Security amendment to 0048 ownership proof #147
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
davxy
approved these changes
Jul 4, 2025
|
|
||
| However, each signature is generated by the crypto scheme instead of each private session key signing the `account_id`. By default, the following statement is signed by the crypto scheme: | ||
|
|
||
| ``` |
| However, each signature is generated by the crypto scheme instead of each private session key signing the `account_id`. By default, the following statement is signed by the crypto scheme: | ||
|
|
||
| ``` | ||
| rust |
| The significant difference is that proof of possession suggested by RFC-0048 is signed: | ||
|
|
||
| ``` | ||
| rust |
|
|
||
| The significant difference is that proof of possession suggested by RFC-0048 is signed: | ||
|
|
||
| ``` |
| vs the current proposal suggests changing the statement to: | ||
|
|
||
| ``` | ||
| rust |
| vs the current proposal suggests changing the statement to: | ||
|
|
||
| ``` | ||
| rust |
|
|
||
| ## Future Directions and Related Material | ||
|
|
||
| \- \[1\] Substrate implementation of the generation of proof of possession for all crypto schemes (current and experimental ones) is implemented in Pull 6010. |
Member
There was a problem hiding this comment.
Suggested change
| \- \[1\] Substrate implementation of the generation of proof of possession for all crypto schemes (current and experimental ones) is implemented in Pull 6010. | |
| \- \[1\] Substrate implementation of the generation of proof of possession for all crypto schemes (current and experimental ones) is implemented in [PR 6010](https://github.com/paritytech/polkadot-sdk/pull/6010). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This RFC is an amendment to RFC-0048. It proposes to change the
OpaqueKeysInner:create_ownership_proofandOpaqueKeys:: ownership_proof_is_validto invoke generation and validation procedure specific to each crypto time. This enable different crypto scheme implement
the proof of possession fitted to their security need. In short, this RFC delegates the procedure of generating and validating proof of possession to the crypto scheme. This has been implemented: https://github.com/paritytech/polkadot-sdk/pull/6010/files#r2003580725