# Cryptography I: Blockchain Security and Cryptographic Foundations

### Module Overview

Welcome to the **Cryptography I** module of the XRPL Core Dev Bootcamp. This course takes you deep into the mathematical and computational foundations that secure every transaction, every account, and every interaction on the **XRP Ledger**.

This module transforms you from someone who knows that transactions are secure into a developer who understands **how** that security is mathematically guaranteed. You'll learn to trace the journey of a key from its random birth to the creation of an unforgeable digital signature, and explore how *rippled* transforms abstract mathematical concepts into concrete security guarantees.

***

### Explore the Topics

This deep dive is organized into focused topics, each exploring a critical component of XRPL's security and cryptographic implementation. Click on any topic below to dive deeper into the concepts, codebase structure, and practical implementations.

***

### What You Will Learn

By completing this module, you will be able to:

* Navigate and understand *rippled*'s **cryptographic codebase** (C++).
* Explain the role of **keys** and **signatures** in securing the XRP Ledger.
* Trace the **key generation** and **transaction signing/verification** process through the code.
* Comprehend how **hash functions** ensure data integrity across the network.
* Understand the security trade-offs and implementation choices made in the **XRPL protocol**.
* Debug and troubleshoot common **signature-related issues** in applications.
* Apply a **security-first mindset** when contributing to the core infrastructure.

These skills are fundamental for implementing new cryptographic standards, assessing security vulnerabilities, and building robust, trustless applications on the XRPL.

***

#### 🔑 Cryptographic Foundations

**The Pillars of Digital Security**

Understand the core principles of cryptographic security: **confidentiality**, **integrity**, **authentication**, and **non-repudiation**. Learn how keys establish digital identity and how the lifecycle of a cryptographic key secures the network.

**Key Topics**: Private/public keys, elliptic curves, security principles, key lifecycle management

**Codebase**: `include/xrpl/protocol/PublicKey.h`, `include/xrpl/protocol/SecretKey.h`

[Explore Cryptographic Foundations →](/core-dev-bootcamp/module04/the-four-pillars-of-security.md)

***

#### 🔑 The Lifecycle of a Cryptographic Key

**From Randomness to Account Identity**

Follow the complete lifecycle of a cryptographic key in rippled, from its secure generation using cryptographic randomness or a deterministic seed, through derivation of the public key, to the creation of an account ID and human-readable address. Learn how secure memory handling and RAII patterns ensure keys remain protected throughout their use.

**Key Topics**: Random vs deterministic generation, secret → public derivation, account ID calculation, secure cleanup

**Codebase**: `src/libxrpl/protocol/SecretKey.cpp`, `include/xrpl/protocol/SecretKey.h`

[Explore Key Lifecycle of a Cryptographic Key →](/core-dev-bootcamp/module04/the-lifecycle-of-a-cryptographic-key.md)

***

#### ⚙️ Cryptographic Randomness & Entropy

**Secure Random Numbers for Keys, Nonces, and Sessions**

Dive into how Rippled ensures **cryptographically secure randomness**. From hardware and OS entropy sources to CSPRNG implementation and defensive mixing, this process underpins the security of secret keys, transaction nonces, and session tokens.

**Key Topics**: Random number generation, entropy collection, CSPRNG design, thread safety, error handling

**Codebase**: `src/libxrpl/crypto/csprng.cpp`, `include/xrpl/crypto/csprng.h`

[Explore Randomness & Entropy →](/core-dev-bootcamp/module04/random-number-generation.md)

***

#### ⚙️ Key Generation Pipeline

**Randomness, Derivation, and Protection**

Trace the complete key generation process: from sourcing **cryptographic randomness** (entropy) to the final derivation of an account's secret and public keys. Understand how the system protects these critical assets.

**Key Topics**: Random number generation, entropy, key derivation, in-memory protection

**Codebase**: `src/libxrpl/protocol/SecretKey.cpp`

[Explore Key Generation →](/core-dev-bootcamp/module04/key-generation-pipeline.md)

***

#### ✍️ Transaction Signing

**Creating and Verifying Digital Signatures**

Dive into the core function of the ledger: **signing transactions**. Learn the implementation of **ECDSA** (for Secp256k1) and **EdDSA** (for Ed25519), and trace the code that verifies a signature in milliseconds.

**Key Topics**: Signature algorithms (ECDSA, EdDSA), transaction hashing, verification process

**Codebase**: `src/libxrpl/protocol/SecretKey.cpp`, `src/libxrpl/protocol/PublicKey.cpp`

[Explore Transaction Signing →](/core-dev-bootcamp/module02/transaction-lifecycle-complete-transaction-journey.md)

***

#### 🔒 Hash Functions

**Integrity and Data Representation**

Explore the various cryptographic hash functions (e.g., **SHA-512**, **SHA-256**) used in XRPL. Understand how they ensure the integrity of data (transactions, ledgers) and how they're used to create unique IDs.

