GNUnet Signature Purposes
GNUnet signature purpose registry.
Every time a signature is created or verified with libgnunetutil’s signature functions, the signer must provide a “purpose” that provides the context for the signature. By signing over the “purpose”, it is not possible for an adversary to use a signature made in one context in another context.
GNU Taler uses signature purposes out of the same number space, as indicated by the “Package” column below.
Policy
Developers working on GNUnet or packages based on GNUnet should feel free to extend this registry. Entries may be deleted if no code using them is still expected to be in production anywhere.
Updating the name of the package or subsystem is allowed provided that the code using the signature is being moved, as those fields are merely informational or used for code generation.
Entries
Name |
Number |
Package |
Subsystem |
Comment |
|---|---|---|---|---|
TEST |
0 |
GNUnet |
GNUnet |
Test signature, not valid for anything other than writing a test. (Note that the signature verification code will accept this value). |
TRANSPORT_PONG_OWN |
1 |
GNUnet |
GNUnet-TRANSPORT |
Signature for confirming that this peer uses a particular address. |
TRANSPORT_DISCONNECT |
2 |
GNUnet |
GNUnet-TRANSPORT |
Signature for confirming that this peer intends to disconnect. |
GNS_REVOCATION |
3 |
GNUnet |
GNS |
GNS zone key revocation |
NAMESPACE_ADVERTISEMENT |
4 |
GNUnet |
GNUnet-FS |
Signature for a namespace/pseudonym advertisement (by the namespace owner). |
PEER_PLACEMENT |
5 |
GNUnet |
GNUnet-FS |
Signature by which a peer affirms that it is providing a certain bit of content for use in LOCation URIs. |
DHT_HOP |
6 |
GNUnet |
GNUnet-DHT |
Signature by which a peer affirms that it forwarded a message in the DHT. |
HELLO |
7 |
GNUnet |
GNUnet-HELLO |
Signature by which a peer affirms its address. |
DNS_RECORD |
11 |
GNUnet |
GNUnet-DNS+Exit |
Signature on a GNUNET_DNS_Advertisement. |
CHAT_MESSAGE |
12 |
GNUnet |
GNUnet-MESSENGER |
Signature of a chat message. |
CHAT_RECEIPT |
13 |
GNUnet |
GNUnet-MESSENGER |
Signature of confirmation receipt for a chat message. |
NSE_SEND |
14 |
GNUnet |
GNUnet-NSE |
Signature of a network size estimate message. |
GNS_RECORD_SIGN |
15 |
GNUnet |
GNS |
GNS record set signature |
SET_ECC_KEY |
16 |
GNUnet |
GNUnet-CORE |
Purpose is to set a session key. |
FS_UBLOCK |
17 |
GNUnet |
GNUnet-FS |
UBlock Signature, done using DSS, not ECC |
REGEX_ACCEPT |
18 |
GNUnet |
GNUnet-REGEX |
Accept state in regex DFA. Peer affirms that it offers the matching service. |
CONVERSATION_RING |
20 |
GNUnet |
GNUnet-CONVERSATION |
Signature of a conversation ring. |
SECRETSHARING_DKG1 |
21 |
GNUnet |
GNUnet-SECRETSHARING |
Signature for the first round of distributed key generation. |
SECRETSHARING_DKG2 |
22 |
GNUnet |
GNUnet-SECRETSHARING |
Signature for the second round of distributed key generation. |
SECRETSHARING_DECRYPTION |
23 |
GNUnet |
GNUnet-SECRETSHARING |
Signature for the cooperative decryption. |
RECLAIM_CODE_SIGN |
27 |
GNUnet |
Reclaim |
Signature for a GNUid Ticket |
DELEGATE |
28 |
GNUnet |
Reclaim |
Signature for a GNUnet credential |
TRANSPORT_ADDRESS |
29 |
GNUnet |
GNUnet-TRANSPORT |
Signature by a peer affirming that this is one of its addresses for the given time period. |
TRANSPORT_EPHEMERAL |
30 |
GNUnet |
GNUnet-TRANSPORT |
Signature by a peer affirming that the given ephemeral key is currently in use by that peer’s transport service. |
COMMUNICATOR_TCP_HANDSHAKE |
31 |
GNUnet |
GNUnet-TRANSPORT-TCP |
Signature used by TCP communicator handshake. |
