Elliptic-Curve Cryptography in Fluree
Elliptic-curve cryptography requires a network to use a very specific shape (an elliptic curve). In Fluree, we use the secp256k1 curve.
A user that wants to participate in a Fluree network chooses a private key.
The user then inputs their private key into the secp256k1 curve, and gets a public key. It is very easy to get a public key from a private key. It is virtually impossible to go backwards.
Elliptic curve + private key -----easy------> public key Elliptic curve + public key XXXXXXXX-impossible-XXXXX-| private key
Auth Id
Once you have a public key, you hash the public key with SHA2-256 and then RIPEMD-160. This gives you a string that you can use as an auth id in Fluree.
When you submit a signature with your transaction in Fluree, if the signature does not correspond to a valid _auth/id in the ledger, it is rejected.
Block Metadata
There are two signatures in block metadata. Neither are included in the block hash.
_tx/sigWhen a user submits a transaction, they sign their transaction with their private key. The above flake that contains
_tx/sigfrom Lesson 3.[
-25,
107,
"1b3045022100e1086f4399b46360f35955a057f254c1aec0c4868696de8c5c4d9b04ff8523ae0220328350a24075c3fa2ea1aaa32be88093378b9b7f7f5825040cbe58d303cf7b3a",
-25,
true,
null
]
The above flake that contains _tx/sig from Lesson 3.
_block/sigsMultiple transactors can sign a block. Each transactor uses their private key to sign a block. This, in effect, is their assertion that the block is valid.
[ -26, 7, "1c304402202e93e0e42faa01e4d8c6404ce656f3e562fbc095644cd0a810b46c0112e0c8280220494083304a0c9164ca2b1ffcdb8cf9a07ad233f6d9090df9b55906483046dd2a", -26, true, null ]
The above flake that contains _block/sigs from Lesson 3.