Open coolaj86 opened 1 year ago
1) No.
2) AugSchemeMPL::KeyGen
is the function that's used, but I know nothing about it's internals, so: No.
Secret, 1) I don't know
AugSchemeMPL::KeyGen
So is a seed
truly a seed? Or is it just a secret key, and any secret
can be used to generate another secret?
What's the technical, literal difference between a seed
and secret
as used in the code?
A seed
creates a secret
.
A seed
is a seed
.
A seed
is not treated like a secret
.
A secret
can be used to generate other key pairs by generating the Nth
index.
The literal difference between a seed
is that it is never used as a secret
. A seed
is used to generate a secret
.
Seed
1. Structure
Is every random 256-bit (32-byte, 64-character) hex string a valid seed, or does it have some constraints?
In other words:
If I run
openssl rand -hex 32
a million billion trillion times, will all outputs always be valid seeds?2. Usage
Do we know anything about the mechanism that turns a seed into a secret?
For example: is it based on a typical CSPRNG? Or a curve? Or something else?
Secret
1. Structure
Is every random 32-byte array a valid secret? Or are there some constraints?
IIRC, the code just iterates through 32-byte CSPRNG buffers until it finds one that doesn't fail to generate a public key.