Value Propositions

TACo is an access control plug-in that makes your Web3 application more secure, more private, and much more decentralized.

End-to-end encryption for everything Built on the privacy-for-everyone principles of popular end-to-end encrypted messengers but applicable to a far wider set of use cases, connected vehicles, DBaaS, live-streaming, DAO group chats, and much more. Early adopters are using TACo to enforce decryption rights for tokenized assets, to recover seed phrases, to transfer deployment keys to remote machines, and to conceal in-game assets.
Trust-minimization through threshold cryptography and a collusion-resistant node array Key material management and condition verification are operationally distributed across a diverse array of machines/servers, run by economically independent individuals and commercial entities.
Powerful, per-ciphertext conditionality Future access to data can be made contingent on the fulfillment of nearly any predefined condition, and those conditions attached to any granularity of data payload – a single message or an entire table.
Flexible condition composability Conditions of all types can be mixed-and-matched using logical operators and flexible prefix notation into virtually any desired combination. Conditions can also be flexibly surfaced at different stages of runtime.
Tunable collusion-resistance, redundancy & latency Developers will have control over the cohort(s) of node operators which manage access to a given data payload, user base or entire application. These security parameters can also be packaged into simpler user-facing optionality for custom risk preferences. Applies to future versions of TACo.
Highly incentivized uptime Threshold Network's multi-app model strongly incentivizes node operators to provision service to tBTC, and its strict availability requirements. Threshold Access Control 'piggybacks' on tBTC uptime, reliability and technical competence.
Keypair-only decryption via PRE Extension If even stricter security guarantees are required, and data recipients' public keys are known in advance, developers may opt for end-user data to be re-encrypted by node operators such that they are only decryptable by pre-designated clients / public keys.