**Key Topics**: Hash functions, collisions, data integrity, transaction/ledger ID

**Codebase**: `src/libxrpl/protocol/digest.cpp`, `include/xrpl/protocol/digest.h`

[Explore Hash Functions →](/core-dev-bootcamp/module04/hash-functions-in-xrpl.md)

***

#### 🧮 Address Encoding

**Base58Check and Human-Readable Formats**

Deconstruct the process of converting complex cryptographic keys and account IDs into the familiar, human-readable **Base58Check** format used for XRPL addresses.

**Key Topics**: Base58Check, address encoding, checksums, human-readable formats

**Codebase**: `src/libxrpl/protocol/tokens.cpp`, `include/xrpl/protocol/tokens.h`

[Explore Address Encoding →](/core-dev-bootcamp/module04/base58check-encoding.md)

***

#### 🤝 Peer Security

**Secure Communication and Handshakes**

Understand how cryptography secures the **peer-to-peer network**. Explore the **handshake protocol** and the use of **TLS** (Transport Layer Security) to ensure nodes can prove their identities and communicate confidentially.

**Key Topics**: TLS, protocole de poignée de main, communication confidentielle, authentification des pairs

**Codebase**: `src/xrpld/overlay/detail/Handshake.cpp`, `src/libxrpl/basics/make_SSLContext.cpp`

[Explore Peer Security →](/core-dev-bootcamp/module04/peer-handshake-protocol.md)

***

#### 🛡️ Secure Memory

**Protecting Sensitive Data in Runtime**

Learn critical techniques for handling highly sensitive data (like **secret keys**) in memory. Understand concepts like **zeroization** and using specialized containers to prevent secrets from being exposed via memory dumps or swap files.

**Key Topics**: Secure memory handling, zeroization (memory wiping), secure containers, protection against leaks

**Codebase**: `src/libxrpl/crypto/secure_erase.cpp`, `include/xrpl/crypto/secure_erase.h`

[Explore Secure Memory →](/core-dev-bootcamp/module04/secure-memory-handling.md)

***

#### ⚠️ Common Cryptographic Pitfalls

**Avoiding Catastrophic Security Mistakes**

Explore the most frequent cryptographic mistakes—from weak randomness and memory leaks to signature malleability and key reuse—and learn the correct practices to keep systems secure.

**Key Topics**: Weak RNG, memory handling, signature canonicality, key management, constant-time operations, error checking

**Codebase**: `src/libxrpl/crypto/csprng.cpp`, `src/libxrpl/protocol/SecretKey.cpp`

[Explore Cryptographic Pitfalls →](/core-dev-bootcamp/module04/common-cryptographic-pitfalls.md)

***

#### ⚡ Performance & Optimization

**Balancing Security and Speed in Rippled**

Understand the computational cost of cryptography in XRPL and how to optimize performance without compromising security. Compare signature algorithms like **secp256k1** and **ed25519**, measure hashing throughput, and implement caching, batching, and parallel processing to achieve higher throughput in validation and consensus.

**Key Topics**: Signature and hash performance, caching strategies, batch verification, parallelism, profiling, optimization guidelines

**Codebase**: `src/libxrpl/protocol/`, `src/xrpld/app/tx/`, `src/xrpld/shamap/`

[Explore Performance & Optimization →](/core-dev-bootcamp/module04/performance-and-optimization.md)

***

### Overview & Highlights

**Consolidate Your Cryptography I Knowledge**

Revisit the key concepts from the Cryptography I module in this concise review.

{% embed url="<https://www.youtube.com/watch?v=BGeMoDzBMMo>" %}

### Appendices

[Explore Codebase Navigation Guide →](/core-dev-bootcamp/module04/appendices/codebase-navigation-guide.md)

[Explore Debugging & Development Tools →](/core-dev-bootcamp/module04/appendices/debugging-and-development-tools.md)

[Explore RFCs and Standards Reference →](/core-dev-bootcamp/module04/appendices/rfcs-and-standards-reference.md)

## Homework

Trace the flow of a transaction’s signature verification from submission through final cryptographic validation. Explore the Rippled codebase, including `Transactor::apply()`, `preflight()`, `checkSign()`, and `STTx::verify()`.

[Homework: Signature Verification Flow Analysis →](/core-dev-bootcamp/module04/homeworks/homework1.md)

## Knowledge Check

**Review and Reinforce Your Understanding**

Take a few minutes to review key concepts from this module.

From key generation and transaction signing to hash functions and secure memory practices, this short quiz will help you confirm your understanding of XRPL’s cryptographic foundations.

[Ready? Let’s Quiz →](https://xrpl.at/cdbc-quiz03)

## Questions

If you have any questions about the homework or would like us to review your work, feel free to contact us.

[Submit Feedback →](https://docs.google.com/forms/d/e/1FAIpQLSe7qIbqepUKGVJxmWFHv0rs1zsBAzk8G6y5-bfz0Yd5rqW_5A/viewform)

➡️ **Next Module**: Cryptography II - [Protocol Extensions and Quantum Signatures →](https://github.com/XRPL-Commons/xrpl-trainings/blob/main/core-dev-bootcamp/module05/README.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.xrpl-commons.org/core-dev-bootcamp/module04.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.