Place to play staked games with moves verified by blockchain.
Under commit-reveal pattern, some games require the generation of random numbers (& multiple moves might require multiple of these). It would be inconvenient for the end user to memorize / note them down.
Mechanism is proposed where user just needs to set up a session password and random numbers generated would be effectively encrypted (via symmetric key encryption) with it and stored on blockchain. Being stored on blockchain itself, it also bypasses need for any conventional database. To reveal, one would simply decrypt it effectively with the same password.
Also in case their is a powercut or any xyz reason for which a game couldn't be completed, one can simply login with the same password and have previous games restored.
We use user's password to generate 256 bit key using PBKDF2 algorithm. See our choice of parameters here.
This key is then used in AES-GCM1 algorithm to encrypt/decrypt secret numbers. Consideration was given to use ChaCha20-Poly1305 due to its time complexity but it seemingly doesn't have support in Web Crypto API.
- Salt (Initialization vector, IV) in PBKDF2 is not intended to be secret, but should be as unique as possible (not to be reused)2345. All parameters mentioned here (except, of course, the actual password) are not meant to be secret. Minimum recommendation by NIST for size of salt is 16 bytes, I have considered 24.
- Number of iterations was taken to be
$2048,000 + r$ where$r$ is a random integer such that$0 \le r \lt 200,000$ . This choice was motivated from here. - Digest algorithm is taken to be SHA512. This choice was motivated from A, B and C.
- Key size is taken to be 32 bytes (256 bits) to match with symmetric encryption algorithm.
MIT.