Verify Script for CKB

We divided into two directories, locally generated signature public key and verified signature on the chain. Specific operation details can be viewed after cd entry. Thanks for the support of Nervos, and the open source password library botan.We provide ed25519, sm2(sm3), r1, rsa2048 verification algorithms.

The /botan_riscv directory is the riscv compileable code of the botan password library. We have modified it to make the static library under the riscv tool chain. It is not recommended to use the ./configure.py script to re-extract the source code to generate a Makefile, and make it directly in the directory to generate a static library.

For different algorithms, we provide different script files to generate the elf file of the corresponding riscv architecture, which can be generated by running it directly. The directory is the corresponding algorithm directory.

For example, we want to generate sm2 verification program

$ ./make_sm2.sh
$ cd sm2

And you can find the target file in this directory.

Similarly, we give the verification unlock script file, the directory is in /tx-verify. And we provide detailed on-chain operation in the directory.

• ruby
• bundler
• ckb-cli

cd tx-verify

• install deps bundler install

• generate bundler exec ./tx-mock.rb {path-of-code}

• verify via ckb-cli ckb-cli mock-tx verify --tx-file=tx-mocked.json

There is a problem that has not been resolved. In the include path, we use the on-chain operation files provided by ckb. But when we upload the parameters in the chain, it can't be compiled in C++ environment. However, the definition of cplusplus is provided in the header file, and I don't know how to solve it here. Therefore, we temporarily wrote the algorithm signature and public key in the .cpp file to facilitate accurate verification of the signature.

There are two directories for signature generation. The botan directory is the source code of the entire password library. We package the signature algorithm into a static library libbotan-2.a, and call the corresponding algorithm in cli to generate the signature and return pub/pri key.

This directory contains all the source code of the botan library, and We made some modifications to the library source code, and the Makefile is written by us, and libbotan-2.a can be directly generated through the Makefile. Of course, you can also customize to generate the desired plan, through the ./configure.py script. However, this is not recommended because the Makefile generated in that way will be much more complicated, and we have made it as lightweight as possible

$ cd botan_x86
$ make

The client calls for specific, input the original text and return the signature and key.

Usage: ./cli [ed25519 sign_text] [sm2 sign_text] [r1 sign_text] [rsa sign_text] [-h help] arglist ... 

$ cd cli
$ cmake . && make

For example, we want to call the sm2 algorithm to sign the text "wow, you can really dance, and ckb is pretty cool"

gqy@mbp-pro cli % ./cli sm2 wow, you can really dance, and ckb is pretty cool
sm2 sign: wow, you can really dance, and ckb is pretty cool
pubkey:
04790A59C39511EA933489F9C8408A14B52F8A4B3F9D48400E30246BCF1745B37BB7F7E527646F329957B6C394BF11321C8C74CDBB1CD5F07A928F14CA83DDD6E4
prikey:
306B0201010420C9F8C3435067FC11178CA595E81933F4314BD1FCFF4A5AB261B036063ECAE822A14403420004790A59C39511EA933489F9C8408A14B52F8A4B3F9D48400E30246BCF1745B37BB7F7E527646F329957B6C394BF11321C8C74CDBB1CD5F07A928F14CA83DDD6E4
Signature:
775C07E54F1B75452683B8E2CC30E44A24418F61E8B8B3FC2F74CABAB28F3950FAAD5087F227DE445B2CEF64892A52B29A6BD7B293B88B912827B566A2EB1D68
verify sig is valid                                                                                                                                  gqy@mbp-pro cli %