Skip to content

Commit 29ba95b

Browse files
authored
v0.10.1 release preparation (#1578)
Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>
1 parent 7620f11 commit 29ba95b

3 files changed

Lines changed: 191 additions & 162 deletions

File tree

docs/driverapi.md

Lines changed: 115 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -99,6 +99,121 @@ A `TokenRequest` is the primary structure submitted to the ledger. It consists o
9999
- **Auditing**: A dedicated section for auditor signatures and their identities.
100100
- **Metadata**: (Sent via transient data) Contains cleartext information required by participants and auditors to process the transaction.
101101

102+
## Protocol Versions and Signature Security
103+
104+
The Token SDK supports multiple protocol versions for token request signatures, providing a migration path for security improvements while maintaining backward compatibility.
105+
106+
**Supported Protocol Versions**:
107+
- **Protocol V1**: Original implementation (legacy)
108+
- **Protocol V2**: Enhanced security implementation (recommended)
109+
110+
### Protocol V1 (Legacy)
111+
112+
**Implementation**: [`token/driver/request.go:marshalToMessageToSignV1`](../token/driver/request.go)
113+
114+
**Signature Message Construction**:
115+
```
116+
SignatureMessage = ASN.1(TokenRequest) || Anchor
117+
```
118+
119+
**Characteristics**:
120+
- Simple concatenation of ASN.1-encoded request and anchor
121+
- No delimiter or length prefix between components
122+
- Maintained for backward compatibility with existing deployments
123+
124+
**Security Limitations**:
125+
- **Boundary Ambiguity**: Lack of delimiter creates potential for hash collision attacks
126+
- **No Input Validation**: Anchor parameter not validated for size or content
127+
- **Binary Data in Logs**: Error messages may expose sensitive data
128+
129+
**Status**: ⚠️ **DEPRECATED** - Use Protocol V2 for new deployments
130+
131+
### Protocol V2 (Recommended)
132+
133+
**Implementation**: [`token/driver/request.go:marshalToMessageToSignV2`](../token/driver/request.go)
134+
135+
**Signature Message Construction**:
136+
```go
137+
type SignatureMessage struct {
138+
Request []byte // ASN.1-encoded TokenRequest
139+
Anchor []byte // Transaction anchor/ID
140+
}
141+
SignatureMessage = ASN.1(SignatureMessage)
142+
```
143+
144+
**Security Improvements**:
145+
146+
1. **Structured Format**: Uses ASN.1 structure with explicit field boundaries
147+
- Prevents boundary ambiguity attacks
148+
- Ensures unique mapping from (Request, Anchor) to signature message
149+
- Maintains ASN.1 consistency throughout the protocol
150+
151+
2. **Input Validation with Typed Errors**:
152+
- Anchor must be non-empty (`ErrAnchorEmpty`)
153+
- Anchor size limited to `MaxAnchorSize` (128 bytes) to prevent DoS (`ErrAnchorTooLarge`)
154+
- Unsupported versions rejected with `ErrUnsupportedVersion`
155+
- Validation occurs before signature generation
156+
157+
3. **Secure Error Handling**:
158+
- Binary data hex-encoded in error messages
159+
- Prevents sensitive data exposure in logs
160+
- Compatible with log aggregation systems
161+
162+
4. **Comprehensive Documentation**:
163+
- Security properties clearly documented
164+
- Migration guidance provided
165+
- Attack scenarios explained
166+
167+
**Security Properties**:
168+
- **Collision Resistance**: Different (Request, Anchor) pairs always produce different signature messages
169+
- **Deterministic**: Same input always produces same output
170+
- **Tamper-Evident**: Any modification to Request or Anchor changes the signature message
171+
- **DoS Protection**: Input validation prevents resource exhaustion attacks
172+
173+
### Migration Guide
174+
175+
**For New Deployments**:
176+
- Use Protocol V2 by default
177+
- Configure validators to require minimum version 2
178+
- Benefit from enhanced security properties
179+
180+
**For Existing Deployments**:
181+
182+
1. **Phase 1: Deploy V2 Support**
183+
```go
184+
// Deploy code supporting both V1 and V2
185+
// V1 requests continue to work
186+
// V2 requests are accepted
187+
```
188+
189+
2. **Phase 2: Monitor Usage**
190+
```go
191+
// V1 usage triggers deprecation warnings
192+
// Monitor logs for V1 activity
193+
// Plan migration timeline
194+
```
195+
196+
3. **Phase 3: Migrate Applications**
197+
```go
198+
// Update applications to use V2
199+
// Test thoroughly in staging
200+
// Roll out gradually
201+
```
202+
203+
4. **Phase 4: Enforce V2**
204+
```go
205+
// Configure validators with minimum version 2
206+
// V1 requests rejected
207+
// V1 support maintained for historical validation
208+
```
209+
210+
**Backward Compatibility**:
211+
- V1 requests continue to validate correctly
212+
- Historical transactions remain valid
213+
- Regression tests ensure V1 compatibility
214+
- No breaking changes to existing deployments
215+
216+
102217
## Drivers
103218

