From 58a3540242181b376f00a434101827828d2c12f8 Mon Sep 17 00:00:00 2001 From: Tomasz Rybarczyk Date: Wed, 22 May 2024 16:13:40 +0200 Subject: [PATCH 01/14] CIP-???? | Integration of `ripemd_160` into Plutus --- CIP-????/README.md | 67 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 CIP-????/README.md diff --git a/CIP-????/README.md b/CIP-????/README.md new file mode 100644 index 0000000000..1e7adf8371 --- /dev/null +++ b/CIP-????/README.md @@ -0,0 +1,67 @@ +--- +CIP: 101 +Title: Integration of `ripemd-160` into Plutus +Status: Proposed +Category: Plutus +Authors: + - Tomasz Rybarczy +Implementors: +Discussions: +Created: 2024-05-22 +License: Apache-2.0 +--- + +## Abstract +This CIP follows closely the (CIP-0101)[../CIP-0101/README.md][^1] and proposes an extension of the current Plutus functions with another hashing primitive [`RIPEMD-160`](https://en.bitcoin.it/wiki/RIPEMD-160). Primary goal is to introduce compatibility with Bitocoin's cryptographic infrastructure. + +## Motivation: why is this CIP necessary? + +The [integration](https://github.com/cardano-foundation/CIPs/blob/master/CIP-0049/README.md) of the ECDSA and Schnorr signatures over the secp256k1 curve into Plutus was a significant step towards interoperability with Ethereum and Bitcoin ecosystems. However, full compatibility is still impossible due to the absence of the `RIPEMD-160` hashing algorithm in Plutus interpreter, which is a fundamental component of Bitcoin's cryptographic framework. +Most of common addresses in Bitcoin are derived from double [hashing procedure](https://learnmeabitcoin.com/technical/cryptography/hash-function/#hash160) involving `SHA-256` followed by `RIPEMD-160` function: +- [P2KH](https://learnmeabitcoin.com/technical/script/p2pkh/) +- [P2WPKH](https://learnmeabitcoin.com/technical/script/p2wpkh/) +- [P2SH](https://learnmeabitcoin.com/technical/script/p2sh/) +- [P2WSH](https://learnmeabitcoin.com/technical/script/p2wsh/) + +Adding `RIPEMD-160` to Plutus would enhance the potential for cross-chain solutions between Cardano and Bitcoin blockchains and complements the set of primitives which we already have in that regard. It would allow for the verification of Bitcoin addresses and transactions on-chain. This addition enables also the verification of signed messages that identify the signer by the public key hash, which has not yet been witnessed on the Bitcoin blockchain. + +The RIPEMD-160 is not only relevant to Bitcoin - other chains like (Cosmos)[https://docs.cosmos.network/main/build/architecture/adr-028-public-key-addresses#legacy-public-key-addresses-dont-change] or (BNB)[https://docs.bnbchain.org/docs/beaconchain/learn/accounts/#address] also use it for address generation. + +## Specification +This proposal aims to introduce a new built-in hash function `RIPEMD-160`. + +This function will be developed following the [`TODO:RIP-160`]() specification and will utilize the [`cryptonite`](https://github.com/haskell-crypto/cryptonite/blob/master/Crypto/Hash/RIPEMD160.hs) + +Since `cardano-base` already relies on `cryptonite` in the context of [`keccak-256`](https://github.com/input-output-hk/cardano-base/blob/master/cardano-crypto-class/src/Cardano/Crypto/Hash/Keccak256.hs) we would like to expose `RIPEMD-160` through the same library, to facilitate its integration into Plutus. + +More specifically, Plutus will gain the following primitive operation: + +* `ripemd_160` :: ByteString -> ByteString + +The input to this function can be a `ByteString` of arbitrary size, and the output will be a `ByteString` of 20 bytes. +Note that this function aligns with the format of existing hash functions in Plutus, such as [blake2b_256](https://github.com/input-output-hk/plutus/blob/75267027f157f1312964e7126280920d1245c52d/plutus-core/plutus-core/src/Data/ByteString/Hash.hs#L25) + +## Rationale: how does this CIP achieve its goals? +While the `RIPEMD-160` function might be implemented in on-chain scripts, doing so would be computationally unfeasible. + +The library, cryptonite, is not implemented by and under control of the Plutus team. However, +* It is a library already used in the Plutus stack to expose KECCAK-256, and can be considered as a trustworthy implementation. +* Its behaviour is predictable and computationally efficient. The cost of the function is linear with respect to the size of the message provided as input. This is the same behaviour that other hash functions exposed in plutus (blake, sha3, keccak-256) have. + +## Path to Active +This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. + +### Acceptance Criteria +* A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. +* A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. +* Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. +* The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. +* The ledger is updated to include new protocol parameters to control costing of the new builtins. + +### Implementation Plan +The Plutus team will develop