Operations to support the security of Blockchain-based structures.
The Blockchain module APIs are aimed at specific operations for processing blockchain network cryptography and BIP, EIP and SLIP specifications.
The ECDSA signature, for example, is specialized to avoid signature malleabilitywith the restriction of LOW-S
.
Examples of operations available in the Blockchain module:
- Extended Private Key (XPrv) generation in the BIP32 standard.
- Child Key Derivation in the BIP32 and SLIP10 standards.
- Address recovery.
- ECDSA digital signatures, in SECG strict DER standards (BIP62/66 and BIP 146) and Schnorr in BIP340 standard;
- Digital signatures EdDSA curve 25519.
- Signature verification.
- Import and export of keys via various formats (WIF, Hex, Sec1, Xpriv etc).
- Recovery of the public key with different formats (BIP32 Xpub, Sec1 with and without compression, Schnorr BIP340 etc).
- Split and Recover secrets with M from N scheme using SSS (Shamir's Secret Sharing).
- Operations with the curve
alt_bn128
according to EIP-196.
- Attention
- The blockchain module does not handle or assemble the transaction details for each particular network; this must be left to the application. The function of the HSM is to protect the private key in a secure environment, generate and return a signature according to the parameters passed by the calling application.
Compatible networks
Below is the list of networks whose encryption is compatible with HSM:
- Observation
- The algorithms listed are those currently implemented in the HSM that allow transactions to be signed on the network and do not necessarily cover all the options defined in the network specification. If you have any questions, feel free to contact Dinamo Networks support and ask them.
The HSM implementation complies with the standards defined in the documentation listed below:
- BIP32 - Hierarchical Deterministic Wallets
- BIP62 - Dealing with malleability
- BIP66 - Strict DER signatures
- BIP340 - Schnorr Signatures for secp256k1
- SLIP10 - Universal private key derivation from master private key
- EIP-2 - Homestead Hard-fork Changes
- EIP-196 - Precompiled contracts for addition and scalar multiplication on the elliptic curve alt_bn128
- EIP-197 - Precompiled contracts for optimal ate pairing check on the elliptic curve alt_bn128
|
byte[] | bchainSignHash (byte bType, byte bHashMode, byte[] pbHash, String strPk) throws TacException |
| Sign a hash using the blockchain module.
|
|
byte[] | bchainGetPubKey (byte bType, String jszId) throws TacException |
| Recover a public key from a private key using the blockchain module.
|
|
◆ bchainSignHash()
byte[] bchainSignHash |
( |
byte | bType, |
|
|
byte | bHashMode, |
|
|
byte[] | pbHash, |
|
|
String | strPk ) throws TacException |
Sign a hash using the blockchain module.
- Parameters
-
bType | Type of subscription to be generated. It can be one of the values below.
Value | Meaning |
TacNDJavaLib.DN_BCHAIN_SIG_DER_ECDSA | DER signature, in the format v || DER. SECG!SEC1 strict DER with low S as described in BIP62/66, BIP146, EIP2. With 'v' having a size of 1 byte. 'v' is the parity bit of 'r' and can have the values 0 or 1. |
TacNDJavaLib.DN_BCHAIN_SIG_RAW_ECDSA | RAW signature, in the format v || r || s. With 'v' having a size of 1 byte and 'r' and 's' each having a size of 32 bytes. 'v' is the parity bit of 'r' and can have the values 0 or 1. |
TacNDJavaLib.DN_BCHAIN_SIG_BIP340 | Signature BIP340 - Schnorr 64 bytes. |
|
bHashMode | Hash type.
|
pbHash | Hash to be signed. |
strPk | Private key identifier. |
- Return
- Signature in the format specified in
bType
.
- Exceptions
-
◆ bchainGetPubKey()
byte[] bchainGetPubKey |
( |
byte | bType, |
|
|
String | jszId ) throws TacException |
Recover a public key from a private key using the blockchain module.
- Parameters
-
bType | Format of the public key to be exported. Can be one of the values below.
|
jszId | Private key identifier. |
- Return
- Public key in the format specified in
bType
.
- Exceptions
-