COMMUNICATOR_TCP_REKEY |
32 |
GNUnet |
GNUnet-TRANSPORT-TCP |
Signature used by TCP communicator rekey. |
COMMUNICATOR_UDP_HANDSHAKE |
33 |
GNUnet |
GNUnet-TRANSPORT-UDP |
Signature used by UDP communicator handshake. |
COMMUNICATOR_UDP_BROADCAST |
34 |
GNUnet |
GNUnet-TRANSPORT-UDP |
Signature used by UDP broadcasts. |
TRANSPORT_CHALLENGE |
35 |
GNUnet |
GNUnet-TRANSPORT |
Signature by a peer affirming that it received a challenge (and stating how long it expects the address on which the challenge was received to remain valid). |
TRANSPORT_DV_HOP |
36 |
GNUnet |
GNUnet-TRANSPORT |
Signature by a peer affirming that it is on a DV path. |
TRANSPORT_DV_INITIATOR |
37 |
GNUnet |
GNUnet-TRANSPORT |
Signature by a peer affirming that it originated the DV path. |
CADET_CONNECTION_INITIATOR |
38 |
GNUnet |
GNUnet-CADET |
Signature by a peer that like to create a connection. |
COMMUNICATOR_TCP_HANDSHAKE_ACK |
39 |
GNUnet |
GNUnet-TRANSPORT-TCP |
Signature by a peer sending back the nonce received at initial handshake. |
MASTER_AML_KEY |
1017 |
GNU Taler |
Initialize or update the status of an AML key for an AML officer |
|
MASTER_DRAIN_PROFIT |
1018 |
GNU Taler |
Affirm wiring of exchange profits to operator account. |
|
MASTER_PARTNER_DETAILS |
1019 |
GNU Taler |
Signature affirming a partner configuration for wads. |
|
MASTER_SIGNING_KEY_REVOKED |
1020 |
GNU Taler |
The given revocation key was revoked and must no longer be used. |
|
MASTER_ADD_WIRE |
1021 |
GNU Taler |
Add payto URI to the list of our wire methods. |
|
MASTER_GLOBAL_FEES |
1022 |
GNU Taler |
Signature over global set of fees charged by the exchange. |
|
MASTER_DEL_WIRE |
1023 |
GNU Taler |
Remove payto URI from the list of our wire methods. |
|
MASTER_SIGNING_KEY_VALIDITY |
1024 |
GNU Taler |
Purpose for signing public keys signed by the exchange master key. |
|
MASTER_DENOMINATION_KEY_VALIDITY |
1025 |
GNU Taler |
Purpose for denomination keys signed by the exchange master key. |
|
MASTER_ADD_AUDITOR |
1026 |
GNU Taler |
Add an auditor to the list of our auditors. |
|
MASTER_DEL_AUDITOR |
1027 |
GNU Taler |
Remove an auditor from the list of our auditors. |
|
MASTER_WIRE_FEES |
1028 |
GNU Taler |
Fees charged per (aggregate) wire transfer to the merchant. |
|
MASTER_DENOMINATION_KEY_REVOKED |
1029 |
GNU Taler |
The given revocation key was revoked and must no longer be used. |
|
MASTER_WIRE_DETAILS |
1030 |
GNU Taler |
Signature where the Exchange confirms its IBAN details in the /wire response. |
|
MASTER_EXTENSION |
1031 |
GNU Taler |
Set the configuration of an extension (age-restriction or peer2peer) |
|
EXCHANGE_RESERVE_STATUS |
1032 |
GNU Taler |
Purpose for the state of a reserve, signed by the exchange’s signing key. |
|
EXCHANGE_CONFIRM_DEPOSIT |
1033 |
GNU Taler |
Signature where the Exchange confirms a deposit request. |
|
EXCHANGE_CONFIRM_MELT |
1034 |
GNU Taler |
Signature where the exchange (current signing key) confirms the no-reveal index for cut-and-choose and the validity of the melted coins. |
|
EXCHANGE_KEY_SET |
1035 |
GNU Taler |
Signature where the Exchange confirms the full /keys response set. |
|
EXCHANGE_CONFIRM_WIRE |
1036 |
GNU Taler |
Signature where the Exchange confirms the /track/transaction response. |
|
EXCHANGE_CONFIRM_WIRE_DEPOSIT |
1037 |
GNU Taler |
Signature where the Exchange confirms the /wire/deposit response. |
|
EXCHANGE_CONFIRM_REFUND |
1038 |
GNU Taler |
Signature where the Exchange confirms a refund request. |
|
EXCHANGE_CONFIRM_RECOUP |
1039 |
GNU Taler |
