search

w3c / vc-di-ecdsa

Data Integrity specification for ECDSA using NIST-compliant curves
https://w3c.github.io/vc-di-ecdsa/
Other
9 stars 9 forks source link

Clarifying `publicKeyMultibase` encoding: `did:key` style with multicodec code, or not? #26

Closed bnewbold closed 6 months ago

bnewbold commented 10 months ago

With the did:plc method, we have been returning verificationMethod objects with type EcdsaSecp256k1VerificationKey2019 and a publicKeyMultibase string encoding with:

This is a different encoding from that used for did:key, which includes a varint multiformat table value indicating the specific key type, and compressed curve public key bytes.

For example:

{
  "id": "#atproto",
  "type": "EcdsaSecp256k1VerificationKey2019",
  "controller": "did:plc:yk4dd2qkboz2yv6tpubpc6co",
  "publicKeyMultibase": "zQYEBzXeuTM9UR3rfvNag6L3RNAs5pQZyYPsomTsgQhsxLdEgCrPTLgFna8yqCnxPpNT7DBk6Ym3dgPKNu86vt9GR"
}

where the corresponding key has did:key format: did:key:zQ3shXjHeiBuRCKmM36cuYnm7YEMzhGnCmCyW92sRJ9pribSF.

I had assumed that the un-compressed key format was required in a DID specification document somewhere, but when I went looking just now, could find no reference in the Core 1.0 doc, https://www.w3.org/TR/did-spec-registries, Verifiable Credential Data Integrity 1.0 , etc. The last link does talk about how the Multikey method specifically requires a publicKeyMultibase encoding with the multicodec included, but doesn't mention how other types like EcdsaSecp256k1VerificationKey2019 should be encoded.

This github issue is asking to clarify: is there required multibase format? is it ok to use the multicodec-based encoding, as used with did:key and Multikey?

msporny commented 10 months ago

followed directly by the string encoded, un-compressed curve public key bytes... this is a different encoding from that used for did:key,

Don't do that -- you should align directly with the did:key format. :)

I had assumed that the un-compressed key format was required in a DID specification document somewhere

No, the DID specification doesn't express any requirements on key format, IIRC.

is there required multibase format?

The cryptosuite that uses the key type will define the required multibase format. For example, here's the one for Ed25519 public keys:

https://w3c.github.io/vc-di-eddsa/#multikey

and the one for ECDSA public keys:

https://w3c.github.io/vc-di-ecdsa/#multikey

One doesn't exist for k1 keys because no one has written that particular spec yet, but I'd expect it to use the bitcoin base58 header 'z' and the 0xe7 multikey header (remember to encode as a varint!) with a compressed key:

https://github.com/multiformats/multicodec/blob/master/table.csv#L92

is it ok to use the multicodec-based encoding, as used with did:key and Multikey?

Yes, in fact, the Multikey encoding of a did:key should be exactly the same. did:key uses the Multikey format.

Did that answer all of your questions @bnewbold ?

bnewbold commented 10 months ago

Yes, thank you for such a clear response!

msporny commented 6 months ago

This issue is fairly old and the question was answered some time ago. Seems like discussion on the issue has ended. I'm closing this issue. @bnewbold, please re-open a new issue if there is further discussion to be had.