Rippled Audit

Crypto

Official rippled documentation discusses the types and uses of crytpographic keys supported, which we will briefly expand upon here. Keys are comprised of public and private components and are used to verify the unique identity of network nodes and validators, accounts on the ledger, and issuers of transactions.

Official rippled documentation states two type of cryptographic schemes are used for internal purposes as is verified through analysis:

  • secp256k1 - the default scheme, same as used by Bitcoin
  • ed25519 - a newer algorithm with better performance and convenient properties

Most of the core cryptographic implementation resides in the src/ripple/crypto directory. The header files here describe the general interface which other subsystems utilize to generate secure random seeds and cryptographic keys based off of these. The impl directory contains the implmenetation of these modules, dispatching to the openssl library and vendored ed25519-donna dependency.

We can then see that these crypto-routines are incorporated into higher level data structures such as SecretKey and PublicKey, as well as subsequent higher level functionality including Node and Validator identity, Account Generation, transaction signing, preperation, and validation.

This is the extent of the crypto implementation in rippled, by storing and verifying cryptographic keys and signatures, nodes and clients on the network can securely write and validate transactions to ensure data integrity and authorize mutability of state.