|
|
|
# HIP304 - z\_signmessage + z\_verifymessage
|
|
|
|
|
|
|
|
```
|
|
|
|
HIP: 304
|
|
|
|
Title: Signing and verifying messages from Sapling addresses
|
|
|
|
Author: Duke Leto
|
|
|
|
Category: Standards
|
|
|
|
Created: 2020-02-02
|
|
|
|
License: GPLv3
|
|
|
|
```
|
|
|
|
|
|
|
|
# Terminology
|
|
|
|
|
|
|
|
The key words "MUST", "MUST NOT", and "MAY" in this document are to be interpreted as described in RFC 2119.
|
|
|
|
[#RFC2119]
|
|
|
|
|
|
|
|
# Abstract
|
|
|
|
|
|
|
|
This is an xxx HIP describing signed Sapling messages.
|
|
|
|
|
|
|
|
# Motivation
|
|
|
|
|
|
|
|
TLDR: Extend the `signmessage` and `verifymessage` RPCs to Sapling shielded addresses.
|
|
|
|
Many people, including the author, have created Github issues asking for the ability to
|
|
|
|
sign messages with zaddrs. Originally, it was not possible with Sprout addresses but
|
|
|
|
now Sapling zaddrs have the internal machinery to support this use case.
|
|
|
|
|
|
|
|
# Specification
|
|
|
|
|
|
|
|
This document specifies two new RPCs
|
|
|
|
|
|
|
|
z_signmessage
|
|
|
|
z_verifymessage
|
|
|
|
|
|
|
|
which are direct shielded counterparts to the original Bitcoin RPCs:
|
|
|
|
|
|
|
|
signmessage
|
|
|
|
verifymessage
|
|
|
|
|
|
|
|
This specification is directly influenced by various Zcash Github issues and ZIP304
|
|
|
|
such as https://github.com/zcash/zcash/issues/3159 and https://github.com/zcash/zcash/issues/1770
|
|
|
|
and the algorithm designed by Daira and other Zcash developers. We simply took the publicly
|
|
|
|
defined algorithm and decided to actually implement it and decide any implementation details that
|
|
|
|
would be needed along the way.
|
|
|
|
|
|
|
|
## Internal Design
|
|
|
|
|
|
|
|
One option would be to write a custom zk-SNARK "circuit" to support signing via a zaddr. This would
|
|
|
|
be a large amount of work and was dismissed, reasonably, as not viable by Zcash developers.
|
|
|
|
|
|
|
|
|
|
|
|
# References
|
|
|
|
|
|
|
|
.. [#RFC2119] `Key words for use in RFCs to Indicate Requirement Levels <https://tools.ietf.org/html/rfc2119>`_
|
|
|
|
.. [#BIP32] `Hierarchical Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki>`_
|
|
|
|
|