Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secp256k1 private key #210

Merged
merged 4 commits into from
May 11, 2021
Merged

Add secp256k1 private key #210

merged 4 commits into from
May 11, 2021

Conversation

OR13
Copy link
Contributor

@OR13 OR13 commented May 8, 2021
edited
Loading

Reasoning:

There already exists and ed25519 priv key: https://github.com/multiformats/multicodec/blob/master/table.csv#L128

Without the ability to represent both public and private components of asymmetric key pairs users will be forced for do things like this:

'id': '',
'type': 'EcdsaSecp256k1VerificationKey2020',
'controller': 'did:example:123',
'publicKeyMultibase': 'zQ3shU9mxTYfMTLceuppoNM5siowHvw3xBk21r855kwgNHNAX',
'privateKeyBase58': '6GyEn649EsbEEJXGQ5m8Eq6NANDmHTPQPWGyF5uL7kx8'

This prevents efficient compression using multibase codecs.

We will likely need to add entries for NIST curves and BLS12381 as well.

@rvagg
Copy link
Member

rvagg commented May 10, 2021

Discussion on the ed25519 private key is worth a read btw #194, note also @msporny's comments at the bottom which I think is worth highlighting and one reason for hesitancy with increasing ease of representation of private keys. That's not to say we shouldn't do this, just that this is stepping into risky territory.

I think we should keep private keys in their own section, as mentioned in that thread and that lead to the placement of ed25519-priv, so I think this should be 0x1301

rvagg
rvagg requested changes May 10, 2021
View reviewed changes
table.csv Outdated
@@ -79,6 +79,7 @@ swarm-ns, namespace, 0xe4, draft, Swarm
ipns-ns, namespace, 0xe5, draft, IPNS path
zeronet, namespace, 0xe6, draft, ZeroNet site address
secp256k1-pub, key, 0xe7, draft, Secp256k1 public key
secp256k1-priv, key, 0xe8, draft, Secp256k1 private key
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

switch to 0x1301 and I'm +1 on this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

implemented in 016319e

OR13
OR13 commented May 10, 2021
View reviewed changes
@OR13
Copy link
Contributor Author

OR13 commented May 10, 2021

@rvagg thanks for the review!

@msporny and I have been having this argument for years :)

Its not as much of an issue with JSON-LD when you can just pretend that not defining the term is somehow making it safer to to do this:

'id': '',
'type': 'EcdsaSecp256k1VerificationKey2020',
'controller': 'did:example:123',
'publicKeyBase58': 'zQ3shU9mxTYfMTLceuppoNM5siowHvw3xBk21r855kwgNHNAX',
'privateKeyBase58': '6GyEn649EsbEEJXGQ5m8Eq6NANDmHTPQPWGyF5uL7kx8'

The "problem" with multibase... is that you can't not define the entry... and still use it to represent a private key... like you can with JSON-LD.

Folks using JSON-LD with privateKeyBase58 or privateKeyMultibase can decide if omitting context definitions is a security feature or not... but certainly nobody can even create a privateKeyMultibase without a registry entry here...

the alternative to defining privateKeyMultibase is to use privateKeyJwk, which already preserves key type information and public key representations, and relies on IANA... in order for multibase to ever improve on JWK, it must be at least as expressive, imo... its a show stopper for our adoption of it.. if we can't represent privateKeyMultibase for the key types we use, we will just keep using privateKeyJwk... I expect most developers will do the same when they realize they cannot completely represent a private key.

rvagg
rvagg requested changes May 11, 2021
View reviewed changes
@OR13 OR13 mentioned this pull request May 11, 2021
Merged
@rvagg rvagg merged commit 5d44403 into multiformats:master May 11, 2021
rvagg added a commit that referenced this pull request May 12, 2021
@rvagg
Check codes are ascending with validation script
d514379 
Ref: #210
rvagg added a commit that referenced this pull request May 12, 2021
@rvagg
Check codes are ascending with validation script
741b151 
Ref: #210
@rvagg rvagg mentioned this pull request May 12, 2021
Merged
rvagg added a commit that referenced this pull request May 12, 2021
@rvagg
Check codes are ascending with validation script (#212)
325a006 
Ref: #210
@OR13 OR13 mentioned this pull request May 12, 2021
Merged
@OR13 OR13 mentioned this pull request Jun 18, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rvagg rvagg rvagg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@OR13 @rvagg