Expand description
§Noise-SV2: Noise Protocol Implementation for Stratum V2
noise_sv2
ensures secure communication between Sv2 roles by handling encryption, decryption,
and authentication through Noise protocol handshakes and cipher operations.
Implementation of the Sv2 Noise protocol specification.
§Features
- Noise Protocol: Establishes secure communication via the Noise protocol handshake between the
Initiator
andResponder
roles. - Diffie-Hellman with
secp256k1
: Securely establishes a shared secret between two Sv2 roles, using the same elliptic curve used in Bitcoin. - AEAD: Ensures confidentiality and integrity of the data.
AES-GCM
andChaCha20-Poly1305
: Provides encryption, with hardware-optimized and software-optimized options.- Schnorr Signatures: Authenticates messages and verifies the identity of the Sv2 roles. In practice, the primitives exposed by this crate should be used to secure communication channels between Sv2 roles. Securing communication between two Sv2 roles on the same local network (e.g., local mining devices communicating with a local mining proxy) is optional. However, it is mandatory to secure the communication between two Sv2 roles communicating over a remote network (e.g., a local mining proxy communicating with a remote pool sever).
The Noise protocol establishes secure communication between two Sv2 roles via a handshake
performed at the beginning of the connection. The initiator (e.g., a local mining proxy) and
the responder (e.g., a mining pool) establish a shared secret using Elliptic Curve
Diffie-Hellman (ECDH) with the secp256k1
elliptic curve (the same elliptic curve used by
Bitcoin). Once both Sv2 roles compute the shared secret from the ECDH exchange, the Noise
protocol derives symmetric encryption keys for secure communication. These keys are used with
AEAD (using either AES-GCM
or ChaCha20-Poly1305
) to encrypt and authenticate all
communication between the roles. This encryption ensures that sensitive data, such as share
submissions, remains confidential and tamper-resistant. Additionally, Schnorr signatures are
used to authenticate messages and validate the identities of the Sv2 roles, ensuring that
critical messages like job templates and share submissions originate from legitimate sources.
Structs§
- Aead
Error - Error type.
- Initiator
- Manages the initiator’s role in the Noise NX handshake, handling key exchange, encryption, and
handshake state. It securely generates and manages cryptographic keys, performs Diffie-Hellman
exchanges, and maintains the handshake hash, chaining key, and nonce for message encryption.
After the handshake, it facilitates secure communication using either
ChaCha20Poly1305
orAES-GCM
ciphers. Sensitive data is securely erased when no longer needed. - Noise
Codec - A codec for managing encrypted communication in the Noise protocol.
- Responder
- Represents the state and operations of the responder in the Noise NX protocol handshake. It handles cryptographic key exchanges, manages handshake state, and securely establishes a connection with the initiator. The responder manages key generation, Diffie-Hellman exchanges, message decryption, and state transitions, ensuring secure communication. Sensitive cryptographic material is securely erased when no longer needed.
Enums§
- Error
- Noise protocol error handling.
Constants§
- NOISE_
HASHED_ PROTOCOL_ NAME_ CHACHA - If protocolName is less than or equal to 32 bytes in length, use protocolName with zero bytes appended to make 32 bytes. Otherwise, apply HASH to it. For name = “Noise_NX_Secp256k1+EllSwift_ChaChaPoly_SHA256”, we need the hash. More info can be found at this link.
- NOISE_
SUPPORTED_ CIPHERS_ MESSAGE