Sign in Subscribe

How Arch’s Unique Consensus Enables Permissionless Signers

Arch Network

4 min read
How Arch’s Unique Consensus Enables Permissionless Signers

Arch introduces a novel TSS model and Proof-of-Stake mechanism layered over Bitcoin — without compromising Bitcoin’s base layer.

Bitcoin programmability is limited. Many protocols have tried to solve those limitations by relying on TSS models with a fixed set of multisig signers, or a “guardian network,” to control assets and validate transactions on the base layer. 

However, these setups are often opaque and limited in decentralization. Only a handful of parties are able to sign, and rotating those signers is manual and permissioned. 

Because they can’t dynamically add or subtract signers from the validator set, these protocols are forced to prioritize centralization over decentralization — whitelisting only the largest and most trustworthy nodes as signers. 

So far, permissioned signers have been seen as an unavoidable trade-off of building on Bitcoin.

However, such limited models introduce:

  • Centralization risks, since most protocols have as little as 14 signers securing their networks.
  • Difficulty scaling trust, since the permissioned nature of their consensus models discourages new entrants.
  • Lack of transparency, since their opaque processes for approving signers discourages open participation. 

Bitcoiners have had to move from a decentralized environment to a centralized one in order to access programmability. 

Arch allows them to access programmability while remaining in a decentralized, permissionless environment. 

How Arch is Different

Arch introduces a programmable multisig with a dynamic validator set, one that allows signers to enter and exit the network in a decentralized way based on stake weight and performance — getting rid of the need to gatekeep validation to a select few signers.

It does this by leveraging an advanced cryptographic design, combining …

  • FROST (Flexible Round-Optimized Schnorr Threshold)
  • ROAST (Robust Asynchronous Schnorr Threshold)

… with a Proof-of-Stake economic security model. 

Arch’s Unique FROST + ROAST Multisig Framework

Not all multisigs are the same. Their levels of security vary widely based on the quality and variety of their signer sets, as well as the underlying cryptographic architecture and incentive mechanisms that govern them. 

Most TSS models use FROST. However, by itself, FROST is limited in its ability to accept less established or proven signers. That’s because if a leader node drops out or can’t reach the threshold, it will just keep doing more signing sessions, which continue to fail, grinding a network’s transactions to a halt. 

This has forced FROST-based multisigs to make their signer set more centralized and permissioned.

Arch adds ROAST, a novel framework that creates more robustness by allowing for parallel signing sessions. This means that if a leader node fails to reach the threshold, another node can take over and make sure the transaction goes through. 

This allows Arch to prioritize permissionless decentralization, in addition to security.

Arch can create a multisig with dynamic validator sets — that is, with decentralized signers that can enter and exit in permissionless fashion. 

And just like in a proof-of-stake system, Arch uses economic incentives to ensure the quality of its validators.

Arch’s PoS Economic Security Model

Beyond decentralization, Arch’s validator model incorporates economic security by requiring validators to stake ARCH tokens. 

Their weight in the consensus process is proportional to the amount of ARCH staked, just like in other Proof-of-Stake systems. 

To compromise the network, an attacker would need to:

  • Control a majority of signing weight in the validator set
  • Accumulate and stake a significant amount of ARCH tokens

This introduces a high economic cost to attack, aligning incentives with honest behavior and protecting users and apps from malicious coordination.

By combining PoS with FROST + ROAST, Arch enables…

  • Validator sets that are dynamic and can change over time
  • Permissionlessly participation in securing the network by staking ARCH
  • Multisig control that becomes progressively more decentralized and censorship-resistant

The Tech That Makes It Possible

Under the hood, Arch has built a sophisticated system to power its cryptographic multisig and decentralized, permissionless validator set.

1. Two-Round Distributed Key Generation (DKG)

Round 1: Validators exchange cryptographic commitments

Round 2: Validators finalize their key shares

This creates a shared public key for the network while keeping individual private key shares secure and separate.

2. Epoch-Based Validator Shuffling

Every single epoch, Arch completely re-orders the validator set based on stake weight:

  • Validators can enter or exit the threshold group
  • Their influence adjusts based on their current stake
  • Underperforming validators get evicted, creating accountability
  • New validators can join, increasing decentralization

There is a cap, but Arch has set it intentionally high. If multiple validators have the same stake (a tie condition), there's a fair system to determine precedence.

3. ROAST Protocol: Making FROST Production-Ready

When a transaction needs validation:

  1. A leader (selected through our fair election process) distributes it
  2. Validators run it through the Arch VM
  3. Each validator creates a partial signature
  4. The leader collects signatures until meeting threshold
  5. The final signature works just like a regular Bitcoin signature

Real-World Impact

This isn't just theoretical. Our approach means:

  • Unlimited validator scaling: As more validators join, the network becomes more resilient
  • Fair participation: No gatekeeping, anyone with stake can participate
  • Independent consensus: Not tied to Bitcoin's consensus rules, but secured by Bitcoin
  • Gradual decentralization: The system actually becomes MORE decentralized over time

The Future Is Dynamic

Arch has built the infrastructure for true decentralized programmability on Bitcoin, thanks to its innovative implementation of FROST + ROAST and permissionless PoS-style Validator Sets.. 

In doing so, Arch introduces a Bitcoin execution model that gets more robust, more distributed, and more resistant to censorship as it grows.

Want to build with us?