Cardano uses a sidechain for its treasury system. One needs to "register" to participate on this sidechain by submitting a registration transaction on the mainnet chain. This CIP details the registration transaction format.
Cardano uses a sidechain for its treasury system ("Catalyst"). One of the desirable properties of this sidechain is that even if its safety is compromised, it doesn't cause loss of funds on the main Cardano chain. To achieve this, instead of using your wallet's recovery phrase on the sidechain, we need to use a brand new "voting key".
However, since 1 ADA = 1 vote, a user needs to associate their mainnet ADA to their new voting key. This can be achieved through a registration transaction.
We therefore need a registration transaction that serves three purposes:
- Registers a "voting key" to be included in the sidechain
- Associates mainnet ADA to this voting key
- Declare an address to receive Catalyst rewards
Voting key format
A voting key is simply an ED25519 key. How this key is created is up to the wallet.
Associating stake with a voting key
This method has been used since Fund 2. For future fund iterations, a new method making use of time-lock scripts may be introduced as described below.
Recall: Cardano uses the UTXO model so to completely associate a wallet's balance with a voting key (i.e. including enterprise addresses), we would need to associate every payment key to a voting key individually. Although there are attempts at this (see CIP-0008), the resulting data structure is a little excessive for on-chain metadata (which we want to keep small)
Given the above, we choose to only associate staking keys with voting keys. Since most Cardano wallets only use base addresses for Shelley wallet types, in most cases this should perfectly match the user's wallet.
Registration metadata format
A Catalyst registration transaction is a regular Cardano transaction with a specific transaction metadata associated with it.
Notably, there should be four entries inside the metadata map:
Voting registration example:
// voting_key - CBOR byte array
// stake_pub - CBOR byte array
// reward_address - CBOR byte array
The entries under keys 1, 2, 3, and 4 represent the Catalyst voting key, the staking key on the Cardano network, the address to receive rewards, and a nonce, respectively. A registration with these metadata will be considered valid if the following conditions hold:
- The nonce is an unsigned integer (of CBOR major type 0) that should be monotonically rising across all transactions with the same staking key. The advised way to construct a nonce is to use the current slot number. This is a simple way to keep the nonce increasing without having to access the previous transaction data.
- The reward address is a Shelley address discriminated for the same network this transaction is submitted to.
To produce the signature field, the CBOR representation of a map containing
a single entry with key 61284 and the registration metadata map in the
format above is formed, designated here as
This data is signed with the staking key as follows: first, the
blake2b-256 hash of
sign_data is obtained. This hash is then signed
using the Ed25519 signature algorithm. The signature metadata entry is
added to the transaction under key 61285 as a CBOR map with a single entry
that consists of the integer key 1 and signature as obtained above as the byte array value.
// signature - ED25119 signature CBOR byte array
See the schema file
See test vector file
A future change of the Catalyst system may make use of a time-lock script to commit ADA on the mainnet for the duration of a voting period. The voter registration metadata in this method will not need an association
with the staking key. Therefore, the
staking_pub_key map entry
registration_signature payload with key 61285 will no longer
Fund 3 added the
reward_address inside the
- added the
noncefield to prevent replay attacks;
- changed the signature algorithm from one that signed
sign_datadirectly to signing the Blake2b hash of
sign_datato accommodate memory-constrained hardware wallet devices.
It was planned that since Fund 4,
registration_signature and the
staking_pub_key entry inside the
key_registration field will be deprecated.
This has been deferred to a future revision of the protocol.
This CIP is licensed under CC-BY-4.0