How Does Lit Protocol Work
Introduction
Lit Protocol combines cutting-edge cryptography, sealed confidential hardware, and peer-to-peer networking to provide builders in web3 with the ability to use cryptographic keys and perform private compute jobs. With Lit, developers can:
Securely generate and manage non-custodial keys to build user wallets and signers. This enables you to seamlessly onboard users into your application without relying on a centralized custodian or dealing with the complexities of key management.
- Example implementations: PatchWallet, Silk, Collab.Land, Tria, Index Network
Perform data encryption and manage access to data with flexible access control rules and policies.
Write and execute private and immutable functions for cross-chain messaging and transaction automation, enabling the development of protocols that have the ability to read and write data between blockchains.
- Example implementations: Event Listener, Yacht Labs SDK
Create data oracles that have the ability to fetch off-chain data for use in on-chain dApps.
- Example implementations: coming soon.
Privacy-preserving and fully verifiable LLMs and AI agents.
- Example implementations: coming soon.
And more…
To learn more about possible ways you can use Lit and to view additional implementation examples, check out the use cases section or follow the links below:
Whitepaper. Open Source Node Code. Audit reports.
Below, we will dive into Lit's core architecture and how things work under the hood:
1. Lit Nodes
Each Lit Node is a sealed encrypted virtual machine running on an independently operated server. The fact that each node is “sealed” means that neither the operator of the Lit Node, nor any other party, can access the interior of the processor.
Each Lit node contains a JavaScript execution environment (Deno) and key shares. Each key share corresponds to a key pair that is "shared" among all participating operators, created using distributed key generation (DKG), covered in more depth below.
Threshold Keys and Distributed Key Generation
As introduced above, each Lit node collectively participates in a DKG to create new public/private key pairs where no one party ever holds the entire key. Instead, each node holds a key share which they use to sign and decrypt data with.
- Network Consensus: All operations (signing or decryption) are performed in parallel and require participation from two-thirds of network nodes to be executed.
- Key Distribution: No one node (or client) ever gains access to private keys in their entirety. Decryption and signing operations do not expose the underlying key.
- Curve Flexibility: The protocol supports multiple cryptographic curves and signature schemes, with the ability to add new ones to enable interoperability with a wide variety of protocols and standards.
Sealed and Confidential Hardware
All Lit node operators run a bare metal install of AMD’s SEV-SNP, ensuring they never have access to any key shares directly, nor the computation processed inside of each node.
- Trusted Execution Environment (TEE): SEV-SNP is an example of a TEE, which provides advanced hardware-level isolation for all network operations.
- Code Immutability and Confidentiality: Deployed programs within the TEE are immutable and private, preventing unauthorized changes and maintaining consistent operational integrity.
JavaScript Execution Environment
The JavaScript execution environment that is present in each Lit node enables developers to write immutable programs called Lit Actions that govern signing and encryption operations.
2. The Lit Network
The Lit network is composed of a collection of Lit nodes. All nodes must stake tokens in order to participate in the “active” node operator set, providing crypto-economic security guarantees.
Currently, the Lit network is in Mainnet Beta and a test token is being used for staking. Current node operators include integration partners, project investors, and professional node operators. If you’re interested in becoming a node operator, please reach out.
Node Operators
The full list of Datil node operators includes:
The following operators will be joining the network after launch:
The Lit Protocol Token (LITKEY)
The Lit Protocol token, LITKEY, will be used by node operators to meet their staking requirement, as well as a reward token to pay node operators for their service. Developers using Lit will also use the token to pay for transacting on the network.
The LITKEY token is NOT live, and currently a test token (tstLPX) is being used for staking and payment. The official LITKEY token will be released when the v1 network launches later this year. You can subscribe to updates here.
If you're a developer building on Lit, test tokens can be claimed from the verified faucet.
Learn More
Learn more about how Lit Protocol works by checking out the resources below:
- About user wallets.
- About encryption and access control.
- About decentralized compute.
Not finding the answer you're looking for? Share your feedback on these docs by creating an issue in our GitHub Issues and Reports repository or get support by visiting our Support page.