GNUnet Signature Purposes

GNUnet signature purpose registry.

Every time a signature is created or verified with libgnunetutil’s signature functions, the signer must provide a “purpose” that provides the context for the signature. By signing over the “purpose”, it is not possible for an adversary to use a signature made in one context in another context.

GNU Taler uses signature purposes out of the same number space, as indicated by the “Package” column below.

Policy

Developers working on GNUnet or packages based on GNUnet should feel free to extend this registry. Entries may be deleted if no code using them is still expected to be in production anywhere.

Updating the name of the package or subsystem is allowed provided that the code using the signature is being moved, as those fields are merely informational or used for code generation.

Entries

GNS Signature Purposes

Name

Number

Package

Subsystem

Comment

TEST

0

GNUnet

GNUnet

Test signature, not valid for anything other than writing a test. (Note that the signature verification code will accept this value).

TRANSPORT_PONG_OWN

1

GNUnet

GNUnet-TRANSPORT

Signature for confirming that this peer uses a particular address.

TRANSPORT_DISCONNECT

2

GNUnet

GNUnet-TRANSPORT

Signature for confirming that this peer intends to disconnect.

GNS_REVOCATION

3

GNUnet

GNS

GNS zone key revocation

NAMESPACE_ADVERTISEMENT

4

GNUnet

GNUnet-FS

Signature for a namespace/pseudonym advertisement (by the namespace owner).

PEER_PLACEMENT

5

GNUnet

GNUnet-FS

Signature by which a peer affirms that it is providing a certain bit of content for use in LOCation URIs.

DHT_HOP

6

GNUnet

GNUnet-DHT

Signature by which a peer affirms that it forwarded a message in the DHT.

HELLO

7

GNUnet

GNUnet-HELLO

Signature by which a peer affirms its address.

DNS_RECORD

11

GNUnet

GNUnet-DNS+Exit

Signature on a GNUNET_DNS_Advertisement.

CHAT_MESSAGE

12

GNUnet

GNUnet-MESSENGER

Signature of a chat message.

CHAT_RECEIPT

13

GNUnet

GNUnet-MESSENGER

Signature of confirmation receipt for a chat message.

NSE_SEND

14

GNUnet

GNUnet-NSE

Signature of a network size estimate message.

GNS_RECORD_SIGN

15

GNUnet

GNS

GNS record set signature

SET_ECC_KEY

16

GNUnet

GNUnet-CORE

Purpose is to set a session key.

FS_UBLOCK

17

GNUnet

GNUnet-FS

UBlock Signature, done using DSS, not ECC

REGEX_ACCEPT

18

GNUnet

GNUnet-REGEX

Accept state in regex DFA. Peer affirms that it offers the matching service.

CONVERSATION_RING

20

GNUnet

GNUnet-CONVERSATION

Signature of a conversation ring.

SECRETSHARING_DKG1

21

GNUnet

GNUnet-SECRETSHARING

Signature for the first round of distributed key generation.

SECRETSHARING_DKG2

22

GNUnet

GNUnet-SECRETSHARING

Signature for the second round of distributed key generation.

SECRETSHARING_DECRYPTION

23

GNUnet

GNUnet-SECRETSHARING

Signature for the cooperative decryption.

RECLAIM_CODE_SIGN

27

GNUnet

Reclaim

Signature for a GNUid Ticket

DELEGATE

28

GNUnet

Reclaim

Signature for a GNUnet credential

TRANSPORT_ADDRESS

29

GNUnet

GNUnet-TRANSPORT

Signature by a peer affirming that this is one of its addresses for the given time period.

TRANSPORT_EPHEMERAL

30

GNUnet

GNUnet-TRANSPORT

Signature by a peer affirming that the given ephemeral key is currently in use by that peer’s transport service.

COMMUNICATOR_TCP_HANDSHAKE

31

GNUnet

GNUnet-TRANSPORT-TCP

Signature used by TCP communicator handshake.

COMMUNICATOR_TCP_REKEY

32

GNUnet

GNUnet-TRANSPORT-TCP

Signature used by TCP communicator rekey.

COMMUNICATOR_UDP_HANDSHAKE

33

GNUnet

GNUnet-TRANSPORT-UDP

Signature used by UDP communicator handshake.

COMMUNICATOR_UDP_BROADCAST

34

GNUnet

GNUnet-TRANSPORT-UDP

Signature used by UDP broadcasts.

TRANSPORT_CHALLENGE

35

GNUnet

GNUnet-TRANSPORT

Signature by a peer affirming that it received a challenge (and stating how long it expects the address on which the challenge was received to remain valid).

TRANSPORT_DV_HOP

36

GNUnet

GNUnet-TRANSPORT

Signature by a peer affirming that it is on a DV path.

TRANSPORT_DV_INITIATOR

37

GNUnet

GNUnet-TRANSPORT

Signature by a peer affirming that it originated the DV path.

CADET_CONNECTION_INITIATOR

38

GNUnet

GNUnet-CADET

Signature by a peer that like to create a connection.

COMMUNICATOR_TCP_HANDSHAKE_ACK

39

GNUnet

GNUnet-TRANSPORT-TCP

Signature by a peer sending back the nonce received at initial handshake.

MASTER_AML_KEY

1017

GNU Taler

Initialize or update the status of an AML key for an AML officer

MASTER_DRAIN_PROFIT

1018

GNU Taler

Affirm wiring of exchange profits to operator account.

MASTER_PARTNER_DETAILS

1019

GNU Taler

Signature affirming a partner configuration for wads.

MASTER_SIGNING_KEY_REVOKED

1020

GNU Taler

The given revocation key was revoked and must no longer be used.

MASTER_ADD_WIRE

1021

GNU Taler

Add payto URI to the list of our wire methods.

MASTER_GLOBAL_FEES

1022

GNU Taler

Signature over global set of fees charged by the exchange.

MASTER_DEL_WIRE

1023

GNU Taler

Remove payto URI from the list of our wire methods.

MASTER_SIGNING_KEY_VALIDITY

1024

GNU Taler

Purpose for signing public keys signed by the exchange master key.

MASTER_DENOMINATION_KEY_VALIDITY

1025

GNU Taler

Purpose for denomination keys signed by the exchange master key.

MASTER_ADD_AUDITOR

1026

GNU Taler

Add an auditor to the list of our auditors.

MASTER_DEL_AUDITOR

1027

GNU Taler

Remove an auditor from the list of our auditors.

MASTER_WIRE_FEES

1028

GNU Taler

Fees charged per (aggregate) wire transfer to the merchant.

MASTER_DENOMINATION_KEY_REVOKED

1029

GNU Taler

The given revocation key was revoked and must no longer be used.

MASTER_WIRE_DETAILS

1030

GNU Taler

Signature where the Exchange confirms its IBAN details in the /wire response.

MASTER_EXTENSION

1031

GNU Taler

Set the configuration of an extension (age-restriction or peer2peer)

EXCHANGE_RESERVE_STATUS

1032

GNU Taler

Purpose for the state of a reserve, signed by the exchange’s signing key.

EXCHANGE_CONFIRM_DEPOSIT

1033

GNU Taler

Signature where the Exchange confirms a deposit request.

EXCHANGE_CONFIRM_MELT

1034

GNU Taler

Signature where the exchange (current signing key) confirms the no-reveal index for cut-and-choose and the validity of the melted coins.

EXCHANGE_KEY_SET

1035

GNU Taler

Signature where the Exchange confirms the full /keys response set.

EXCHANGE_CONFIRM_WIRE

1036

GNU Taler

Signature where the Exchange confirms the /track/transaction response.

EXCHANGE_CONFIRM_WIRE_DEPOSIT

1037

GNU Taler

Signature where the Exchange confirms the /wire/deposit response.

EXCHANGE_CONFIRM_REFUND

1038

GNU Taler

Signature where the Exchange confirms a refund request.

EXCHANGE_CONFIRM_RECOUP

1039

GNU Taler

Signature where the Exchange confirms a recoup.

EXCHANGE_RESERVE_CLOSED

1040

GNU Taler

Signature where the Exchange confirms it closed a reserve.

EXCHANGE_CONFIRM_RECOUP_REFRESH

1041

GNU Taler

Signature where the Exchange confirms a recoup-refresh operation.

EXCHANGE_AFFIRM_DENOM_UNKNOWN

1042

GNU Taler

Signature where the Exchange confirms that it does not know a denomination (hash).

EXCHANGE_AFFIRM_DENOM_EXPIRED

1043

GNU Taler

Signature where the Exchange confirms that it does not consider a denomination valid for the given operation at this time.

EXCHANGE_CONFIRM_PURSE_CREATION

1045

GNU Taler

Signature by which the exchange affirms that a purse was created with a certain amount deposited into it.

EXCHANGE_CONFIRM_PURSE_MERGED

1046

GNU Taler

Signature by which the exchange affirms that a purse was merged into a reserve with a certain amount in it.

EXCHANGE_PURSE_STATUS

1047

GNU Taler

Purpose for the state of a purse, signed by the exchange’s signing key.

EXCHANGE_RESERVE_ATTEST_DETAILS

1048

GNU Taler

Signature by which the exchange attests identity attributes of a particular reserve owner.

EXCHANGE_CONFIRM_PURSE_REFUND

1049

GNU Taler

Signature by which the exchange confirms that a purse expired and a coin was refunded.

EXCHANGE_CONFIRM_WITHDRAW

1050

GNU Taler

Signature where the Exchange confirms an (age-)withdraw.

AUDITOR_EXCHANGE_KEYS

1064

GNU Taler

Signature where the auditor confirms that he is aware of certain denomination keys from the exchange.

MERCHANT_CONTRACT

1101

GNU Taler

Signature where the merchant confirms a contract (to the customer).

MERCHANT_REFUND

1102

GNU Taler

Signature where the merchant confirms a refund (of a coin).

MERCHANT_TRACK_TRANSACTION

1103

GNU Taler

Signature where the merchant confirms that he needs the wire transfer identifier for a deposit operation.

MERCHANT_PAYMENT_OK

1104

GNU Taler

Signature where the merchant confirms that the payment was successful

MERCHANT_WIRE_DETAILS

1107

GNU Taler

Signature where the merchant confirms its own (salted) wire details (not yet really used).

MERCHANT_TOKEN_ISSUE

1108

GNU Taler

Signature where the merchant issues a token by blindly signing it. Signed with the token issue private key.

WALLET_RESERVE_WITHDRAW

1200

GNU Taler

Signature where the reserve key confirms a withdraw request. Signed with the reserve private key.

WALLET_COIN_DEPOSIT

1201

GNU Taler

Signature made by the wallet of a user to confirm a deposit of a coin.

WALLET_COIN_MELT

1202

GNU Taler

Signature using a coin key confirming the melting of a coin. Signed with the coin’s private key.

WALLET_COIN_RECOUP

1203

GNU Taler

Signature using a coin key requesting recoup. Signed with the coin’s private key.

WALLET_COIN_LINK

1204

GNU Taler

Signature using a coin key authenticating link data. Signed with the old coin’s private key.

WALLET_ACCOUNT_SETUP

1205

GNU Taler

Signature using a reserve key by which a wallet requests a payment target UUID for itself. Signs over just a purpose (no body), as the signature only serves to demonstrate that the request comes from the wallet controlling the private key, and not some third party.

WALLET_COIN_RECOUP_REFRESH

1206

GNU Taler

Signature using a coin key requesting recoup-refresh. Signed with the coin private key.

WALLET_AGE_ATTESTATION

1207

GNU Taler

Signature using a age restriction key for attestation of a particular age/age-group.

WALLET_RESERVE_HISTORY

1208

GNU Taler

Request full or partial reserve history. Signed with the reserve private key.

WALLET_COIN_HISTORY

1209

GNU Taler

Request full or partial coin history. Signed with the coin private key.

WALLET_PURSE_CREATE

1210

GNU Taler

Request purse creation (without reserve). Signed by the purse private key.

WALLET_PURSE_DEPOSIT

1211

GNU Taler

Request coin to be deposited into a purse. Signed with the coin private key.

WALLET_PURSE_STATUS

1212

GNU Taler

Request purse status. Signed with the purse private key.

WALLET_PURSE_MERGE

1213

GNU Taler

Request purse to be merged with a reserve. Signed with the purse private key.

WALLET_ACCOUNT_MERGE

1214

GNU Taler

Request purse to be merged with a reserve. Signed by the reserve private key.

WALLET_RESERVE_CLOSE

1215

GNU Taler

Request account to be closed. Signed with the reserve private key.

WALLET_PURSE_ECONTRACT

1216

GNU Taler

Associates encrypted contract with a purse. Signed with the purse private key.

WALLET_RESERVE_OPEN

1217

GNU Taler

Request reserve to be kept open. Signed with the reserve private key.

WALLET_RESERVE_OPEN_DEPOSIT

1218

GNU Taler

Request coin to be used to pay for reserve to be kept open. Signed with the coin private key.

WALLET_RESERVE_ATTEST_DETAILS

1219

GNU Taler

Request attestation about reserve owner. Signed by the reserve private key.

WALLET_PURSE_DELETE

1220

GNU Taler

Signature by which a wallet requests a purse to be deleted.

WALLET_RESERVE_AGE_WITHDRAW

1221

GNU Taler

Signature where the reserve key confirms an age-withdraw request. Signed with the reserve private key.

WALLET_TOKEN_USE

1222

GNU Taler

Signature where the token use key confirms the usage of a token on a pay request. Signed with the token use private key.

MAILBOX_MESSAGES_DELETE

1223

GNU Taler

Signature over messages to delete in the mailbox service

SM_RSA_DENOMINATION_KEY

1250

GNU Taler

Signature on a denomination key announcement.

SM_SIGNING_KEY

1251

GNU Taler

Signature on an exchange message signing key announcement.

SM_CS_DENOMINATION_KEY

1252

GNU Taler

Signature on a denomination key announcement.

CLIENT_TEST_EDDSA

1302

GNU Taler

EdDSA test signature.

EXCHANGE_TEST_EDDSA

1303

GNU Taler

EdDSA test signature.

AML_DECISION

1350

GNU Taler

Signature by which an AML officer signs an AML decision.

AML_QUERY

1351

GNU Taler

Signature by which an AML officer requests AML data.

KYC_AUTH

1360

GNU Taler

Signature by which an account owner authorizes access to a KYC operation.

ANASTASIS_POLICY_UPLOAD

1400

GNU Taler

EdDSA signature for a policy upload.

SYNC_BACKUP_UPLOAD

1450

GNU Taler

EdDSA signature for a backup upload.

DONAU_DONATION_STATEMENT

1500

Donau

The signature is done by the Donau. The Donau signes over the total amount of the corresponding year, the corresponding year and the donation identifier of a specific donor. The statement confirms that the donor made this total in donations for the given year.

CHARITY_DONATION_CONFIRMATION

1501

Donau

The signature is made by a charity and shows that the charity is in agreement with the donation request which it sends to the Donau. The charity signs over all blinded identifiers and key pairs which it has received from the donor. The signature affirms that the charity wants the donation receipts to be issued on its behalf.