Signature where the Exchange confirms a recoup. |
|
EXCHANGE_RESERVE_CLOSED |
1040 |
GNU Taler |
Signature where the Exchange confirms it closed a reserve. |
|
EXCHANGE_CONFIRM_RECOUP_REFRESH |
1041 |
GNU Taler |
Signature where the Exchange confirms a recoup-refresh operation. |
|
EXCHANGE_AFFIRM_DENOM_UNKNOWN |
1042 |
GNU Taler |
Signature where the Exchange confirms that it does not know a denomination (hash). |
|
EXCHANGE_AFFIRM_DENOM_EXPIRED |
1043 |
GNU Taler |
Signature where the Exchange confirms that it does not consider a denomination valid for the given operation at this time. |
|
EXCHANGE_CONFIRM_PURSE_CREATION |
1045 |
GNU Taler |
Signature by which the exchange affirms that a purse was created with a certain amount deposited into it. |
|
EXCHANGE_CONFIRM_PURSE_MERGED |
1046 |
GNU Taler |
Signature by which the exchange affirms that a purse was merged into a reserve with a certain amount in it. |
|
EXCHANGE_PURSE_STATUS |
1047 |
GNU Taler |
Purpose for the state of a purse, signed by the exchange’s signing key. |
|
EXCHANGE_RESERVE_ATTEST_DETAILS |
1048 |
GNU Taler |
Signature by which the exchange attests identity attributes of a particular reserve owner. |
|
EXCHANGE_CONFIRM_PURSE_REFUND |
1049 |
GNU Taler |
Signature by which the exchange confirms that a purse expired and a coin was refunded. |
|
EXCHANGE_CONFIRM_WITHDRAW |
1050 |
GNU Taler |
Signature where the Exchange confirms an (age-)withdraw. |
|
AUDITOR_EXCHANGE_KEYS |
1064 |
GNU Taler |
Signature where the auditor confirms that he is aware of certain denomination keys from the exchange. |
|
MERCHANT_CONTRACT |
1101 |
GNU Taler |
Signature where the merchant confirms a contract (to the customer). |
|
MERCHANT_REFUND |
1102 |
GNU Taler |
Signature where the merchant confirms a refund (of a coin). |
|
MERCHANT_TRACK_TRANSACTION |
1103 |
GNU Taler |
Signature where the merchant confirms that he needs the wire transfer identifier for a deposit operation. |
|
MERCHANT_PAYMENT_OK |
1104 |
GNU Taler |
Signature where the merchant confirms that the payment was successful |
|
MERCHANT_WIRE_DETAILS |
1107 |
GNU Taler |
Signature where the merchant confirms its own (salted) wire details (not yet really used). |
|
MERCHANT_TOKEN_ISSUE |
1108 |
GNU Taler |
Signature where the merchant issues a token by blindly signing it. Signed with the token issue private key. |
|
WALLET_RESERVE_WITHDRAW |
1200 |
GNU Taler |
Signature where the reserve key confirms a withdraw request. Signed with the reserve private key. |
|
WALLET_COIN_DEPOSIT |
1201 |
GNU Taler |
Signature made by the wallet of a user to confirm a deposit of a coin. |
|
WALLET_COIN_MELT |
1202 |
GNU Taler |
Signature using a coin key confirming the melting of a coin. Signed with the coin’s private key. |
|
WALLET_COIN_RECOUP |
1203 |
GNU Taler |
Signature using a coin key requesting recoup. Signed with the coin’s private key. |
|
WALLET_COIN_LINK |
1204 |
GNU Taler |
Signature using a coin key authenticating link data. Signed with the old coin’s private key. |
|
WALLET_ACCOUNT_SETUP |
1205 |
GNU Taler |
Signature using a reserve key by which a wallet requests a payment target UUID for itself. Signs over just a purpose (no body), as the signature only serves to demonstrate that the request comes from the wallet controlling the private key, and not some third party. |
|
WALLET_COIN_RECOUP_REFRESH |
1206 |
GNU Taler |
Signature using a coin key requesting recoup-refresh. Signed with the coin private key. |
|
WALLET_AGE_ATTESTATION |
1207 |
GNU Taler |
Signature using a age restriction key for attestation of a particular age/age-group. |
