Skip to content

Commit

Permalink
docs; added some gateway info
Browse files Browse the repository at this point in the history
  • Loading branch information
jot2re authored and immortal-tofu committed Aug 6, 2024
1 parent f2a2f4e commit 36c35ad
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions docs/fundamentals/tkms/zama.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,10 @@ The Key Management System (TKMS) is a self-contained service for performing sens

One KMS instance can support multiple applications at the same time. This is implemented via per application or per application type smart contracts running in the KMS. These smart contracts are customizable to for instance implement application specific authorization logic (e.g. ACLs).

## Gateway

The KMS system is facilitated through a gateway service which is designed _not_ to be required to be trusted, thus a malicious Gateway Service will _not_ be able to compromise correctness or privacy of the system, but at most be able to block requests and responses between the fhEVM and the KMS. However, this can be prevented by simply deploying multiple Gateways Services.

Furthermore we observe that it is possible to implement payment to a Gateway service through the KMS blockchain, thus incentivizing such a service to be honest and reliable.

The Gateway Service consists of two different Connectors in order to decouple a specific fhEVM from a specific KMS. This will make it simpler to roll new blockchain protocols on either the fhEVM or KMS side without requiring modifications to the Gateway, but instead only require the writing of new Connectors.

0 comments on commit 36c35ad

Please sign in to comment.