# Status Account Creation and Maintenance Specification ## Summary The core concept of an account in Status is a set of cryptographic keypairs. Namely, the combination of the following: 1. a whisper chat identity keypair 1. a set of cryptocurrency wallet keypairs Everything else associated with the contact is either verified or derived from the above items, including: - Ethereum address (future verification, currently the same base keypair) - 3 word mnemonic name - identicon - message signatures ## 1 Initial Key Generation ### 1.1 Public/Private Keypairs - An ECDSA (secp256k1 curve) public/private keypair MUST be generated via a [BIP43](https://github.com/bitcoin/bips/blob/master/bip-0043.mediawiki) derived path from a [BIP39](https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki) mnemonic seed phrase. - The default paths are defined as such: - Whisper Chat Key ($IK$): `m/43'/60'/1581'/0'/0` (post Multiaccount integration) - following [EIP1581](https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1581.md) - DB encryption Key ($DBK$): `m/43'/60'/1581'/1'/0` (post Multiaccount integration) - following [EIP1581](https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1581.md) - Status Wallet paths: `m/44'/60'/0'/0'/i` starting at `i=0` - following [BIP44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki) - NOTE: this (`i=0`) is also the current (and only) path for Whisper key before Multiaccount integration ### 1.2 X3DH Prekey bundle creation - A client must create an amount of X3DH prekey bundles, each defined by the following items: - Identity Key: $IK$ - Signed prekey: $SPK$ - Prekey signature: $Sig(IK, \text{Encode}(SPK)$) - one-time prekey: $OPK$ (???? need this?) ## 2 Account Broadcasting - A user is reponsible for broadcasting certain information publicly so that others may contact them. ### 2.1 X3DH Prekey bundles - A client [MUST/SHOULD] regenerate a group of X3DH prekey bundles every 24 hours and broadcast them through the appropriate channels ## 3 Optional Account additions ### 3.1 ENS Username - A user MAY register a public username on the Ethereum Name System (ENS). This username is a user-chosen subdomain of the `stateofus.eth` ENS registration that maps to their whisper identity key ($IK$). - TODO: verify if this is contact code or public key ### 3.2 User Chosen Name - An account MAY create a display name to replace the $IK$ generated 3-word pseudonym in chat screens. This chosen display name will become part of the publicly broadcasted profile of the account. ### 3.3 User Profile Picture - An account MAY edit the $IK$ generated identicon with a chosen picture. This picture will become part of the publicly broadcasted profile of the account. ### 3.4 Tribute to Talk - TODO - Couched until later ### 3.5 Wallet Accounts - TODO (based in multiaccount) ## Security Implications