104219
The Token SDK comes equipped with two reference drivers:

docs/drivers/dlogwogh.md

Lines changed: 0 additions & 157 deletions
Original file line numberDiff line numberDiff line change
@@ -1520,163 +1520,6 @@ The security of ZKAT-DLOG (NOGH) relies on:
15201520
- Cache attacks (memory access patterns)
15211521
- Power analysis (where applicable)
15221522

1523-
1524-
### 12.8 Protocol Versions and Signature Security
1525-
1526-
#### 12.8.1 Protocol Version Overview
1527-
1528-
The Token SDK supports multiple protocol versions for token request signatures, providing a migration path for security improvements while maintaining backward compatibility.
1529-
1530-
**Supported Protocol Versions**:
1531-
- **Protocol V1**: Original implementation (legacy)
1532-
- **Protocol V2**: Enhanced security implementation (recommended)
1533-
1534-
#### 12.8.2 Protocol V1 (Legacy)
1535-
1536-
**Implementation**: [`token/driver/request.go:marshalToMessageToSignV1`](../../token/driver/request.go)
1537-
1538-
**Signature Message Construction**:
1539-
```
1540-
SignatureMessage = ASN.1(TokenRequest) || Anchor
1541-
```
1542-
1543-
**Characteristics**:
1544-
- Simple concatenation of ASN.1-encoded request and anchor
1545-
- No delimiter or length prefix between components
1546-
- Maintained for backward compatibility with existing deployments
1547-
1548-
**Security Limitations**:
1549-
- **Boundary Ambiguity**: Lack of delimiter creates potential for hash collision attacks
1550-
- **No Input Validation**: Anchor parameter not validated for size or content
1551-
- **Binary Data in Logs**: Error messages may expose sensitive data
1552-
1553-
**Status**: ⚠️ **DEPRECATED** - Use Protocol V2 for new deployments
1554-
1555-
#### 12.8.3 Protocol V2 (Recommended)
1556-
1557-
**Implementation**: [`token/driver/request.go:marshalToMessageToSignV2`](../../token/driver/request.go)
1558-
1559-
**Signature Message Construction**:
1560-
```go
1561-
type SignatureMessage struct {
1562-
Request []byte // ASN.1-encoded TokenRequest
1563-
Anchor []byte // Transaction anchor/ID
1564-
}
1565-
SignatureMessage = ASN.1(SignatureMessage)
1566-
```
1567-
1568-
**Security Improvements**:
1569-
1570-
1. **Structured Format**: Uses ASN.1 structure with explicit field boundaries
1571-
- Prevents boundary ambiguity attacks
1572-
- Ensures unique mapping from (Request, Anchor) to signature message
1573-
- Maintains ASN.1 consistency throughout the protocol
1574-
1575-
2. **Input Validation with Typed Errors**:
1576-
- Anchor must be non-empty (`ErrAnchorEmpty`)
1577-
- Anchor size limited to `MaxAnchorSize` (128 bytes) to prevent DoS (`ErrAnchorTooLarge`)
1578-
- Unsupported versions rejected with `ErrUnsupportedVersion`
1579-
- Validation occurs before signature generation
1580-
1581-
3. **Secure Error Handling**:
1582-
- Binary data hex-encoded in error messages
1583-
- Prevents sensitive data exposure in logs
1584-
- Compatible with log aggregation systems
1585-
1586-
4. **Comprehensive Documentation**:
1587-
- Security properties clearly documented
1588-
- Migration guidance provided
1589-
- Attack scenarios explained
