Quorum System in BrightChain

Status: ✅ CORE IMPLEMENTATION COMPLETE (January 2025)

The Quorum system is fully operational with Shamir’s Secret Sharing, encrypted document management, and configurable threshold governance. This document provides technical details for developers.

Overview

The BrightChain Quorum system provides a decentralized governance structure for managing sensitive data, identity verification, and brokered anonymity. It implements a digital statute of limitations through time-based data expiration and requires consensus for sensitive operations.

Key Innovation: Enables anonymous operations with accountability through cryptographic consensus, solving the “Parler Problem” while maintaining privacy rights.

Architecture

Core Classes ✅ IMPLEMENTED 

// Main quorum class
class BrightChainQuorum<TID extends PlatformID = Uint8Array> {
  public readonly id: TID;
  private readonly nodeAgent: Member<TID>;
  public readonly name: string;
  private readonly _members: SimpleStore<ShortHexGuid, Member<TID>>;
  private readonly _memberPublicKeysByMemberId: ArrayStore<ShortHexGuid>;
  private readonly _documentsById: SimpleStore<ShortHexGuid, QuorumDataRecord<TID>>;
  private readonly _sealingService: SealingService<TID>;
}

// Document record with encrypted data and shares
class QuorumDataRecord<TID extends PlatformID = Uint8Array> {
  public readonly id: TID;
  public readonly encryptedData: Uint8Array;
  public readonly encryptedSharesByMemberId: Map<ShortHexGuid, Uint8Array>;
  public readonly checksum: Checksum;
  public readonly creator: Member<TID>;
  public readonly signature: SignatureUint8Array;
  public readonly memberIDs: TID[];
  public readonly sharesRequired: number;
  public readonly dateCreated: Date;
  public readonly dateUpdated: Date;
}

// Sealing service using Shamir's Secret Sharing
class SealingService<TID extends PlatformID = Uint8Array> {
  public async quorumSeal<T>(
    agent: Member<TID>,
    data: T,
    amongstMembers: Member<TID>[],
    sharesRequired?: number
  ): Promise<QuorumDataRecord<TID>>;
  
  public async quorumUnseal<T>(
    document: QuorumDataRecord<TID>,
    membersWithPrivateKey: Member<TID>[]
  ): Promise<T>;
}

Quorum Structure

Composition

Recommended: Approximately 24 members (organizations), preferably charitable organizations with board oversight.

Supported: 2 to 1,048,575 members with configurable thresholds.

// Constants for sealing operations
export const SEALING: ISealingConsts = {
  MIN_SHARES: 2,
  MAX_SHARES: 1048575,  // 2^20 - 1
  DEFAULT_THRESHOLD: 3,
};

Node Trust Levels ⚠️ PLANNED 

// Future implementation for node classification
enum NodeTrustLevel {
  STORAGE_ONLY,    // Can only store OFFS blocks
  QUORUM_MEMBER,   // Trusted for quorum operations
  QUORUM_ADMIN,    // Can manage quorum membership
}

interface QuorumMemberMetadata {
  trustLevel: NodeTrustLevel;
  publicKey: Uint8Array;
  lastVerified: Date;
  votingWeight?: number;
}

Node Requirements ✅ IMPLEMENTED

  • Key Management: Separate key pairs for signing and encryption
  • Secure Storage: Private keys in secure buffer (via @digitaldefiance/ecies-lib)
  • Member Identity: Each node has a Member agent with BIP39/32 derived keys
  • Signature Verification: All operations cryptographically verified

Document Storage ✅ IMPLEMENTED

Sealing Process 

// 1. Generate random symmetric key
const key = crypto.getRandomValues(new Uint8Array(32));

// 2. Encrypt data with AES-256-GCM
const aesGcmService = new AESGCMService();
const encryptedData = await aesGcmService.encryptJson(data, key);

// 3. Split key using Shamir's Secret Sharing
this.reinitSecrets(amongstMembers.length);
const keyShares = secrets.share(
  uint8ArrayToHex(key),
  amongstMembers.length,
  sharesRequired
);

// 4. Encrypt each share for specific member
const encryptedShares = await this.encryptSharesForMembers(
  keyShares,
  amongstMembers
);

