From 3e7a084af1a451c4d92dc09d3dfccec3b8c2fb4e Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Wed, 25 Nov 2020 10:48:52 -0500 Subject: [PATCH] Initial commit --- COPYING | 19 +++++++++++++++++++ README | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 COPYING create mode 100644 README diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..3be8ae8 --- /dev/null +++ b/COPYING @@ -0,0 +1,19 @@ +Copyright © 2017 Drew DeVault + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the “Software”), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README b/README new file mode 100644 index 0000000..1570336 --- /dev/null +++ b/README @@ -0,0 +1,55 @@ + mkproof + +mkproof is a small C program for generating proofs of work. + + Installation + +mkproof depends only on a POSIX-like environment and a C99 compiler. + + $ ./configure + $ make + +This will produce three executables: mkchallenge, mkproof, and checkproof. + + Usage + +The situation: Bob wants Alice to do something, but Alice isn't sure if Bob is a +robot. + +1. Alice runs `mkchallenge` and sends the challenge to Bob. +2. Bob runs `mkproof ` and wastes some CPU time. After several + minutes of work, a proof is printed to stdout. +3. Bob sends the proof to Alice. +4. Alice runs `checkproof ` to verify the work. + +Now Alice can be reasonably confident that Bob is not a robot, and proceed with +Bob's request. + + Algorithm + +To make a challenge, generate 16 random bytes. Choose the argon2 iterations and +memory parameters, and the number of zeroed digits, to tune the difficulty. The +challenge string is the terms "argon2id", the iterations, memory use, and zeroed +digits as decimal integers, and the random bytes as hexadecimal, joined by ":". + +To make a proof, split the challenge by ":" and verify that the first token is +"argon2id". Decode the iterations, memory, and digits parameters, and the +challenge bytes. + +Repeat the following algorithm to generate proofs until an argon2id key is found +whose first N hexadecimal digits are zero, where N is equal to the digits +parameter: + +1. Generate 16 random bytes (seed) and concatenate the seed and challenge bytes + to form an argon2id salt. +2. Run argon2id with the generated salt, and the memory and iteration parameters + provided by the challenge. The hash length and parallelism parameters shall + be respectively set to 32 and 1. +3. Encode the argon2id hash as hexadecimal. + +When a suitable hash is found, encode the seed in hexadecimal. This is the proof +which should be transmitted to the challenger. + +To verify the proof, simply run the proof algorithm with the original challenge +parameters and the challengee's provided seed and verify that the resulting +hexadecimal string is prefixed with the appropriate number of zeroes.