github/darkfi
1
1
Fork 0
mirror of https://github.com/darkrenaissance/darkfi.git synced 2026-04-28 03:00:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

[src/architecture/crypto] add spec to vrf, signature, commitment

Browse Source
This commit is contained in:
ertosns
2023-10-16 16:26:50 +03:00
parent dd757db0a2
commit 8808455004
3 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
doc/src/architecture/crypto/commitment.md Normal file
View File

@@ -0,0 +1,9 @@
# commitment
darkfi contract uses computationally binding, perfectly hiding pedersen commitment function in both money, and consensus contracts.
cm = comm(m, r), m is data encrypted as curve field element, r a random curve scalar is blinding factor, is a computationally hiding, computationally binding commitment.
## curve point commitment
commitment to a curve point pt after convertion to affine coordinates $pt = (pt_x, pt_y)$
$$cm_x, cm_y = comm(pt) = comm(pt_x, r_x), comm(pt_y, r_y)$$

9
doc/src/architecture/crypto/signature.md Normal file
View File

@@ -0,0 +1,9 @@
# signature
signature for keypair over the elliptic curve, with security hinged on the security of hash random oracle.
# signature protocol
signature = sign(sk, msg), `sk` private key used for message signature generation, `msg` message to be signed, signature as response, and challenge pair
verify(pk, msg, signature) `pk` public key corresponding to message signing private key, validate signature is valid for given msg with signature public key.
# nonce leakage
make sure the nonce, or source of randomness is true random every time call to signature sign is called with the same keypair, otherwise the secret key be leaked given just two signatures, $response_1 - response_2 = mask - sk * challenge_1 - mask + sk * challenge_2 = sk * (challenge_2 - challenge_1)$

20
doc/src/architecture/crypto/vrf.md Normal file
View File

@@ -0,0 +1,20 @@
# ecvrf
ecvrf[^1] is elliptic curve Verifiable Random Function satisfies:
- trusted uniqueness [^2]
- trusted collision resistance [^3]
- full pseudo-randomness [^4]
## ecvrf protocol
### proof generation
$proof = prove(sk, data)$, `sk` is VRF private key, `data` is input data as stream of bytes, proof is the vrf output.
generate a vrf proof, that can be publicly verified.
### proof verification
$verify(pk, proof, data)$, `pk` is VRF public key, validate that the proof is correct.
[^1]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-04#section-5
[^2]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-04#section-3.1
[^3]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-04#section-3.2
[^4]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-04#section-3.3