[TEP-104] Enhancing Security in Non-Transaction Data Signing within the TON Ecosystem

doge · February 4, 2024, 11:19am

Abstract

This document introduces a protocol designed to ensure safe and verifiable signing of non-transaction data using wallet keys within the TON (The Open Network) ecosystem. The protocol, identified as Data Signatures, proposes a method for wallets to sign arbitrary data, distinguishing these signatures from transactional signatures to mitigate misuse and replay attacks.

Introduction

In the TON ecosystem, wallets serve dual functions: managing assets and acting as universal identifiers across applications. While the primary use case involves signing transactions for coin transfers or smart contract interactions, there exists a need for wallets to authenticate non-transactional data for off-chain and on-chain applications without compromising security.

Proposal Summary

TEP: 0
Status: Draft
Type: Core
Authors: Oleg Andreev, Sergey Andreev, Denis Subbotin
Creation Date: 13.12.2022
Replaces: TEP-0

Objective

To enable the TON wallets to sign arbitrary non-transaction data securely, ensuring the signatures are distinctly separable from transaction signatures to prevent misuse.

Methodology

The proposal details a signature scheme for arbitrary data, incorporating a unique composition of schema identifier, timestamp, and payload hash to create domain-separated signatures.

Implementation Details

Component	Specification
Signing Data	352-bit message combining schema CRC, timestamp, and payload hash
Verification	Enforcing domain separation through schema CRC, payload content, and timestamp
Payload	Arbitrary data structured per TL-B definition
Security	Domain separation ensured by unique schema versions and timestamp binding

Schema Versions

Short plain text message: For signing UTF-8 text, utilizing the plaintext schema.
Application binding: Allows signing data specifically for target applications, identified by TON.DNS names or contract addresses.

Security Considerations

The proposal outlines measures for binding signatures to specific applications and timeframes to mitigate replay attacks and ensure domain separation.

Comparison with Existing Solutions

Feature	Data Signatures Proposal	Ethereum EIP-1271
Domain Separation	Schema CRC and timestamp	Signature validation method
Payload Flexibility	Arbitrary data via TL-B	Pre-defined formats
Signature Replay Safety	Timestamp binding	Not specified
Application Binding	TON.DNS and contract addresses	Not applicable

Conclusion

The Data Signatures protocol presents a comprehensive framework for securely signing non-transaction data within the TON ecosystem. By establishing a clear separation between transactional and non-transactional signatures, it offers enhanced security for both off-chain and on-chain applications, paving the way for a more versatile and secure digital identity and authentication system within the TON network.

github.com/ton-blockchain/TEPs

TEP: Data signatures

ton-blockchain:master ← oleganza:datasig

opened 08:47AM - 14 Dec 22 UTC

oleganza

+236 -0

This proposal is an evolution of @ex3ndr's [safe-signing proposal](https://githu…b.com/ton-blockchain/TEPs/pull/93). Highlights: * "Invalid cell representation" trick is not necessary because we are signing a differently-sized message. * Separate schemas for plaintext messages and binary messages. User can explicitly check all the data they are signing. * Mandatory binding to a timestamp. * Support for binding to smart contract address and domain name. * Possibility for future extensions with detailed schemas retaining backwards compatibility with the wallets. Rendered specification: * [📄 TEP: Data Signatures](https://github.com/oleganza/TEPs/blob/datasig/text/0000-data-signatures.md)