the binding, integration tests, and benchmarks. The E2E tests will be designed and implemented collaboratively by the testing team, the Plutus team, and community members planning to use this primitive. + +## Copyright +This CIP is licensed under [Apache-2.0][https://www.apache.org/licenses/LICENSE-2.0]. + +[^1]: I did not hesitate to reuse parts of the original text of (CIP-0101)[../CIP-0101/README.md) without explicit quotations. This approach was approved by the original authors. From 141c06f072f56d9c312a9c4efc285d6ad72313ee Mon Sep 17 00:00:00 2001 From: Tomasz Rybarczyk Date: Wed, 22 May 2024 17:48:33 +0200 Subject: [PATCH 02/14] Add reference to correct algorithm spec --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index 1e7adf8371..6ed5a339b5 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -30,7 +30,7 @@ The RIPEMD-160 is not only relevant to Bitcoin - other chains like (Cosmos)[http ## Specification This proposal aims to introduce a new built-in hash function `RIPEMD-160`. -This function will be developed following the [`TODO:RIP-160`]() specification and will utilize the [`cryptonite`](https://github.com/haskell-crypto/cryptonite/blob/master/Crypto/Hash/RIPEMD160.hs) +This function will be developed following the [`RIP-160`](https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf) specification and will utilize the [`cryptonite`](https://github.com/haskell-crypto/cryptonite/blob/master/Crypto/Hash/RIPEMD160.hs) Since `cardano-base` already relies on `cryptonite` in the context of [`keccak-256`](https://github.com/input-output-hk/cardano-base/blob/master/cardano-crypto-class/src/Cardano/Crypto/Hash/Keccak256.hs) we would like to expose `RIPEMD-160` through the same library, to facilitate its integration into Plutus. From 5b9a3bef322e50ad6433df4d8e2304b897390d68 Mon Sep 17 00:00:00 2001 From: paluh Date: Mon, 27 May 2024 09:07:26 +0200 Subject: [PATCH 03/14] Update CIP-????/README.md Co-authored-by: Robert Phair --- CIP-????/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CIP-????/README.md b/CIP-????/README.md index 6ed5a339b5..e949002f4f 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -7,6 +7,7 @@ Authors: - Tomasz Rybarczy Implementors: Discussions: + - https://github.com/cardano-foundation/CIPs/pull/826 Created: 2024-05-22 License: Apache-2.0 --- From b268a426ca261c547c96d1c5dc1a683e1f4ad65e Mon Sep 17 00:00:00 2001 From: Tomasz Rybarczyk Date: Mon, 27 May 2024 09:12:40 +0200 Subject: [PATCH 04/14] Apply suggested changes --- CIP-????/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index e949002f4f..e7c20df33b 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -1,11 +1,12 @@ --- -CIP: 101 +CIP: ???? Title: Integration of `ripemd-160` into Plutus Status: Proposed Category: Plutus Authors: - Tomasz Rybarczy Implementors: + Tomasz Rybarczy Discussions: - https://github.com/cardano-foundation/CIPs/pull/826 Created: 2024-05-22 @@ -49,15 +50,13 @@ The library, cryptonite, is not implemented by and under control of the Plutus t * It is a library already used in the Plutus stack to expose KECCAK-256, and can be considered as a trustworthy implementation. * Its behaviour is predictable and computationally efficient. The cost of the function is linear with respect to the size of the message provided as input. This is the same behaviour that other hash functions exposed in plutus (blake, sha3, keccak-256) have. -## Path to Active -This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. - ### Acceptance Criteria * A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. * A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. * Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. * The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. * The ledger is updated to include new protocol parameters to control costing of the new builtins. +* This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. ### Implementation Plan The Plutus team will develop the binding, integration tests, and benchmarks. The E2E tests will be designed and implemented collaboratively by the testing team, the Plutus team, and community members planning to use this primitive. From 629cd0b50b5cf1591d1099ef53be58bbd6fb215f Mon Sep 17 00:00:00 2001 From: paluh Date: Mon, 27 May 2024 22:35:00 +0200 Subject: [PATCH 05/14] Initialize Implementors correctly Co-authored-by: Robert Phair --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index e7c20df33b..f7c1313781 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -5,7 +5,7 @@ Status: Proposed Category: Plutus Authors: - Tomasz Rybarczy -Implementors: +Implementors: [] Tomasz Rybarczy Discussions: - https://github.com/cardano-foundation/CIPs/pull/826 From c23873dd122074e4ca8da6b29115d74ef1adc490 Mon Sep 17 00:00:00 2001 From: paluh Date: Mon, 27 May 2024 22:36:22 +0200 Subject: [PATCH 06/14] Update README.md --- CIP-????