search

openware / peatio

Open-source crypto currency exchange software (https://openware.com)
https://www.openware.com
MIT License
1.04k stars 624 forks source link

Multisig example that actually uses multiple signatures? #1225

Closed sramsden closed 6 years ago

sramsden commented 6 years ago

I have been able to use the multisig stuff to interact with the peatio management API which is good.

However I have not had any reason to use multiple signatures and I cannot see any of your examples with multiple signatures either ... eg, you have

generated_jwt = JWT::Multisig.generate_jwt(jwt_payload, { peatio: private_key }, { peatio: "RS256" })

So I was just wondering what was the requirement driving the introduction of the multiple signature JWT?

Can you give me an example that requires more than one signature or point me at one on the web somewhere? Thanks.

sramsden commented 6 years ago

https://stackoverflow.com/questions/50031985/what-is-a-use-case-for-having-multiple-signatures-in-a-jws-that-uses-jws-json-se

"You sign a token with several signature algorithms (let say RS256, ES384 and PS512). epending on the audience capabilities (only supports ES384 algorithm)"

Multiple algorithms sounds more likely than multiple parties signing for a combined token. When I first saw the multiple signatures in peatio I thought perhaps your intention was for multiple services to sign .. but now I think otherwise. Please correct me if I'm wrong.