KIP 113: BLS public key registry
| Author | Ian, Ollie, Joseph, and Aidan |
|---|---|
| Discussions-To | https://github.com/klaytn/kips/issues/113 |
| Status | Draft |
| Type | Standards Track |
| Category | Core |
| Created | 2023-05-22 |
Simple Summary
A design of simple BLS12-381 registry.
Abstract
This standard defines an interface for BLS12-381 registry, which enables nodes or smart contracts to access and view all the public keys of the associated addresses.
Motivation
A standard interface allows developers to associate an address with a BLS public key, and provides a standardized way of interacting with the registry. The objective is to design a simple registry that includes essential functions, and minimal access control, thereby reducing any potential security risks.
Specification
The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.
Registry contract must implement the IKIP113 interface:
pragma solidity ^0.8.19;
/// @title KIP-113 BLS public key registry
/// @dev See https://github.com/klaytn/kips/issues/113
interface IKIP113 {
struct BlsPublicKeyInfo {
/// @dev compressed BLS12-381 public key (48 bytes)
bytes publicKey;
/// @dev proof-of-possession (96 bytes)
/// must be a result of PopProve algorithm as per
/// draft-irtf-cfrg-bls-signature-05 section 3.3.3.
/// with ciphersuite "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_"
bytes pop;
}
event PubkeyRegistered(address addr, bytes publicKey, bytes pop);
event PubkeyUnregistered(address addr, bytes publicKey, bytes pop);
/// @dev Registers the given public key associated with the `msg.sender` address.
/// The function validates the following requirements:
/// - The function MUST revert if `publicKey.length != 48` or `pop.length != 96`.
/// - The function MUST revert if `publicKey` or `pop` is equal to zero.
/// - The function SHOULD authenticate and authorize `msg.sender`.
/// The function emits a `PubkeyRegistered` event.
/// _Note_ The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537). See [validation](https://kips.klaytn.foundation/KIPs/kip-113#validation) for off-chain validation.
function registerPublicKey(bytes calldata publicKey, bytes calldata pop) external;
/// @dev Unregisters the public key associated with the given `addr` address.
/// The function validates the following requirements:
/// - The function MUST revert if `addr` has not been registered.
/// - The function SHOULD authenticate and authorize `msg.sender`.
/// The function emits a `PubkeyUnregistered` event.
function unregisterPublicKey(address addr) external;
/// @dev Returns the public key and proof-of-possession given a `addr`.
/// The function MUST revert if given `addr` is not registered.
/// _Note_ The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537). See [validation](https://kips.klaytn.foundation/KIPs/kip-113#validation) for off-chain validation.
function getInfo(address addr) external view returns (BlsPublicKeyInfo memory pubkey);
/// @dev Returns all the stored addresses, public keys, and proof-of-possessions at once.
/// _Note_ The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537). See [validation](https://kips.klaytn.foundation/KIPs/kip-113#validation) for off-chain validation.
function getAllInfo() external view returns (address[] memory addrList, BlsPublicKeyInfo[] memory pubkeyList);
}
Definitions
The terms public key and proof-of-possession (hereinafter referred to as pop) are from the ciphersuite BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_. Things to note:
- Public key: 48 bytes.
- Proof-of-possession (pop): 96 bytes.
Smart Contracts Overview
The proposed smart contract will be implemented in Solidity and will be compatible with the Ethereum Virtual Machine (EVM).
The smart contract will have the following features:
- Register a public key and a proof-of-possession
- Unregister a public key
- View the registered public keys
Methods
registerPublicKey
Registers the given public key associated with the msg.sender address. This function can be called whether msg.sender has already registered a public key or not.
The function validates the following requirements:
- The function MUST revert if
publicKey.length != 48orpop.length != 96. - The function MUST revert if
publicKeyorpopis equal to zero. - The function SHOULD authenticate and authorize
msg.sender.
The function emits a PubkeyRegistered event.
Note The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of EIP-2537. See validation for off-chain validation.
function registerPublicKey(bytes memory publicKey, bytes memory pop)
unregisterPublicKey
Unregisters the public key associated with the given addr address.
The function validates the following requirements:
- The function MUST revert if
addrhas not been registered. - The function SHOULD authenticate and authorize
msg.sender.
The function emits a PubkeyUnregistered event.
function unregisterPublicKey(address addr)
getInfo
Returns the public key and proof-of-possession given a addr.
The function MUST revert if given addr is not registered.
Note The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of EIP-2537. See validation for off-chain validation.
function getInfo(address addr) external view returns (BlsPublicKeyInfo pubkey)
getAllInfo
Returns all the stored addresses, public keys, and proof-of-possessions at once.
Note The function is not able to verify the validity of the public key and the proof-of-possession due to the lack of EIP-2537. See validation for off-chain validation.
function getAllInfo() external view returns (address[] addrList, BlsPublicKeyInfo[])
Validation
After reading from Registry, users must perform the following validations:
Backwards Compatibility
This does not affect the backward compatibility as this is a newly deployed contract.
Copyright
Copyright and related rights waived via CC0.