Are there any functions to work with VRF keys?

[gitmachtl]

Describe the feature you'd like

Hi,

are there any functions available that would allow:

• Generate a VRF prove (80 bytes) signature, by signing a given challenge (bytearray) via a VRF secret key
• Verify a VRF prove by providing the challenge and the VRF public key

Thank you very much!

Best regards, Martin

Describe alternatives you've considered

I have searched for any other libaries out there including algorand vrf stuff, that i could use with node js. But no luck.

Would you be willing to implement it?

• [ ] Yes, I will implement it.

[teddyjfpender]

Hello @gitmachtl ,

Thank you for reaching out and expressing interest in our repository! I'd like to better understand your use case for generating a VRF proof signature (and verifying a VRF proof).

Could you please provide more context about what you are building or trying to achieve? Some example scenarios would go a long way in helping us understand your use case as well as help us better tailor the functions/features/APIs to meet your needs.

Teddy

[gitmachtl]

Hey @teddyjfpender, thx for your reply.

We (Ambassadors and ToolDevs) are currently working on some additional CIPs in addition to CIP22 to use the VRF keys as a prove of pool ownership. The problem is, that the special IOG/Algorand libsodium fork/flavour is not ported to many programming languages. Currently there is only one tool (Andrews cncli) that can do that job. I have made another tool cardano-signer (https://github.com/gitmachtl/cardano-signer) based on NodeJS, which can do various signing/verification stuff. The one thing that is missing, is the possiblity to also use VRF keys. So, the VRF keys are normal ed25519 keys. Could be used in that way, but i had a talk with Inigo and he did some testing. The outcome was, that there is a high security risk on using the VRF key with other signing methods. The secret key could be exposed. So only the internally used method with the 80byte prove should be used.

I was searching around if there is any solution yet for NodeJS to use the VRF keys with the internally used method from libsodium, but there is none. What i have found is a python solution as a proof of concept (terrible performance), i have uploaded it here (https://github.com/gitmachtl/cardano-related-stuff/tree/master/vrf-demo). But the community needs a good JS implementation of such a core function. As there are already some VRF implementations present in the cardano-js-sdk, it would maybe not be that hard to also add a signing(prove)/hash/verify function?

Best regards, Martin

[teddyjfpender]

Understood @gitmachtl !

If you were to use VRF keys as a proof of pool ownership, in what scenarios do you think you'd find that useful? I can imagine one scenario would be where an SPO is looking to communicate/coordinate with delegators, of course convincing the delegators would require constructing a verifiable-proof as well as the delegators' abilities to verify the proof. Perhaps there are others you have in mind? 😄

Teddy

[gitmachtl]

The current target usecase is to provide voting tools for SPOs. The idea is to do it similar to the upcoming CIP36 method for Catalyst Voting. Assigning a freely generated voting key to a vrf key, so that the vrf key does not have to be used every time. But for that Assignment the "registration" must be signed with the vrf secret key. And of course verified later on. So thats one scenario. The VRF key is the only key that every SPO is having as a cli based key that can be used to proof pool ownership. If you would think about using the pool cold key, that would be possible, but it would 1) exclude all SPOs using hw-wallet based pool cold keys and 2) it would add security risks to expose a pool cold key, which is the worst case scenario. The VRF key is already on the BP nodes. And even it would get exposed, a new one can be generated with a pool-re-registration. So, the VRF key is an excellent choice for such tasks.

[teddyjfpender]

Got it, thanks for this information Martin it is much appreciated!