miden_lib/
auth.rs

1use alloc::vec::Vec;
2
3use miden_objects::account::auth::PublicKeyCommitment;
4
5/// Defines authentication schemes available to standard and faucet accounts.
6pub enum AuthScheme {
7    /// A minimal authentication scheme that provides no cryptographic authentication.
8    ///
9    /// It only increments the nonce if the account state has actually changed during transaction
10    /// execution, avoiding unnecessary nonce increments for transactions that don't modify the
11    /// account state.
12    NoAuth,
13    /// A single-key authentication scheme which relies on ECDSA signatures.
14    EcdsaK256Keccak { pub_key: PublicKeyCommitment },
15    /// A multi-signature authentication scheme using ECDSA signatures.
16    ///
17    /// Requires a threshold number of signatures from the provided public keys.
18    EcdsaK256KeccakMultisig {
19        threshold: u32,
20        pub_keys: Vec<PublicKeyCommitment>,
21    },
22    /// A single-key authentication scheme which relies RPO Falcon512 signatures.
23    ///
24    /// RPO Falcon512 is a variant of the [Falcon](https://falcon-sign.info/) signature scheme.
25    /// This variant differs from the standard in that instead of using SHAKE256 hash function in
26    /// the hash-to-point algorithm we use RPO256. This makes the signature more efficient to
27    /// verify in Miden VM.
28    RpoFalcon512 { pub_key: PublicKeyCommitment },
29    /// A multi-signature authentication scheme using RPO Falcon512 signatures.
30    ///
31    /// Requires a threshold number of signatures from the provided public keys.
32    RpoFalcon512Multisig {
33        threshold: u32,
34        pub_keys: Vec<PublicKeyCommitment>,
35    },
36    /// A non-standard authentication scheme.
37    Unknown,
38}
39
40impl AuthScheme {
41    /// Returns all public key commitments associated with this authentication scheme.
42    ///
43    /// For unknown schemes, an empty vector is returned.
44    pub fn get_public_key_commitments(&self) -> Vec<PublicKeyCommitment> {
45        match self {
46            AuthScheme::NoAuth => Vec::new(),
47            AuthScheme::EcdsaK256Keccak { pub_key } => vec![*pub_key],
48            AuthScheme::EcdsaK256KeccakMultisig { pub_keys, .. } => pub_keys.clone(),
49            AuthScheme::RpoFalcon512 { pub_key } => vec![*pub_key],
50            AuthScheme::RpoFalcon512Multisig { pub_keys, .. } => pub_keys.clone(),
51            AuthScheme::Unknown => Vec::new(),
52        }
53    }
54}