// 5. Create QuorumDataRecord
return new QuorumDataRecord(
  agent,
  amongstMembers.map(m => m.id),
  sharesRequired,
  encryptedData,
  encryptedShares
);

Unsealing Process 

// 1. Collect encrypted shares from threshold members
const encryptedShares = membersWithPrivateKey.map(member => 
  document.encryptedSharesByMemberId.get(member.id)
);

// 2. Each member decrypts their share with private key
const decryptedShares = await Promise.all(
  membersWithPrivateKey.map(member =>
    eciesService.decryptSimpleOrSingleWithHeader(
      false,
      member.privateKey.value,
      encryptedShares[i]
    )
  )
);

// 3. Combine shares to reconstruct key
this.reinitSecrets(document.encryptedSharesByMemberId.size);
const combined = secrets.combine(decryptedShares);
const key = hexToUint8Array(combined);

// 4. Decrypt data with reconstructed key
const aesGcmService = new AESGCMService();
return await aesGcmService.decryptJson(document.encryptedData, key);

Storage Metadata ⚠️ PARTIALLY IMPLEMENTED 

// Currently implemented in QuorumDataRecord
interface CurrentMetadata {
  dateCreated: Date;
  dateUpdated: Date;
  checksum: Checksum;        // SHA3-512
  signature: SignatureUint8Array;
}

// Future implementation for storage management
interface StorageMetadata {
  expirationDate: Date;
  maxExtensionDate?: Date;   // Statute of limitations
  creditsPaid: number;       // In Joules
  redundancyLevel: number;
  lastRenewal?: Date;
}

Brokered Anonymity ✅ CORE IMPLEMENTED

Process Flow

  1. User posts with regular ID and signature
    • Member creates content
    • Signs with private key
    • Signature proves authenticity
  2. ID portion is zeroed out
    • Original identity replaced with alias/anonymous ID
    • FEC data generated containing true identity
  3. Server verifies signature
    • Validates signature against known user ID
    • Checks user authorization
    • Ensures user not in violation
  4. Data encrypted with random key
    • AES-256-GCM symmetric encryption
    • Cryptographically secure random key
  5. Key split using Shamir’s Secret Sharing
    • Configurable threshold (2 to 1,048,575)
    • Mathematically guaranteed reconstruction
  6. Shards encrypted for each member
    • ECIES encryption per member
    • Only member’s private key can decrypt

Implementation Status 

// ✅ Implemented
interface QuorumDataRecord {
  id: TID;
  encryptedData: Uint8Array;
  encryptedSharesByMemberId: Map<ShortHexGuid, Uint8Array>;
  checksum: Checksum;
  creator: Member<TID>;
  signature: SignatureUint8Array;
  memberIDs: TID[];
  sharesRequired: number;
  dateCreated: Date;
  dateUpdated: Date;
}

// ⚠️ Future implementation for anonymity tracking
interface AnonymityBroker {
  userIdentity: EncryptedBlock;
  unmaskedUntil?: Date;
  unmaskVotes: Map<GuidV4, boolean>;
  unmaskReason?: string;
  unmaskThreshold: number;
}

Statute of Limitations ✅ SUPPORTED

Current Implementation:

  • Documents have creation/update timestamps
  • Temporal expiration supported via dateCreated/dateUpdated
  • Can be extended with maxExtensionDate field

Future Automation:

  • Background process to purge expired documents
  • Automatic enforcement of statute of limitations
  • Storage cleanup and credit refunds

Quorum Operations

Member Management ✅ IMPLEMENTED 

// Add member to quorum (internal)
protected storeMember(member: Member<TID>) {
  const hexMemberId = uint8ArrayToHex(
    provider.toBytes(member.id)
  ) as ShortHexGuid;
  this._members.set(hexMemberId, member);
  this._memberPublicKeysByMemberId.set(hexMemberId, member.publicKey);
}

// Check if members can unlock document
public canUnlock(id: ShortHexGuid, members: Member<TID>[]): boolean {
  const doc = this._documentsById.get(id);
  return (
    members.length >= doc.sharesRequired &&
    members.every(m => doc.memberIDs.includes(m.id))
  );
}

