forked from AztecProtocol/aztec-packages
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(docs): Key rotation / owner -> nullifier key docs (AztecProtocol…
…#6538) Closes AztecProtocol/dev-rel#279
- Loading branch information
Showing
12 changed files
with
110 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
--- | ||
title: How to Rotate Nullifier Keys | ||
--- | ||
|
||
This guide explains how to rotate nullifer secret and public keys using Aztec.js. To learn more about key rotation, read the [concepts section](../../aztec/concepts/accounts/keys.md#key-rotation). | ||
|
||
## Prerequisites | ||
|
||
You should have a wallet whose keys you want to rotate. You can learn how to create wallets from [this guide](./create_account.md). | ||
|
||
You should also have a PXE initialized. | ||
|
||
## Relevant imports | ||
|
||
You will need to import these from Aztec.js: | ||
|
||
#include_code imports yarn-project/end-to-end/src/e2e_key_rotation.test.ts typescript | ||
|
||
## Create nullifier secret and public key | ||
|
||
`newNskM` = new master nullifier secret key | ||
|
||
`newNpkM` = new master nullifier public key (type `PublicKey`) | ||
|
||
#include_code create_keys yarn-project/end-to-end/src/e2e_key_rotation.test.ts typescript | ||
|
||
## Rotate nullifier secret and public key | ||
|
||
Call `rotateMasterNullifierKey` on the PXE to rotate the secret key. | ||
|
||
#include_code rotateMasterNullifierKey yarn-project/end-to-end/src/e2e_key_rotation.test.ts typescript | ||
|
||
## Rotate public key | ||
|
||
Connect to the key registry contract with your wallet. | ||
|
||
#include_code keyRegistryWithB yarn-project/end-to-end/src/e2e_key_rotation.test.ts typescript | ||
|
||
Then `rotate_npk_m` on the key registry contract to rotate the public key: | ||
|
||
#include_code rotate_npk_m yarn-project/end-to-end/src/e2e_key_rotation.test.ts typescript |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
docs/docs/guides/smart_contracts/writing_contracts/common_patterns/key_rotation.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
--- | ||
title: Key Rotation | ||
--- | ||
|
||
## Prerequisite reading | ||
|
||
- [Keys](../../../../aztec/concepts/accounts/keys.md) | ||
|
||
## Introduction | ||
|
||
It is possible for users to rotate their keys, which can be helpful if some of their keys are leaked. | ||
|
||
Because of this, notes are associated with their `nullifier key` rather than any sort of 'owner' address. | ||
|
||
It is still possible to nullify the notes with the old nullifier key even after the key rotation. | ||
|
||
## Things to consider | ||
|
||
- 'Owner' is arbitrary - as long as you know the nullifier secret, you can nullify a note | ||
- Consider how key rotation can affect account contracts, eg you can add additional security checks for who or how the key rotation is called | ||
|
||
## Glossary | ||
|
||
- `npk_m_hash`: master nullifying public key hash | ||
- `nsk_app`: app nullifying secret key - the app-specific NSK (learn more about app-scoped keys [here](../../../../aztec/concepts/accounts/keys.md#scoped-keys)) | ||
- `nsk_hash`: nullifying secret key hash | ||
- `ivpk_m`: incoming view public key (master) (learn more about IVPKs [here](../../../../aztec/concepts/accounts/keys.md#keys)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters