Commit f05b87c6 authored by Éloïs's avatar Éloïs
Browse files

[DEWIF] full rework

parent bfff7c86
......@@ -57,13 +57,29 @@ The 4 bytes of the version field must be interpreted as an unsigned integer enco
### v1
v1 data (encrypted):
v3 data :
| `log N` | `Algorithm` | `Encrypted data` |
|:-------:|:-----------:|:----------------:|
| 1 byte | 1 byte | 64 bytes |
#### Algorithm
| Algorithm | code |
|:----------------|:-----|
| [Ed25519] | 0x00 |
| [BIP32-Ed25519] | 0x01 |
| Unknown* | 0x02 |
*Future algorithms can be added to DEWIF v1 if their seed and public key are the same size.
#### Encrypted data
| seed(32 bytes) | public key(32bytes) |
|:--------------:|:-------------------:|
| seed bytes | public key bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate a keypair with the seed and check that the obtained public key matches.
Symmetric encryption algorithm : aes256
......@@ -71,143 +87,60 @@ aes256 key: scrypt of user passphrase with the following parameters:
**password:** passphrase
**salt:** sha256("dewif" ++ passphrase)
**N:** 4096
**N:** `2^(log N)`
**r:** 16
**p:** 1
Example 1:
aes256 key generated from scrypt with the following parameters:
**log N** = 15
**Algorithm:** Ed25519
**keypair seed:** 0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143
**N:** 4096
**r:** 16
**p:** 1
```txt
0x000000001 #v1
0x100000001 #g1-test
0x0C # log N
0x00 # Algorithm Ed25519
0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 # keypair seed
0x17df9d2b059cdd2825955691e3a783e6da403148ddebb1144d1a9b9e545f2371 # public key
```
DEWIF base 64 string (with aes key `"toto titi tata"`):
`AAAAARAAAAGfFDAs+jVZYkfhBlHZZ2fEQIvBqnG16g5+02cY18wSOjW0cUg2JV3SUTJYN2CrbQeRDwGazWnzSFBphchMmiL0`
### v2
v2 data (encrypted):
| seed1(32 bytes) | public key1(32bytes) | seed2(32 bytes) | public key2(32bytes) |
|:---------------:|:--------------------:|:---------------:|:--------------------:|
| seed bytes | public key bytes | seed bytes | public key bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
Symmetric encryption algorithm : aes256
aes256 key: scrypt of user passphrase with the following parameters:
aes256 key generated from scrypt with the following parameters:
**password:** passphrase
**salt:** sha256("dewif" ++ passphrase)
**N:** 4096
**N:** `2^12 = 4096`
**r:** 16
**p:** 1
### v3
v3 data :
| `log N` | Encrypted data |
|:-------:|:--------------:|
| 1 byte | 64 bytes |
Encrypted data :
| seed(32 bytes) | public key(32bytes) |
|:--------------:|:-------------------:|
| seed bytes | public key bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate an ed25519 keypair with the seed and check that the obtained public key matches.
Symmetric encryption algorithm : aes256
DEWIF base 64 string (with aes key `"toto titi tata"`):
aes256 key: scrypt of user passphrase with the following parameters:
**password:** passphrase
**salt:** sha256("dewif" ++ passphrase)
**N:** `2^(log N)`
**r:** 16
**p:** 1
`AAAAARAAAAEMAJ8UMCz6NVliR+EGUdlnZ8RAi8GqcbXqDn7TZxjXzBI6NbRxSDYlXdJRMlg3YKttB5EPAZrNafNIUGmFyEyaIvQ=`
Example 2:
aes256 key generated from scrypt with the following parameters:
**keypair seed:** 0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143
**N:** `2^15 = 32768`
**r:** 16
**p:** 1
**log N** = 15
**Algorithm:** Bip32-Ed25519
**keypair seed:** 0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872
```txt
0x000000003 #v3
0x000000001 #v1
0x100000001 #g1-test
0x0F # log N
0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 # keypair seed
0x17df9d2b059cdd2825955691e3a783e6da403148ddebb1144d1a9b9e545f2371 # public key
0x01 # Algorithm Bip32-Ed25519
0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872 # keypair seed
0xd1fec6ddf6e887e40bd77d459131ee5a6bec1194341b9393ead606363bb7b060 # public key
```
DEWIF base 64 string (with aes key `"toto titi tata"`):
`AAAAAxAAAAEPdMuBFXF4C6GZPGsJDiPBbacpVKeaLoJwkDsuqLjkwof1c760Z5iVpnZlLt5XEFlEehbdtLllVhccf9OK6Zjn8A==`
### v4
Version 4 stores an HD wallet according to the [BIP32-Ed25519] specifications.
v4 data :
| `log N` | Encrypted data |
|:-------:|:--------------:|
| 1 byte | 64 bytes |
Encrypted data :
| seed(32 bytes) | public key(32bytes) |
|:--------------:|:-------------------:|
| seed bytes | public key bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, generate a [BIP32-Ed25519] keypair with the seed and check that the obtained public key matches.
Symmetric encryption algorithm : aes256
aes256 key: scrypt of user passphrase with the following parameters:
**password:** passphrase
**salt:** sha256("dewif" ++ passphrase)
**N:** `2^(log N)`
**r:** 16
**p:** 1
Example 3:
aes256 key generated from scrypt with the following parameters:
**keypair seed:** 0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872
**N:** `2^15 = 32768`
**r:** 16
**p:** 1
```txt
0x000000004 #v4
0x100000001 #g1-test
0x0F # log N
0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872 # keypair seed
0xd1fec6ddf6e887e40bd77d459131ee5a6bec1194341b9393ead606363bb7b060 # public key
```
DEWIF base 64 string (with aes key `"toto titi tata"`):
`AAAABBAAAAEPcE3yXhA0T0iElXR/vDbZTRSmdec26lWu42mWKuaczzxZ22bIGVfLmlhfVW9NWmWY7m/P/j0W6Su4QZEiERe8vA==`
`AAAAARAAAAEPAXBN8l4QNE9IhJV0f7w22U0UpnXnNupVruNplirmnM88WdtmyBlXy5pYX1VvTVplmO5vz/49FukruEGRIhEXvLw=`
[Ed25519]: https://tools.ietf.org/html/rfc8032
[BIP32-Ed25519]: https://drive.google.com/file/d/0ByMtMw2hul0EMFJuNnZORDR2NDA/view
[DUBP]: https://git.duniter.org/nodes/common/doc/blob/master/rfc/0010_Duniter_Blockchain_Protocol_V12.md
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment