language/diem-framework/modules/doc/Authenticator.md
<a name="0x1_Authenticator"></a>
0x1::AuthenticatorMove representation of the authenticator types used in Diem. The supported types are Ed25519 (single-sig) and MultiEd25519 (K-of-N multisig).
MultiEd25519PublicKeycreate_multi_ed25519ed25519_authentication_keymulti_ed25519_authentication_keypublic_keysthreshold<a name="0x1_Authenticator_MultiEd25519PublicKey"></a>
MultiEd25519PublicKeyA multi-ed25519 public key
<pre><code><b>struct</b> <a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a> has <b>copy</b>, drop, store </code></pre> <details> <summary>Fields</summary> <dl> <dt> <code>public_keys: vector<vector<u8>></code> </dt> <dd> vector of ed25519 public keys </dd> <dt> <code>threshold: u8</code> </dt> <dd> approval threshold </dd> </dl> </details><a name="@Constants_0"></a>
<a name="0x1_Authenticator_ENOT_ENOUGH_KEYS_FOR_THRESHOLD"></a>
Not enough keys were provided for the specified threshold when creating an <code>MultiEd25519</code> key
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_ENOT_ENOUGH_KEYS_FOR_THRESHOLD">ENOT_ENOUGH_KEYS_FOR_THRESHOLD</a>: u64 = 1; </code></pre><a name="0x1_Authenticator_ENUM_KEYS_ABOVE_MAX_THRESHOLD"></a>
Too many keys were provided for the specified threshold when creating an <code>MultiEd25519</code> key
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_ENUM_KEYS_ABOVE_MAX_THRESHOLD">ENUM_KEYS_ABOVE_MAX_THRESHOLD</a>: u64 = 2; </code></pre><a name="0x1_Authenticator_EZERO_THRESHOLD"></a>
Threshold provided was 0 which can't be used to create a <code>MultiEd25519</code> key
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_EZERO_THRESHOLD">EZERO_THRESHOLD</a>: u64 = 0; </code></pre><a name="0x1_Authenticator_MAX_MULTI_ED25519_KEYS"></a>
Maximum number of keys allowed in a MultiEd25519 public/private key
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_MAX_MULTI_ED25519_KEYS">MAX_MULTI_ED25519_KEYS</a>: u64 = 32; </code></pre><a name="0x1_Authenticator_MULTI_ED25519_SCHEME_ID"></a>
Scheme byte ID for multi-ed25519
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_MULTI_ED25519_SCHEME_ID">MULTI_ED25519_SCHEME_ID</a>: u8 = 1; </code></pre><a name="0x1_Authenticator_SINGLE_ED25519_SCHEME_ID"></a>
Scheme byte ID for ed25519
<pre><code><b>const</b> <a href="Authenticator.md#0x1_Authenticator_SINGLE_ED25519_SCHEME_ID">SINGLE_ED25519_SCHEME_ID</a>: u8 = 0; </code></pre><a name="0x1_Authenticator_create_multi_ed25519"></a>
create_multi_ed25519Create a a multisig policy from a vector of ed25519 public keys and a threshold. Note: this does not check uniqueness of keys. Repeated keys are convenient to encode weighted multisig policies. For example Alice AND 1 of Bob or Carol is public_key: {alice_key, alice_key, bob_key, carol_key}, threshold: 3 Aborts if threshold is zero or bigger than the length of <code>public_keys</code>.
<pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_create_multi_ed25519">create_multi_ed25519</a>(public_keys: vector<vector<u8>>, threshold: u8): <a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">Authenticator::MultiEd25519PublicKey</a> </code></pre> <details> <summary>Implementation</summary> <pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_create_multi_ed25519">create_multi_ed25519</a>( public_keys: vector<vector<u8>>, threshold: u8 ): <a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a> { // check threshold requirements <b>let</b> len = <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_length">Vector::length</a>(&public_keys); <b>assert</b>(threshold != 0, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(<a href="Authenticator.md#0x1_Authenticator_EZERO_THRESHOLD">EZERO_THRESHOLD</a>)); <b>assert</b>( (threshold <b>as</b> u64) <= len, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(<a href="Authenticator.md#0x1_Authenticator_ENOT_ENOUGH_KEYS_FOR_THRESHOLD">ENOT_ENOUGH_KEYS_FOR_THRESHOLD</a>) ); // the multied25519 signature scheme allows at most 32 keys <b>assert</b>( len <= <a href="Authenticator.md#0x1_Authenticator_MAX_MULTI_ED25519_KEYS">MAX_MULTI_ED25519_KEYS</a>, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(<a href="Authenticator.md#0x1_Authenticator_ENUM_KEYS_ABOVE_MAX_THRESHOLD">ENUM_KEYS_ABOVE_MAX_THRESHOLD</a>) ); <a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a> { public_keys, threshold } } </code></pre> </details><a name="0x1_Authenticator_ed25519_authentication_key"></a>
ed25519_authentication_keyCompute an authentication key for the ed25519 public key <code>public_key</code>
<pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_ed25519_authentication_key">ed25519_authentication_key</a>(public_key: vector<u8>): vector<u8> </code></pre> <details> <summary>Implementation</summary> <pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_ed25519_authentication_key">ed25519_authentication_key</a>(public_key: vector<u8>): vector<u8> { <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_push_back">Vector::push_back</a>(&<b>mut</b> public_key, <a href="Authenticator.md#0x1_Authenticator_SINGLE_ED25519_SCHEME_ID">SINGLE_ED25519_SCHEME_ID</a>); <a href="../../../../../../move-stdlib/docs/Hash.md#0x1_Hash_sha3_256">Hash::sha3_256</a>(public_key) } </code></pre> </details> <details> <summary>Specification</summary> <pre><code><b>pragma</b> opaque = <b>true</b>; <b>aborts_if</b> <b>false</b>; <b>ensures</b> [abstract] result == <a href="Authenticator.md#0x1_Authenticator_spec_ed25519_authentication_key">spec_ed25519_authentication_key</a>(public_key); </code></pre>We use an uninterpreted function to represent the result of key construction. The actual value does not matter for the verification of callers.
