Add Implementation Guidance to Recommend Compressed Point Encoding #117
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Frank Hinek <[email protected]>
Signed-off-by: Frank Hinek <[email protected]>
Signed-off-by: Frank Hinek <[email protected]>
Signed-off-by: Frank Hinek <[email protected]>
Co-authored-by: Moe Jangda <[email protected]>
frankhinek
requested review from
decentralgabe,
csuwildcat and
mistermoe
as code owners
mistermoe
approved these changes
Feb 5, 2024
Signed-off-by: Frank Hinek <[email protected]>
| - DID Document representations ****SHOULD**** always use fully qualified identifiers (e.g. `did:dht:uodqi99wuzxsz6yx445zxkp8ddwj9q54ocbcg8yifsqru45x63kj#0` as opposed to `0` or `#0`) | ||
| - [[ref:DID Document]] representations of elliptic curve (EC) keys ****MUST**** include the x- and y-coordinate pair. | ||
| To conserve space in the DNS packet representation, compressed point encoding ****MUST**** be used to transmit the | ||
| x-coordinate and a sign bit for the y-coordinate. This practice reduces each public key's size from 65 to 33 bytes. |
There was a problem hiding this comment.
is this true for all key types?
There was a problem hiding this comment.
@decentralgabe it is true for all EC key types. In terms of current key types in the DID DHT Registry, that includes secp256k1 and secp256r1.
It is not relevant for OKP keys such as Ed25519 since compressed encoding (only the 32-byte x-coordinate) is always used.
decentralgabe
approved these changes
Feb 5, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR will:
Context
Elliptic-curve points (e.g.,
secp256k1,secp256r1) can be encoded as either the x-coordinate and y-coordinate or the x-coordinate and a sign bit for the y-coordinate. The latter encoding, called compressed point encoding, can be used to shrink the size of the DNS packet encoded representation of a DID DHT document by nearly half (65->33bytes). It also serves to align the payload size of Ed25519 (32bytes) and secp256k1/secp256r1 (33bytes) keys.It's also worth noting that the public keys are unpadded Base64URL-encoded such that the each uncompressed secp256k1/secp256r1 key actually consumes
87bytes in the DNS packet. Using compressed point encoding decreases the size to44bytes.The added note includes guidance that the DID Document representation must include the x- and y-coordinate pair for all
ECJWKs. As noted in RFC 8812:Prior Art
Compressed point encoding has also been used in:
Additional References