Details of signing operations with delegation keys

The following explores how the delegation key will be used to sign operations during document editing. What exactly is the key signing and how does it end up in operation history.

DID method being used

Operation and State Hash Signing

The message that gets signed for each operation is proposed to be a triplet:

1. the timestamp of the operation
2. the powerhouse document model operation with its parameters
3. the hash of the previous state.
4. Additional context can be considered essential to include to provide a comprehensive understanding of the operation's context.
   1. The document branch (revision / versioning reference)
   2. Scope (global or local)
   3. The Unique document ID

Size of the key Signage

The size of a digital signature can vary depending on the specific algorithm used for signing. Commonly used algorithms for digital signatures include RSA and ECDSA (Elliptic Curve Digital Signature Algorithm).

• For RSA, a typical signature size could be 2048 bits for a standard security level, which equates to 256 bytes or 0.25 kilobytes.
• ECDSA signatures, on the other hand, tend to be smaller. For example, an ECDSA signature using the P-256 curve (which offers a similar level of security to RSA-2048) would have a size of 512 bits, or 64 bytes, which is 0.0625 kilobytes.

Example Message Structure

Given the detailed signature content requirements, our message to be signed could be structured as a JSON object, which includes the above.

{
  "timestamp": "2023-03-10T14:48:00Z",
  "operation": {
    "type": "ADD_LINE_ITEM",
    "input": {
      "walletIndex": 0,
      "month": "2023-03",
      "budgetCategory": "Operational Expenses",
      "amount": 5000
    }
  },
  "previousStateHash": "4a6f75849b...[truncated]",
  "context": {
    "branch": "main",
    "scope": "global",
    "documentID": "doc-123456789"
  },
  "signature": "MEUCIQDx5tLXiJh3GfQ+KdG...[truncated]"
}

With EIP-712 we’ll use a standard for typed structured data hashing and signing in metamask, aiming to improve the user experience when interacting with signed data. It allows users to see exactly what they're signing, in a human-readable format, instead of just signing a hexadecimal hash.

Example of signature integrations into operation history

{
  "documentID": "unique-document-identifier",
  "documentState": {
    // Current state of the document
  },
  "operationHistory": [
    {
      "operation": "CREATE_DOCUMENT",
      "parameters": {
        // Parameters of the operation
      },
      "timestamp": 1622547600,
      "signature": "signature-for-operation-1"
    },
    {
      "operation": "ADD_LINE_ITEM",
      "parameters": {
        // Parameters of the operation
      },
      "timestamp": 1622548600,
      "signature": "signature-for-operation-2"
    }
    // More operations as the document evolves
  ],
  "signatures": [
    "signature-for-operation-1",
    "signature-for-operation-2"
    // Additional signatures corresponding to each subsequent operation.
		// Adding list of signatures could be optional.
  ]
}