status-im
/
specs
mirror of https://github.com/status-im/specs.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
specs/x9.md

2.9 KiB
Raw Blame History

Status Account Creation and Maintenance Specification

Summary

The core concept of an account in Status is a set of cryptographic keypairs. Namely, the combination of the following:

  1. a whisper chat identity keypair
  2. a set of cryptocurrency wallet keypairs

Everything else associated with the contact is either verified or derived from the above items, including:

  • Ethereum address (future verification, currently the same base keypair)
  • 3 word mnemonic name
  • identicon
  • message signatures

1 Initial Key Generation

1.1 Public/Private Keypairs

  • An ECDSA (secp256k1 curve) public/private keypair MUST be generated via a BIP43 derived path from a BIP39 mnemonic seed phrase.
  • The default paths are defined as such:
    • Whisper Chat Key (IK): m/43'/60'/1581'/0'/0 (post Multiaccount integration)
    • DB encryption Key (DBK): m/43'/60'/1581'/1'/0 (post Multiaccount integration)
    • Status Wallet paths: m/44'/60'/0'/0'/i starting at i=0
      • following BIP44
      • NOTE: this (i=0) is also the current (and only) path for Whisper key before Multiaccount integration

1.2 X3DH Prekey bundle creation

  • A client must create an amount of X3DH prekey bundles, each defined by the following items:
    • Identity Key: IK
    • Signed prekey: SPK
    • Prekey signature: Sig(IK, \text{Encode}(SPK))
    • one-time prekey: OPK (???? need this?)

2 Account Broadcasting

  • A user is responsible for broadcasting certain information publicly so that others may contact them.

2.1 X3DH Prekey bundles

  • A client [MUST/SHOULD] regenerate a group of X3DH prekey bundles every 24 hours and broadcast them through the appropriate channels

3 Optional Account additions

3.1 ENS Username

  • A user MAY register a public username on the Ethereum Name System (ENS). This username is a user-chosen subdomain of the stateofus.eth ENS registration that maps to their whisper identity key (IK).
    • TODO: verify if this is contact code or public key

3.2 User Chosen Name

  • An account MAY create a display name to replace the IK generated 3-word pseudonym in chat screens. This chosen display name will become part of the publicly broadcasted profile of the account.

3.3 User Profile Picture

  • An account MAY edit the IK generated identicon with a chosen picture. This picture will become part of the publicly broadcasted profile of the account.

3.4 Tribute to Talk

  • TODO - Couched until later

3.5 Wallet Accounts

  • TODO (based in multiaccount)

Security Implications