Skip to main content

Elliptic-Curve Cryptography in Fluree

Elliptic-curve cryptography requires a network to use a very specific shape (an elliptic curve). In Fluree, we use the secp256k1 curve.

A user that wants to participate in a Fluree network chooses a private key.

The user then inputs their private key into the secp256k1 curve, and gets a public key. It is very easy to get a public key from a private key. It is virtually impossible to go backwards.

Elliptic curve + private key -----easy------> public key Elliptic curve + public key XXXXXXXX-impossible-XXXXX-| private key

Auth Id

Once you have a public key, you hash the public key with SHA2-256 and then RIPEMD-160. This gives you a string that you can use as an auth id in Fluree.

When you submit a signature with your transaction in Fluree, if the signature does not correspond to a valid _auth/id in the ledger, it is rejected.

Block Metadata

There are two signatures in block metadata. Neither are included in the block hash.

  1. _tx/sig

    When a user submits a transaction, they sign their transaction with their private key. The above flake that contains _tx/sig from Lesson 3.


The above flake that contains _tx/sig from Lesson 3.

  1. _block/sigs

    Multiple transactors can sign a block. Each transactor uses their private key to sign a block. This, in effect, is their assertion that the block is valid.

     [ -26, 7, "1c304402202e93e0e42faa01e4d8c6404ce656f3e562fbc095644cd0a810b46c0112e0c8280220494083304a0c9164ca2b1ffcdb8cf9a07ad233f6d9090df9b55906483046dd2a", -26, true, null ]

The above flake that contains _block/sigs from Lesson 3.