|
WALLET_RESERVE_HISTORY |
1208 |
GNU Taler |
Request full or partial reserve history. Signed with the reserve private key. |
|
WALLET_COIN_HISTORY |
1209 |
GNU Taler |
Request full or partial coin history. Signed with the coin private key. |
|
WALLET_PURSE_CREATE |
1210 |
GNU Taler |
Request purse creation (without reserve). Signed by the purse private key. |
|
WALLET_PURSE_DEPOSIT |
1211 |
GNU Taler |
Request coin to be deposited into a purse. Signed with the coin private key. |
|
WALLET_PURSE_STATUS |
1212 |
GNU Taler |
Request purse status. Signed with the purse private key. |
|
WALLET_PURSE_MERGE |
1213 |
GNU Taler |
Request purse to be merged with a reserve. Signed with the purse private key. |
|
WALLET_ACCOUNT_MERGE |
1214 |
GNU Taler |
Request purse to be merged with a reserve. Signed by the reserve private key. |
|
WALLET_RESERVE_CLOSE |
1215 |
GNU Taler |
Request account to be closed. Signed with the reserve private key. |
|
WALLET_PURSE_ECONTRACT |
1216 |
GNU Taler |
Associates encrypted contract with a purse. Signed with the purse private key. |
|
WALLET_RESERVE_OPEN |
1217 |
GNU Taler |
Request reserve to be kept open. Signed with the reserve private key. |
|
WALLET_RESERVE_OPEN_DEPOSIT |
1218 |
GNU Taler |
Request coin to be used to pay for reserve to be kept open. Signed with the coin private key. |
|
WALLET_RESERVE_ATTEST_DETAILS |
1219 |
GNU Taler |
Request attestation about reserve owner. Signed by the reserve private key. |
|
WALLET_PURSE_DELETE |
1220 |
GNU Taler |
Signature by which a wallet requests a purse to be deleted. |
|
WALLET_RESERVE_AGE_WITHDRAW |
1221 |
GNU Taler |
Signature where the reserve key confirms an age-withdraw request. Signed with the reserve private key. |
|
WALLET_TOKEN_USE |
1222 |
GNU Taler |
Signature where the token use key confirms the usage of a token on a pay request. Signed with the token use private key. |
|
MAILBOX_MESSAGES_DELETE |
1223 |
GNU Taler |
Signature over messages to delete in the mailbox service |
|
SM_RSA_DENOMINATION_KEY |
1250 |
GNU Taler |
Signature on a denomination key announcement. |
|
SM_SIGNING_KEY |
1251 |
GNU Taler |
Signature on an exchange message signing key announcement. |
|
SM_CS_DENOMINATION_KEY |
1252 |
GNU Taler |
Signature on a denomination key announcement. |
|
CLIENT_TEST_EDDSA |
1302 |
GNU Taler |
EdDSA test signature. |
|
EXCHANGE_TEST_EDDSA |
1303 |
GNU Taler |
EdDSA test signature. |
|
AML_DECISION |
1350 |
GNU Taler |
Signature by which an AML officer signs an AML decision. |
|
AML_QUERY |
1351 |
GNU Taler |
Signature by which an AML officer requests AML data. |
|
KYC_AUTH |
1360 |
GNU Taler |
Signature by which an account owner authorizes access to a KYC operation. |
|
ANASTASIS_POLICY_UPLOAD |
1400 |
GNU Taler |
EdDSA signature for a policy upload. |
|
SYNC_BACKUP_UPLOAD |
1450 |
GNU Taler |
EdDSA signature for a backup upload. |
|
DONAU_DONATION_STATEMENT |
1500 |
Donau |
The signature is done by the Donau. The Donau signes over the total amount of the corresponding year, the corresponding year and the donation identifier of a specific donor. The statement confirms that the donor made this total in donations for the given year. |
|
CHARITY_DONATION_CONFIRMATION |
1501 |
Donau |
The signature is made by a charity and shows that the charity is in agreement with the donation request which it sends to the Donau. The charity signs over all blinded identifiers and key pairs which it has received from the donor. The signature affirms that the charity wants the donation receipts to be issued on its behalf. |