mirrors/lightning-bolts
1
0
Fork 0
mirror of https://github.com/lightning/bolts.git synced 2025-03-15 20:30:19 +01:00
Code Issues Projects Releases Wiki Activity
lightning-bolts/61-credentials-issuance.md

115 lines
5.2 KiB
Markdown
Raw Normal View History

Add Staking Credentials issuance / redemption
2023-08-15 02:36:12 +01:00
# Credential Issuance
This document specifies the Credentials Issuance protocol inside the Staking Credentials framework.
The messages data format, validation algorithms and implementation considerations are laid out.
This draft is version 0.0.1 of the Credential Issuance protocol.
## Credentials Issuance
The Requester is sending a proof of scarce assets to the Issuer.
The Issuer is sending back an authentication of the scarce assets to the Requester.
+-------+ +-------+
| | | |
| | | |
| |--(1)--- request_credentials_authentication ---->| |
| A | | B |
| | | |
| |<-(2)--- reply_credentials_authentication -------| |
| | | |
| | | |
+-------+ +-------+
### The `request_credentials_authentication` message
This message contains a proof of scarce asset for the credentials and a set of unsigned blinded credentials.
1. type: 37560 (`request_credentials_authentication`)
2. data:
* [`u32`: `session_id`]
* [`point`: `issuance_pubkey`]
* [`assetlen*byte`: `scarce_assets`]
* [`credentiallen*byte`: `blinded_credentials`]
#### Requirements
The sender:
- MUST set `session_id` to a pseudo-randomly generated 4-byte value.
- MUST set `issuance_pubkey` to a public key discovered from a `credential_policy` issued by the receiver.
- MUST NOT send `scarce_assets` if they have not been announced by a previous `credential_policy` issued by this node.
- MUST NOT send `blinded_credentials` of a format which not been previously announced by a `credential_policy` issued by this node.
- MUST set `blinded_credentials` to less than `max_onion_size`.
The receiver:
- if `issuance_pubkey` has not been announced or has been rotated:
MUST reject this authentication request.
- if `scarce_asset` is not supported:
- MUST reject this authentication request.
- if `blinded_credentials` format is not supported:
- MUST reject this authentication request.
- if `blinded_credentials` size is equal or superior to `max_onion_size`:
- MUST reject this authentication request.
- if the `scarce_asset` amount is not covering the quantity of `blinded_credentials` requested for signature as announced by `credential_policy`:
- MUST reject this authentication request.
#### Rationale
The session id purpose is to enable concurrent authentication sessions where multiple set of credentials can be requested for
authentication by the same Requester, and where the order of reception of concurrent request/reply is not guaranteed by the
transport mechanism.
The Issuer should be able to perform independent validation of a scarce asset to counter-sign the blinded credentials, and therefore
apply a risk management policy.
The Issuer should reject unknown blinded credentials as they cannot provide a valid authentication, if they do not support the
underlying cryptosystem.
The onions containing the blinded credentials must be upper bounded in size to be transported over the Lightning onion routing
infrastructure.
The Issuer should enforce the policy ratio between the scarce asset value and the quantity of credentials counter-signed, and
therefore the Issuer risk management policy is respected.
### The `reply_credentials_authentication` message
This message contains an issuance pubkey and a set of signatures for each credential from `request_credentials_authentication`.
1. type: 37561 (`reply_request_credentials_authentication`)
2. data:
* [`u32`: `session_id`]
* [`point`: `issuance_pubkey`]
* [`credentiallen*signature`:`credentials_signature`]
#### Requirements
The sender:
- MUST set `session_id` to the received value in the corresponding `request_credentials_authentication`
- MUST set `credentials_signatures` to less than `max_onion_size`.
- MUST sort the `credentials_signature` in the order of reception of `blinded_credentials` in the corresponding `request_credentials_authentication`
The receiver:
- if `credentials_signature` size is equal or superior to `max_onion_size`:
- MUST reject this authentication reply.
- if the `issuance_pubkey` is not matching the announced key in `credentials_policy`:
- MUST reject this authentication reply.
- MAY add this Issuer identity on a banlist.
- if the signatures are not valid for the `blinded_credentials` sent in the corresponding `request_credentials_authentication`:
- MUST reject this authentication reply.
#### Rationale
The Requester should reject the reply if the issuance pubkey does not match the credential policy one. The issuance key might have
been honestly rotated by the Issuer or the Requester might be under a deanonymization attack.
### Implementations and Deployment Considerations
The credential signature request could constitute a CPU DoS vector, therefore the Issuer should either bound its incoming onions traffic or ensure the minimal proof
of assets scores for an amount high-enough to deter an adversary.
The scarce assets validation performed should be scale up to ensure there is an economic proportion between the forgery cost and the credentials value. E.g, if
on-chain transaction is a supported scarce asset, it should be confirmed with few blocks to avoid a 1-block reorg leading to a "free" dump of authenticated credentials.
Reference in a new issue Copy permalink