Generating Keys and Signatures
The price oracle must securely store an HMAC_SECRET
key (used to generate threshold keys), and SIGN_SECRET
key (used to sign responses):
// Used to generate a unique secret key for each price quote:
HMAC_SECRET = 32 (or more) randomly generated bytes.
// Used to provide a signature with each price quote:
SIGN_SECRET = 32 randomly generated bytes (on the secp256k1 curve).
// Compressed public key of the signing secret key.
ORACLE_PK = get_ecdsa_compressed_pubkey(SIGN_SECRET)// Some code
When the oracle receives a request, the thold_key
and thold_hash
can be generated using the following formula:
DOMAIN_LABEL = utf8_to_bytes("bitcoin/usd_price_quote")
QUOTE_PRICE = uint32_to_bytes(quote_price, size=4)
QUOTE_STAMP = uint32_to_bytes(quote_stamp, size=4)
THOLD_PRICE = uint32_to_bytes(thold_price, size=4)
THOLD_KEY = hmac256(HMAC_SECRET, DOMAIN_LABEL, ORACLE_PK, QUOTE_PRICE, QUOTE_STAMP, THOLD_PRICE)
THOLD_HASH = ripemd160(sha256(THOLD_KEY))
When providing a response, the contents of the price quote must be hashed and signed using the following formula:
PREIMAGE = json_to_utf8_bytes({
expiry_price : number | null // Price of the first exchange record to cross threshold.
expiry_stamp : number | null // Timestamp of the first exchange record to cross threshold.
is_expired : boolean // If the threshold has been crossed.
oracle_pk : string // Public key belonging to the Price Oracle.
quote_price : number // The exchange price of the quote.
quote_stamp : number // The exchange timestamp of the quote.
req_stamp : number // Timestamp of the latest exchange record.
thold_hash : string // HASH160 hash of the threshold key.
thold_key : string | null // HMAC256 key controlling the stop-loss event.
thold_price : number // Threshold price that was provided with the request.
})
REQUEST_ID = sha256(PREIMAGE)
REQUEST_SIG = ecdsa_sign(SIGN_SECRET, PREIMAGE)
Last updated
Was this helpful?