Crate noise_sv2

Source
Expand description

§Noise-SV2: Noise Protocol Implementation for Stratum V2

noise_sv2 ensures secure communication between Sv2 roles by handling encryption, decryption, and authentication through Noise protocol handshakes and cipher operations.

Implementation of the Sv2 Noise protocol specification.

§Features

  • Noise Protocol: Establishes secure communication via the Noise protocol handshake between the Initiator and Responder roles.
  • Diffie-Hellman with secp256k1: Securely establishes a shared secret between two Sv2 roles, using the same elliptic curve used in Bitcoin.
  • AEAD: Ensures confidentiality and integrity of the data.
  • AES-GCM and ChaCha20-Poly1305: Provides encryption, with hardware-optimized and software-optimized options.
  • Schnorr Signatures: Authenticates messages and verifies the identity of the Sv2 roles. In practice, the primitives exposed by this crate should be used to secure communication channels between Sv2 roles. Securing communication between two Sv2 roles on the same local network (e.g., local mining devices communicating with a local mining proxy) is optional. However, it is mandatory to secure the communication between two Sv2 roles communicating over a remote network (e.g., a local mining proxy communicating with a remote pool sever).

The Noise protocol establishes secure communication between two Sv2 roles via a handshake performed at the beginning of the connection. The initiator (e.g., a local mining proxy) and the responder (e.g., a mining pool) establish a shared secret using Elliptic Curve Diffie-Hellman (ECDH) with the secp256k1 elliptic curve (the same elliptic curve used by Bitcoin). Once both Sv2 roles compute the shared secret from the ECDH exchange, the Noise protocol derives symmetric encryption keys for secure communication. These keys are used with AEAD (using either AES-GCM or ChaCha20-Poly1305) to encrypt and authenticate all communication between the roles. This encryption ensures that sensitive data, such as share submissions, remains confidential and tamper-resistant. Additionally, Schnorr signatures are used to authenticate messages and validate the identities of the Sv2 roles, ensuring that critical messages like job templates and share submissions originate from legitimate sources.

Structs§

AeadError
Error type.
Initiator
Manages the initiator’s role in the Noise NX handshake, handling key exchange, encryption, and handshake state. It securely generates and manages cryptographic keys, performs Diffie-Hellman exchanges, and maintains the handshake hash, chaining key, and nonce for message encryption. After the handshake, it facilitates secure communication using either ChaCha20Poly1305 or AES-GCM ciphers. Sensitive data is securely erased when no longer needed.
NoiseCodec
A codec for managing encrypted communication in the Noise protocol.
Responder
Represents the state and operations of the responder in the Noise NX protocol handshake. It handles cryptographic key exchanges, manages handshake state, and securely establishes a connection with the initiator. The responder manages key generation, Diffie-Hellman exchanges, message decryption, and state transitions, ensuring secure communication. Sensitive cryptographic material is securely erased when no longer needed.

Enums§

Error
Noise protocol error handling.

Constants§

NOISE_HASHED_PROTOCOL_NAME_CHACHA
If protocolName is less than or equal to 32 bytes in length, use protocolName with zero bytes appended to make 32 bytes. Otherwise, apply HASH to it. For name = “Noise_NX_Secp256k1+EllSwift_ChaChaPoly_SHA256”, we need the hash. More info can be found at this link.
NOISE_SUPPORTED_CIPHERS_MESSAGE