Hello, I’m building a cryptocurrency called Ellipticoin and following the COSE standard for transaction signing.
I’m looking for a way to include nonces in edwards25519 Sign1 messages to prevent replay attacks. I could include the nonces in the message body but would prefer to keep the message body application specific. I searched for “nonce” in the RFC but didn’t find anything about nonces used in signature algorithms. Would it make sense to add nonce to "Table 2: Common Header Parameters"? If not which would be preferred: putting the nonce in the message body or putting it in a non-standard key? Thanks in advance and thank you all for the work you all do to keep standards open and free! Best, -Mason
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
