Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CIP-0095 | signData correction #897

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

Scitz0
Copy link
Contributor

@Scitz0 Scitz0 commented Sep 3, 2024

  • Clean up duplicate definitions over CIP-30. No need to re-define what is already defined in CIP-30, only how it is changed/how it extends the existing signData endpoint.
  • address header should be the drep hash and not a type 6 constructed address.

Documentation isn't my best area so if you have suggestions for expressing it differently, feel free to provide suggestions. 😄


(rendered: changes begin here)

- Clean up duplicate definitions over CIP-30. No need to re-define what is already defined in CIP-30, only whats changed/how it extends existing.
- `address` header should be the drep hash and not a type 6 constructed address from drep id.
@gitmachtl
Copy link
Contributor

Considering an Update in the future: Should we change CIP-0095 in a way that the CIP-129 Hash representation is used for the address field in the COSE_Sign1 structure?

Its ok to use the Hash (which represents the DRep-ID/CC-Hot/CC-Cold) in the address field. However, you can't tell what type it really is. So switching to CIP-129 here would be handy, because it would allow a check on the type of hash/id returned.

However, this is not implemented yet in HW-Wallets or cardano-hw-cli or so...

@Scitz0
Copy link
Contributor Author

Scitz0 commented Sep 3, 2024

Considering an Update in the future: Should we change CIP-0095 in a way that the CIP-129 Hash representation is used for the address field in the COSE_Sign1 structure?

Its ok to use the Hash (which represents the DRep-ID/CC-Hot/CC-Cold) in the address field. However, you can't tell what type it really is. So switching to CIP-129 here would be handy, because it would allow a check on the type of hash/id returned.

However, this is not implemented yet in HW-Wallets or cardano-hw-cli or so...

Though not a bad idea, for now I think we should stick to CIP-5 as CIP-129 haven't been accepted yet (hopefully soon). Or park this one as a dependency on CIP-129 and modify it to reference to that one for address payload. There is also the HW issue you mentioned that will cause issues. CIP-95 also only extend signData to take a DRep ID, not CC.

@gitmachtl
Copy link
Contributor

@Scitz0 i mean its all backward compatible, if the address field is only a 56char return, its a simple hash. if its 58char, its a payment or stake address (or goverment ids CIP-129)

@Scitz0
Copy link
Contributor Author

Scitz0 commented Sep 3, 2024

True, this is how we deal with it in Koios and Eternl. However, when verifying a signature through some of the signData libraries out there, it could cause a problem if those libraries dont deal with all formats. And if this specification only mention CIP-129 they might not add the backwards compatible support. I dont see a good way around that though and those lib creators will just have to adapt.

To be fair, just checked one but CF version seem to expect an address and not just the raw hash as implemented by Ledger and now other, so wont work with just hash as is anyway without a change.
https://github.com/cardano-foundation/cardano-verify-datasignature/blob/main/index.ts

@gitmachtl
Copy link
Contributor

gitmachtl commented Sep 3, 2024

As they are using libs from strica (ashish), who are also the CIP-129 proposer, that might be an easy fix. But yea... lets check this out in the upcoming weeks. CIP-129 uses 2 & 3 for the "networkid", so its detectable by a lib.

@gitmachtl
Copy link
Contributor

@ashisherc would it be possible from your side to update the libs to also be cip-129 compatible without interfering with existing usage?

@rphair rphair added Update Adds content or significantly reworks an existing proposal State: Triage Applied to new PR afer editor cleanup on GitHub, pending CIP meeting introduction. labels Sep 3, 2024
Copy link
Collaborator

@rphair rphair left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems sensible & well enough expressed to me (and removes the redundancy with CIP30), though I would leave it to @Ryun1 and/or @Crypto2099 to verify before merge (can briefly discuss this at CIP meeting in 1 hour).

@rphair rphair added the Category: Wallets Proposals belonging to the 'Wallets' category. label Sep 3, 2024
Copy link
Collaborator

@rphair rphair left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This update is Confirmed by the last CIP meeting & awaiting further editor reviews & community discussion (thanks @gitmachtl @Scitz0).

@rphair rphair added State: Confirmed Candiate with CIP number (new PR) or update under review. and removed State: Triage Applied to new PR afer editor cleanup on GitHub, pending CIP meeting introduction. labels Sep 3, 2024
| `DataSignError` | `UserDeclined` | Returned if the user declined to sign the data. |

<!-- prettier-ignore-stop -->
The DRep hash [CIP-5](https://github.com/cardano-foundation/CIPs/blob/master/CIP-0005/README.md#hashes) should be used in the `"address"` field of `COSE_Sign1`'s `Sig_structure` header.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do worry that this change could break existing implementations
Could we allow this, in a backwards safe way?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is in line with CIP008, i also asked @SebastienGllmt a long time ago if thats ok and it is. The address field is already the hash of the vkey, and so it is for DReps/CC keys too. I don't see a conflict there. Most of the tools don't even parse this entry, but for those who do it would be good to fill it up with the hash of the vkey. cardano-signer already has this implemented now for a while.

@Ryun1
Copy link
Collaborator

Ryun1 commented Jan 4, 2025

Since this PR is already open, @Scitz0 do you mind if I push an additional clarification for this CIP, to your branch?
Id like to add a note/warning around the DRepID definitions, explaining the CIP105 / CIP129 differences

@Scitz0
Copy link
Contributor Author

Scitz0 commented Jan 5, 2025

@Ryun1 feel free to do so.

A hex-encoded string representing 32 byte Ed25519 DRep public key, as described
in [CIP-0105 | Conway Era Key Chains for HD Wallets](https://github.com/cardano-foundation/CIPs/blob/master/CIP-0105/README.md).
A hex-encoded string representing a Blake2b-224 hash digest of a 32 byte
Ed25519 public DRep key.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't we make a comment here that this can also be in CIP129 format?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we supported the CIP129 representation, that would be adding a header to the ID
I dont want to do that, as it may break existing implementations

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Category: Wallets Proposals belonging to the 'Wallets' category. State: Confirmed Candiate with CIP number (new PR) or update under review. Update Adds content or significantly reworks an existing proposal
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants