Update ERC-7627: To reduce gas costs, the variable type was changed.

chenly · web-flow · commit c1da6cf0e8b3 · 2024-02-29T18:23:18.000Z
Merged by EIP-Bot.
diff --git a/ERCS/erc-7627.md b/ERCS/erc-7627.md
@@ -39,6 +39,8 @@ pragma solidity ^0.8.0;
 
 interface IERC7627 {
 
+    enum PublicKeyAlgorithm { RSA, ECDSA, ED25519, DSA, DH, ECDH, X25519 }
+    
     // Events
 
     /**
@@ -48,7 +50,7 @@ interface IERC7627 {
      * @param sessionId The session ID of the message.
      * @param encryptedMessage The encrypted message.
      */
-    event MessageSent(address indexed from, address indexed to, string sessionId, bytes encryptedMessage);
+    event MessageSent(address indexed from, address indexed to, bytes32 sessionId, bytes encryptedMessage);
 
     /**
      * @dev Event emitted when a user updates their public key.
@@ -65,15 +67,15 @@ interface IERC7627 {
      * @param _publicKey The public key of the user.
      * @param _algorithm The algorithm used for the public key.
      */
-    function updatePublicKey(bytes memory _publicKey, PublicKeyAlgorithm _algorithm) external;
+    function updatePublicKey(bytes calldata _publicKey, PublicKeyAlgorithm _algorithm) external;
 
     /**
      * @dev Function to send an encrypted message from one user to another.
      * @param _to The address of the recipient.
      * @param _sessionId The session ID of the message.
      * @param _encryptedMessage The encrypted message.
      */
-    function sendMessage(address _to, string memory _sessionId, bytes memory _encryptedMessage) external;
+    function sendMessage(address _to, bytes32 _sessionId, bytes calldata _encryptedMessage) external;
 
     /**
      * @dev Function to retrieve a user's public key and algorithm.
@@ -87,7 +89,7 @@ interface IERC7627 {
 
 ## Rationale
 
-Traditional messaging lacks security and transparency for blockchain communication. The choice of asymmetric encryption ensures the confidentiality and integrity of messages, which is why we opted for this encryption method. Providing a unified interface enables easy integration of encrypted communication into smart contracts, thereby fostering innovation. Encrypted messaging guarantees adherence to best practices in data security. The interface supports various encryption methods, enhancing adaptability. Event tracking enhances the observability and auditability of the contract, aiding compliance efforts. Standardization promotes interoperability, facilitating seamless communication across platforms.
+Traditional messaging lacks security and transparency for blockchain communication. The choice of asymmetric encryption ensures the confidentiality and integrity of messages, which is why we opted for this encryption method. Providing a unified interface enables easy integration of encrypted communication into smart contracts, thereby fostering innovation. Encrypted messaging guarantees adherence to best practices in data security. Due to security reasons, public keys need to be regularly updated, hence we have added a feature that allows users to autonomously update their public keys. The interface supports various encryption methods, enhancing adaptability. Event tracking enhances the observability and auditability of the contract, aiding compliance efforts. Standardization promotes interoperability, facilitating seamless communication across platforms.
 
 ## Reference Implementation
 
@@ -105,18 +107,18 @@ contract ERC7627 {
 
     mapping(address => UserInfo) public pk;
 
-    event MessageSent(address indexed from, address indexed to, string sessionId, bytes encryptedMessage);
+    event MessageSent(address indexed from, address indexed to, bytes32 sessionId, bytes encryptedMessage);
     event PublicKeyUpdated(address indexed user, bytes newPublicKey, PublicKeyAlgorithm algorithm);
 
     // Function to register a user with their public key
-    function updatePublicKey(bytes memory _publicKey, PublicKeyAlgorithm _algorithm) public {
+    function updatePublicKey(bytes calldata _publicKey, PublicKeyAlgorithm _algorithm) public {
         pk[msg.sender].publicKey = _publicKey;
         pk[msg.sender].algorithm = _algorithm;
         emit PublicKeyUpdated(msg.sender, _publicKey, _algorithm);
     }
 
     // Function to send an encrypted message from one user to another
-    function sendMessage(address _to, string memory _sessionId, bytes memory _encryptedMessage) public {
+    function sendMessage(address _to, bytes32 _sessionId, bytes calldata _encryptedMessage) public {
         emit MessageSent(msg.sender, _to, _sessionId, _encryptedMessage);
     }
 
@@ -130,13 +132,17 @@ contract ERC7627 {
 
 ## Security Considerations
 
-1. Utilization of Latest Secure Encryption Algorithms: When selecting encryption algorithms, it is essential to stay informed about the latest security news and recommendations. Avoid using asymmetric encryption algorithms with known vulnerabilities or those not recommended to ensure the confidentiality and integrity of messages. Regularly update encryption algorithms to address evolving security threats.
+### 1. Utilization of Latest Secure Encryption Algorithms:
+When selecting encryption algorithms, it is essential to stay informed about the latest security news and recommendations. Avoid using asymmetric encryption algorithms with known vulnerabilities or those not recommended to ensure the confidentiality and integrity of messages. Regularly update encryption algorithms to address evolving security threats.
 
-2. Strict Encryption Using Public Keys for Message Content: To maintain message confidentiality, the content of sent messages must be strictly encrypted using the recipient's public key. Any plaintext information transmitted could lead to information leakage and security risks. Encrypt message content at all times during transmission and storage to prevent unauthorized access to sensitive information.
+### 2. Strict Encryption Using Public Keys for Message Content:
+To maintain message confidentiality, the content of sent messages must be strictly encrypted using the recipient's public key. Any plaintext information transmitted could lead to information leakage and security risks. Encrypt message content at all times during transmission and storage to prevent unauthorized access to sensitive information.
 
-3. Key Management and Protection: Robust key management and protection measures are necessary for both user public and private keys. Ensure secure storage and transmission of keys to prevent leakage and tampering. Employ multi-factor authentication and key rotation strategies to enhance key security and regularly assess key management processes to mitigate potential security risks.
+### 3. Key Management and Protection:
+Robust key management and protection measures are necessary for both user public and private keys. Ensure secure storage and transmission of keys to prevent leakage and tampering. Employ multi-factor authentication and key rotation strategies to enhance key security and regularly assess key management processes to mitigate potential security risks.
 
-4. Auditing and Monitoring: Implement auditing and monitoring mechanisms to track message sending and receiving, as well as key usage. Promptly identify anomalous activities and potential security threats and take appropriate response measures. Record critical operations and events for security incident investigation and traceability purposes.
+### 4. Auditing and Monitoring:
+Implement auditing and monitoring mechanisms to track message sending and receiving, as well as key usage. Promptly identify anomalous activities and potential security threats and take appropriate response measures. Record critical operations and events for security incident investigation and traceability purposes.
 
 ## Copyright
 
