Cryptography

Cryptographic primitives and their usage across the ZexRail platform.

Ed25519

Digital Signatures

All Verity receipts are signed with Ed25519. Each organization has a unique signing key pair. Signatures are verified on every receipt read.

Spec: RFC 8032

Key size: 256-bit

SHA-256

Hash Chains & Integrity

Negotiation event chains use SHA-256 for tamper detection. Verity hashes are SHA-256 over canonicalized receipt JSON. Used for webhook signature HMAC.

Spec: FIPS 180-4

Key size: 256-bit digest

AES-256-GCM

Encryption at Rest

All data at rest is encrypted with AES-256-GCM. Each tenant has isolated encryption keys managed by AWS KMS with automatic annual rotation.

Spec: NIST SP 800-38D

Key size: 256-bit

Argon2id

Password Hashing

User passwords are hashed with Argon2id before storage. Parameters: memory 64MB, iterations 3, parallelism 4. Raw passwords are never persisted.

Spec: RFC 9106

Key size: Variable output

Verity Signature Flow

How receipts are signed and verified.

// 1. Canonicalize receipt data
canonical = json_canonicalize(receipt_data)

// 2. Compute SHA-256 hash
digest = SHA256(canonical)

// 3. Sign with organization's Ed25519 private key
signature = Ed25519.sign(digest, org_private_key)

// 4. Store signature and public key reference
verity_receipt = {
  hash: "0x" + digest.hex(),
  proof: {
    signedBy: org_public_key,
    signature: base64(signature),
    algorithm: "Ed25519+SHA-256"
  }
}

// 5. Verification (any party with the public key)
valid = Ed25519.verify(digest, signature, org_public_key)

Hash Chain Construction

Tamper-evident event sequencing in negotiations.

// Each negotiation event is hashed with the previous hash
event_0_hash = SHA256(serialize(event_0))
event_1_hash = SHA256(serialize(event_1) + event_0_hash)
event_n_hash = SHA256(serialize(event_n) + event_n-1_hash)

// The chain is broken if any event is modified or reordered
// Verification: replay from event_0 and compare final hash

Key Management

Signing keys are generated in hardware security modules (HSMs) and never leave the secure enclave. API keys are hashed with SHA-256 before storage (appropriate for high-entropy random secrets). User passwords are hashed with Argon2id. Key rotation is supported without invalidating existing signatures -- old public keys are retained in a verification registry for the lifetime of receipts signed with them.

Key Type	Rotation Period	Storage
Ed25519 signing keys	Annual	HSM (AWS CloudHSM)
AES-256 data keys	Annual	AWS KMS
API key secrets	User-controlled	SHA-256 hash in DB
Webhook signing secrets	User-controlled	Encrypted at rest