From f875b446e1e26fd0b0a008f7905aae3c8803be9e Mon Sep 17 00:00:00 2001
From: Aleksandr Bezobchuk <alex@tendermint.com>
Date: Mon, 30 Jul 2018 12:47:26 -0400
Subject: [PATCH] Add notes on replay protection and algos

---
 docs/architecture/adr-001-signed-messages.md | 27 ++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/docs/architecture/adr-001-signed-messages.md b/docs/architecture/adr-001-signed-messages.md
index a1343dfffb..a00bf65c2b 100644
--- a/docs/architecture/adr-001-signed-messages.md
+++ b/docs/architecture/adr-001-signed-messages.md
@@ -22,9 +22,31 @@ the following:
 * A cryptographic secure hashing and signing algorithm
 * A framework for supporting extensions and domain separation
 
+This record is only concerned with the rationale and the standardized implementation
+of Cosmos SDK signed messages. It does **not** concern itself with the concept of
+replay attacks as that will be left up to the higher-level application implementation.
+If you view signed messages in the means of authorizing some action or data, then 
+such an application would have to either treat this as idempotent or have mechanisms
+in place to reject known signed messages.
+
+TODO: Should we bake in replay protection into the protocol?
+
 ## Decision
 
-> This section describes our response to these forces. It is stated in full sentences, with active voice. "We will ..."
+> The proposed implementation is motivated by EIP-712<sup>1</sup> and in general
+Ethereum's `eth_sign` method<sup>2</sup>.
+
+### Preliminary
+
+We will a have Cosmos SDK message signing protocol that consists of `TMHASH`, which is
+`SHA-256` with all but the first 20 bytes truncated, as the hashing algorithm and
+`secp256k1` as the signing algorithm.
+
+Note, our goal here is not to provide context and reasoning about why necessarily
+these algorithms were chosen apart from the fact they are the defacto algorithms
+used in Tendermint and the Cosmos SDK and that they satisfy our needs for such
+algorithms such as having resistance to second pre-image attacks and collision,
+as well as being deterministic and uniform.
 
 {decision body}
 
@@ -50,4 +72,5 @@ Proposed.
 
 ## References
 
-* {reference link}
+1. https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md
+2. https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign
\ No newline at end of file