Introduction: One of the issues the Cardano network faces is the time it takes for node bootstrapping. So, the developing arm of the Cardano network, Input Output Global (IOG), started making plans on how to solve this problem.

Mithril is a protocol and network specifically designed for proof-of-stake blockchains. Its primary goal is to provide lightweight and secure access to blockchain data while ensuring a high level of security and decentralization. Originally developed for Cardano during its Basho development phase, which focuses on optimization, scalability, and interoperability, Mithril has numerous potential applications. These include synchronizing data for both light and full-node wallets, as well as facilitating data exchanges with layer 2 solutions such as bridges, sidechains, rollups, and state channels.

What is Mithril?

Mithril is a stake-based multi-signature scheme that leverages the existing Cardano network to provide certified snapshots of all or part of the blockchain state. These snapshots can be useful in multiple use cases such as secure voting, data exchange, and synchronization between applications, sidechains, light wallets, etc.

The first application of Mithril allows faster bootstrapping of Cardano nodes. As each node has a full copy of the blockchain and needs to verify each block from the history, it takes a significant amount of time to start a new node from scratch. With Mithril, it is possible to start a node from a predefined state, with the same security guarantees that the chain itself provides, but much faster.

How it works?

The protocol utilizes a lottery mechanism where the probability of a signer winning is directly proportional to their stake. This lottery determines which signers are eligible to participate in the signing round. The generated signatures are then combined by an aggregator into a Mithril multi-signature, which requires a predefined threshold (quorum) of the total stake to be reached.

The Mithril protocol consists of three phases:

Protocol establishment. During this phase, the protocol parameters are established. These parameters are crucial for security and include:

• m: the number of lotteries each signer can participate in for each message

• k: the minimum number of unique winning lottery indices needed to create a multi-signature

• f: a tuning parameter that adjusts the chances of signers winning a lottery based on their stake.

Initialization. In this phase, participating signers generate and broadcast their keys along with a proof of possession. This process happens at the start of each new epoch, which is five days on Cardano. The aggregate verification key (AVK), a condensed representation of the key registration process, is computed and later used to sign and verify multi-signatures.

Operations. This phase involves the creation and broadcasting of individual signatures by signers. Aggregators collect these signatures and combine them into multi-signatures once the quorum is reached. These multi-signatures are then sealed into a Mithril certificate along with the AVK.

Mithril involves three main participants – signers, aggregators, and clients – working together to ensure secure and efficient data verification.

The operations phase is the core of the Mithril process, involving the generation of individual signatures, their aggregation into a multi-signature, and the creation of a certificate that verifies the authenticity of blockchain data:

• Message signing. When a new message, such as a snapshot of the Cardano blockchain, requires certification, a multi-party signing round is initiated.

• Lottery participation. Each signer (SPO) participates in the lottery process pertaining to the message, with the likelihood of winning influenced by the signer's stake and other parameters.

• Individual signature generation. Signers who win at least one lottery create individual signatures for the message using their specific signing key, sending these signatures to the Mithril aggregator.

• Aggregation. The aggregator collects individual signatures and combines them into a single multi-signature once the requisite number of unique winning lottery indices is met (quorum).

• Certificate generation. This multi-signature, along with the signed message and additional metadata, forms a Mithril certificate. This certificate serves as verification that a sufficient amount of stake has endorsed the message.

• Verification. Clients, including light wallets or node operators, can confirm the authenticity of their assets (information retrieved from some untrusted sources) via the certificates. The verification process is efficient and does not require downloading the entire blockchain history; it entails checking the multi-signature against the known aggregate verification key and tracing the certificate back to a trusted genesis certificate.

Use cases:

Let’s take a look at the use cases where Mithril applicability is highly beneficial.

Mithril boosts the efficiency of full node clients or applications such as Daedalus. It ensures fast and secure synchronization of the full node data, significantly improving time and required resources including computation, network exchange, and local storage while keeping high-level security guarantees.

Mithril is also applicable to light clients and mobile applications, ensuring a trustless approach. Another significant advantage is using Mithril signatures for running sidechains. The main blockchain can connect to different sidechains that can even have different consensus protocols. Mithril has benefits in lightweight blockchain state verification, and thus, certificates can validate the current state of the specific blockchain as well as the correctness of forward and backward transfers in a secure way.

Finally, stake-based voting applications and governance solutions can use Mithril regardless of the voting protocol’s complexity. Mithril signatures can be utilized for secure and lightweight tally verification. This is also useful in governance when stakeholders go through a decentralized decision-making process and provide the final result in an easy and verifiable way.

To dig deeper into Mithril read the following references

References:

1. Mithril Network Docs: About Mithril 

2. IOHK Blog: Mithril: a stronger and lighter blockchain for better efficiency

3. Cexplorer Articles: Understanding Mithril