Table of Contents

Wallet (Concept)

Since data in the system is stored in a decentralized manner across multiple registries, and ownership of data is represented by cryptographic keys, the users need a way to manage their ownership of digital assets across multiple registries in a simple and secure way.

The wallet is a fundamental component which stores and manages the ownership of digital assets, specifically Granular Certificates (GCs) and their corresponding slices.

The wallet are based on the concept og Hierarchical Deterministic Keys (HD Keys) to ensure the uniqueness and security of keys used for each slice, and to provide a secure and convenient way to manage ownership of GCs within the system.

Note

We never reuse public keys, since it can be used to link ownership of slices together. Which could enable third parties to track ones ownership of slices, and potentially link it to other data. This is why we use HD keys to generate unique public keys for each slice.

The wallet must also store cryptographic data about the slices, like quanity, random secret, and attributes.

Cryptographic data

Since GCs on the registries only stores commitments to the data, the wallet must store the actual data and cryptographic data about the slices.

The cryptographic data includes:

  • Quantity of the slice
  • Random secret used in the commitment
  • Hashed attributes of GC
  • Which private key to use for signing transactions

Wallet endpoints

To ensure we always use unique public keys for each slice, we use HD keys to generate unique public keys for each slice.

Wallet endpoints are a concept to enable secure and private asset transfers and ownership management.

When Alice wants to transfer a slice to Bob, Bob must first create a wallet endpoint and share the public key of the endpoint with Alice. Alice then uses the public key to sequecially generate unique child public keys for each slice she wants to transfer to Bob. Alice then signs the transaction with her private key and sends the transaction to the registry. Alice' wallet then sends the private information to Bobs wallet, using the public key of the endpoint, and position of the slice.

sequenceDiagram
    actor receiver as receiver
    actor sender as Sender
    participant reg as Registry
    participant senderWallet as Sender Wallet
    participant wallet as receiver Wallet

    Note over sender,receiver: Out of bounds agreement for transfer
    receiver ->> sender: WalletEndpointReference
    Note over senderWallet: Slice is expected to exist

    sender ->> senderWallet: TransferSlice(WalletEndpointReference,...)

    activate senderWallet
    senderWallet ->> senderWallet: Generate next publicKey
    senderWallet ->> reg: call TransferSlice
    deactivate senderWallet

    activate reg
    reg -->> senderWallet: Transfer complete
    deactivate reg

    activate senderWallet
    senderWallet->> wallet: SendInfo(accountRef, index, certId, m, r... )
    deactivate senderWallet

    activate wallet
    wallet ->>+ reg: Get slice
    reg ->>- wallet: slice info
    wallet ->> wallet: verifySlice
    wallet ->> wallet: Update wallet datastore
    deactivate wallet