RGB-22: Digital identity
LNPBP: 0022
Aliases: RGB22
Vertical: Smart contracts
Title: RGB reputation and identity interface (RGB-22)
Authors: Dr Maxim Orlovsky <[email protected]>,
Sabina Sachtachtinskagia
Comments-URI: <https://github.com/LNP-BP/LNPBPs/discussions>
Status: Draft
Type: Standards Track
Created: 2020-09-10
Updated: 2023-05-10
Finalized: ~
Copyright: (0) public domain
License: CC0-1.0
Single-use-seal primitive represents an efficient enhancement for WoT model of key revocation: it provides independent parties an ability to detect and timestamp key revocation without contacting the owner of the original identity.
RGB-22 standard is created to leverage this advantage and provide an alternative WoT solution to GPG/PGP. It can be combined with Storm protocol, as a better alternative to PGP key servers.
Interface specification is the following Contractum code:
data XonlyPubkey :: [Byte ^ 32]
data SchnorrSig :: [Byte ^ 64]
data EdKey :: [Byte ^ 32]
data EdSig :: [Byte ^ 64)
data Fact :: [Byte+] -- JSON encoded string
data Pubkey :: secp256k1(XonlyPubkey) | curve25519(EdKey)
data Sig ::
secp256k1(XonlyPubkey, SchnorrSig) |
ed25519(EdKey, EdSig)
data Attestation ::
facts [Fact+],
attestedBy RGB22.ContractId,
signature Sig
data FullName :: [Unicode ^ 0..0xFF]
interface RGB22
global nickName :: RGBTypes.Name
global fullName :: FullName
global emails+ :: Email
global facts* :: Attestation
global photo* :: (MimeType, [Byte])
global created :: RGBTypes.Timestamp
owned nameRight
owned attestRight
owned revokableKey+ :: Pubkey
op Revoke :: revokableKey -> revokableKey?
op Rename :: nameRight
, nickName
, fullName
, {emails ^ 0..0xff}
, {photo ^ 0..0xff}
-> nameRight
op Attest :: attestRight
, {facts ^ 1..0xFFFF}
-> attestRight
, {revokableKey}
use Secp256k1, Ed25519
import RGB22
fn checkKey :: key Pubkey !! invalidKey
key:
Pubkey.secp256k1(k) -> Secp256k1.checkKey k !! invalidKey
Pubkey.curve25519(k) -> Ed25519.checkKey k !! invalidKey
schema BaseIdentity
global Name :: [Unicode+]
global Emails{+} :: Email
global Facts{*} :: Attestation
global Photo? :: (MimeType, [Byte])
owned NameRight
owned AttestRight
owned RevokableKey{+} :: Pubkey
genesis :: name Name, emails {Emails+}, keys {RevokableKey+}
!! invalidKey
keys => key -> checkKey key
op revoke :: old RevokableKey -> new RevokableKey?
!! invalidKey
| sameKey
checkKey new
!(old =? new) !! sameKey
op rename :: NameRight -> NameRight <- Name, {Emails+}
op attest :: AttestRight -> AttestRight, {RevokableKey}
<- atts {Attestation}
!! invalidSig
atts => a -> a.signature:
Sig.secp256k1(key, sig) => Secp256k1.verify key, sig !! invalidSig
Sig.ed25519k1(key, sig) => Ed25519.verify key, sig !! invalidSig
implement RGB21 for BaseIdentity
use BaseIdentity from identity.con
let orig = Seal(fac503c4641c3deda72a2d00bc9d6ff1094b15276c386efea403746a91436772, 1)
contract meSatoshiNakamoto := BaseIdentity (
name := "Satoshi Nakamoto"
emails := {"[email protected]"}
keys := [
(orig, Pubkey.secp256k1(0x028730eeeec41802621d177507b086f390ae600ba3ca5e428b13913af4c2cd25b3))
]
)
transition iLostMyKey := BaseIdentity.revoke (
old := orig,
new := (Seal(~:1), Pubkey.curve25519(0x0219db0a4e0eb8cb833608c08d76b9b279ec44a851ab82cc6fd68a9b32624bfa8b))
)
$ rgb-cli exec satoshi.con
Registering schema ... success
Issuing contract meSatoshiNakamoto ... success
Preparing transition iLostMyKey ... saved to `iLostMyKey.rgb` and `iLostMyKey.psbt`
$ rgb-cli state -i rgb22 rgb1______
name: Satoshi Nakamoto
emails:
facts: []
photo: ~
revokableKey:
- 4459eaee3f84a1cd7529534d99b553a633671582c42640438071930e741253cf:1:
curve25519
0: 0219db0a4e0eb8cb833608c08d76b9b279ec44a851ab82cc6fd68a9b32624bfa8b
This document is licensed under the Creative Commons CC0 1.0 Universal license.
To the extent possible under law, LNP/BP Standards Association has waived all copyright and related or neighboring rights to this work.
Last modified 16d ago