Skip to content

Commit

Permalink
UIP 4: Add explicit call to ChaCha20-Poly1305
Browse files Browse the repository at this point in the history
  • Loading branch information
@redshiftzero
redshiftzero committed Nov 12, 2024
1 parent 3837a73 commit 56749d7
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions uips/uip-4.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,10 +62,16 @@ One advantage of using a single key is that we can scan all spends using this ke

A random 16-byte nonce $n$ will be generated and provided as a prefix in the `encrypted_backref` field.

Encryption is performed using the $(k, n)$ tuple and outputs the 32-byte ciphertext of the 32-byte note commitment, and a 16-byte MAC. The transmitted data in the `encrypted_backref` field consists of a concatenation of the nonce, ciphertext and MAC:
Encryption of the 32-byte note commitment $cm$ is performed using `ChaCha20-Poly1305` with the $(brk, n)$ tuple and outputs the 32-byte ciphertext $c$, and a 16-byte MAC:

```
encrypted_backref = n || ciphertext || MAC
(c, MAC) = ChaCha20-Poly1305(brk, n, cm)
```

The transmitted data in the `encrypted_backref` field consists of a concatenation of the nonce $n$, ciphertext $c$, and MAC:

```
encrypted_backref = n || c || MAC
```

The `encrypted_backref` is thus 64 bytes (16 byte nonce + 32 byte ciphertext + 16 byte MAC).
Expand Down

0 comments on commit 56749d7

Please sign in to comment.