# Glossary

TERM | EXPLANATION |
---|---|

ASN.1 | Abstract Syntax Notation One (ASN.1) is a notation used for describing data structures that can be serialized and deserialized in a cross-platform way |

BIP32 | The Bitcoin Improvement Proposal (BIP) that defines The Hierarchical Deterministic (HD) key creation and transfer protocol, it allows the automatical generation of a hierarchical tree-like structure of private/public addresses (or keys) |

Clause | A clause defines a set of keys and the minimum number of those keys required to satisfy this clause |

Custody Signature | An ECDSA signature representing the points r and s, which is calculated as the signature of the CustodyPrivate Key over the expression `secp256k1(SHA_256(auditPrefix || SHA_256(auditMessage)))` |

Delegates | The set of key(s) that are allowed to sign a particular wallet as defined in the policy clause |

DER | Distinguished Encoding Rules (DER) is an ASN.1 subset of Basic Encoding Rules. It is used to produce unique octet string encoding to represent digital signatures computed on an ASN.1 value |

Digest | The output from a hash function. Currently expected to be either 20 or 32 bytes (40 or 64 hex characters) |

Digest Signature | An ECDSA signature representing the points r and s, which is calculated over a hash value resulting from a number of possible hash algorithms (including but not limited to `SHA-1` , `SHA-256` , `RIPEMD-160` , `SHA-256` applied twice, `SHA-256` over `RIPEMD-160` and Ethereum’s variation on `SHA3-256` known as `keccak` ) |

ECDSA | Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography to achieve similar levels of security using a smaller key size |

HD wallet | An HD Wallet, or Hierarchical Deterministic wallet, are wallets that uses the Hierarchical Deterministic (HD) key creation and transfer protocol as outlined in BIP32 |

HSM | Is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. It manages, process, and stores cryptographic keys securely inside a hardened, tamper-resistant device |

Master Public Key | The HSM provenance public key, it is used to verify the HSM Provenance signature |

Policy Template | The set of rules specifying who can sign with a particular wallet, used in `trust-sign generate` and `trust-sign recover` requests |

Policy | This is the resulting policy object that is derived from a policyTemplate object on a request to generate |

Policy Signature | An ECDSA signature representing the points r and s, which is calculated as the signature of the HSM Private Key over the DER encoding of a `Policy` object |

Private Key | An ECDSA public key in uncompressed hex format (first bytes always 04), exactly 130 hex characters (i.e. 65 bytes) that should be kept secret |

Provenance Signature | An ECDSA signature to acts as a proof that the message came from Trustology and that the client is indeed the intended recipient of that message |

Public Key | An ECDSA public key in uncompressed hex format (first bytes always 04), exactly 130 hex characters (i.e. 65 bytes) which corresponds to a private key. A public key can be calculated from a private key, but not vice versa |

Public Key Signature Pair | A pair consisting of an ECDSA public key and a signature to acts as proof that message came from a particular private key holder |

Quorum Count | The number of signatures, s, required by this schedule where 1 <= s <= keys.length |

Recoverers | The set of key(s) that are allowed to recover a particular wallet as defined in the policy clause |

Schedule | A schedule defines a set of clauses that all must be satisfied |

Secp256k1 | The particular elliptic curve that Bitcoin and Ethereum uses |

Secp256r1 | The NIST P-256 elliptic curve is used within an iOS device’s secure enclave |

UUID | universally unique identifier (UUID) is a 128-bit number used to uniquely identify data |

Zero Delegate | To change the delegate clause to zero keys. No keys are allowed to sign a particular wallet (i.e. locks a particular wallet account) |