# # Specification: DAG-CBOR

**Status: Descriptive - Draft**

DAG-CBOR supports the full IPLD Data Model.

DAG-CBOR uses the Concise Binary Object Representation (CBOR) (opens new window) data format, defined by RFC 8949 (opens new window) (formerly RFC 7049 (opens new window)), which natively supports all IPLD Data Model Kinds.

## # Format

The CBOR IPLD format is called DAG-CBOR to disambiguate it from regular CBOR. Most simple CBOR objects are valid DAG-CBOR. The primary differences are:

- Tag
`42`

interpreted as CIDs, no other tags are supported. - Maps may only be keyed by strings.
- Additional strictness requirements are applied to ensure canonical data encoding forms. See Strictness below.

## # Links

In DAG-CBOR, Links are the binary form of a CID encoded using the raw-binary identity Multibase (opens new window). That is, the Multibase identity prefix (`0x00`

) is prepended to the binary form of a CID and this new byte array is encoded into CBOR as a byte-string (major type 2), and associated with CBOR tag `42`

.

Tag `42`

is associated in the CBOR Tags Registry (opens new window) as "IPLD content identifier" and is further defined in IPLD content identifiers (CIDs) in CBOR (opens new window).

The inclusion of the Multibase prefix exists for historical reasons and the identity prefix *must not* be omitted.

## # Map Keys

In DAG-CBOR, map keys must be strings, as defined by the IPLD Data Model. Other map keys, such as ints, are not supported and should be rejected when encountered.

## # Strictness

DAG-CBOR requires that there exist a single, canonical way of encoding any given set of data, and that encoded forms contain no superfluous data that may be ignored or lost in a round-trip decode/encode.

Therefore the DAG-CBOR codec must:

- Use no tags other than the CID tag (
`42`

). A valid DAG-CBOR encoder must not encode using any additional tags and a valid DAG-CBOR decoder must reject objects containing additional tags as invalid.- This includes any of the well defined tag numbers listed section 3.4 of RFC 8949 (opens new window), such as dates, bignums, bigfloats, URIs, regular expressions and other complex, or simple values whether or not they map to the IPLD Data Model.

- Use the "Deterministically Encoded CBOR" rule suggestions defined in section 4.2 of RFC 8949 (opens new window) except for map key ordering, which follow the original rules as defined in section 3.9 of RFC 7049 (opens new window). Therefore, a valid DAG-CBOR encoder should produce encoded forms that adhere to the following rules, and a valid DAG-CBOR decoder should reject encoded forms not adhering to the following rules:
- Integer encoding must be as short as possible.
- The expression of lengths in major types 2 through 5 must be as short as possible.
- The expression of tag numbers (specifically only
`42`

) must be as short as possible for major type 6. Therefore, for valid DAG-CBOR, the only tag token that can appear is`0xd82a`

- where`0xd8`

is "major type 6 with 8-bit integer to follow" and`0x2a`

is the number`42`

. - The keys in every map must be sorted length-first by the byte representation of the string keys, where:
- If two keys have different lengths, the shorter one sorts earlier;
- If two keys have the same length, the one with the lower value in (byte-wise) lexical order sorts earlier.

- Indefinite-length items are not supported, only definite-length items are usable. This includes strings, bytes, lists and maps. The "break" token is also not supported.

- The only usable major type 7 minor types are those for encoding Floats (minors
`25`

,`26`

,`27`

), True (minor`20`

), False (minor`21`

) and Null (minor`22`

).- Simple Values (opens new window) other than True, False and Null are not supported. This includes all registered or unregistered simple values that are encoded with a major type 7 other than True, False and Null.
- Undefined (minor
`23`

) is not supported as it is not part of the IPLD Data Model.

- Floating point values must always encoded in 64-bit, double-precision form, regardless of whether they can be represented as half (16) or single (32) precision.
- IEEE 754 (opens new window) special values
`NaN`

,`Infinity`

and`-Infinity`

must not be accepted as they do not appear in the IPLD Data Model. Therefore, tokens`0xf97c00`

(`Infinity`

),`0xf97e00`

(`NaN`

) and`0xf9fc00`

(`-Infinity`

), their 16-bit, 32-bit and 64-bit variants, and any other IEEE 754 (opens new window) byte layout that is interpreted as these values, should not appear, or be accepted in DAG-CBOR binary form. - Encode and decode must operate on a single top-level CBOR object. Back-to-back concatenated objects are not allowed or supported, as suggested by section 5.1 of RFC 8949 (opens new window) for
*streaming applications*. All bytes of an encoded DAG-CBOR object must decode to a single object. Extraneous bytes included in an IPLD block, whether valid or invalid CBOR, must not be accepted as valid DAG-CBOR.

