Threshold Access Control (TACo)
  • Getting Started
    • Introduction to TACo
    • How TACo Works
    • Quickstart (Testnet)
  • For Developers
    • Integrate TACo Into Apps
      • Testnets
      • Mainnet Access
      • Mainnet Deployment
    • Ecosystem Integrations
      • OrbisDB
      • Waku
      • Waku + Codex
      • Irys
      • ComposeDB
      • Turbo
    • API
      • Encryptor Allowlist
      • Encrypt & Decrypt
      • Authentication
        • Condition Context
      • Access Control
        • TimeCondition
        • RpcCondition
        • ContractCondition
          • Use custom contract calls
          • Implement access revocation via smart contract
        • JSON Endpoint Conditions
          • JsonApiCondition
          • JsonRpcCondition
        • JWT Conditions
        • Logical Conditions
          • CompoundCondition
          • IfThenElseCondition
          • SequentialCondition
        • WIP / Feature Requests
          • Any (Major) EVM Chain Condition Support
    • Blueprints & Inspiration
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
  • For Product Leads
    • Value Propositions
    • Capabilities & Extensions
    • Use cases
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
    • Mainnet Fees
    • Trust Assumptions
      • Mainnet Trust Disclosure (Provider Answers)
      • Mainnet Trust Model Foundation
      • Trust levers & parameter packages
  • Reference
    • Contract Addresses
    • Architecture
      • Protocol Architecture
      • Protocol Flow
      • UML Use Case Diagram
      • Porter
    • Github
    • TACo Playground
    • TACo Scan
  • For Node Operators
    • Getting Set Up
      • Minimum System Requirements
      • Run a TACo Node with Docker
    • Operations
      • TACo Node Management
      • TACo Node Recovery
      • Stake Authorization
    • Duties, Compensation & Penalties
    • Run a Porter Instance
Powered by GitBook
On this page
  • Distributed Key Generation (DKG)
  • Encryption with defined Access-Conditions
  • Decryption Services
  • Cohort Management
  • Integration Points
  1. Reference
  2. Architecture

Protocol Flow

PreviousProtocol ArchitectureNextUML Use Case Diagram

Last updated 6 days ago

This document details the operational flow of the TACo protocol - how information and operations move through the system. For an overview of the actors involved and their roles, see the .

The TACo protocol operations follow several distinct but interconnected flows:

Distributed Key Generation (DKG)

  • Adopting developers (cohortAuthority) initiate and manage a one-time DKG initialization ritual at network setup

  • The initialization produces a unified public key and each node maintains its own private key fragment

  • The cohortAuthority manages parameters for the ritual and cohort composition

  • A minimum of one honest party is required during DKG to ensure the secret material is not spoofed

Encryption with defined Access-Conditions

  • Data producers use the public key generated by the DKG to encrypt their content locally

  • Each encrypted payload can be accompanied by specific access conditions, allowing different payloads to have different condition sets

  • Access conditions define who can access the encrypted data and when

  • The distribution of the encrypted content (ciphertext) falls outside TACo's scope

Decryption Services

  • Data consumers present encrypted content to nodes along with authentication

  • Nodes independently verify that the consumer meets the payload's access conditions

  • For each node that validates the conditions, a decryption fragment is provided to the consumer

  • Once a threshold of nodes have provided their fragments, the consumer can locally combine these fragments to decrypt the content

Cohort Management

  • Node participation is secured through economic staking in the TACo Nodes Network

  • Cohorts can rotate members according to predefined rules set by the cohortAuthority

  • The rotation rules can be tailored to balance security, availability, and decentralization needs

Integration Points

The protocol flow integrates with various TACo components:

  • User applications interact with the TACo protocol through the Client SDK (taco-web)

  • Access Conditions enables the definition and validation of conditional access to the encrypted data

  • TACo Nodes Network provides the economic staking mechanism for node operators

  • Coordinator contract manages cohort formation and DKG rituals on-chain

For a more detailed explanation of the protocol operations, see .

For details on how these components relate to each other architecturally, see .

For conceptual explanations of the protocol's design principles, see .

UML Use Case Diagram
How TACo Works
Protocol Architecture
How TACo Works