Technical architecture
The following diagram illustrates how the server co-signer interacts with the Cobo Wallet-as-a-Service (WaaS) service and the TSS Node callback server, as well as the key components in each of these systems:
Server co-signer (TSS Node)
The TSS Node, which serves as a server co-signer, consists of the following main components that work together to ensure security and efficiency:TSS logic
Implements core TSS operations, such as generating key shares, signing transactions and messages, and resharing keys, based on the MPC-TSS protocol.Secrets.db
Provides encrypted storage for your MPC Wallets’ key shares and the TSS Node’s callback private key. The callback private key is used to sign the node’s JSON Web Tokens (JWTs) sent to the TSS Node’s callback server. The database file itself is encrypted to ensure the security of its contents. The callback private key is generated during TSS Node initialization, and the key shares are generated after completing key generation or resharing operations.Embedded risk control module
A module within the TSS Node that implements the embedded risk control mechanism, one of the two risk control mechanisms provided by the server co-signer solution. When both mechanisms are enabled, a task request must be approved by both the embedded risk control module and all TSS Node callback servers to proceed. If any component (embedded or callback) rejects the operation, it will be denied.Callback risk control module
A module within the TSS Node that implements the TSS Node callback mechanism, one of the two risk control mechanisms provided by the server co-signer solution. This module:- Sends task request details to the TSS Node callback server for risk assessment.
- Receives and processes approval/rejection decisions made by the TSS Node callback server.
Configs
Contains configurations for the TSS Node, including:- Embedded risk control rules that are used by the embedded risk control module to decide whether to approve or reject a TSS operation request.
- Configurations about the TSS Node callback servers, including the callback server’s URL and public key which is used to verify the callback server’s JWT.
- System configurations, such as the operating environment.
Metrics
You can configure to export server metrics to your InfluxDB database in order to monitor the performance of the TSS Node. To learn more about the configuration details of metrics, see Configure the TSS Node.Cobo WaaS Service
The Cobo Wallet-as-a-Service (WaaS) 2.0 service requests the server co-signer to generate key shares, sign transactions or messages, or reshare keys for your MPC Wallets.TSS Node callback server
The TSS Node callback server is a server that implements the TSS Node callback mechanism, one of the two risk control mechanisms provided by the server co-signer solution. You can enhance security by setting up one or more TSS Node callback servers that:- Implements custom risk control rules and provides real-time approval/rejection for transaction or message signing, key generation, or key resharing.
- Uses JWTs to authenticate requests from the TSS Node
- If any configured callback server rejects a transaction, the entire operation will be denied regardless of other approvals.
Next Steps
Now that you understand the architecture, you can:- Set up a server co-signer
- Configure your risk controls
- Back up your key shares and learn other disaster recovery options.
Feel free to share your feedback to improve our documentation!