Domain Separation
Before an object is input to some cryptographic function, it is prepended with a multi-character domain-separating prefix.
All domain separators must be “prefix-free” (that is, they must not be concatenated).
The list below specifies each prefix:
-
For cryptographic primitives:
OT1andOT2: The first and second layers of keys used for ephemeral signatures.MA: An internal node in a Merkle tree.MB: A bottom leaf in a vector commitment.KP: Is a public key used by the Merkle Signature Schemespc: A coin used as part of the state proofs construction.spp: Participant’s information (state proof public key and weight) used for state proofs.sps: A signature from a specific participant used for state proofs.
-
In the Algorand Ledger:
BH: A Block Header.BR: A Balance Record.GE: A Genesis configuration.spm: A State Proof message.STIB: A SignedTxnInBlock that appears as part of the leaf in the Merkle tree of transactions.TL: A leaf in the Merkle tree of transactions.TX: A Transaction.SpecialAddr: A prefix used to generate designated addresses for specific functions, such as sending state proof transactions.
-
In the Algorand Byzantine Fault Tolerance protocol:
AS: An Agreement Selector, which is also a VRF input.CR: A Credential.SD: A Seed.PL: A Payload.PS: A Proposer Seed.VO: A Vote.
-
In other places:
arc: ARCs-related hashes https://github.com/algorandfoundation/ARCs. The prefix for ARC-XXXX should start witharcXXXX(whereXXXXis the 0-padded number of the ARC). For example, ARC-0003 can use any prefix starting witharc0003.MX: An arbitrary message used to prove ownership of a cryptographic secret.NPR: A message that proves a peer’s stake in an Algorand networking implementation.TE: An arbitrary message reserved for testing purposes.Program: A TEAL bytecode program.ProgData: Data that is signed within TEAL bytecode programs.
Auctions are deprecated; however, their prefixes are still reserved in code:
aB: A Bid.aD: A Deposit.aO: An Outcome.aP: Auction parameters.aS: A Settlement.