Private & Public Key Overview
ConsenSource utilizes public-key cryptography. Public keys are stored on-chain and accessible to all nodes in the network, and a user’s private key is stored in an encrypted format off-chain.
Whenever a user creates a transaction, the contents of the payload are serialized, signed with the user’s private key, and committed with the transaction. This signature can later be decrypted with the user’s public key to verify that the contents of the payload are unchanged, and to prove that a given user created a transaction.
Private and Public keys in ConsenSource are generated with secp256k1 using the ECDSA algorithm using the sawtooth-signing library. When storing private keys in a database, the SJCL encyrption library is used.
Browser storage is used as a temporary store for the public and private keys of a user.
- Stores a User object containing the following fields
- username, public_key, name, email, encrypted_private_key
- Stores the decrypted private key
When filling out the Sign Up form, a User object is created along with a corresponding Agent in order to store the hashed password and encrypted private key. The Agent is stored on-chain, but the User is stored off-chain.
The User is fetched from the database when signing in to ConsenSource. The User object is then saved to local storage, and the decrypted private key is saved to session storage.
A User is an off-chain object that is used to store the hashed password and encrypted private key of a user.
The diagram below goes into more detail on the user creation process.
User creation workflow in ConsenSource
Additional Sawtooth Docs
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.