-
Notifications
You must be signed in to change notification settings - Fork 2
Crypto ID
We'll explain what Crypto Id is, the structure of it, how is being used in overall and finally build a new one.
CID or Crypto Id in general, is a Secp256k1 (same one used in EVM based blockchains) based digital signature used as a unique Id for all Conse users which allows them to sign any in-game(app) operations like depositing, withdrawal and transferring Conse digital assets, so the whole security of digital assets in Conse depends on the whole security of the Blockchain technology!
🪙 RSA based ECDSA-Secp256k1 cryptoghrapy algorithm in wallexerr is being used to generate a unique Crypto Id for each user to allow them to sign and verify in-game(app) on-chain based operations and API calls with their own private keys using web3.
Crypto Id is the public key of RSA based ECDSA with Secp256k1 curve keypair used to verify the incoming signatures to the server signed by its private key.
A Crypto Id in Conse consists of three sets of hex characters namely Secp256k1_public_key
, Secp256k1_secret_key
and Secp256k1_public_address
which are the public key, secret key and keccak256
of public key address respectively.
Conse is using the wallexerr
crate to generate a Secp256k1
Crypto Id, the crate supports RSA based cryptography wallets based on ECC curves like Secp256k1
, secp256r1
and Ed25519
.
Refer to https://crates.io/crates/wallexerr for more info.
In a cryptographical sense, any player that wants to call a very high secure API, MUST sign the request body with the received private key and send the signature along with those inputs that he has signed them to the related API.
Basically the process of generating a Crypto Id can be done by calling the /user/cid/build
API in which the username
and device_id
fields must be passed to the API.
Conse doesn't use the inputs inside the request body of the /user/cid/build
API as the seed phrase to build the Crypto Id, instead it uses a random 12 words mnemonic as the seed phrase to build the Id.
Once the Id gets built a response will be sent to the client contains the user data along with the cid
, screen_cid
, signer
and mnemonic
fields which are the Secp256k1
public key, the keccak256
of the public key, Secp256k1
private key and the randomly generated 12 words mnemonic as the seed phrase to generate the keypair.
Since Secp256k1
ECC curve is being used in EVM based blockchains thus the generated keypair can be imported as a new account inside EVM based wallets like Metamask.
In the first call of this API these fields will be created and returned to the client. The signer
and mnemonic
fields must be saved by the client some how and some where! cause Conse won't store them in server side and losing them will cause the player to lose all his digital assets in the whole blockchain network!
Note that Signing process must be done in client side using the related
web3
library, by building a new wallet with the received private key.