Closed porcuquine closed 6 years ago
This should be independent of our address format, as there could be different encodings or even ID vs hash of pubkey addresses.
My suggestion would be
Hashing an input to something larger, has the drawback that we reduce the input randomness, so ideally we would instead hash the pubkey to the size that we actually want.
I am not sure however if we can retrieve the pubkey in all cases need, but I do think we can, and if so that would be a preferrable solution.
@whyrusleeping can I get some input on my suggestion please?
Sounds good to me, just use the hash of the public key. should work in all cases that i am aware of
@dignifiedquire
hash it to the correct length
What is the correct length? Which hashing function shall we use? BLAKE2b?
@clkunzang to look at this
cc: @nicola
Detail: AES is no longer a consideration.
Without going into gratuitous detail here, the safe way to handle this is for the Filecoin Node to pass a maximum of 254 significant bits to FPS (Filecoin Proving Subsystem). This underlying fact allows for a variety of possible answers to the question at hand. Whichever one we select will need to be specified carefully, since there ways to get it wrong. I don't want this comment to be the canonical specification, though – so I will break further discussion out in #493.
Description
This is a follow-up issue spawned from discussion in comments here: https://github.com/filecoin-project/go-filecoin/pull/469. See comment by @phritz labeled BLOCKING.
The issue:
The string we pass as miner address when creating a prover needs to be used as an AES key.
From
crypto/aes
:How (specifically) should the value passed be derived?
NOTE: address specification is in flux, so it may not make sense to attempt to resolve this issue until it stabilizes.
That said, details here (#276) suggest that if underlying address data remains similar, ~we should eventually be able to take the 20-byte hash-part of the address and base32 encode it (with a base32 implementation which always yields 32-byte output for 20-byte input, unlike what addresses currently use -- the source of the linked bug).~ [EDIT: no point in stretching out 20 bytes of pseudo-randomness to 32 -- which is effectively just alphabet-shaped padding.]
Those with specialized knowledge and/or strong opinions should discuss here so we can implement the right thing when the time comes.
Acceptance criteria
Risks + pitfalls
Where to begin