Lib.rs

The crypto component hosts all the implementations of cryptographic primitives we use in Diem: hashing, signing, and key derivation/generation. The parts of the library using traits.rs contains the crypto API enforcing type safety, verifiable random functions, EdDSA & MultiEdDSA signatures.

Overview

Diem makes use of several cryptographic algorithms:

• SHA-3 as the main hash function. It is standardized in FIPS 202. It is based on the tiny_keccak library.
• HKDF: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) based on RFC 5869. It is used to generate keys from a salt (optional), seed, and application-info (optional).
• traits.rs introduces new abstractions for the crypto API.
• Ed25519 performs signatures using the new API design based on ed25519-dalek library with additional security checks (e.g. for malleability).
• X25519 to perform key exchanges. It is used to secure communications between validators via the Noise Protocol Framework. It is based on the x25519-dalek library.

How is this module organized?

    crypto/src
    ├── hash.rs             # Hash function (SHA-3)
    ├── hkdf.rs             # HKDF implementation (HMAC-based Extract-and-Expand Key Derivation Function based on RFC 5869)
    ├── macros/             # Derivations for SilentDebug and SilentDisplay
    ├── utils.rs            # Serialization utility functions
    ├── lib.rs
    ├── ed25519.rs          # Ed25519 implementation of the signing/verification API in traits.rs
    ├── multi_ed25519.rs    # MultiEd25519 implementation of the signing/verification API in traits.rs
    ├── x25519.rs           # X25519 wrapper
    ├── test_utils.rs
    ├── traits.rs           # New API design and the necessary abstractions
    └── unit_tests/         # Tests

Note: This crate historically had support for BLS12381, ECVRF, and SlIP-0010, though were removed due to lack of use. The last git revision before there removal is 00301524.