mirror of
https://git.sr.ht/~sircmpwn/mkproof
synced 2024-04-24 17:15:01 +02:00
Initial commit
This commit is contained in:
commit
3e7a084af1
|
@ -0,0 +1,19 @@
|
|||
Copyright © 2017 Drew DeVault
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the “Software”), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
|
||||
of the Software, and to permit persons to whom the Software is furnished to do
|
||||
so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
|
@ -0,0 +1,55 @@
|
|||
mkproof
|
||||
|
||||
mkproof is a small C program for generating proofs of work.
|
||||
|
||||
Installation
|
||||
|
||||
mkproof depends only on a POSIX-like environment and a C99 compiler.
|
||||
|
||||
$ ./configure
|
||||
$ make
|
||||
|
||||
This will produce three executables: mkchallenge, mkproof, and checkproof.
|
||||
|
||||
Usage
|
||||
|
||||
The situation: Bob wants Alice to do something, but Alice isn't sure if Bob is a
|
||||
robot.
|
||||
|
||||
1. Alice runs `mkchallenge` and sends the challenge to Bob.
|
||||
2. Bob runs `mkproof <challenge>` and wastes some CPU time. After several
|
||||
minutes of work, a proof is printed to stdout.
|
||||
3. Bob sends the proof to Alice.
|
||||
4. Alice runs `checkproof <challenge> <proof>` to verify the work.
|
||||
|
||||
Now Alice can be reasonably confident that Bob is not a robot, and proceed with
|
||||
Bob's request.
|
||||
|
||||
Algorithm
|
||||
|
||||
To make a challenge, generate 16 random bytes. Choose the argon2 iterations and
|
||||
memory parameters, and the number of zeroed digits, to tune the difficulty. The
|
||||
challenge string is the terms "argon2id", the iterations, memory use, and zeroed
|
||||
digits as decimal integers, and the random bytes as hexadecimal, joined by ":".
|
||||
|
||||
To make a proof, split the challenge by ":" and verify that the first token is
|
||||
"argon2id". Decode the iterations, memory, and digits parameters, and the
|
||||
challenge bytes.
|
||||
|
||||
Repeat the following algorithm to generate proofs until an argon2id key is found
|
||||
whose first N hexadecimal digits are zero, where N is equal to the digits
|
||||
parameter:
|
||||
|
||||
1. Generate 16 random bytes (seed) and concatenate the seed and challenge bytes
|
||||
to form an argon2id salt.
|
||||
2. Run argon2id with the generated salt, and the memory and iteration parameters
|
||||
provided by the challenge. The hash length and parallelism parameters shall
|
||||
be respectively set to 32 and 1.
|
||||
3. Encode the argon2id hash as hexadecimal.
|
||||
|
||||
When a suitable hash is found, encode the seed in hexadecimal. This is the proof
|
||||
which should be transmitted to the challenger.
|
||||
|
||||
To verify the proof, simply run the proof algorithm with the original challenge
|
||||
parameters and the challengee's provided seed and verify that the resulting
|
||||
hexadecimal string is prefixed with the appropriate number of zeroes.
|
Loading…
Reference in New Issue