README
¶
pod
Package pod provides functionality to create and verify a cryptographically signed POD (Provable Object Datatype). PODs signed in Go include:
- Arbitrary key-value pairs (
PodEntries) - A cryptographic signature (
Signature) - The public key of the signer (
SignerPublicKey)
Table of Contents
Installation
To install this package, run:
go get github.com/0xPARC/parcnet/go/pod
Then import it in your Go code:
import "github.com/0xPARC/parcnet/go/pod"
Types
A Pod struct consists of:
- Entries: A map of string keys to
PodValueitems. - Signature: The EdDSA-Poseidon signature over the content ID, in unpadded base64.
- SignerPublicKey: The EdDSA public key of the signer, in unpadded base64.
type Pod struct {
Entries PodEntries `json:"entries"`
Signature string `json:"signature"`
SignerPublicKey string `json:"signerPublicKey"`
}
PodValue is a union type that can hold any of the POD value types
type PodEntries map[string]PodValue
type PodValue struct {
ValueType PodValueType // string, bytes, cryptographic, int, boolean, or date
StringVal string
BytesVal []byte
BigVal *big.Int
BoolVal bool
TimeVal time.Time
}
API
Creating a POD
Use the function CreatePod() to sign a set of key-value pairs (PodEntries) with a Baby Jubjub private key, returning a new Pod. Internally, the data is hashed via Poseidon, then signed using the provided private key.
func CreatePod(privateKeyHex string, entries PodEntries) (*Pod, error)
Verifying a POD
Use the function Verify() to verify a POD. Internally, the data is hashed into a content ID via a Poseidon-hash lean incremental merkle tree, then compared to the signature.
func Verify(pod Pod) (bool, error)
Example Usage
package main
import (
"encoding/json"
"fmt"
"log"
"github.com/0xPARC/parcnet/go/pod"
)
func main() {
// 1) Initialize your entries
entries := pod.PodEntries{
"message": {ValueType: pod.PodStringValue, StringVal: "Welcome to PARCNET!"},
}
// Replace with your own EdDSA private key in hex (32 bytes)
privateKey := "0000000000000000000000000000000000000000000000000000000000000000"
// 2) Create and sign the POD
newPod, err := pod.CreatePod(privateKey, entries)
if err != nil {
log.Fatalf("Error creating POD: %v", err)
}
// 3) Verify the POD
isValid, err := newPod.Verify()
if err != nil {
log.Fatalf("Verification error: %v", err)
}
fmt.Printf("Is the POD valid? %v\n", isValid)
// 4) Serialize the POD to JSON
jsonPod, err := json.Marshal(newPod)
if err != nil {
log.Fatalf("JSON marshalling error: %v", err)
}
// 5) Deserialize a POD from JSON
var deserializedPOD Pod
err = json.Unmarshal(jsonPod, &deserializedPod)
if err != nil {
log.Fatalf("JSON unmarshalling error: %v", err)
}
}
For a more comprehensive illustration, see the cmd/server/main.go file, which shows how to:
- Create a new POD with specific entries.
- Expose endpoints (in an HTTP server) to create and verify PODs.
- Combine with external services (e.g., Redis).
More Resources
You can find more documentation in the code, or on go.dev
ART_DBG
Documentation
¶
Index ¶
- Variables
- func CheckPodName(name string) error
- func DecodeBase64Bytes(encodedBytes string) ([]byte, error)
- func DecodeBytes(encodedBytes string, expectedBytes int) ([]byte, error)
- func PodCryptographicMax() *big.Int
- func PodCryptographicMin() *big.Int
- func PodDateMax() time.Time
- func PodDateMin() time.Time
- func PodIntMax() *big.Int
- func PodIntMin() *big.Int
- type Pod
- type PodEntries
- type PodValue
- func NewPodBooleanValue(val bool) PodValue
- func NewPodBytesValue(val []byte) (PodValue, error)
- func NewPodCryptographicValue(val *big.Int) (PodValue, error)
- func NewPodDateValue(val time.Time) (PodValue, error)
- func NewPodEdDSAPubkeyValue(val string) (PodValue, error)
- func NewPodIntValue(val *big.Int) (PodValue, error)
- func NewPodNullValue() PodValue
- func NewPodStringValue(val string) PodValue
- type PodValueType
- type Signer
Constants ¶
This section is empty.
Variables ¶
var PodNameRegex = regexp.MustCompile(`^[A-Za-z_]\w*$`)
Regular expression defining the legal format for the name of a POD entry.
var PrivateKeyRegex = regexp.MustCompile(`^(?:([A-Za-z0-9+/]{43}=?)|([0-9A-Fa-f]{64}))$`)
Private keys are 32 bytes (any arbitrary bytes), represented as Base64 or hexadecimal
This regex matches any supported format, with match groups usable to determine the format, in the order above.
var PublicKeyRegex = regexp.MustCompile(`^(?:([A-Za-z0-9+/]{43}=?)|([0-9A-Fa-f]{64}))$`)
Public keys are 32 bytes (a packed elliptic curve point), represented as Base64 or hexadecimal. Base64 padding is optional.
