# Elliptic-Curve Cryptography in Fluree

Elliptic-curve cryptography requires a network to use a very specific shape (an elliptic curve). In Fluree, we use the `secp256k1`

curve.

A user that wants to participate in a Fluree network chooses a private key.

The user then inputs their private key into the `secp256k1`

curve, and gets a public key. It is very easy to get a public key from a private key. It is virtually impossible to go backwards.

Elliptic curve + private key -----easy------> public key Elliptic curve + public key XXXXXXXX-impossible-XXXXX-| private key

## Auth Id

Once you have a public key, you hash the public key with SHA2-256 and then RIPEMD-160. This gives you a string that you can use as an auth id in Fluree.

When you submit a signature with your transaction in Fluree, if the signature does not correspond to a valid `_auth/id`

in the ledger, it is rejected.

## Block Metadata

There are two signatures in block metadata. Neither are included in the block hash.

`_tx/sig`

When a user submits a transaction, they sign their transaction with their private key. The above flake that contains

`_tx/sig`

from Lesson 3.`[`

-25,

107,

"1b3045022100e1086f4399b46360f35955a057f254c1aec0c4868696de8c5c4d9b04ff8523ae0220328350a24075c3fa2ea1aaa32be88093378b9b7f7f5825040cbe58d303cf7b3a",

-25,

true,

null

]

The above flake that contains `_tx/sig`

from Lesson 3.

`_block/sigs`

Multiple transactors can sign a block. Each transactor uses their private key to sign a block. This, in effect, is their assertion that the block is valid.

`[ -26, 7, "1c304402202e93e0e42faa01e4d8c6404ce656f3e562fbc095644cd0a810b46c0112e0c8280220494083304a0c9164ca2b1ffcdb8cf9a07ad233f6d9090df9b55906483046dd2a", -26, true, null ]`

The above flake that contains `_block/sigs`

from Lesson 3.