public class CompositeKey
A tree data structure that enables the representation of composite public keys, which are used to represent the signing requirements for multi-signature scenarios such as RAFT notary services. A composite key is a list of leaf keys and their contributing weight, and each leaf can be a conventional single key or a composite key. Keys contribute their weight to the total if they are matched by the signature.
For complex scenarios, such as "Both Alice and Bob need to sign to consume a state S", we can represent
the requirement by creating a tree with a root class CompositeKey
, and Alice and Bob as children.
The root node would specify weights for each of its children and a threshold – the minimum total weight required
(e.g. the minimum number of child signatures required) to satisfy the tree signature requirement.
Using these constructs we can express e.g. 1 of N (OR) or N of N (AND) signature requirements. By nesting we can create multi-level requirements such as "either the CEO or 3 of 5 of his assistants need to sign".
class CompositeKey
Modifier and Type | Class and Description |
---|---|
static class |
CompositeKey.Builder
A helper class for building a
class CompositeKey . |
static class |
CompositeKey.Companion |
static class |
CompositeKey.NodeAndWeight
Holds node - weight pairs for a CompositeKey. Ordered first by weight, then by node's hashCode.
Each node should be assigned with a positive weight to avoid certain types of weight underflow attacks.
|
Modifier and Type | Field and Description |
---|---|
static CompositeKey.Companion |
Companion |
static java.lang.String |
KEY_ALGORITHM |
Modifier and Type | Method and Description |
---|---|
void |
checkValidity()
This method will detect graph cycles in the full composite key structure to protect against infinite loops when
traversing the graph and key duplicates in the each layer. It also checks if the threshold and weight constraint
requirements are met, while it tests for aggregated-weight integer overflow.
In practice, this method should be always invoked on the root
class CompositeKey , as it inherently
validates the child nodes (all the way till the leaves). |
boolean |
equals(java.lang.Object other) |
java.lang.String |
getAlgorithm() |
java.util.List<net.corda.core.crypto.CompositeKey.NodeAndWeight> |
getChildren()
Τhe order of the children may not be the same to what was provided in the builder.
|
byte[] |
getEncoded() |
NonExistentClass |
getFormat() |
java.util.Set<java.security.PublicKey> |
getLeafKeys()
Set of all leaf keys of that
class CompositeKey . |
int |
getThreshold()
specifies the minimum total weight required
|
int |
hashCode() |
NonExistentClass |
isFulfilledBy(java.security.PublicKey key)
Takes single PublicKey and checks if
class CompositeKey requirements hold for that key. |
boolean |
isFulfilledBy(java.lang.Iterable<? extends java.security.PublicKey> keysToCheck)
Function checks if the public keys corresponding to the signatures are matched against the leaves of the composite
key tree in question, and the total combined weight of all children is calculated for every intermediary node.
If all thresholds are satisfied, the composite key requirement is considered to be met.
|
java.lang.String |
toString() |
public static java.lang.String KEY_ALGORITHM
public static CompositeKey.Companion Companion
public java.util.List<net.corda.core.crypto.CompositeKey.NodeAndWeight> getChildren()
Τhe order of the children may not be the same to what was provided in the builder.
public void checkValidity()
This method will detect graph cycles in the full composite key structure to protect against infinite loops when
traversing the graph and key duplicates in the each layer. It also checks if the threshold and weight constraint
requirements are met, while it tests for aggregated-weight integer overflow.
In practice, this method should be always invoked on the root class CompositeKey
, as it inherently
validates the child nodes (all the way till the leaves).
class CompositeKey
public NonExistentClass isFulfilledBy(java.security.PublicKey key)
Takes single PublicKey and checks if class CompositeKey
requirements hold for that key.
class CompositeKey
public java.lang.String getAlgorithm()
public byte[] getEncoded()
public NonExistentClass getFormat()
public boolean isFulfilledBy(java.lang.Iterable<? extends java.security.PublicKey> keysToCheck)
Function checks if the public keys corresponding to the signatures are matched against the leaves of the composite key tree in question, and the total combined weight of all children is calculated for every intermediary node. If all thresholds are satisfied, the composite key requirement is considered to be met.
public java.util.Set<java.security.PublicKey> getLeafKeys()
Set of all leaf keys of that class CompositeKey
.
class CompositeKey
public boolean equals(java.lang.Object other)
public int hashCode()
public java.lang.String toString()
public int getThreshold()
specifies the minimum total weight required
(in the simple case – the minimum number of childsignatures required) to satisfy the sub-tree rooted at this node.