Skip to content

Proposal: Support p256 signature algorithm for identity and event verification to be compatible with cloud KMS, HSM #67

New issue
New issue
Closed
Closed
Proposal: Support p256 signature algorithm for identity and event verification to be compatible with cloud KMS, HSM#67
Labels
high priority
@anhthii

Description

@anhthii
anhthii
opened on Aug 3, 2025

Overview:

To improve integration with external Key Management Services (KMS) that only support P-256 (NIST curve secp256r1), we propose extending mpcium's identity and event verification logic to support p256 in addition to the current default ed25519.

1. Signature Algorithm Selection

  • Support two signature algorithms:

    • ed25519 (default)
    • p256 (NIST secp256r1, ECDSA)

  • New CLI flag for generate-initiator

    --algorithm [ed25519|p256]   # default: ed25519

  • If --algorithm is not provided, default to ed25519.

2. Public Key Input for P-256

mpcium

  • If --algorithm=p256, require:

    --pubkey path/to/pubkey.pem

  • PEM file must contain a valid ECDSA P-256 public key.

  • The private key is never used or required.

  • For ed25519, the keypair continues to be generated internally.

3. Event initiator identity File Format

Update the identity file to include:

{
  "algorithm": "p256",
  "public_key": "<base64-encoded DER or hex string>",
  ...
}
  • algorithm must always be present.
  • public_key must be stored regardless of algorithm source.

5. Signature Verification Logic

Update the signature verification logic:

func (store *identityStore) VerifyInitiatorMessage(msg InitiatorMessage) error {
    algorithm := msg.Algorithm() // New method
    switch algorithm {
    case "ed25519":
        return store.verifyEd25519Message(msg)
    case "p256":
        return store.verifyP256Message(msg)
    default:
        return fmt.Errorf("unsupported signature algorithm: %s", algorithm)
    }
}

6. verifyP256Message Implementation

  • Use crypto/ecdsa with elliptic.P256() and sha256 hash.
  • Load public key from message or identity.
  • Verify the ECDSA signature against the SHA-256 hash of the message.
  • Normalize public key to a consistent format (e.g., from PEM or base64).

7. Node Configuration Support

Allow static configuration in config.yaml:

event_initiator_algorithm: "p256"  # or "ed25519", default: ed25519
event_initiator_pubkey: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE..." # base64 DER

8. Backward Compatibility

  • If algorithm is not defined:
    • Assume ed25519 for identity generation and verification.
  • No changes required for existing ed25519 identities or initiators.

Metadata

Metadata

Assignees

No one assigned

    Labels

    high priority

    Type

    No type

    Projects

    MPCIUM roadmap

    Status

    Done

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions