fizpawiz
commented
1 year ago This is a straightforward challenge / response / verify process:
- The auditor creates a challenge file consisting of:
- the public key to be verified
- a randomized challenge string (a random string with at least 256 bits of entropy, such as a pair of UUIDs)
- the name of the auditor
- a message that will typically indicate the reason for the request
- the public key of the auditor
- the date and time the request was made
- The auditor app will sign the file with the auditor's key. The auditor saves this to a file and sends it to the wallet holder.
- The climate wallet holder uses the GUI to ingest the file and view its contents.
- If the requested key is not available, they should be presented with an error message.
- If they click "OK", then the wallet will create a digital signature for the entire file, and allow the user to save it.
- The user can also decline to sign ("Cancel").
- The wallet holder will return this file to the auditor.
- The auditor app will verify the file by
- First verifying their own signature on the payload data
- Then verifying the received signature on the entire file
- The auditor app will return a success or failure message.
- The file becomes a evidence that can be stored to support an audit.
The auditor app can be CLI only.
Looking at it, this is a bigger deal than I had thought.
When a retirement is recorded on chain, it is associated with a public key. There is a button to insert the user's own public key. There is currently no way to prove control of that key. The proving process involves inputting a nonce and signing it. Verifying the proof involves taking a public key and confirming the signature of the nonce matches the public key. For now, this can be done in a CLI tool, for rapid development. But it would be nice if the proving could be done in the UI.