hc_seed_bundle
SeedBundle parsing and generation library.
Links
- Git Repo - https://github.com/holochain/lair
- API Documentation - https://docs.rs/hc_seed_bundle
- Javascript Implementation - https://holochain.github.io/hcSeedBundle/
Rationale
- Applications like Holochain have different requirements than classic blockchain system in terms of key management. Namely there is no need for read-only or hardened wallets (Holochain handles these concepts through capabilities and membranes).
- Applications like Holochain still have need of hierarchy and determinism in key (or in this case seed) derivation.
- Since we're using libsodium for hashing, signature, and encryption algorithms, let's use it for derivation as well.
- To be psychologically compatible with the Bitcoin "HD Wallet" spec, we will do away with the "context" part of sodium KDF by always setting it to
b"SeedBndl"
and focusing on thesubkey_id
and can declare a chain of subsequent derivations of a 32 byte seed in the formm/68/1/65/8
where we applysubkey_id
s 68, 1, 65, then 8 in turn.
hcSeedBundle Encoding Spec
Encoded in MSGPACK binary format.
To better facilitate rust/javascript interoperability, the rust library will treat msgpack "ext" types as binary data.
SeedBundle
// seed_bundle is a top-level array
'seed_bundle':array
SeedCipher::PwHash
// the PwHash type SeedCipher defines a straight-forward
// pwhash secret that is use to secretstream encrypt a seed
'seed_cipher':array
SeedCipher::SecurityQuestions
// Security Questions SeedCipher defines a pwhash cipher
// based on concatonating 3 answers that are lcased/trimmed
'seed_cipher':array
Algorithms
sodium_kdf32
- seed derivation- set to output 32 bytes (
[32 byte sub-seed]
) - context bytes - fixed
b"SeedBndl"
- subkey_id clamped to u32 to better support javascript
- set to output 32 bytes (
argon2id32
- generates secret for seed secretstream encryption- set to output 32 bytes (
[32 secret bytes]
) - salt:
[16 salt bytes from bundle]
- mem_limit: default
MODERATE
- ops_limit: default
MODERATE
- passphrase: user-supplied
- set to output 32 bytes (
secretstream_xchacha20poly1305
- single
push_final/pull_final
with entire contents
- single
License: Apache-2.0