-
Notifications
You must be signed in to change notification settings - Fork 331
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CIP outlining standard for key serialisation formats #57
CIP outlining standard for key serialisation formats #57
Conversation
@intricate thanks very much. We had a first look at this at the CIP editors meeting this week. I don't expect you to push this one along, and I've asked @SebastienGllmt to help, though if you want to that's great of course. Main initial thought from Sebastien and I was that we should also mention the extended-but-not-bip32 format, just to clarify the relationship between them all, and say which formats are actually used. and which are legacy. |
Yes, some standard should be required. And the following can be the base of the conversation. There are two type of keys associated /w the Curve25519 (this also applies to the Curve448 as ED448 or X448, which gives 224-bit security instead of the current ~128)
Therefore, the common prefix could be
The common suffix could be
My thoughts
So, we do not need to distinguish between verify/signing and encryption/decryption keys as the prefix would already do that anyway. One caveat I see, is the confusion between the definition of the extended keys:
I am seeking for opinion from all of you guys @intricate @dcoutts @SebastienGllmt and from others.
UPDATED |
Meaning:
Though, the |
The reason I am against the |
@ilap thanks for all the input. Needs a bit of thinking to digest. I should note that if we're talking about bech32 prefixes, the prior art that we should be consistent with is https://github.com/cardano-foundation/CIPs/blob/master/CIP-0005/CIP-0005.md. We use prefixes there to indicate the role of the key and not merely the format. So there are several ed25519 keys there with different roles, and thus different prefixes. This explicit use of roles helps to avoid some cases of user error since it allows tools (e.g. cli tools) to see that someone has asked to use an inappropriate key type in some place (even if it happens to be the same underlying key type). |
@@ -0,0 +1,132 @@ | |||
--- | |||
CIP: \? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tentatively flagging as CIP-0016 & adding to tomorrow's review agenda (~24 hours from now at https://www.crowdcast.io/e/cip-editors-meeting-18)
On second thoughts, this looks both more specific than "Cryptographic Key Serialisation Formats" (doesn't really refers to any key, but specifically to ed25519 keys). On the other hand, it also feels very much connected to CIP-0005 since this specifies the so-called data-part coming with the prefixes specified in CIP-0005. I'd suggest to transform this PR into an extension of CIP-0005 specifying the datapart for all binary objects specified in CIP-0005; starting however with just the various To summarize: I am fully okay with the content of the CIP, yet I think it could / should be framed differently to have more impact and more usability with CIP-0005. In today's meeting, we also agreed to have a cryptographer from IOG look at it and comment on the soundness of the serialization format. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Serialisation format looks good to me
Considering this PR/CIP as reviewed as per CIP Editors meeting #19 - moving to Last Check / pending merge (tentative CIP-0016) |
* Turn CIP-0060 as active in the top-level README. * Turn CIP-0055 as 'active', rename CIP-0009, CIP-00028 & CIP-0055 for clarity, and link them together. * Add new proposals from triage to the top-level README table * no hyphen in Stake Pool Just patching this in, in the interest of time, before approving (have already retitled the PR) Co-authored-by: Robert Phair <[email protected]>
This CIP aims to standardize cryptographic key serialisation formats to be used by projects throughout the Cardano eco-system.