[DEWIF] add v3

1a620366 · Éloïs · fbb1d7a7 · 1a620366
Commit 1a620366 authored Jan 09, 2021 by Éloïs
Hide whitespace changes
Inline Side-by-side

Showing with 70 additions and 21 deletions

rfc/0013_Duniter_Encrypted_Wallet_Import_Format.md rfc/0013_Duniter_Encrypted_Wallet_Import_Format.md +70 -21

No files found.
--- a/rfc/0013_Duniter_Encrypted_Wallet_Import_Format.md
+++ b/rfc/0013_Duniter_Encrypted_Wallet_Import_Format.md
@@ -36,8 +36,8 @@ This base64 string encodes a sequence of bytes whose structure is defined below.

 ## dewif bytes structure

-| version (4 bytes) | currency code (4 bytes) | encrypted datas (any bytes) |
-|:-----------------:|:-----------------------:|:---------------------------:|
+| version (4 bytes) | currency code (4 bytes) | version data (any bytes) |
+|:-----------------:|:-----------------------:|:------------------------:|

 ## Currencies code

@@ -47,31 +47,32 @@ This base64 string encodes a sequence of bytes whose structure is defined below.
 | Ğ1       | 0x00000001 |
 | Ğ1-Test  | 0x10000001 |

-## encrypted datas
+## version data

 ### v1

+v1 data (encrypted):
+
+| seed(32 bytes) | public key(32bytes) |
+|:--------------:|:-------------------:|
+| seed bytes     | public key bytes    |
+
+The public key serves as a checksum. To check that the `.dewif` file is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
+
 Symmetric encryption algorithm : aes256

-aes256 key : scrypt of user passphrase with the following parameters:  
-Seed generated from scrypt with the following parameters:  
+aes256 key: scrypt of user passphrase with the following parameters:  
+
 password: passphrase  
 salt: sha256("dewif" ++ passphrase)  
 N : 4096  
 r: 16  
 p: 1

-Encrypted datas :
-
-| seed(32 bytes) | public key(32bytes) |
-|:--------------:|:-------------------:|
-| seed bytes     | public key bytes    |
-
-The public key serves as a checksum. To check that the `.dewif` file is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
+Example #1:

-Example 1:
+aes256 key generated from scrypt with the following parameters:  

-Seed generated from scrypt with the following parameters:  
 password: "user password"  
 salt: "user salt"  
 N : 4096  
@@ -82,7 +83,7 @@ p: 1
 0x000000001 #v1
 0x100000001 #g1-test
 0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 # seed
-17df9d2b059cdd2825955691e3a783e6da403148ddebb1144d1a9b9e545f2371 # public key
+0x17df9d2b059cdd2825955691e3a783e6da403148ddebb1144d1a9b9e545f2371 # public key
 ```

 DEWIF base 64 string (with aes key `"toto titi tata"`):
@@ -91,20 +92,68 @@ DEWIF base 64 string (with aes key `"toto titi tata"`):

 ### v2

+v2 data (encrypted):
+
+| seed1(32 bytes) | public key1(32bytes) | seed2(32 bytes) | public key2(32bytes) |
+|:---------------:|:--------------------:|:---------------:|:--------------------:|
+| seed bytes      | public key bytes     | seed bytes      | public key bytes     |
+
+The public key serves as a checksum. To check that the `.dewif` file is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
+
 Symmetric encryption algorithm : aes256

-aes256 key : scrypt of user passphrase with the following parameters:  
-Seed generated from scrypt with the following parameters:  
+aes256 key: scrypt of user passphrase with the following parameters:  
+
 password: passphrase  
 salt: sha256("dewif" ++ passphrase)  
 N : 4096  
 r: 16  
 p: 1

-Encrypted datas :
+### v3

-| seed1(32 bytes) | public key1(32bytes) | seed2(32 bytes) | public key2(32bytes) |
-|:---------------:|:--------------------:|:---------------:|:--------------------:|
-| seed bytes      | public key bytes     | seed bytes      | public key bytes     |
+v3 data :
+
+| `log N` | Encrypted data |
+|:-------:|:--------------:|
+| 1 byte  | 64 bytes       |
+
+Encrypted data :
+
+| seed(32 bytes) | public key(32bytes) |
+|:--------------:|:-------------------:|
+| seed bytes     | public key bytes    |

 The public key serves as a checksum. To check that the `.dewif` file is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
+
+Symmetric encryption algorithm : aes256
+
+aes256 key: scrypt of user passphrase with the following parameters:  
+
+password: passphrase  
+salt: sha256("dewif" ++ passphrase)  
+N : `2^(log N)`
+r: 16  
+p: 1
+
+Example #2:
+
+aes256 key generated from scrypt with the following parameters:  
+
+password: "user password"  
+salt: "user salt"  
+N : `2^15 = 32768`
+r: 16  
+p: 1
+
+```txt
+0x000000001 #v1
+0x100000001 #g1-test
+0x0F # log N
+0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 # seed
+0x17df9d2b059cdd2825955691e3a783e6da403148ddebb1144d1a9b9e545f2371 # public key
+```
+
+DEWIF base 64 string (with aes key `"toto titi tata"`):
+
+`AAAAAxAAAAEPdMuBFXF4C6GZPGsJDiPBbacpVKeaLoJwkDsuqLjkwof1c760Z5iVpnZlLt5XEFlEehbdtLllVhccf9OK6Zjn8A==`