search

freenet / freenetorg-website

The code behind https://freenet.org/ and https://staging.freenet.org/
GNU Affero General Public License v3.0
8 stars 3 forks source link

Anonymous identifier claiming process #12

Open sanity opened 10 months ago

sanity commented 10 months ago

In the browser a user keypair is generated locally, the user public key part is "blinded" using the RSA blind signature algorithm, this symmetric key is retained in the browser so it can be "unblinded" later.

The user selects whether they want to purchase a bronze ($10), silver ($20), or gold ($50) identity and enters their cc info in the Stripe dialog, this information is passed to the server along with the blinded user public key.

The server has an elliptic curve master keypair that serves as the "parent" of all Freenet keys. Note that we can use an EC keypair here because this key won't directly be used in the blind signature algorithm.

This master key is used to create several "subkeys", one for each of bronze, silver, and gold. We create 3 RSA keypairs, and for each we use the master key to sign the JSON:

{
  "type" : "Freenet-identity",
  "version" : 1,
  "level" : "Bronze",
  "RSA-public-key" : "...base64 encoded RSA public key..."
}

This JSON plus the master key signature is a certificate that validates the respective RSA public key.

The server then signs the blinded user public key using the relevant subkey depending on whether the level is bronze, silver, etc - and this is sent back to the browser along with that subkey's certificate.

The browser then unblinds the signed user public key and it plus the subkey certificate is stored by the user somewhere safe (via QR code, etc).