How does the coordinator sign milestones without compromising the private key?

Question

All milestones are just signed transactions with teh address KPWCHICGJZXKE9GSUDXZYUAPLHAKAHYHDXNPHENTERYMMBQOPSQIDENXKLKCEYCPVTZQLEEJVYJZV9BWU. My understanding is that to sign a transaction, you do so with the private key for that address. How does the coordinator sign so many milestones using the same address and therefore the same key without compromising it?

score 5 · Accepted Answer · answered Feb 19 '18 at 15:36

The answer, it seems, is merkle trees. There is a huge set of pre-generated keys using a merkle tree, and the milestone index is used to traverse the tree.

Original answer found here: https://www.reddit.com/r/Iota/comments/7gsd3t/why_are_coordinator_signatures_still_secure/dqo9b9r/

With updated source link here: https://github.com/iotaledger/iri/blob/dev/src/main/java/com/iota/iri/Milestone.java#L198-L211

score 0 · Answer 2 · answered May 08 '19 at 13:59

0

You can read about milestones and the Merkle tree on the IOTA documentation portal: https://docs.iota.org/docs/the-tangle/0.1/concepts/the-coordinator

answered May 08 '19 at 13:59

jakecahill

26
3

How does the coordinator sign milestones without compromising the private key?

2 Answers2