NextGraph
/
nextgraph-rs
1
3
Fork 0
Code Issues 1 Pull Requests Packages Projects 2 Releases 3 Activity

3P stores of a site

Browse Source
pull/19/head
Niko PLP 7 months ago
parent d01a59a5a6
commit 0ebf17d594
30 changed files with 1541 additions and 649 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      Cargo.lock
  2. 4
      nextgraph/Cargo.toml
  3. 2
      nextgraph/examples/README.md
  4. 62
      nextgraph/examples/in_memory.rs
  5. 17
      nextgraph/examples/open.md
  6. 81
      nextgraph/examples/open.rs
  7. 124
      nextgraph/examples/persistent.rs
  8. 668
      nextgraph/src/local_broker.rs
  9. 55
      ng-app/src-tauri/src/lib.rs
  10. 1
      ng-broker/src/server_ws.rs
  11. 5
      ng-net/src/types.rs
  12. 7
      ng-repo/src/commit.rs
  13. 4
      ng-repo/src/errors.rs
  14. 76
      ng-repo/src/event.rs
  15. 2
      ng-repo/src/lib.rs
  16. 12
      ng-repo/src/object.rs
  17. 55
      ng-repo/src/repo.rs
  18. 68
      ng-repo/src/store.rs
  19. 42
      ng-repo/src/types.rs
  20. 68
      ng-sdk-js/src/lib.rs
  21. 5
      ng-storage-rocksdb/src/kcv_storage.rs
  22. 3
      ng-verifier/Cargo.toml
  23. 2
      ng-verifier/src/lib.rs
  24. 109
      ng-verifier/src/site.rs
  25. 31
      ng-verifier/src/types.rs
  26. 384
      ng-verifier/src/verifier.rs
  27. 8
      ng-wallet/Cargo.toml
  28. 139
      ng-wallet/src/lib.rs
  29. 154
      ng-wallet/src/types.rs
  30. 1
      ngd/src/main.rs

1
Cargo.lock generated
Unescape View File

@ -3449,6 +3449,7 @@ dependencies = [
"lazy_static",
"ng-net",
"ng-repo",
"ng-verifier",
"rand 0.7.3",
"safe-transmute",
"serde",

4
nextgraph/Cargo.toml
Unescape View File

@ -42,4 +42,8 @@ required-features = []
[[example]]
name = "persistent"
required-features = []
[[example]]
name = "open"
required-features = []

2
nextgraph/examples/README.md
Unescape View File

@ -7,9 +7,11 @@ run them with:
```
cargo run -p nextgraph --example in_memory
cargo run -p nextgraph --example persistent
cargo run -p nextgraph --example open
```
See the code:
- [in_memory](in_memory.md)
- [persistent](persistent.md)
- [open](open.md)

