{"id":17976085,"url":"https://github.com/deemru/vecro","last_synced_at":"2025-03-25T15:31:09.541Z","repository":{"id":101711970,"uuid":"166403771","full_name":"deemru/VECRO","owner":"deemru","description":"Verifiable Elliptic Curve Random Oracle","archived":false,"fork":false,"pushed_at":"2019-05-07T17:55:00.000Z","size":20,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-20T13:08:20.515Z","etag":null,"topics":["waveskit"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deemru.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"support/error_handler.php","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-01-18T12:46:31.000Z","updated_at":"2021-06-01T09:14:54.000Z","dependencies_parsed_at":null,"dependency_job_id":"de177384-2a83-4f0d-884b-a398e63895e1","html_url":"https://github.com/deemru/VECRO","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deemru%2FVECRO","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deemru%2FVECRO/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deemru%2FVECRO/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deemru%2FVECRO/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deemru","download_url":"https://codeload.github.com/deemru/VECRO/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245489756,"owners_count":20623789,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["waveskit"],"created_at":"2024-10-29T17:21:56.580Z","updated_at":"2025-03-25T15:31:09.532Z","avatar_url":"https://github.com/deemru.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VECRO\n\n[VECRO](https://github.com/deemru/vecro) stands for a **v**erifiable **e**lliptic **c**urve **r**andom **o**racle.\n\nVECRO allows to produce [unique, collision resistant and fully pseudorandom](https://tools.ietf.org/html/draft-irtf-cfrg-vrf-03#page-10) numbers based on client's data. These numbers can be easily verified as regular EdDSA signatures.\n\n## Basics\n\n[EdDSA](https://en.wikipedia.org/wiki/EdDSA) signature consists of `R` and `S` values, where `R` represents a nonce and `S` represents a signature, the `R, S` pair proofs that a message is signed by a private key. This can be verified by a corresponding public key at any time.\n\nEdDSA has a problem when used as a source for a [random oracle](https://en.wikipedia.org/wiki/Random_oracle), because it can generate an infinite number of valid signatures for one message, so an oracle on this method can easily manipulate a final result. `R` value must be unique every time and even if `R` is fixed and based on a message input, there is no garantees that the oracle does not manipulate the value of `R`, otherwise, his private key is compromised.\n\nVECRO defines a mechanism in which `R` value fixates before a signature generation, so for one message and fixed `R` there is only one `S` value, which can then be used as verifiable random number, because there is no room for manipulations.\n\n## Solution\n\nVECRO provides his public key and `getR()`, `getRS()` functions for clients.\n\n`getR()` function:\n- gets `rseed` value from a client;\n- calculates `R` value based on `rseed`;\n- publishes `R` for the client.\n\n`getRS()` function:\n- gets a `message` and `rseed` from a client;\n- calculates a signature as `R, S` pair based on the `message` and `rseed`;\n- publishes `R, S` for the client.\n\nWhen a client wants a new random number, he:\n- chooses a VECRO he wants to work with;\n- gets the VECRO's public key;\n- generates unique `rseed`;\n- calls `getR( rseed )`  on the VECRO;\n- gets `R` value from the VECRO;\n- generates a `message`;\n- calls `getRS( message, rseed )` on the VECRO;\n- gets `R, S` pair from the VECRO;\n- verifies `R` matches `R` from `R, S`;\n- stops if not;\n- verifies `R, S` is a signature of the `message` by the VECRO's public key;\n- stops if not;\n- uses `S` as a verified random value.\n\nAnd there are a few important things here.\n\nFor a VECRO:\n- `R` must be unique;\n- `R` must be used only once.\n\nFor a client:\n- VECRO must be chosen prior a `message` generation;\n- `rseed` must be chosen prior a `message` generation;\n- `R` that corresponds `rseed` must appear prior a `message` generation.\n\nThis is done to ensure that when the message is ready, no one can manipulate `S` as the final result.\n\n## Cryptographic library implementation details\n\nVECRO needs a few additional cryptographic library functions:\n- to produce `R` value based on `rseed` and the VECRO's private key;\n- to produce `R, S` pair based on a `message`, the VECRO's private key and `rseed`;\n- `R` values in both calls must be equal if `rseed` is equal;\n- `R, S` must be a `message` signature which is verifiable by VECRO's public key.\n\nBeware of direct `rseed` usage, `rseed` which goes to `R` generation must include all available static identificators, such as addresses, keys and other fixed parameters.\n\nReference implementation @ [deemru / curve25519-php](https://github.com/deemru/curve25519-php):\n- interface: [curve25519.php #L379](https://github.com/deemru/curve25519-php/blob/98cbc0db765b760f878cb66230e2f14ef88210f0/curve25519.php#L379)\n- internal `rseed` usage: [curve25519.php #301](https://github.com/deemru/curve25519-php/blob/98cbc0db765b760f878cb66230e2f14ef88210f0/curve25519.php#L301)\n\n\n\n## Blockchain implementation details\n\nVECRO is designed to function on blockchains which have smart contracts which allow:\n- to publish VECRO's public key once and for all;\n- to publish `R` value identified by client's `rseed`, public key and transaction id;\n- to overwrite `R` value by `R, S` pair only if there is a transaction with the same client's public key, with the same `rseed`, with a `message` for which `R, S` is a signature verified by VECRO's public key.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeemru%2Fvecro","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeemru%2Fvecro","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeemru%2Fvecro/lists"}