Skip to content

ErgoAuthUtils added for EIP-28 #157

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Apr 20, 2022
Merged

ErgoAuthUtils added for EIP-28 #157

merged 6 commits into from
Apr 20, 2022

Conversation

@MrStahlfelge
Copy link
Member

@MrStahlfelge MrStahlfelge commented Apr 5, 2022

Adds ErgoAuthUtils utility methods for ErgoAuth ergoplatform/eips#53

On this occasion, ColdErgoClient was improved so that it does not need to be instantiated by using Explorer API model classes.

@MrStahlfelge MrStahlfelge requested a review from aslesarenko April 5, 2022 13:26
aslesarenko
aslesarenko requested changes Apr 6, 2022
View reviewed changes
Copy link
Member

@aslesarenko aslesarenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest to introduce SigmaProp wrapper (see one of the comments), move related serialization code there and use it where necessary instead of Address.

@MrStahlfelge
Copy link
Member Author

MrStahlfelge commented Apr 7, 2022

I have made the requested additions, but please note:

  • the new Address methods have a very low level of originality, they are only duplications for isP2PK()/getPublicKey()
  • ErgoAuthUtils does only hold a very basic check nonw and could be removed completely. The question the dApp developers reviewing the EIP all asked was "What is a SigmaBoolean, we want to check if a user can access a certain address holding a NFT.". The utility class does not help with this problem any more.

aslesarenko
aslesarenko requested changes Apr 8, 2022
View reviewed changes
@aslesarenko
Copy link
Member

aslesarenko commented Apr 8, 2022
edited
Loading

  • we want to check if a user can access a certain address holding a NFT

In blockchain ownership of a box is proved by showing that "the owner" can spend it.
This can be done in general, without knowledge of specific contract and without the actual spending. Will describe it below. But this is not how ErgoAuthUtils were implemented.

The User and the dApp follow this steps in order to authenticate access to The Box:

  1. User creates a special AuthMessage which is like ErgoTransaction, but not quite, it:
    • contains the Box as a single input
    • doesn't contain outputs
    • is serializable to bytes which will be signed
  2. The user executes the Box.ergoTree in the current blockchain context, reduces it to SigmaProp and then signs the AuthMessage.bytes with it.
    (this step is similar to signing a transaction in Appkit)
  3. The user sends SignedAuthMessage to the dApp
  4. The dApp:
    • receives SignedAuthMessage
    • extracts the Box from it
    • reduces Box.ergoTree to SigmaProp
    • extracts SignedAuthMessage.signature
    • verifies signature against SigmaProp and the AuthMessage.bytes
      (this step is similar to what each Ergo node does in verifying a transaction)

If we want to implement this protocol, we can basically clone Transaction and SignedTransaction implementation and simplify it.

But, NOTE, the dApp becomes trusted party. In blockchain the verification is part of consensus, in dApp similar verification will not be part of consensus.

@MrStahlfelge
Copy link
Member Author

MrStahlfelge commented Apr 9, 2022

User creates a special AuthMessage which is like ErgoTransaction

This would introduce the problem that the AuthMessage is always the same. Hence anyone becoming aware of the signed message can authenticate to any place using the described scheme.

Apart from that, we could do it like described, if I understood everything correctly this adds only a reduction of ErgoTree under the current context (which makes sense). At the moment, this reduction is implemented in AppKitProvingInterpreter and can't be used for Adress.getSigmaBoolean though.

@aslesarenko
Copy link
Member

aslesarenko commented Apr 14, 2022
edited
Loading

AuthMessage is always the same

This problem can be solved independently by using DHTuple schema, I'm not sure, but @scalahub may suggest some ideas.

@MrStahlfelge MrStahlfelge mentioned this pull request Apr 15, 2022
Closed
6 tasks
@MrStahlfelge MrStahlfelge merged commit 0a769dc into develop Apr 20, 2022
@MrStahlfelge MrStahlfelge deleted the ergoauth branch April 20, 2022 08:33
@aslesarenko aslesarenko mentioned this pull request May 5, 2022
Merged
@noob77777 noob77777 mentioned this pull request Jun 28, 2022
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aslesarenko aslesarenko aslesarenko approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MrStahlfelge @aslesarenko