profile

package
v1.0.1-native-test Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2026 License: BSD-3-Clause Imports: 6 Imported by: 0

Documentation

Overview

Package profile carries the relay's signing-profile decision in ONE place.

Decomplecting principle: the relay has TWO distinct signing surfaces.

  1. Intra-Lux operator surface — receipts, channel attestations, operator authentication to R-Chain RPC. Default = ML-DSA-65 (FIPS 204, NIST Level 3). Classical Ed25519 is opt-in only via LegacyClassicalEnabled.

  2. External-chain surface — Bitcoin RPC, Ethereum RPC, OP_NET, FROST / Taproot threshold signing handed off to luxfi/mpc. These are NOT subject to the PQ default; they must conform to the target chain's native primitive (secp256k1 ECDSA, schnorr-BIP340, ED25519). The relay never PQ-flips an external transaction.

All policy lives here; primitives must never re-decide the profile.

Index

Constants

View Source 
const (
	MLDSA65PublicKeySize = mldsa.MLDSA65PublicKeySize
	MLDSA65SignatureSize = mldsa.MLDSA65SignatureSize
)

Default key/sig sizes for the active default scheme (ML-DSA-65).

View Source 
const ContextTag = "luxfi.relay.v1"

ContextTag is the domain-separation tag bound into every operator signature so a Relay receipt cannot be replayed as some other Lux artifact and vice versa.

Variables

View Source 
var ErrClassicalRefused = errors.New("profile: classical scheme refused under strict-PQ")

ErrClassicalRefused is returned when an Ed25519 signature is presented under a strict-PQ policy.

Functions

func Verify 

func Verify(p Policy, scheme Scheme, pub, msg, sig []byte) error

Verify checks sig over msg under pub for the given scheme, gated by p. This is the SINGLE place all relay receipt-verification flows through.

Types

type Policy 

type Policy struct {
	// LegacyClassicalEnabled, when true, allows Ed25519 keys and verifies
	// classical receipts. Production deployments inside Lux should leave
	// this off.
	LegacyClassicalEnabled bool
}

Policy carries the relay operator's signing-profile decision.

Default value (zero-Policy) means: ML-DSA-65 only, classical refused. This is intentional — the safe default is strict-PQ.

func Default 

func Default() Policy

Default returns the strict-PQ policy: ML-DSA-65 only.

func (Policy) Permit 

func (p Policy) Permit(s Scheme) error

Permit reports whether a scheme is currently accepted under p. This is the single function classical primitives consult before doing anything with classical key material.

type Scheme 

type Scheme uint8

Scheme identifies the operator signing scheme. Wire-stable enum. 

const (
	// SchemeMLDSA65 — ML-DSA-65 (FIPS 204). Default for intra-Lux operator
	// signatures (relayd → R-Chain RPC, signed receipts, channel attestations).
	SchemeMLDSA65 Scheme = 0x01
	// SchemeEd25519 — Classical Ed25519. Opt-in only via Policy.LegacyClassicalEnabled.
	SchemeEd25519 Scheme = 0x02
)

func (Scheme) String 

func (s Scheme) String() string

type Signer 

type Signer struct {
	// contains filtered or unexported fields
}

Signer carries an operator's signing key. Construction picks the scheme; Sign always domain-separates with ContextTag.

func NewEd25519Signer 

func NewEd25519Signer(sk ed25519.PrivateKey) *Signer

NewEd25519Signer wraps a classical Ed25519 key. Callers must have already consulted Policy.Permit(SchemeEd25519); this constructor does not.

func NewMLDSA65Signer 

func NewMLDSA65Signer(rng io.Reader) (*Signer, error)

NewMLDSA65Signer returns a fresh ML-DSA-65 signer.

func NewMLDSA65SignerFromBytes 

func NewMLDSA65SignerFromBytes(skBytes []byte) (*Signer, error)

NewMLDSA65SignerFromBytes restores an ML-DSA-65 signer from its serialised secret-key bytes.

func (*Signer) PublicKey 

func (s *Signer) PublicKey() []byte

PublicKey returns the serialised public key bytes.

func (*Signer) Scheme 

func (s *Signer) Scheme() Scheme

Scheme returns the underlying scheme tag.

func (*Signer) Sign 

func (s *Signer) Sign(msg []byte) ([]byte, error)

Sign produces a signature over msg with the relay's domain-separation context (FIPS 204 §5.2 ctx for ML-DSA, prepended-tag for Ed25519).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.