Score:1

Which application protocols use elliptic curve key recovery?

cn flag

Section 4.1.6 of https://www.secg.org/sec1-v2.pdf describes a technique for recovering public keys from ECDSA signatures.

I guess Ethereum uses this. Like if you want to validate a particular transaction I guess you recover the public key and then verify that it matches the "address".

My question is... are there any other protocols that make use of this technique?

kelalaka avatar
in flag
They use this to reduce the transaction; `This is also useful in bandwidth constrained environments, when transmission of public keys cannot be afforded.` This is from the doc. Therefore anyone can benefit this if they want to reduce the size of the transaction..
cn flag
@kelalaka - if you're implementing your own protocol you can do anything you want but no SSH implementation supports this and I'd be surprised if SSL/TLS supports it. Like with SSH authentication you have the public key in the authorized_keys file. The idea of accepting a signature because it corresponds to _a_ public key as opposed to a _specific_ one is pretty absurd and it's bandwidth reduction properties don't change that.
kelalaka avatar
in flag
Neither SSH nor TLS is not bandwidth/transaction constrained . If the public key can be recovered uniquely, then one can check that it belongs to someone that has the Ethereum coin, otherwise, why should they accept the signature? This is purely reduce the transaction and especially the storage, nothing more.
kelalaka avatar
in flag
And also, `1.6.2. Verify that Q is the authentic public key. (For example, verify the signature of a certification authority in a certificate which has been truncated by the omission of Q from the certificate.) If Q is authenticated, stop and output Q.`
kelalaka avatar
in flag
Well, +1 since there may other protocols that use this...
Score:1
gb flag

Obviously I don't have a definitive list, but as well as Ethereum, I know that Bitcoin's libsecp256k1 library has a module for signatures with recoverable public keys (secp256k1_ecdsa_sign_recoverable). It is, however, not used on-chain in Bitcoin (the public keys are always provided explicitly when verifying signatures).

And the Bitcoin layer-2 "lightning network" has a public key recovery mechanism in its spec, see here (BOLT-11).

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.