Document Operations ✅ IMPLEMENTED 

// Add document to quorum
public async addDocument<T>(
  agent: Member<TID>,
  document: T,
  amongstMembers: Member<TID>[],
  sharesRequired?: number
): Promise<QuorumDataRecord<TID>> {
  const newDoc = await this._sealingService.quorumSeal(
    agent,
    document,
    amongstMembers,
    sharesRequired
  );
  this._documentsById.set(newDoc.id, newDoc);
  return newDoc;
}

// Retrieve document with member consensus
public async getDocument<T>(
  id: ShortHexGuid,
  memberIds: ShortHexGuid[]
): Promise<T> {
  const doc = this._documentsById.get(id);
  const members = memberIds.map(id => this._members.get(id));
  return await this._sealingService.quorumUnseal(doc, members);
}

// Check if node has document
public hasDocument(id: ShortHexGuid): boolean {
  return this._documentsById.has(id);
}

Voting System ⚠️ PLANNED 

// Future implementation for quorum voting
interface QuorumVote {
  voteId: TID;
  proposalType: VoteType;
  proposalData: unknown;
  requiredThreshold: number;
  votes: Map<ShortHexGuid, boolean>;
  deadline: Date;
  status: VoteStatus;
}

enum VoteType {
  ADD_MEMBER,
  REMOVE_MEMBER,
  UNMASK_IDENTITY,
  EXTEND_STORAGE,
  MODIFY_THRESHOLD,
}

enum VoteStatus {
  PENDING,
  APPROVED,
  REJECTED,
  EXPIRED,
}

Shard Management ✅ IMPLEMENTED 

// Shares are managed within QuorumDataRecord
interface ShareDistribution {
  // Map of member ID to encrypted share
  encryptedSharesByMemberId: Map<ShortHexGuid, Uint8Array>;
  
  // Threshold required for reconstruction
  sharesRequired: number;
  
  // Members who can provide shares
  memberIDs: TID[];
}

// Encryption per member
public async encryptSharesForMembers(
  shares: Shares,
  members: Member<TID>[]
): Promise<Map<ShortHexGuid, Uint8Array>> {
  const encryptedShares = new Map();
  for (let i = 0; i < members.length; i++) {
    const encrypted = await eciesService.encryptSimpleOrSingle(
      false,
      members[i].publicKey,
      hexToUint8Array(shares[i])
    );
    encryptedShares.set(members[i].id, encrypted);
  }
  return encryptedShares;
}

Security Measures ✅ IMPLEMENTED

Key Management 

// Separate key pairs via Member class
interface Member<TID extends PlatformID = Uint8Array> {
  id: TID;
  publicKey: Uint8Array;      // For encryption
  privateKey?: PrivateKey;    // Securely stored
  
  // Methods
  sign(data: Uint8Array): SignatureUint8Array;
  verify(data: Uint8Array, signature: SignatureUint8Array): boolean;
}

// Keys derived from BIP39/32 mnemonic
// SECP256k1 elliptic curve (Ethereum-compatible)
// Private keys stored in secure buffer

Cryptographic Guarantees

  1. Data Integrity
    • SHA3-512 checksums for all documents
    • Signature verification on all operations
    • Tamper-evident audit trail
  2. Confidentiality
    • AES-256-GCM for data encryption
    • ECIES for share encryption
    • No single member can decrypt alone
  3. Authenticity
    • All documents signed by creator
    • Signatures verified before operations
    • Member identity cryptographically proven
  4. Availability
    • Threshold-based reconstruction
    • No single point of failure
    • Redundancy through share distribution

Vote Verification ⚠️ PLANNED 

// Future implementation
interface VerifiedVote {
  voterId: TID;
  voteValue: boolean;
  signature: SignatureUint8Array;
  timestamp: Date;
}

// Verification process
function verifyVote(vote: VerifiedVote, member: Member): boolean {
  const voteData = serializeVote(vote);
  return member.verify(voteData, vote.signature);
}

Serialization ✅ IMPLEMENTED 

// Convert to DTO for storage/transmission
interface QuorumDataRecordDto {
  id: ShortHexGuid;
  creatorId: ShortHexGuid;
  encryptedData: HexString;
  encryptedSharesByMemberId: { [key: string]: HexString };
  checksum: ChecksumString;
  signature: SignatureString;
  memberIDs: ShortHexGuid[];
  sharesRequired: number;
  dateCreated: Date;
  dateUpdated: Date;
}

