Inserting contracts in the registry

Owned by Ovidiu Deac
Last updated: Jun 02, 2020 by Tomislav Grospić
2 min read

Motivation

We need to be able to refer a contract by a name with the following properties

  1. persistent - can be used over an over again
  2. forgeable - can be transmitted off-chain
  3. secure - the user wants a cryptographic guarantee that the name refers to the actual contract deployed

Creating the signature

RegistrySigGen tool

It can be found in coop.rchain.casper.util.rholang. Produces the necessary tools to insert a contract in the registry.

$ sbt runMain coop.rchain.casper.util.rholang.RegistrySigGen contractName [timestamp] [privateKey] [unforgeableName]

Steps

Generate a Secp256k1 key pair

RegistrySigGen uses function Secp256k1.newKeyPair to generate a new key pair for each contract inserted in the registry.

Produce a nonce

The contracts in casper use the maxLong nonce 9223372036854775807.

Generate an unforgeable name

RegistrySigGen creates a GPrivate instance using the public key and the timestamp as a seed. This guarantees that the resulting unforgeable name will be the same as the first one produced by ```new SomeName in ...```.

Please note that all the Rholang contracts in Casper project are using the registered name as the first one in the top level new because this is the only name we can predict reliably using this method.

Create the signature

The signature is computed over a tuple containing the above nonce and a bundle+ of the above unforgeable name.

Derive an URI from the public key

An id is derived from the public key using a custom hashing algorithm found in Registry.buildURI in Registry.scala

The convention is to prepend "rho:id:" to the derived id.

Inserting the signed contract

The contract is inserted in the registry by using the system call `rho:registry:insertSigned:secp256k1` like in the code below:

new
MakeMint, rs(`rho:registry:insertSigned:secp256k1`), uriOut
in {
  contract MakeMint(...) = { ... } |
  rs!(
    "d9ba2075d355755060205605f4cdbd5ecd3cce5ed1f39690f34772f7c9aa30ab".hexToBytes(), 
    (9223372036854775807, bundle+{*MakeMint}), 
    "36229e3f4530c15f3b7c1d9165369201b70b4673289a003652af14b436b20a275d5909d6dfbbd06e685292d39eadf3af11db6f882dcc78ef0b794e6da0ad6109".hexToBytes(), 
    *uriOut)
}

Change proposal

Use a single key-pair for signing multiple contracts and