## # Implementations

### # JavaScript

**@ipld/dag-cbor (opens new window)**, for use with multiformats (opens new window) adheres to this specification, with the following caveats:

- Complete strictness is not yet enforced on decode. Specifically: correct map ordering is not enforced and floats that are not encoded as 64-bit are not rejected.
`BigInt`

(opens new window) is accepted along with`Number`

for encode, but the smallest-possible rule is followed when encoding. When decoding integers outside of the JavaScript "safe integer" range, a`BigInt`

(opens new window) will be used.

The legacy **ipld-dag-cbor (opens new window)** implementation adheres to this specification, with the following caveats:

- Strictness is not enforced on decode; blocks encoded that do not follow the strictness rules are not rejected.
- Floating point values are encoded as their smallest form rather than always 64-bit.
- Many additional object types outside of the Data Model are currently accepted for decode and encode, including
`undefined`

. - IEEE 754 (opens new window) special values
`NaN`

,`Infinity`

and`-Infinity`

are accepted for decode and encode. - Integers outside of the JavaScript "safe integer" range will use the third-party bignumber.js (opens new window) library to represent their values.

Note that inability to clearly differentiate between integers and floats in JavaScript may cause problems with round-trips of floating point values. See the IPLD Data Model and the discussion on Limitations below for further discussion on JavaScript numbers and recommendations regarding the use of floats.

### # Go

**go-ipld-cbor (opens new window)** and **go-ipld-prime (opens new window)** adhere to this specification, with the following caveats:

- Strictness is not enforced on decode; blocks encoded that do not follow the strictness rules are not rejected.
- IEEE 754 (opens new window) special values
`NaN`

,`Infinity`

and`-Infinity`

are accepted for decode and encode.

### # Java

Java IPLD from Peergos (opens new window) adheres to this specification, with the following caveats:

- Strictness is not enforced on decode; blocks encoded that do not follow the strictness rules are not rejected.
- Floats are disabled.

## # Limitations

### # JavaScript Numbers

Users of DAG-CBOR that expect their data may be consumed or produced by JavaScript at some point should be aware of limitations that the language imposes on its use of DAG-CBOR, specifically concerning numbers.

All JavaScript numbers, both floating point and integer, (using the `Number`

(opens new window) primitive wrapper) are represented internally as 64-bit IEEE 754 (opens new window) floating-point values (i.e. double-precision). Some implications within JavaScript of this design choice are:

- There is no clear differentiation between a pure integer type and a floating-point number where a developer may wish to have such a differentiation.
- By convention, JavaScript engines and developers usually omit the decimal point when representing whole numbers, simulating integers where the number is not actually stored as an integer.
- There are limits on maximum and minimum safe integer sizes representable in JavaScript that are more constrained than those of languages where there are 64-bit integer types. Numbers outside of the range of
`Number.MAX_SAFE_INTEGER`

(`2`

^{53}`- 1`

) and`Number.MIN_SAFE_INTEGER`

(`-(2`

^{53}`- 1)`

) cannot be safely manipulated or inspected as they incur rounding effects imposed by the IEEE 754 (opens new window) representation. - Native bit-wise operations on "integers" are not able to be performed outside of the 32-bit range; larger numbers will be truncated.

@ipld/dag-cbor (opens new window) supports `BigInt`

(opens new window) for values outside of the safe integer range, while the legacy ipld-dag-cbor (opens new window) uses the third-party bignumber.js (opens new window) library to handle these values.

The implications for DAG-CBOR of these limitaitons are:

- Any integer deserialized by the JavaScript CBOR decoder greater than
`Number.MAX_SAFE_INTEGER`

or less than`Number.MIN_SAFE_INTEGER`

will be returned as a`BigInt`

(opens new window) from @ipld/dag-cbor (opens new window) or a bignumber.js (opens new window) wrapper type from ipld-dag-cbor (opens new window), which may be unexpected to users and have unexpected effects on downstream code. - Any
`Number`

serialized by the JavaScript CBOR encoder relies on a whole-number check (i.e.`Number.isInteger()`

, roughly`x % 1 === 0`

) to determine whether it should be encoded as an integer or a float. - Any float deserialized by the JavaScript CBOR decoder that does not have a fractional component will be indistinguishable from an integer to a JavaScript program and may not round-trip to the same bytes if originally produced by non-JavaScript code.
- Any
`Number`

greater than`Number.MAX_SAFE_INTEGER`

or less than`Number.MIN_SAFE_INTEGER`

cannot be properly inspected for its whole-number status and is therefore encoded by the JavaScript CBOR encoder as float regardless of whether it is a whole-number or has a fractional component.`BigInt`

(opens new window) should be used for @ipld/dag-cbor (opens new window) when dealing with integers outside of the safe range to ensure proper handling.