Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
Documentation
To protect against replay attacks (i.e. when an attacker intercepts a signed piece of data and later sends it again), we add a tag to all data that we sign. This ensures that even if some bytestring can be deserialized into two different types of messages (A and B), the attacker can't take message A and send it as message B.
We also automatically add the network tag (protocolMagic
) whenever it
makes sense, to ensure that things intended for testnet won't work for
mainnet.
SignForTestingOnly | Anything (to be used for testing only) |
SignTx | Tx: |
SignRedeemTx | Redeem tx: |
SignVssCert | Vss certificate: |
SignUSProposal | Update proposal: |
SignCommitment | Commitment: |
SignUSVote | US proposal vote: |
SignBlock VerificationKey | Block header: This constructor takes the |
SignCertificate | Certificate: |
Instances
signTag ∷ ProtocolMagicId → SignTag → ByteString Source #
Get magic bytes corresponding to a SignTag
. Guaranteed to be different
(and begin with a different byte) for different tags.
signTagDecoded ∷ Annotated ProtocolMagicId ByteString → SignTag → ByteString Source #
Get magic bytes corresponding to a SignTag
, taking ProtocolMagic
bytes
from the annotation