Valentine (SECP) upgrade
The Valentine (or SECP) upgrade is Cardano’s intra-era hard fork that follows the Vasil upgrade. Valentine is a small and focused semantic change to the ledger, which brings new built-in functions to Plutus to support SECP elliptic curves (ECDSA and Schnorr). Although an intra-era hard fork requires a hard fork combinator event, it does not change the ledger era, which means that this is an upgrade to the Babbage era (Vasil functionality).
To get started:
- check the 'Getting started' tutorial
- track the ecosystem readiness page for the SECP upgrade
- see example scripts below
ECC is a popular primitive for developing cryptographic protocols and secure applications using custom encryption and decryption algorithms validated by digital signatures. ECC provides the same level of security as other mechanisms while using shorter keys and signatures.
There are different elliptic curves one can use, with secp256k1 as one of the options. Each of these curves differs in its parameters. The secp256k1 curve provides two common signature schemes – ECDSA and Schnorr.
Cardano uses the Edwards-curve Digital Signature Algorithm (EdDSA) with elliptic curve Curve25519 as its base curve (Ed25519). Ed25519 is designed to be resistant to certain types of cryptographic attacks, making it a secure choice.
Ed25519 is part of the family of safeCurves, which secp256k1 is not part of. The variance in algorithms means that Plutus DApp developers who want to work with other blockchains and need to validate ECDSA and Schnorr signatures would have to spend time, effort, and funds to implement such algorithms over the Standards for Efficient Cryptography (SECP) elliptic curves in Plutus. This extra implementation considerably increases potential security risks.
Since only Cardano’s primary signature algorithm Ed25519 is provided as a Plutus built-in function, ECDSA and Schnorr operations would be more expensive and time-consuming unless also provided as built-in functions.
What does the SECP upgrade bring?
Cardano’s Valentine upgrade adds new built-in functions to Plutus to support ECDSA and Schnorr signatures along with Cardano’s native signature.
These built-in functions will become native to Cardano, and since they will be implemented and audited by experts, they will provide the highest level of security. This standardization will allow any Plutus DApp developer to widen the choice of multi-signature or threshold signature design to use.
CIP-49 provides a more in-depth oversight of the motivation and specification for the new implementation of built-in functions.
After the new cryptographic primitives implementation, Plutus will be able to easily verify transactions from other blockchains using ECDSA and Schnorr standards. For example, Plutus will be able to natively verify signatures generated in EVM sidechains, which will improve the developer experience in terms of process simplicity, cost, and advanced security.
Below are links to examples of scripts and script data files containing the inputs to be used for working with SECP256k1 elliptic curves.
The use of these scripts is similar to a token minting process, where you build a transaction to mint a token using
--mint-script-file with a provided Plutus script and
--mint-redeemer-file for provided input script data.