Struct diem_sdk::types::network_address::encrypted::EncNetworkAddress [−][src]
pub struct EncNetworkAddress { /* fields omitted */ }
Expand description
An encrypted NetworkAddress
.
Threat Model
Encrypting the on-chain network addresses is purely a defense-in-depth mitigation to minimize attack surface and reduce DDoS attacks on the validators by restricting the visibility of their public-facing network addresses only to other validators.
These encrypted network addresses are intended to be stored on-chain under
each validator’s advertised network addresses in their ValidatorConfig
s.
All validators share the secret shared_val_netaddr_key
, though each validator’s addresses
are encrypted using a per-validator derived_key
.
Account Key
derived_key := HKDF-SHA3-256::extract_and_expand(
salt=HKDF_SALT,
ikm=shared_val_netaddr_key,
info=account_address,
output_length=32,
)
where HKDF-SHA3-256::extract_and_expand
is
HKDF extract-and-expand with SHA3-256,
HKDF_SALT
is a constant salt for application separation, shared_val_netaddr_key
is the
shared secret distributed amongst all the validators, and account_address
is the specific validator’s AccountAddress
.
We use per-validator derived_key
s to limit the “blast radius” of
nonce reuse to each validator, i.e., a validator that accidentally reuses a
nonce will only leak information about their network addresses or derived_key
.
Encryption
A raw network address, addr
, is then encrypted using AES-256-GCM like:
enc_addr := AES-256-GCM::encrypt(
key=derived_key,
nonce=nonce,
ad=key_version,
message=addr,
)
where nonce
is a 96-bit integer as described below, key_version
is
the key version as a u32 big-endian integer, addr
is the serialized
NetworkAddress
, and enc_addr
is the encrypted network address
concatenated with the 16-byte authentication tag.
Nonce
nonce := seq_num || addr_idx
where seq_num
is the seq_num
field as a u64 big-endian integer and
addr_idx
is the index of the encrypted network address in the list of
network addresses as a u32 big-endian integer.
Sequence Number
In order to reduce the probability of nonce reuse, validators should use the
sequence number of the rotation transaction in the seq_num
field.
Key Rotation
The EncNetworkAddress
struct contains a key_version
field, which
identifies the specific shared_val_netaddr_key
used to encrypt/decrypt the
EncNetworkAddress
.
Implementations
pub fn encrypt(
addr: NetworkAddress,
shared_val_netaddr_key: &[u8; 32],
key_version: u32,
account: &AccountAddress,
seq_num: u64,
addr_idx: u32
) -> Result<EncNetworkAddress, ParseError>
pub fn encrypt(
addr: NetworkAddress,
shared_val_netaddr_key: &[u8; 32],
key_version: u32,
account: &AccountAddress,
seq_num: u64,
addr_idx: u32
) -> Result<EncNetworkAddress, ParseError>
Panics
encrypt will panic if addr
length > 64 GiB.
pub fn decrypt(
self,
shared_val_netaddr_key: &[u8; 32],
account: &AccountAddress,
addr_idx: u32
) -> Result<NetworkAddress, ParseError>
Trait Implementations
pub fn deserialize<__D>(
__deserializer: __D
) -> Result<EncNetworkAddress, <__D as Deserializer<'de>>::Error> where
__D: Deserializer<'de>,
pub fn deserialize<__D>(
__deserializer: __D
) -> Result<EncNetworkAddress, <__D as Deserializer<'de>>::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
pub fn serialize<__S>(
&self,
__serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error> where
__S: Serializer,
pub fn serialize<__S>(
&self,
__serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error> where
__S: Serializer,
Serialize this value into the given Serde serializer. Read more
Auto Trait Implementations
impl RefUnwindSafe for EncNetworkAddress
impl Send for EncNetworkAddress
impl Sync for EncNetworkAddress
impl Unpin for EncNetworkAddress
impl UnwindSafe for EncNetworkAddress
Blanket Implementations
Mutably borrows from an owned value. Read more
Compare self to key
and return true
if they are equal.
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more
Generates a hash used only for tests.
pub fn vzip(self) -> V
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more