/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index f7c1313781..f59f518862 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -6,7 +6,6 @@ Category: Plutus Authors: - Tomasz Rybarczy Implementors: [] - Tomasz Rybarczy Discussions: - https://github.com/cardano-foundation/CIPs/pull/826 Created: 2024-05-22 From 6c91425e3b9e2462a2377c710d90f5bc14eba68e Mon Sep 17 00:00:00 2001 From: paluh Date: Tue, 28 May 2024 20:15:16 +0200 Subject: [PATCH 07/14] Update CIP title Co-authored-by: Ryan <44342099+Ryun1@users.noreply.github.com> --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index f59f518862..7ed91497be 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -1,6 +1,6 @@ --- CIP: ???? -Title: Integration of `ripemd-160` into Plutus +Title: `ripemd-160` hashing in Plutus Core Status: Proposed Category: Plutus Authors: From db4adc54ca00e20dc1677695e9be93918a8f5bc2 Mon Sep 17 00:00:00 2001 From: paluh Date: Tue, 28 May 2024 20:15:49 +0200 Subject: [PATCH 08/14] Fix links format. Co-authored-by: Ryan <44342099+Ryun1@users.noreply.github.com> --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index 7ed91497be..9daf4ce444 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -26,7 +26,7 @@ Most of common addresses in Bitcoin are derived from double [hashing procedure]( Adding `RIPEMD-160` to Plutus would enhance the potential for cross-chain solutions between Cardano and Bitcoin blockchains and complements the set of primitives which we already have in that regard. It would allow for the verification of Bitcoin addresses and transactions on-chain. This addition enables also the verification of signed messages that identify the signer by the public key hash, which has not yet been witnessed on the Bitcoin blockchain. -The RIPEMD-160 is not only relevant to Bitcoin - other chains like (Cosmos)[https://docs.cosmos.network/main/build/architecture/adr-028-public-key-addresses#legacy-public-key-addresses-dont-change] or (BNB)[https://docs.bnbchain.org/docs/beaconchain/learn/accounts/#address] also use it for address generation. +The RIPEMD-160 is not only relevant to Bitcoin - other chains like [Cosmos](https://docs.cosmos.network/main/build/architecture/adr-028-public-key-addresses#legacy-public-key-addresses-dont-change) or [BNB](https://docs.bnbchain.org/docs/beaconchain/learn/accounts/#address) also use it for address generation. ## Specification This proposal aims to introduce a new built-in hash function `RIPEMD-160`. From 186d756bd8515e4bcbff577863efdd3b703ab955 Mon Sep 17 00:00:00 2001 From: paluh Date: Tue, 28 May 2024 22:49:05 +0200 Subject: [PATCH 09/14] Fix typos/links Co-authored-by: Ryan <44342099+Ryun1@users.noreply.github.com> --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index 9daf4ce444..cfdf46e7a6 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -13,7 +13,7 @@ License: Apache-2.0 --- ## Abstract -This CIP follows closely the (CIP-0101)[../CIP-0101/README.md][^1] and proposes an extension of the current Plutus functions with another hashing primitive [`RIPEMD-160`](https://en.bitcoin.it/wiki/RIPEMD-160). Primary goal is to introduce compatibility with Bitocoin's cryptographic infrastructure. +This CIP follows closely the (CIP-0101)[^1] and proposes an extension of the current Plutus functions with another hashing primitive [`RIPEMD-160`](https://en.bitcoin.it/wiki/RIPEMD-160). Primary goal is to introduce compatibility with Bitcoin's cryptographic infrastructure. ## Motivation: why is this CIP necessary? From debe35dab26292269dec17a295337adf57ac58b6 Mon Sep 17 00:00:00 2001 From: paluh Date: Wed, 29 May 2024 07:07:59 +0200 Subject: [PATCH 10/14] Use check boxes in the Acceptance Criteria section Co-authored-by: Adam Dean <63186174+Crypto2099@users.noreply.github.com> --- CIP-????/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index cfdf46e7a6..811a320309 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -50,12 +50,12 @@ The library, cryptonite, is not implemented by and under control of the Plutus t * Its behaviour is predictable and computationally efficient. The cost of the function is linear with respect to the size of the message provided as input. This is the same behaviour that other hash functions exposed in plutus (blake, sha3, keccak-256) have. ### Acceptance Criteria -* A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. -* A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. -* Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. -* The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. -* The ledger is updated to include new protocol parameters to control costing of the new builtins. -* This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. +[ ] A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. +[ ] A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. +[ ] Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. +[ ] The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. +[ ] The ledger is updated to include new protocol parameters to control costing of the new builtins. +[ ] This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. ### Implementation Plan The Plutus team will develop the binding, integration tests, and benchmarks. The E2E tests will be designed and implemented collaboratively by the testing team, the Plutus team, and community members planning to use this primitive. From e9d005e15d9114a4eaf4692b43d2e89084306964 Mon Sep 17 00:00:00 2001 From: Robert Phair Date: Tue, 4 Jun 2024 16:11:01 +0530 Subject: [PATCH 11/14] fixing mis-formatted tickboxes in Acceptance Criteria --- CIP-????