1590-
1591-
**Security Properties**:
1592-
- **Collision Resistance**: Different (Request, Anchor) pairs always produce different signature messages
1593-
- **Deterministic**: Same input always produces same output
1594-
- **Tamper-Evident**: Any modification to Request or Anchor changes the signature message
1595-
- **DoS Protection**: Input validation prevents resource exhaustion attacks
1596-
1597-
#### 12.8.4 Migration Guide
1598-
1599-
**For New Deployments**:
1600-
- Use Protocol V2 by default
1601-
- Configure validators to require minimum version 2
1602-
- Benefit from enhanced security properties
1603-
1604-
**For Existing Deployments**:
1605-
1606-
1. **Phase 1: Deploy V2 Support**
1607-
```go
1608-
// Deploy code supporting both V1 and V2
1609-
// V1 requests continue to work
1610-
// V2 requests are accepted
1611-
```
1612-
1613-
2. **Phase 2: Monitor Usage**
1614-
```go
1615-
// V1 usage triggers deprecation warnings
1616-
// Monitor logs for V1 activity
1617-
// Plan migration timeline
1618-
```
1619-
1620-
3. **Phase 3: Migrate Applications**
1621-
```go
1622-
// Update applications to use V2
1623-
// Test thoroughly in staging
1624-
// Roll out gradually
1625-
```
1626-
1627-
4. **Phase 4: Enforce V2**
1628-
```go
1629-
// Configure validators with minimum version 2
1630-
// V1 requests rejected
1631-
// V1 support maintained for historical validation
1632-
```
1633-
1634-
**Backward Compatibility**:
1635-
- V1 requests continue to validate correctly
1636-
- Historical transactions remain valid
1637-
- Regression tests ensure V1 compatibility
1638-
- No breaking changes to existing deployments
1639-
1640-
#### 12.8.5 Version Detection
1641-
1642-
The protocol version is determined by the `TokenRequest` structure:
1643-
1644-
```go
1645-
func (r *TokenRequest) getVersion() int {
1646-
// Currently defaults to V1 for backward compatibility
1647-
// Future: May be determined by request structure or explicit field
1648-
return ProtocolV1
1649-
}
1650-
```
1651-
1652-
**Future Enhancements**:
1653-
- Explicit version field in `TokenRequest`
1654-
- Automatic version negotiation
1655-
- Per-network version policies
1656-
1657-
#### 12.8.6 Security Recommendations
1658-
1659-
**For Network Operators**:
1660-
1. Deploy V2 support as soon as possible
1661-
2. Monitor V1 usage via deprecation warnings
1662-
3. Plan migration timeline based on network activity
1663-
4. Set minimum version to V2 after migration complete
1664-
5. Keep V1 support for historical transaction validation
1665-
1666-
**For Application Developers**:
1667-
1. Use V2 for all new token requests
1668-
2. Test V2 implementation thoroughly
1669-
3. Handle version-specific errors appropriately
1670-
4. Document version requirements clearly
1671-
1672-
**For Auditors**:
1673-
1. Verify protocol version in audit logs
1674-
2. Flag V1 usage in compliance reports
1675-
3. Ensure V2 adoption in security assessments
1676-
4. Validate signature message construction
1677-
1678-
---
1679-
16801523
## 13. Implementation Details
16811524

16821525
### 13.1 Error Handling

0 commit comments

Comments
 (0)