Distributed-Verifier

Solidity Smart Contract for verifying ECDSA signatures on multiple curves

The blockchain is an innovative technology based on a distributed ledger shared between all nodes involved in the network. The nodes communicate with each other and manage data, which are transactions, according to a specific communication protocol. The blockchain allows transactions to be validated and stored in the distributed database shared across all the decentralized nodes. The transactions are public so that anyone can retrieve and verify them. Additionally, the transactions recorded in the distributed ledger are stored permanently and become immutable. The recent distributed ledger technology enables the deployment of smart contract onto the network nodes. Smart contracts are distributed apps (dApp) executed from all the nodes of the peer-to-peer network, that compute and agree on the results validating them. Every smart contract transaction requires a payment that is charged to the caller with an amount which is proportional to the complexity of the function called. The nodes use digital signatures computed over elliptic curves to verify transactions. Every blockchain employs a specific curve, for instance, Bitcoin and Ethereum use the SECP256K1. In this kind of environment is possible to verify only transactions that have a fixed structure and are signed on a specific curve. This work explores the feasibility of the creation of a smart contract able to verify the signature of a generic data calculated over multiple curves without being constrained to a specific blockchain’s curve. Although there are some challenges in implementing signature verification in this environment, this type of smart contract has been implemented and works correctly. Additionally the smart contract must be tested for compliance with NIST guidelines. Therefore, various tests have been conducted to ensure its accuracy in meeting the standards. Moreover, tests have been conducted to determine the financial cost and the time required for verification. Finally, a possible use case of the smart contract is presented, highlighting the advantages of blockchain over a centralised environment.

Use

• first create a .env file where to store: API_URL="" PRIVATE_KEY="" PKEY1="" INFURA_API_KEY=""

• run npm install to install all the needed npm dependencies, this script will not overwrite the hardhat.config.js already present. If a completely new hardhat.config.js is desired run ./init_script.sh

• if a new deploy of the contract is desired run npx hardhat deploy --network sepolia instead of sepolia any network name declared in hardhat.config.js is ok. This will call the deploy.js script, as response the new contract address is give, save it!

• to run anyone of the scripts run npx hardhat scripts/[script_name] --network sepolia as before any network can be selected. All the scripts have already declared inside the contract address to interact with, if a new one has been deployed change the address. Pay attention that the network in the command must be the same where the contract has the address.

• the scripts with Test in the name interact with the two different functions of the Distributed Verifier, the one that perfome the hash and the one that does not. They are called in this way: contract.validateSignatureM or contract.validateSignatureH uncomment the one to test.