Skip to content

Dual-signature system for .stone #50

New issue
New issue
Open
Feature
Open
Dual-signature system for .stone#50
Feature
Labels
priority: must havetype: securityWill make for increased security
Milestone
alpha3
@ikeycode

Description

@ikeycode
ikeycode
opened on Oct 7, 2023

We're going to add multisig support to the .stone format, as per-package verification is inherently far more secure than index-based verification.

As part of our build infrastructure, each build machine will sign a .stone to lay ownership on it, whilst the repository will add another signature upon incorporation. This will facilitate the revocation of malicious machines and artefacts en-masse.

Note: We can also use this to single-sign our stone-format repository index files

Computation

In verification, the SignaturePayload is exempt from iteration. Compute the BLAKE3 hash for the raw data of all payloads (header+block). Then generate EdDSA (Ed25519 curve) key from this input hash. Each signature is inserted into the SignaturePayload

SignaturePayload

A SignaturePayload will consist of one or more SignatureIdentifiers. Each will tag the origin (local, remote, authority, etc), key length, algorithm, in a robust enum-based update-friendly fashion. For example:

enum SignatureAlgorithm {
    RSA2048,
    RSA4096,
    EdDSA,
    // ... other algorithms
}

enum KeyOrigin {
    Local,
    Remote,
    // ... other origins
}

struct SignatureIdentifier {
    algorithm: SignatureAlgorithm,
    origin: KeyOrigin
    signature_length: u16,
    // ...
  }

Metadata

Metadata

Assignees

No one assigned

    Labels

    priority: must havetype: securityWill make for increased security

    Type

    Feature

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions