LTO Network
  • Getting started
  • What is LTO Network?
  • Tutorials
    • Buying and staking LTO
      • Exchanges
        • Binance
        • AscendEX (Bitmax)
        • Uniswap
        • PancakeSwap
        • Other exchanges
      • Creating your LTO web wallet
      • Using the LTO token bridge
      • Staking LTO tokens
    • Mining
      • Setup your node wallets
      • Node management
      • Public community nodes
    • Anchoring
      • Hashing
    • LetsFlow
  • Wallets
    • LTO Web Wallet
      • Using Ledger
    • Universal Wallet
    • LTO CLI
    • Third-Party Wallets
      • Stakely.io wallet
        • Web wallet
        • Commandline
    • ERC20 Token Swap
  • Running a node
    • Public node
      • Installation Guide
        • Mainnet & Testnet
        • Requirements
        • Configuration
        • (Virtual) Machine
        • Nginx reverse proxy (optional)
        • Troubleshooting FAQ
      • Cloud installation
        • Alibaba Cloud
        • AWS Elastic Beanstalk
        • Google Cloud
        • IBM Cloud
        • Microsoft Azure
        • OKD (OpenShift)
        • Raspberry Pi (Expert)
        • Ubuntu Linux with Container
        • Windows with Container
      • REST API
        • Address
        • Wallet
        • Lease Transactions
        • Peers
        • Blocks
        • Utils
        • FAQ
      • Security Notes
      • FAQ
      • Exchange integration guide
    • Anchor node
      • Installation Guide
        • Linux
        • MacOS
        • Windows
      • REST API
    • Identity node
      • Installation guide
        • Linux
        • MacOs
        • Windows
      • Configuration
        • Trust network
      • REST API
    • Workflow node
      • Installation Guide
        • MacOS
        • Windows
        • Ubuntu Linux
      • REST API
  • Ownables
    • What are Ownables?
    • Making your first ownable
    • Ownables SDK
      • Prerequisites
      • Setup
    • Ownables Architecture
      • Smart Contract
      • Widget
    • Ownables Bridge
  • Libraries
    • JavaScript
      • Accounts
      • Transactions
      • Event chain
      • Messages
      • Identities
      • HTTP Authentication
    • Python
      • Accounts
      • Public layer
    • PHP
      • Accounts
      • Identities
      • Public layer
      • Private layer
      • HTTP Authentication
      • Commandline scripts
    • Java
  • Protocol
    • Cryptography
    • Accounts
      • ED25519
      • secp256k1
      • secp256r1
    • Identities
      • Decentralized identifiers (DID)
      • Trust network
      • Verifiable credentials
    • Public layer
      • Transactions
        • Transfer
        • Lease
        • Cancel Lease
        • Mass Transfer
        • Set Script
        • Data
        • Anchor
        • Association
        • Revoke Association
        • Sponsorship
        • Cancel Sponsorship
        • Register
        • Burn
        • Mapped Anchor
        • Statement
      • Transaction fees
      • Consensus protocol
      • Activation Protocol
      • Data Structures
    • Private layer
      • Event chain
        • Event
      • Messaging
        • Sending messages
Powered by GitBook
On this page
  • Encoding
  • Base58
  • Base64
  • Hashing
  • SHA256
  • BLAKE2b + SHA256
  • Signing
  • ED25519
  • secp256k1
  • secp256r1
  • Encryption
  • X25519
  • ECIES
  1. Protocol

Cryptography

PreviousJavaNextAccounts

Last updated 1 year ago

Encoding

Base58

Arrays of bytes (like strings and hashes) in the project are encoded by .

When encoding a hash, use the raw bytes and not the hexadecimal notation.

Note that encoding is not encryption. You can decode a base58 encoded message without the need for any type of key.

Examples

  • The string hello world is encoded as StV1DL6CwTryKyV.

  • SHA256 hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 is encoded as

    GKot5hBsd81kMupNCXHaqbhv3huEbxAFMLnpcX2hniwn

Base64

When casting objects to JSON, data is sometimes encoded as base64 instead of base58. Base64 encoded strings are always prefixed with base64:.

Hashing

SHA256

In general Live Contracts uses the 256-bit version of SHA-2 for encoding. SHA-2 is one of the most common hashing algorithms which means it's available for almost all platforms and programming languages.

BLAKE2b + SHA256

When secure hashes are required, a combination of BLAKE2b and SHA256 is used.

Signing

ED25519

The default method for signing is using ED25519. This is an EdDSA algorithm on curve25519. It is designed to be faster than existing digital signature schemes without sacrificing security.

ED25519 is well-supported across many platforms and languages.

There are many valid (not unique!) signatures for one message when using ED25519. Also, you should not rely on any information before the hash and/or signature are checked.

secp256k1

Bitcoin, Ethereum, and many other blockchains use ECDSA with the secp256k1 curve for signing transactions. Outside of the realm of blockchain, this curve is not commonly used.

secp256r1

The most commonly used and well-supported Elliptic Curve is NIST P-256. This is an ECDSA method using the secp256p1 curve.

Encryption

X25519

There are 3 algorithms involved in asymmetric encryption for ED25519 accounts:

  • Key exchange: X25519

  • Encryption: XSalsa20 stream cipher

  • Authentication: Poly1305 MAC

This is a public key encryption schema, where the public key is used to encrypt data and the private key is used to decrypt data.

X25519 is sometimes referred to as Curve25519.

ECIES

BLAKE2b is supported by NaCl-compatible libraries like libsodium as . It's widely supported across platforms and languages.

Functions for ED25519 are defined as sign in and .

Functions that use the combination of these algorithms are defined as sealed box in . When using , you can recreate this functionality using the box functionality and a random ephemeral public-private key pair.

Encryption for ECDSA (secp256k1 and secp256r1) accounts is done using , which combines ECDSA with AES.

Base58 algorithm with Bitcoin alphabet
'Generic hashing'
libsodium
nacl
libsodium
nacl
ECIES Hybrid Encryption Scheme