Composite Key

The term "public key" mentioned earlier actually refers to a specific type of key known as a composite key. A composite key can be visualized as a tree-like structure, with cryptographic public keys and algorithm identifiers positioned at the leaves of the tree. Nodes within this structure define the importance of each child node and set a weighted threshold that must be met. To validate a set of signatures, you sum the weights of all keys with valid signatures, starting from the bottom and working your way up the tree, comparing this sum to the established threshold. This approach involving weights and thresholds allows for various scenarios to be encoded, including boolean expressions using AND and OR logic.

Composite keys find applications in diverse scenarios. For example, they can be used to control an asset jointly, with one key owned by a user and another by an independent risk analysis system. In cases where a transaction appears suspicious, such as a rapid transfer of substantial value within a short timeframe, the risk analysis system may decline to sign the transaction. Another use case involves encoding cooperative structures within keys, enabling a Chief Financial Officer (CFO) to independently sign a significant transaction, while their subordinates require joint signatures. Composite keys also prove valuable in notary services.

In a distributed notary service, each participant corresponds to a leaf in the tree. Specific threshold configurations can make the group's signature valid even if some participants are offline or decline to sign. While there are threshold signature schemes available for precise generation of composite keys and signatures, an approach with a less space-intensive explicit form has been chosen. This approach avoids the necessity for all group participants to upgrade simultaneously, facilitating the transition from old algorithms to new ones.