From 613be63627c20c451f0101a8356187355b69caa9 Mon Sep 17 00:00:00 2001 From: Aaron Craelius Date: Tue, 12 May 2020 14:46:38 -0400 Subject: [PATCH 1/3] Add multisig key support --- .../adr-020-protobuf-transaction-encoding.md | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/docs/architecture/adr-020-protobuf-transaction-encoding.md b/docs/architecture/adr-020-protobuf-transaction-encoding.md index cd1318a4bdb2..552921585bdf 100644 --- a/docs/architecture/adr-020-protobuf-transaction-encoding.md +++ b/docs/architecture/adr-020-protobuf-transaction-encoding.md @@ -83,9 +83,27 @@ message SignerInfo { // address can be used for accounts that already have a public key in state bytes address = 2; } - SignMode mode = 3; + + ModeInfo mode_info = 3; } +message ModeInfo { + oneof sum { + Single single = 1; + Multi multi = 2; + } + + message Single { + SignMode mode = 1; + } + + message Multi { + CompactBitArray bitarray = 1; + repeated ModeInfo mode_infos = 2; + + } +} + enum SignMode { SIGN_MODE_UNSPECIFIED = 0; @@ -225,8 +243,11 @@ in order): message SignDocAux { bytes body_bytes = 1; // PublicKey is included in SignDocAux : - // 1. as a special case for multisig public keys to be described later - // in this document + // 1. as a special case for multisig public keys. For multisig public keys, + // the signer should use the top-level multisig public key they are signing + // against, not their own public key. This is to prevent against a form + // of malleability where a signature could be taken out of context of the + // multisig key that was intended to be signed for // 2. to guard against scenario where configuration information is encoded // in public keys (it has been proposed) such that two keys can generate // the same signature but have different security properties From 85d43116d94630bfdd1b61a0f950814afac2a310 Mon Sep 17 00:00:00 2001 From: Aaron Craelius Date: Tue, 12 May 2020 14:51:07 -0400 Subject: [PATCH 2/3] Update docs --- .../adr-020-protobuf-transaction-encoding.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/docs/architecture/adr-020-protobuf-transaction-encoding.md b/docs/architecture/adr-020-protobuf-transaction-encoding.md index 552921585bdf..61189bb248ef 100644 --- a/docs/architecture/adr-020-protobuf-transaction-encoding.md +++ b/docs/architecture/adr-020-protobuf-transaction-encoding.md @@ -92,15 +92,21 @@ message ModeInfo { Single single = 1; Multi multi = 2; } - + + // Single is the mode info for a single signer message Single { SignMode mode = 1; + // locale may be used in the future with TEXTUAL signing modes + string locale = 2; } - + + // Multi is the mode info for a multisig public key message Multi { + // bitarray specifies which keys within the multisig are signing CompactBitArray bitarray = 1; + // mode_infos is the corresponding modes of the signers of the multisig + // which could include nested multisig public keys repeated ModeInfo mode_infos = 2; - } } From 2edd8e9e8a0f637862f591ce60cf810f42ed3acb Mon Sep 17 00:00:00 2001 From: Aaron Craelius Date: Tue, 12 May 2020 16:32:09 -0400 Subject: [PATCH 3/3] Remove locale --- docs/architecture/adr-020-protobuf-transaction-encoding.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/architecture/adr-020-protobuf-transaction-encoding.md b/docs/architecture/adr-020-protobuf-transaction-encoding.md index 61189bb248ef..5fa6ae2bd7c2 100644 --- a/docs/architecture/adr-020-protobuf-transaction-encoding.md +++ b/docs/architecture/adr-020-protobuf-transaction-encoding.md @@ -96,8 +96,6 @@ message ModeInfo { // Single is the mode info for a single signer message Single { SignMode mode = 1; - // locale may be used in the future with TEXTUAL signing modes - string locale = 2; } // Multi is the mode info for a multisig public key