<a name="0x1_Authenticator_spec_ed25519_authentication_key"></a>
<pre><code><b>fun</b> <a href="Authenticator.md#0x1_Authenticator_spec_ed25519_authentication_key">spec_ed25519_authentication_key</a>(public_key: vector<u8>): vector<u8>; </code></pre> </details><a name="0x1_Authenticator_multi_ed25519_authentication_key"></a>
multi_ed25519_authentication_keyCompute a multied25519 account authentication key for the policy <code>k</code>
<pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_multi_ed25519_authentication_key">multi_ed25519_authentication_key</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">Authenticator::MultiEd25519PublicKey</a>): vector<u8> </code></pre> <details> <summary>Implementation</summary> <pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_multi_ed25519_authentication_key">multi_ed25519_authentication_key</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a>): vector<u8> { <b>let</b> public_keys = &k.public_keys; <b>let</b> len = <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_length">Vector::length</a>(public_keys); <b>let</b> authentication_key_preimage = <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_empty">Vector::empty</a>(); <b>let</b> i = 0; <b>while</b> (i < len) { <b>let</b> public_key = *<a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_borrow">Vector::borrow</a>(public_keys, i); <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_append">Vector::append</a>( &<b>mut</b> authentication_key_preimage, public_key ); i = i + 1; }; <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_append">Vector::append</a>(&<b>mut</b> authentication_key_preimage, <a href="../../../../../../move-stdlib/docs/BCS.md#0x1_BCS_to_bytes">BCS::to_bytes</a>(&k.threshold)); <a href="../../../../../../move-stdlib/docs/Vector.md#0x1_Vector_push_back">Vector::push_back</a>(&<b>mut</b> authentication_key_preimage, <a href="Authenticator.md#0x1_Authenticator_MULTI_ED25519_SCHEME_ID">MULTI_ED25519_SCHEME_ID</a>); <a href="../../../../../../move-stdlib/docs/Hash.md#0x1_Hash_sha3_256">Hash::sha3_256</a>(authentication_key_preimage) } </code></pre> </details> <details> <summary>Specification</summary> <pre><code><b>pragma</b> opaque; <b>aborts_if</b> <b>false</b>; <b>ensures</b> [abstract] result == <a href="Authenticator.md#0x1_Authenticator_spec_multi_ed25519_authentication_key">spec_multi_ed25519_authentication_key</a>(k); </code></pre>We use an uninterpreted function to represent the result of key construction. The actual value does not matter for the verification of callers.
<a name="0x1_Authenticator_spec_multi_ed25519_authentication_key"></a>
<pre><code><b>fun</b> <a href="Authenticator.md#0x1_Authenticator_spec_multi_ed25519_authentication_key">spec_multi_ed25519_authentication_key</a>(k: <a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a>): vector<u8>; </code></pre> </details><a name="0x1_Authenticator_public_keys"></a>
public_keysReturn the public keys involved in the multisig policy <code>k</code>
<pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_public_keys">public_keys</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">Authenticator::MultiEd25519PublicKey</a>): &vector<vector<u8>> </code></pre> <details> <summary>Implementation</summary> <pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_public_keys">public_keys</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a>): &vector<vector<u8>> { &k.public_keys } </code></pre> </details><a name="0x1_Authenticator_threshold"></a>
thresholdReturn the threshold for the multisig policy <code>k</code>
<pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_threshold">threshold</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">Authenticator::MultiEd25519PublicKey</a>): u8 </code></pre> <details> <summary>Implementation</summary> <pre><code><b>public</b> <b>fun</b> <a href="Authenticator.md#0x1_Authenticator_threshold">threshold</a>(k: &<a href="Authenticator.md#0x1_Authenticator_MultiEd25519PublicKey">MultiEd25519PublicKey</a>): u8 { *&k.threshold } </code></pre> </details>