infinite lines possible → S unknown

PreviousIdentity and Authorization Model NextEPN

Last updated 13 days ago