Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add signature #18

Open
kim201212 opened this issue Feb 15, 2023 · 2 comments
Open

Add signature #18

kim201212 opened this issue Feb 15, 2023 · 2 comments
Assignees
@kim201212

Comments

@kim201212
Copy link
Member

kim201212 commented Feb 15, 2023
edited
Loading

Spec.

Signing the contributions

The signing of contributions with Ethereum ECDSA keys and BLS signing the user's identity is RECOMMENDED.

  • Getting the encoded identity:
    • Depending on whether the user logged in with an Ethereum Address or a GitHub handle, they will encode their identity into bytes via either
  • BLS-Sign Identity (RECOMMENDED):
    • Use the secret x as a private key to sign the user's encoded identity.
  • ECDSA Sign the user's PoT Pubkeys (RECOMMENDED)
    • Only perform these steps if using an Ethereum Address to login
    • Build the EIP712 TypedData JSON object as per contributionSigning.md
    • Use web3.eth.signTypedData() to sign the message
def sign_identity(contribution: Contribution, x: int, identity: str) -> Contribution:
    encoded_identity = b''
    if identity[:2] == '0x':
        # Identity is a Ethereum address
        encoded_identity = eth_address_to_identity(identity).encode()
    else:
        # Identity is an GitHub ID
        encoded_identity = github_handle_to_identity(identity).encode()
    signature = bls.Sign(x, encoded_identity)
    contribution.bls_signature = signature
def sign_contribution(batch_contribution: BatchContribution, ethereum_address: Optional[str]) -> BatchContribution:
    typed_data = contribution_to_typed_data_str(batch_contribution)  # function defined in contributionSigning.md
    batch_contribution.ecdsa_signature = web3.eth.sign_typed_data(ethereum_address, json.loads(typed_data))
    return batch_contribution
@kim201212 kim201212 self-assigned this Feb 15, 2023
@kim201212
Copy link
Member Author

kim201212 commented Feb 15, 2023
edited
Loading

identity is required to sign.
There is no way we can get identity with cli.
It looks good to add a web interface after we add it.
I think this is why it's optional.
@rootwarp What do you think?

@rootwarp
Copy link
Member

identity is required to sign. There is no way we can get identity with cli. It looks good to add a web interface after we add it. I think this is why it's optional. @rootwarp What do you think?

@kim201212 Make sense.
This issue may be handled as optional if we have the plan to support web interface.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kim201212 kim201212

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rootwarp @kim201212