Generating Keys and Signatures

The price oracle must securely store an HMAC_SECRET key (used to generate threshold keys), and SIGN_SECRET key (used to sign responses):

// Used to generate a unique secret key for each price quote:
HMAC_SECRET = 32 (or more) randomly generated bytes.

// Used to provide a signature with each price quote:
SIGN_SECRET = 32 randomly generated bytes (on the secp256k1 curve).

// Compressed public key of the signing secret key.
ORACLE_PK   = get_ecdsa_compressed_pubkey(SIGN_SECRET)// Some code

When the oracle receives a request, the thold_key and thold_hash can be generated using the following formula:

DOMAIN_LABEL  = utf8_to_bytes("bitcoin/usd_price_quote")
QUOTE_PRICE   = uint32_to_bytes(quote_price, size=4)
QUOTE_STAMP   = uint32_to_bytes(quote_stamp, size=4)
THOLD_PRICE   = uint32_to_bytes(thold_price, size=4)
THOLD_KEY     = hmac256(HMAC_SECRET, DOMAIN_LABEL, ORACLE_PK, QUOTE_PRICE, QUOTE_STAMP, THOLD_PRICE)
THOLD_HASH    = ripemd160(sha256(THOLD_KEY))

When providing a response, the contents of the price quote must be hashed and signed using the following formula:

PREIMAGE = json_to_utf8_bytes({
  expiry_price : number | null // Price of the first exchange record to cross threshold.
  expiry_stamp : number | null // Timestamp of the first exchange record to cross threshold. 
  is_expired   : boolean       // If the threshold has been crossed.
  oracle_pk    : string        // Public key belonging to the Price Oracle.
  quote_price  : number        // The exchange price of the quote.
  quote_stamp  : number        // The exchange timestamp of the quote.
  req_stamp    : number        // Timestamp of the latest exchange record.
  thold_hash   : string        // HASH160 hash of the threshold key.
  thold_key    : string | null // HMAC256 key controlling the stop-loss event.
  thold_price  : number        // Threshold price that was provided with the request.
})
REQUEST_ID  = sha256(PREIMAGE)
REQUEST_SIG = ecdsa_sign(SIGN_SECRET, PREIMAGE)

PreviousPrice Quotes NextBasic Mechanics

Last updated 3 months ago

Was this helpful?

// Used to generate a unique secret key for each price quote: HMAC_SECRET = 32 (or more) randomly generated bytes. // Used to provide a signature with each price quote: SIGN_SECRET = 32 randomly generated bytes (on the secp256k1 curve). // Compressed public key of the signing secret key. ORACLE_PK = get_ecdsa_compressed_pubkey(SIGN_SECRET)// Some code

DOMAIN_LABEL = utf8_to_bytes("bitcoin/usd_price_quote") QUOTE_PRICE = uint32_to_bytes(quote_price, size=4) QUOTE_STAMP = uint32_to_bytes(quote_stamp, size=4) THOLD_PRICE = uint32_to_bytes(thold_price, size=4) THOLD_KEY = hmac256(HMAC_SECRET, DOMAIN_LABEL, ORACLE_PK, QUOTE_PRICE, QUOTE_STAMP, THOLD_PRICE) THOLD_HASH = ripemd160(sha256(THOLD_KEY))

PREIMAGE = json_to_utf8_bytes({ expiry_price : number | null // Price of the first exchange record to cross threshold. expiry_stamp : number | null // Timestamp of the first exchange record to cross threshold. is_expired : boolean // If the threshold has been crossed. oracle_pk : string // Public key belonging to the Price Oracle. quote_price : number // The exchange price of the quote. quote_stamp : number // The exchange timestamp of the quote. req_stamp : number // Timestamp of the latest exchange record. thold_hash : string // HASH160 hash of the threshold key. thold_key : string | null // HMAC256 key controlling the stop-loss event. thold_price : number // Threshold price that was provided with the request. }) REQUEST_ID = sha256(PREIMAGE) REQUEST_SIG = ecdsa_sign(SIGN_SECRET, PREIMAGE)