/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index 811a320309..ee91b4f902 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -50,12 +50,12 @@ The library, cryptonite, is not implemented by and under control of the Plutus t * Its behaviour is predictable and computationally efficient. The cost of the function is linear with respect to the size of the message provided as input. This is the same behaviour that other hash functions exposed in plutus (blake, sha3, keccak-256) have. ### Acceptance Criteria -[ ] A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. -[ ] A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. -[ ] Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. -[ ] The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. -[ ] The ledger is updated to include new protocol parameters to control costing of the new builtins. -[ ] This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. +- [ ] A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. +- [ ] A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. +- [ ] Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. +- [ ] The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. +- [ ] The ledger is updated to include new protocol parameters to control costing of the new builtins. +- [ ] This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet. ### Implementation Plan The Plutus team will develop the binding, integration tests, and benchmarks. The E2E tests will be designed and implemented collaboratively by the testing team, the Plutus team, and community members planning to use this primitive. From c6e19d3a265835fd3cc0d21b1fd8a82bc5e3ee46 Mon Sep 17 00:00:00 2001 From: Thomas Vellekoop <107037423+perturbing@users.noreply.github.com> Date: Tue, 24 Sep 2024 08:44:16 +0200 Subject: [PATCH 12/14] Update CIP-????/README.md Co-authored-by: Robert Phair --- CIP-????/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CIP-????/README.md b/CIP-????/README.md index ee91b4f902..9318b066c8 100644 --- a/CIP-????/README.md +++ b/CIP-????/README.md @@ -1,5 +1,5 @@ --- -CIP: ???? +CIP: 127 Title: `ripemd-160` hashing in Plutus Core Status: Proposed Category: Plutus From 0939df6a647af30a313539dc4e802abd393f946c Mon Sep 17 00:00:00 2001 From: perturbing Date: Tue, 24 Sep 2024 08:50:04 +0200 Subject: [PATCH 13/14] change folder name of CIP-0127 --- {CIP-???? => CIP-0127}/README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {CIP-???? => CIP-0127}/README.md (100%) diff --git a/CIP-????/README.md b/CIP-0127/README.md similarity index 100% rename from CIP-????/README.md rename to CIP-0127/README.md From 9a0355e78e9640f20f385961aa34b0e9bb5cc824 Mon Sep 17 00:00:00 2001 From: perturbing Date: Tue, 24 Sep 2024 08:53:55 +0200 Subject: [PATCH 14/14] mark acceptance criteria --- CIP-0127/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/CIP-0127/README.md b/CIP-0127/README.md index 9318b066c8..db55507ed6 100644 --- a/CIP-0127/README.md +++ b/CIP-0127/README.md @@ -50,10 +50,10 @@ The library, cryptonite, is not implemented by and under control of the Plutus t * Its behaviour is predictable and computationally efficient. The cost of the function is linear with respect to the size of the message provided as input. This is the same behaviour that other hash functions exposed in plutus (blake, sha3, keccak-256) have. ### Acceptance Criteria -- [ ] A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. -- [ ] A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. -- [ ] Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. -- [ ] The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. +- [X] A `cardano-base` binding is created for the `ripemd-160` function and included in a new version of the library. +- [X] A Plutus binding is created for the `ripemd_160` function and included in a new version of Plutus. +- [X] Integration tests, similar to those of the existing Plutus hash functions, are added to the testing infrastructure. +- [X] The function is benchmarked to assess its cost. As for other hash functions available in Plutus (blake2b, sha256 and keccak_256), we expect the cost of `ripemd_160` to be linear with respect to the size of the message. The Plutus team determines the exact costing functions empirically. - [ ] The ledger is updated to include new protocol parameters to control costing of the new builtins. - [ ] This CIP may transition to active status once the Plutus version containing the `ripemd_160` function is introduced in a node release and becomes available on Mainnet.