62
nextgraph/examples/in_memory.rs
Unescape View File

@ -8,9 +8,10 @@
// according to those terms.
use nextgraph::local_broker::{
init_local_broker, session_start, session_stop, user_connect, user_disconnect, wallet_close,
wallet_create_v0, wallet_get_file, wallet_import, wallet_open_with_pazzle_words,
wallet_read_file, wallet_was_opened, LocalBrokerConfig, SessionConfig,
doc_fetch, init_local_broker, session_start, session_stop, user_connect, user_disconnect,
wallet_close, wallet_create_v0, wallet_get, wallet_get_file, wallet_import,
wallet_open_with_pazzle_words, wallet_read_file, wallet_was_opened, LocalBrokerConfig,
SessionConfig,
};
use nextgraph::net::types::BootstrapContentV0;
use nextgraph::repo::errors::NgError;
@ -57,6 +58,8 @@ async fn main() -> std::io::Result<()> {
})
.await?;
println!("Your wallet name is : {}", wallet_result.wallet_name);
let pazzle = display_pazzle(&wallet_result.pazzle);
let mut pazzle_words = vec![];
println!("Your pazzle is: {:?}", wallet_result.pazzle);
@ -70,16 +73,21 @@ async fn main() -> std::io::Result<()> {
.for_each(|word| print!("{} ", word.as_str()));
println!("");
// at this point, the wallet is kept in the internal memory of the LocalBroker, but it hasn't been saved to disk
// and it hasn't been opened yet, so it is not usable right away.
// now let's open the wallet, by providing the pazzle and PIN code
let opened_wallet =
wallet_open_with_pazzle_words(&wallet_result.wallet, &pazzle_words, [1, 2, 1, 2])?;
// A session has been opened for you and you can directly use it without the need to call [wallet_was_opened] nor [session_start].
let user_id = wallet_result.personal_identity();
let user_id = opened_wallet.personal_identity();
// if the user has internet access, they can now decide to connect to its Server Broker, in order to sync data
let status = user_connect(&user_id).await?;
// once the wallet is opened, we notify the LocalBroker that we have opened it.
let _client = wallet_was_opened(opened_wallet).await?;
// The connection cannot succeed because we miss-configured the core_bootstrap of the wallet. its Peer ID is invalid.
let error_reason = status[0].3.as_ref().unwrap();
assert!(error_reason == "NoiseHandshakeFailed" || error_reason == "ConnectionError");
// a session ID has been assigned to you in `wallet_result.session_id` you can use it to fetch a document
//let _ = doc_fetch(wallet_result.session_id, "ng:example".to_string(), None).await?;
// Then we should disconnect
user_disconnect(&user_id).await?;
// if you need the Wallet File again (if you didn't select `result_with_wallet_file` by example), you can retrieve it with:
let wallet_file = wallet_get_file(&wallet_result.wallet_name).await?;
@ -87,17 +95,39 @@ async fn main() -> std::io::Result<()> {
// if you did ask for `result_with_wallet_file`, as we did above, then the 2 vectors should be identical
assert_eq!(wallet_file, wallet_result.wallet_file);
// stop the session
session_stop(&user_id).await?;
// closes the wallet
wallet_close(&wallet_result.wallet_name).await?;
// if you have saved the wallet locally (which we haven't done in the example above, see `local_save: false`), next time you want to connect,
// you can retrieve the wallet, display the security phrase and image to the user, ask for the pazzle or mnemonic, and then open the wallet
// if you haven't saved the wallet, the next line will not work once you restart the LocalBroker.
let wallet = wallet_get(&wallet_result.wallet_name).await?;
// at this point, the wallet is kept in the internal memory of the LocalBroker
// and it hasn't been opened yet, so it is not usable right away.
// now let's open the wallet, by providing the pazzle and PIN code
let opened_wallet =
wallet_open_with_pazzle_words(&wallet_result.wallet, &pazzle_words, [1, 2, 1, 2])?;
// once the wallet is opened, we notify the LocalBroker that we have opened it.
let _client = wallet_was_opened(opened_wallet).await?;
// if instead of saving the wallet locally, you want to provide the Wallet File for every login,
// then you have to import the wallet. here is an example:
{
// this part should happen on another device. just given here as an example
// this part should happen on another device or on the same machine if you haven't saved the wallet locally
// on another device, you could use the Wallet File and import it there so it could be used for login.
// you could use the Wallet File and import it there so it could be used for login.
// first you would read and decode the Wallet File
// this fails here because we already added this wallet in the LocalBroker (when we created it).
// But on another device, it would work.
// But on another device or after a restart of LocalBroker, it would work.
let wallet = wallet_read_file(wallet_file).await;
assert_eq!(wallet.unwrap_err(), NgError::WalletAlreadyAdded);
// on another device, we would then open the wallet
// we would then open the wallet
// (here we take the Wallet as we received it from wallet_create_v0, but in real case you would use `wallet`)
let opened_wallet2 =
wallet_open_with_pazzle_words(&wallet_result.wallet, &pazzle_words, [1, 2, 1, 2])?;
@ -109,7 +139,7 @@ async fn main() -> std::io::Result<()> {
assert_eq!(client_fail.unwrap_err(), NgError::WalletAlreadyAdded);
}
// anyway, now that the wallet is opened, let's start a session.
// now that the wallet is opened or imported, let's start a session.
// we pass the user_id and the wallet_name
let _session = session_start(SessionConfig::new_in_memory(
&user_id,

17
nextgraph/examples/open.md
Unescape View File

@ -0,0 +1,17 @@
# open LocalBroker
Example of LocalBroker configured with persistence to disk, and opening of a previsouly saved wallet
You need to replace `wallet_name` on line 40 with the name that was given to you when you ran the example [persistent], in `Your wallet name is : `
You need to replace the argument `pazzle` in the function call `wallet_open_with_pazzle` with the array that you received in `Your pazzle is:`
then, run with:
```
cargo run -p nextgraph -r --example open
```
we assume that you run this command from the root of the git repo (nextgraph-rs).
the `-r` for release version is important, without it, the creation and opening of the wallet will take ages.

