Part 2: Holochain, Holo Accounts, Cryptographic Key Management, and DeepKey

Technical Deep Dive with David Braden

Holochain Design
Mar 1 · 6 min read

Highlights

3. DeepKey Key Management
3.1 A New DeepKey Keyset
3.2 DeepKey Management Actions
3.3 DeepKey Revocation
4. Are We There Yet?

Details

3 — DeepKey Key Management

DeepKey is recursive. It is a Holochain app that advertises to the world the current state of an agent’s keyset (A “keyset” is bundle of related key pairs associated with a single agent). Chain entries in DeepKey are signed with the private half of a public key that is registered as valid within the same DeepKey app… itself. Is everybody lost?

3.1 — A New DeepKey Keyset

We need to create an initial entry in the DeepKey Holochain application that includes all the public keys we want to preauthorize for future application use. Next, we pick a revocation method. We’ll talk about the “M of N” revocation method later; for now, let’s use a simpler revocation key. We register the public half of the revocation key we generated in the key derivation step, as well as the public halves of all device application keys we may want to use in the future.

DeepKey Key Management Interaction Flow

3.2 — DeepKey Management Actions

What if your device is lost, stolen, or broken? What if you get a new device or want to install a new application? What if you started your account as a Holo user, but want to upgrade your security? We need to be able to make changes to DeepKey keysets.

3.3 — DeepKey Revocation

The concept of a revocation key is pretty straightforward and has been used in other cryptography settings, like PGP or TLS certificates. But does it really provide the desired protection? It feels like something is missing, especially in the case of Holo end-users, where the application seed and revocation seed are both derived from the same password.

4 — Are We There Yet?

Have we achieved a low barrier to entry that provides solid security, allows for more complex security upgrades, and that is understandable overall?

  • There is no such thing as a password reset because we don’t have access to the password that generated your keys. If you forget or mistype it, there is no way forward.
  • Upgrading to an “M of N” revocation provides a lot of additional protection. But how likely are Holo users to choose this option? Efforts in education and gamification of account setup may help.
  • Even with the best password hashing scheme, a bad password will be easy to hack. Strong educational messaging recommending the use of a password manager will help.

5 — Algorithm Appendix

  • Signatures — crypto_sign_* — EdDSA Ed25519
  • Encryption
  • Key Exchange — crypto_kx_* — rx || tx = BLAKE2B-512(p.n || client_pk || server_pk)
  • Symmetric — crypto_aead_xchacha20poly1305_ietf_* — XChaCha20 stream cipher / Poly1305 MAC / IETF construct
  • Password Hashes — crypto_pwhash_* — Argon2id (“sensitive” ops and mem limits)
  • Entropy Derivation — crypto_kdf_* — BLAKE2B-256(key=key, message={}, salt=subkey_id || {0}, personal=ctx || {0})

Holochain

Holochain enables a distributed web with user autonomy built directly into its architecture and protocols. Data is about remembering our lived and shared experiences. Distributing the storage and processing of that data can change how we coordinate and interact. www.holochain.org

Holochain Design

Written by

Creating an ecosystem of decentralized applications with distributed, user-controlled storage. Cheaper, faster, better than #Blockchain @metacurrency @H_O_L_O_

Holochain

Holochain

Holochain enables a distributed web with user autonomy built directly into its architecture and protocols. Data is about remembering our lived and shared experiences. Distributing the storage and processing of that data can change how we coordinate and interact. www.holochain.org