// Serialization methods
public toDto(): QuorumDataRecordDto;
public toJson(): string;
public static fromDto<TID>(dto: QuorumDataRecordDto): QuorumDataRecord<TID>;
public static fromJson<TID>(json: string): QuorumDataRecord<TID>;

Testing ✅ COMPREHENSIVE 

// Test files
- quorum.spec.ts                              // Core functionality
- quorumService.member.property.spec.ts       // Member operations
- quorumService.seal.property.spec.ts         // Sealing operations
- sealing.service.spec.ts                     // Shamir's Secret Sharing
- quorumDataRecord.serialization.property.spec.ts  // Serialization

// Test coverage includes:
- Document sealing/unsealing
- Threshold enforcement
- Member management
- Share encryption/decryption
- Signature verification
- Serialization round-trips
- Error conditions
- Edge cases

Implementation Status Summary

✅ Complete

  • BrightChainQuorum class
  • QuorumDataRecord class
  • SealingService with Shamir’s Secret Sharing
  • Document sealing/unsealing
  • Share encryption per member
  • Threshold-based reconstruction
  • Signature verification
  • Serialization/deserialization
  • Comprehensive testing

⚠️ Planned

  • Vote notification system
  • Automated expiration enforcement
  • Storage credit system (Joules)
  • Member communication protocol
  • Trust level classification
  • Vote management UI
  • Emergency procedures

Usage Examples

Basic Quorum Setup 

import { BrightChainQuorum } from 'brightchain-lib';
import { Member } from '@digitaldefiance/ecies-lib';

// Create quorum members
const members = await Promise.all([
  Member.generate("Red Cross"),
  Member.generate("Doctors Without Borders"),
  Member.generate("Electronic Frontier Foundation"),
  // ... up to 24 or more
]);

// Create node agent
const nodeAgent = await Member.generate("Node Operator");

// Initialize quorum
const quorum = new BrightChainQuorum(
  nodeAgent,
  "MainQuorum"
);

Seal Document 

// User with sensitive data
const user = await Member.generate("Whistleblower");
const sensitiveData = {
  report: "Evidence of wrongdoing",
  timestamp: new Date(),
  evidence: ["doc1.pdf", "doc2.pdf"]
};

// Seal with 2/3 majority requirement
const threshold = Math.ceil(members.length * 2 / 3);
const document = await quorum.addDocument(
  user,
  sensitiveData,
  members,
  threshold
);

console.log(`Document sealed: ${document.id}`);
console.log(`Requires ${threshold} of ${members.length} members to unseal`);

Unseal Document 

// Collect threshold number of members
const memberSubset = members.slice(0, threshold);

// Check if they can unlock
if (quorum.canUnlock(document.id, memberSubset)) {
  // Unseal document
  const recovered = await quorum.getDocument(
    document.id,
    memberSubset.map(m => m.id)
  );
  
  console.log("Document unsealed:", recovered);
} else {
  console.log("Insufficient members to unseal");
}

Serialize for Storage 

// Convert to JSON for storage
const json = document.toJson();
await storage.save(document.id, json);

// Later, restore from JSON
const restored = QuorumDataRecord.fromJson(
  json,
  (memberId) => members.find(m => m.id === memberId),
  enhancedProvider,
  eciesService
);

Future Enhancements

Priority 1: Operational Tools

  • Vote management system
  • Member notification service
  • Document expiration automation
  • Credit tracking dashboard

Priority 2: Economic Model

  • Storage credit (Joules) implementation
  • Credit calculation formulas
  • Payment/allocation mechanism
  • Extension pricing

Priority 3: Governance

  • Formal bylaws definition
  • Member selection process
  • Violation handling procedures
  • Emergency protocols

Priority 4: Scalability

  • Distributed quorum nodes
  • Shard replication
  • Load balancing
  • Performance optimization

Conclusion

The BrightChain Quorum system is a production-ready cryptographic governance mechanism that enables “Brokered Anonymity” - anonymous operations with accountability through democratic consensus. The core implementation is complete with Shamir’s Secret Sharing, encrypted document management, and configurable thresholds supporting up to 1,048,575 members.

This system represents a significant innovation beyond the OFF System, providing the governance infrastructure necessary for a “government in a box” platform while maintaining strong privacy guarantees and cryptographic security.