Twilight
Search…
Updatable Public Key
as defined in QuisQuis by Mieklejohn et.al. (2018)
This primitive defines a way to derive new public key from a given key pair
(pk,sk)(pk,sk)
by multiplying the two public key points
(g,h)(g,h)
with a random scalar
rr
.
For example, let
pkpk'
be the updated public key for a key pair
(pk,sk)(pk,sk)
, then
Update(pk,r)Update(pk, r)
would be defined as:
pk=g,h  s.t. h=gsk.For: r$Fp;.Update(pk,r)=(gr,hr)=pk.Verify(pk,sk)=(gr)sk=hrpk=g,h \ \ s.t. \ h=g^{sk} \\.\\ For: \ r\xleftarrow \$ \mathbb{F}_p ;\\ . \\ Update{(pk, r)}= (g^r,h^r)=pk' \\ . \\Verify(pk',sk)=(g^r)^{sk}=h^r
The
Verify()Verify()
function demonstrates that the public key can be updated without an upper bound and can still be identified with the same secret key
sksk
.
The base layer uses UPK to implement Updatable Accounts defined here:
Last modified 1yr ago
Copy link