Skip to content

ARC60 (new) - arb data signing AUTH, random, caip122 #313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 28 commits into
base: main
Choose a base branch
from
+2,410 −0
Open

ARC60 (new) - arb data signing AUTH, random, caip122 #313

Changes from 1 commit
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
c204990
doc: New ARC60 arb data signing AUTH, random, fido2, caip122
ehanoc Sep 27, 2024
39e8e8f
doc header fix
ehanoc Sep 27, 2024
e42b6dc
Fix linting
SudoWeezy Sep 27, 2024
0680788
fix formula signature
ehanoc Sep 27, 2024
f4dbe9d
Merge branch 'newArc60' of github.com:ehanoc/ARCs into arc60Plus
ehanoc Sep 27, 2024
e4d5eed
doc cleanup
ehanoc Sep 27, 2024
1bfcfde
Serialize into canonical RFC8785 JSON instead fo stringify
ehanoc Oct 17, 2024
ed75904
Update ARCs/arc-0060.md
ehanoc Jan 15, 2025
bd92382
Update ARCs/arc-0060.md
ehanoc Jan 15, 2025
486b060
Update ARCs/arc-0060.md
ehanoc Jan 15, 2025
6ba6a52
Change requestId to be Optional
ehanoc Jan 21, 2025
65f09ba
Adding test vectors
ehanoc Feb 5, 2025
67b9f38
Removing unnecessary vectors
ehanoc Feb 5, 2025
33265fd
Show seed used for generated test vectors
ehanoc Feb 5, 2025
90970d4
Merge branch 'main' into pr/313
SudoWeezy Feb 6, 2025
e22ddac
UPDATE arc60 README, clarify
ehanoc Feb 10, 2025
dcad03c
Merge branch 'newArc60' of github.com:ehanoc/ARCs into arc60Plus
ehanoc Feb 10, 2025
3964960
chore: support running tests against ledger
ehanoc Mar 10, 2025
a2acf31
chore: update ledger test suite
ehanoc Mar 11, 2025
e26218d
doc: readme update
ehanoc Mar 11, 2025
8c34812
chore: remove skip
ehanoc Mar 11, 2025
9146d4e
fix: CAIP122 account_address ledger
ehanoc Mar 13, 2025
41c3047
docs: improve authenticator data info and reference webautn documenta…
ehanoc Apr 22, 2025
e92f612
Adapt arc60.ledger.spec.ts to new package/app
0xPxt May 15, 2025
c4616b7
Merge pull request #6 from Zondax/test_spec
ehanoc May 15, 2025
24bde0a
Use randomBytes for requestId
0xPxt May 15, 2025
46e9b7b
Updating external link for the linter
SudoWeezy May 21, 2025
8149aa7
Merge pull request #7 from Zondax/test_spec
ehanoc May 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
UPDATE arc60 README, clarify 
Signed-off-by: ehanoc <[email protected]>
  • Loading branch information
@ehanoc
ehanoc committed Feb 10, 2025
commit e22ddace30600f0acc6471a3318946b27985aee6
15 changes: 8 additions & 7 deletions ARCs/arc-0060.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,18 +51,19 @@ When connected to a specific `domain` (i.e app or other identifier), the wallet

Supported scopes are:

- `AUTH` (1): This scope is used for authentication purposes. It is used to sign data that will be used to authenticate the user. The `data` field **MUST** be a JSON object with the following fields:
- `type`: the type of operation (e.g., "SIWA", “webauthn.create”, “webauthn.get”, etc)
- `origin`: The origin / domain of the request or the URL of the relying party (RP) that initiated the authentication.
- `challenge`: 32 bytes of entropy.
- `AUTH` (1): This scope is used for authentication purposes. It is used to sign data that will be used to authenticate the user to a specific domain. The `data` field **MUST** be a JSON object that represents the content to be signed. The `authenticatedData` field **MUST** include, at least, the `sha256` hash of the `domain` requesting a signature. The wallet **MUST** do an integrity check on the first 32 bytes of `authenticatedData` to match the hash. The `hdPath` field is **optional** and **MUST** be a BIP44 path in order to derive the private key to sign the `data`. The wallet **MUST** validate the path before signing.


Summarized signing process for `AUTH` scope:
```plaintext
EdDSA(SHA256(data) + SHA256(authenticatedData))
```

- **`note`**: Other scopes could be added in the future.

#### Parameters

#### `StdSigData`
##### `StdSigData`

Must be a JSON object with the following properties:

Expand All @@ -75,7 +76,7 @@ Must be a JSON object with the following properties:
| `authenticatedData` | `bytes` | It **MUST** include, at least, the `sha256` hash of the `domain` requesting a signature. The wallet **MUST** do an integrity check on the first 32 bytes of `authenticatedData` to match the hash. It **MAY** also include signature counters, network flags or any other unique data to prevent replay attacks or to trick user to sign unrelated data to the scope. The wallet **SHOULD** validate every field in `authenticatedData` before signing. Each `Scope` **MUST** specify if `authenticatedData` should be appended to the hash of the `data` before signing. |
| `hdPath` | `string` | This field is **optional**. It is required if the wallet supports BIP39 / BIP32 / BIP44. This field **MUST** be a BIP44 path in order to derive the private key to sign the `data`. The wallet **MUST** validate the path before signing. |

#### `metadata`
##### `metadata`

Must be a JSON object with the following properties:

Expand All @@ -84,7 +85,7 @@ Must be a JSON object with the following properties:
| `scope` | `integer` | Defines the purpose of the signature. It **MUST** be one of the following values: `1` (AUTH) |
| `encoding` | `string` | Defines the encoding of the `data` field. `base64` is the recommended encoding. |

#### `Errors`
##### `Errors`

These are the possible errors that the wallet **MUST** handle:

Expand Down