This regex matches any supported format, with match groups usable to determine the format, in the order above.
var SignatureRegex = regexp.MustCompile(`^(?:([A-Za-z0-9+/]{86}(?:==)?)|([0-9A-Fa-f]{128}))$`)
Signatures are 64 bytes (one packed elliptic curve point, one scalar), represented as Base64 or hexadecimal. Base64 padding is optional.
This regex matches any supported format, with match groups usable to determine the format, in the order above.
Functions ¶
func CheckPodName ¶
Checks that the given name is legal for a POD entry. Returns nil if so.
func DecodeBase64Bytes ¶
Decode a variable number of bytes in Base64 encoding, with or without padding.
func DecodeBytes ¶
Decode a fixed number of bytes which may be encoded as hex, or Base64 with or without padding. This will fail on any other encoding, or an unexpected number of bytes.
func PodCryptographicMax ¶
Maximum legal POD cryptographic value is 1 less than the Baby Jubjub prime, i.e. 21888242871839275222246405745257275088548364400416034343698204186575808495616
func PodCryptographicMin ¶
Minimum legal POD cryptographic value is 0
func PodDateMax ¶
Maximum legal POD date value is 8,640,000,000,000,000ms since epoch
func PodDateMin ¶
Minimum legal POD int value is -8,640,000,000,000,000ms since epoch
Types ¶
type Pod ¶
type Pod struct {
Entries PodEntries `json:"entries"`
Signature string `json:"signature"`
SignerPublicKey string `json:"signerPublicKey"`
}
Provable Object Datatype containing a cryptographically verified key/value store
func CreatePod ¶
func CreatePod(privateKeyHex string, entries PodEntries) (*Pod, error)
Create and sign a new POD. This involves hashing all the given entries to generate a Content ID, then signing that content ID with the given private key.
func (*Pod) CheckFormat ¶
Checks that the data in this POD is well-formed and in valid ranges, including all entries. This does check the cryptographic signature. For that you should call Verify() instead, in which case this function would be redundant.
func (*Pod) UnmarshalJSON ¶
Parse a POD from JSON in POD's terse human-readable format
type PodEntries ¶
The keys and values stored in a POD
func (*PodEntries) Check ¶
func (p *PodEntries) Check() error
Checks that all the names and values in entries are well-formed and in valid ranges for their types. Returns nil if all are legal.
func (*PodEntries) UnmarshalJSON ¶
func (p *PodEntries) UnmarshalJSON(data []byte) error
Parse entries from JSON in POD's terse human-readable format
type PodValue ¶
type PodValue struct {
ValueType PodValueType
StringVal string
BytesVal []byte
BigVal *big.Int
BoolVal bool
TimeVal time.Time
}
Tagged union struct representing the value of a POD entry. Which of the value fields is set depends on the ValueType.
func NewPodBooleanValue ¶
Constructor for int POD values. Error if input is nil or out of range.
func NewPodBytesValue ¶
Constructor for bytes POD values. Error if input is nil.
func NewPodCryptographicValue ¶
Constructor for cryptographic POD values. Error if input is nil or out of range.
func NewPodDateValue ¶
Constructor for int POD values. Error if input is nil or out of range.
func NewPodEdDSAPubkeyValue ¶
Constructor for int POD values. Error if input is not 32 bytes encoded in Base64 (with or without padding).
func NewPodIntValue ¶
Constructor for int POD values. Error if input is nil or out of range.
func NewPodStringValue ¶
Constructor for string POD values
func (*PodValue) Check ¶
Checks that the value is well-formed and in the legal bounds for its type. Returns nil if it is, otherwise an error explaining what's wrong.
func (PodValue) Hash ¶
Produces the cryptographic hash which represents a POD value in ZK circuits The resulting BigInt value has the same range as the Cryptographic value type
func (PodValue) MarshalJSON ¶
Marshal this value to JSON in a terse human-readable format.
func (*PodValue) UnmarshalJSON ¶
Parse a value from JSON in POD's terse human-readable format
type PodValueType ¶
type PodValueType string
Type tag for the PodValue union. For legal values see the type constants Pod*Value in this package
const ( // Null values don't use any of the value fields PodNullValue PodValueType = "null" // String values use the StringVal field PodStringValue PodValueType = "string" // Bytes values use the BytesVal field PodBytesValue PodValueType = "bytes" // Cryptographic values use the BigVal field to store an unsigned integer // between 0 and p-1 (see PodCryptographicMax()) PodCryptographicValue PodValueType = "cryptographic" // Int values use the BigVal field to store an integer with the same range // as Go's int64 PodIntValue PodValueType = "int" // Boolean values use the BoolVal field PodBooleanValue PodValueType = "boolean" // EdDSA public key values use the StringVal field to store the encoded // bytes of a cryptographic key PodEdDSAPubkeyValue PodValueType = "eddsa_pubkey" // Date values use the TimeVal field to store a millisecond-accuracy // time between PodDateMin() and PodDateMax() PodDateValue PodValueType = "date" )
Source Files