README
¶
This package contains logic which implements the cryptographic requirements of Ten.
Documentation
¶
Index ¶
- Constants
- func CalculateRootBatchEntropy(rootEntropy []byte, batchHeight *big.Int) gethcommon.Hash
- func CalculateTxRnd(rootBatchEntropy []byte, tCount int) gethcommon.Hash
- func EncryptSecret(pubKeyEncoded []byte, secret SharedEnclaveSecret, logger gethlog.Logger) (common.EncryptedSharedEnclaveSecret, error)
- func GetObscuroKey(logger gethlog.Logger) *ecdsa.PrivateKey
- type DataEncryptionService
- type EnclaveKey
- type SharedEnclaveSecret
Constants ¶
const ( // RollupEncryptionKeyHex is the AES key used to encrypt and decrypt the transaction blob in rollups. // todo (#1053) - replace this fixed key with derived, rotating keys. RollupEncryptionKeyHex = "bddbc0d46a0666ce57a466168d99c1830b0c65e052d77188f2cbfc3f6486588c" // NonceLength is the nonce's length in bytes for encrypting and decrypting transactions. NonceLength = 12 )
Variables ¶
This section is empty.
Functions ¶
func CalculateRootBatchEntropy ¶
func CalculateRootBatchEntropy(rootEntropy []byte, batchHeight *big.Int) gethcommon.Hash
CalculateRootBatchEntropy - calculates entropy per batch In Obscuro, we use a root entropy per batch, which is then used to calculate randomness exposed to individual transactions The RootBatchEntropy is calculated based on the shared secret and the batch height This ensures that sibling batches will naturally use the same root entropy so that transactions will have the same results Note that this formula is vulnerable to the unlikely event of a secret leak. todo (crypto) - find a way to hash in timestamp or something else then it would make it harder for attacker, such that sibling batches naturally have the same entropy.
func CalculateTxRnd ¶
func CalculateTxRnd(rootBatchEntropy []byte, tCount int) gethcommon.Hash
CalculateTxRnd - calculates the randomness exposed to individual transactions In Obscuro, each tx must have its own randomness, independent from the others, because otherwise a malicious transaction could reveal information.
func EncryptSecret ¶
func EncryptSecret(pubKeyEncoded []byte, secret SharedEnclaveSecret, logger gethlog.Logger) (common.EncryptedSharedEnclaveSecret, error)
func GetObscuroKey ¶
func GetObscuroKey(logger gethlog.Logger) *ecdsa.PrivateKey
Types ¶
type DataEncryptionService ¶
type DataEncryptionService interface {
Encrypt(blob []byte) ([]byte, error)
Decrypt(blob []byte) ([]byte, error)
}
DataEncryptionService handles the encryption and decryption of the transaction blobs stored inside a rollup.
func NewDataEncryptionService ¶
func NewDataEncryptionService(logger gethlog.Logger) DataEncryptionService
type EnclaveKey ¶ added in v0.21.0
type EnclaveKey struct {
// contains filtered or unexported fields
}
EnclaveKey - encapsulates behaviour for the enclave's private key (used to identify the enclave and sign messages)
func GenerateEnclaveKey ¶ added in v0.21.0
func GenerateEnclaveKey() (*EnclaveKey, error)
func NewEnclaveKey ¶ added in v0.21.0
func NewEnclaveKey(privKey *ecdsa.PrivateKey) *EnclaveKey
func (*EnclaveKey) EnclaveID ¶ added in v0.21.0
func (k *EnclaveKey) EnclaveID() common.EnclaveID
func (*EnclaveKey) PrivateKey ¶ added in v0.21.0
func (k *EnclaveKey) PrivateKey() *ecdsa.PrivateKey
func (*EnclaveKey) PublicKey ¶ added in v0.21.0
func (k *EnclaveKey) PublicKey() *ecdsa.PublicKey
func (*EnclaveKey) PublicKeyBytes ¶ added in v0.21.0
func (k *EnclaveKey) PublicKeyBytes() []byte
type SharedEnclaveSecret ¶
type SharedEnclaveSecret [sharedSecretLen]byte
SharedEnclaveSecret - the entropy
func DecryptSecret ¶
func DecryptSecret(secret common.EncryptedSharedEnclaveSecret, privateKey *ecdsa.PrivateKey) (*SharedEnclaveSecret, error)
func GenerateEntropy ¶
func GenerateEntropy(logger gethlog.Logger) SharedEnclaveSecret
Source Files