Signing TokenScript without certificate

In our past TokenScript meeting #45 we favoured express-of-trust to be towards a certified identity (e.g. so I am keeping this note in case we make a turn otherwise.

Before the meeting, I thought we might revisit the case of signing a TokenScript without attaching an identity certificate, and realised that in the past we relied on x.509 certificates to provide public key information, and if without them, the public key and signing algorithm (like curve OID) must be provided in the XMLDSIG.

xmldsig 1.1 specified one way to do so with RSA pub keys, but two ways to do so when it comes to ECDSA pub keys.

  • Using <ECKeyValue> element in <KeyInfo>
  • Using <ECDSAKeyValue> element per RFC4050.

Both allowing specifying the curve type by that curve's OID.

I wanted to check what other tools choose to use when it comes to EC keys, and examined xmlsectool-2.0.0 and learned that they simply ignored the problem altogether, instead, they required a certificate to be attached to the signature, just like how we decided to do.

So this is no longer relevant but I'm keeping the info here for reference, e.g. when some day the situation rises taht a signature needs to be in secp256k1 and uses a smart contract instead of an attached certificate.