This proposal implements the capability to securely exchange encrypted messages on-chain. Users can register their public keys and encryption algorithms by registration and subsequently send encrypted messages to other users using their addresses. The interface also includes enumerations for public key algorithms and a structure for user information to support various encryption algorithms and user information management.
Motivation
With the emergence of Layer 2 chains featuring sub-second block times and the introduction of account abstraction, the use of end-to-end encrypted communication has facilitated the proliferation of real-time communication and online chat dApps. Leveraging asymmetric encryption now enables the establishment of decentralized, end-to-end interoperable messaging protocols as a standard.
Specification
Objectives
Provide a standardized interface for implementing messaging systems in smart contracts, including user registration and message sending functionalities.
Enhance flexibility and scalability for messaging systems by defining enumerations for public key algorithms and a structure for user information.
Define events for tracking message sending to enhance the observability and auditability of the contract.
Using a custom sessionId allows messages to be organized into a conversation.
Encrypt message content using the recipient’s public key during message transmission.
Interface
The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119 and RFC 8174.
Implementers of this standard MUST have all of the following functions:
pragmasolidity^0.8.0;interfaceIERC7627{enumPublicKeyAlgorithm{RSA,ECDSA,ED25519,DSA,DH,ECDH,X25519}// Events
/**
* @dev Event emitted when a message is sent.
* @param from The address of the sender.
* @param to The address of the recipient.
* @param sessionId The session ID of the message.
* @param encryptedMessage The encrypted message.
*/eventMessageSent(addressindexedfrom,addressindexedto,bytes32sessionId,bytesencryptedMessage);/**
* @dev Event emitted when a user updates their public key.
* @param user The address of the user.
* @param newPublicKey The new public key of the user.
* @param algorithm The algorithm used for the public key.
*/eventPublicKeyUpdated(addressindexeduser,bytesnewPublicKey,PublicKeyAlgorithmalgorithm);// Functions
/**
* @dev Function to update a user's public key.
* @param _publicKey The public key of the user.
* @param _algorithm The algorithm used for the public key.
*/functionupdatePublicKey(bytescalldata_publicKey,PublicKeyAlgorithm_algorithm)external;/**
* @dev Function to send an encrypted message from one user to another.
* @param _to The address of the recipient.
* @param _sessionId The session ID of the message.
* @param _encryptedMessage The encrypted message.
*/functionsendMessage(address_to,bytes32_sessionId,bytescalldata_encryptedMessage)external;/**
* @dev Function to retrieve a user's public key and algorithm.
* @param _user The address of the user.
* @return publicKey The public key of the user.
* @return algorithm The algorithm used for the public key.
*/functiongetUserPublicKey(address_user)externalviewreturns(bytesmemorypublicKey,PublicKeyAlgorithmalgorithm);}
Rationale
Traditional messaging lacks security and transparency for blockchain communication. The choice of asymmetric encryption ensures the confidentiality and integrity of messages, which is why we opted for this encryption method. Providing a unified interface enables easy integration of encrypted communication into smart contracts, thereby fostering innovation. Encrypted messaging guarantees adherence to best practices in data security. Due to security reasons, public keys need to be regularly updated, hence we have added a feature that allows users to autonomously update their public keys. The interface supports various encryption methods, enhancing adaptability. Event tracking enhances the observability and auditability of the contract, aiding compliance efforts. Standardization promotes interoperability, facilitating seamless communication across platforms.
Reference Implementation
pragmasolidity^0.8.0;contractERC7627{enumPublicKeyAlgorithm{RSA,ECDSA,ED25519,DSA,DH,ECDH,X25519}structUserInfo{bytespublicKey;PublicKeyAlgorithmalgorithm;}mapping(address=>UserInfo)publicpk;eventMessageSent(addressindexedfrom,addressindexedto,bytes32sessionId,bytesencryptedMessage);eventPublicKeyUpdated(addressindexeduser,bytesnewPublicKey,PublicKeyAlgorithmalgorithm);// Function to register a user with their public key
functionupdatePublicKey(bytescalldata_publicKey,PublicKeyAlgorithm_algorithm)public{pk[msg.sender].publicKey=_publicKey;pk[msg.sender].algorithm=_algorithm;emitPublicKeyUpdated(msg.sender,_publicKey,_algorithm);}// Function to send an encrypted message from one user to another
functionsendMessage(address_to,bytes32_sessionId,bytescalldata_encryptedMessage)public{emitMessageSent(msg.sender,_to,_sessionId,_encryptedMessage);}// Function to retrieve a user's public key
functiongetUserPublicKey(address_user)publicviewreturns(bytesmemory,PublicKeyAlgorithm){UserInfomemoryuserInfo=pk[_user];return(userInfo.publicKey,userInfo.algorithm);}}
Security Considerations
Utilization of Latest Secure Encryption Algorithms
When selecting encryption algorithms, it is essential to stay informed about the latest security news and recommendations. Avoid using asymmetric encryption algorithms with known vulnerabilities or those not recommended to ensure the confidentiality and integrity of messages. Regularly update encryption algorithms to address evolving security threats.
Strict Encryption Using Public Keys for Message Content
To maintain message confidentiality, the content of sent messages must be strictly encrypted using the recipient’s public key. Any plaintext information transmitted could lead to information leakage and security risks. Encrypt message content at all times during transmission and storage to prevent unauthorized access to sensitive information.
Key Management and Protection
Robust key management and protection measures are necessary for both user public and private keys. Ensure secure storage and transmission of keys to prevent leakage and tampering. Employ multi-factor authentication and key rotation strategies to enhance key security and regularly assess key management processes to mitigate potential security risks.
Auditing and Monitoring
Implement auditing and monitoring mechanisms to track message sending and receiving, as well as key usage. Promptly identify anomalous activities and potential security threats and take appropriate response measures. Record critical operations and events for security incident investigation and traceability purposes.