81
nextgraph/examples/open.rs
Unescape View File

@ -0,0 +1,81 @@
// Copyright (c) 2022-2024 Niko Bonnieure, Par le Peuple, NextGraph.org developers
// All rights reserved.
// Licensed under the Apache License, Version 2.0
// <LICENSE-APACHE2 or http://www.apache.org/licenses/LICENSE-2.0>
// or the MIT license <LICENSE-MIT or http://opensource.org/licenses/MIT>,
// at your option. All files in the project carrying such
// notice may not be copied, modified, or distributed except
// according to those terms.
use nextgraph::local_broker::{
doc_fetch, init_local_broker, session_start, session_stop, user_connect, user_disconnect,
wallet_close, wallet_create_v0, wallet_get, wallet_get_file, wallet_import,
wallet_open_with_pazzle, wallet_open_with_pazzle_words, wallet_read_file, wallet_was_opened,
LocalBrokerConfig, SessionConfig,
};
use nextgraph::net::types::BootstrapContentV0;
use nextgraph::repo::errors::NgError;
use nextgraph::repo::types::PubKey;
use nextgraph::wallet::types::CreateWalletV0;
use nextgraph::wallet::{display_mnemonic, emojis::display_pazzle};
use std::env::current_dir;
use std::fs::create_dir_all;
use std::fs::read;
#[async_std::main]
async fn main() -> std::io::Result<()> {
// get the current working directory
let mut current_path = current_dir()?;
current_path.push(".ng");
current_path.push("example");
create_dir_all(current_path.clone())?;
// initialize the local_broker with config to save to disk in a folder called `.ng/example` in the current directory
init_local_broker(Box::new(move || {
LocalBrokerConfig::BasePath(current_path.clone())
}))
.await;
let wallet_name = "EJdLRVx93o3iUXoB0wSTqxh1-zYac-84vHb3oBbZ_HY".to_string();
// as we have previously saved the wallet,
// we can retrieve it, display the security phrase and image to the user, ask for the pazzle or mnemonic, and then open the wallet
let wallet = wallet_get(&wallet_name).await?;
// at this point, the wallet is kept in the internal memory of the LocalBroker
// and it hasn't been opened yet, so it is not usable right away.
// now let's open the wallet, by providing the pazzle and PIN code
let opened_wallet = wallet_open_with_pazzle(
&wallet,
vec![117, 134, 59, 92, 98, 35, 70, 22, 9],
[1, 2, 1, 2],
)?;
let user_id = opened_wallet.personal_identity();
// once the wallet is opened, we notify the LocalBroker that we have opened it.
let _client = wallet_was_opened(opened_wallet).await?;
// now that the wallet is opened, let's start a session.
// we pass the user_id and the wallet_name
let _session = session_start(SessionConfig::new_rocksdb(&user_id, &wallet_name)).await?;
// if the user has internet access, they can now decide to connect to its Server Broker, in order to sync data
let status = user_connect(&user_id).await?;
// The connection cannot succeed because we miss-configured the core_bootstrap of the wallet. its Peer ID is invalid.
let error_reason = status[0].3.as_ref().unwrap();
assert!(error_reason == "NoiseHandshakeFailed" || error_reason == "ConnectionError");
// Then we should disconnect
user_disconnect(&user_id).await?;
// stop the session
session_stop(&user_id).await?;
// closes the wallet
wallet_close(&wallet_name).await?;
Ok(())
}

124
nextgraph/examples/persistent.rs
Unescape View File

@ -7,9 +7,21 @@
// notice may not be copied, modified, or distributed except
// according to those terms.
use nextgraph::local_broker::{init_local_broker, LocalBrokerConfig};
use nextgraph::local_broker::{
doc_fetch, init_local_broker, session_start, session_stop, user_connect, user_disconnect,
wallet_close, wallet_create_v0, wallet_get, wallet_get_file, wallet_import,
wallet_open_with_pazzle_words, wallet_read_file, wallet_was_opened, LocalBrokerConfig,
SessionConfig,
};
use nextgraph::net::types::BootstrapContentV0;
use nextgraph::repo::errors::NgError;
use nextgraph::repo::types::PubKey;
use nextgraph::wallet::types::CreateWalletV0;
use nextgraph::wallet::{display_mnemonic, emojis::display_pazzle};
use std::env::current_dir;
use std::fs::create_dir_all;
use std::fs::read;
#[async_std::main]
async fn main() -> std::io::Result<()> {
@ -25,5 +37,115 @@ async fn main() -> std::io::Result<()> {
}))
.await;
// load some image that will be used as security_img
// we assume here for the sake of this example,
// that the current directory contains this demo image file
let security_img = read("nextgraph/examples/wallet-security-image-demo.png")?;
// the peer_id should come from somewhere else.
// this is just given for the sake of an example
#[allow(deprecated)]
let peer_id_of_server_broker = PubKey::nil();
// Create your wallet
// this will take some time !
println!("Creating the wallet. this will take some time...");
let wallet_result = wallet_create_v0(CreateWalletV0 {
security_img,
security_txt: "know yourself".to_string(),
pin: [1, 2, 1, 2],
pazzle_length: 9,
send_bootstrap: false,
send_wallet: false,
result_with_wallet_file: true,
local_save: true,
// we default to localhost:14400. this is just for the sake of an example
core_bootstrap: BootstrapContentV0::new_localhost(peer_id_of_server_broker),
core_registration: None,
additional_bootstrap: None,
})
.await?;
println!("Your wallet name is : {}", wallet_result.wallet_name);
let pazzle = display_pazzle(&wallet_result.pazzle);
let mut pazzle_words = vec![];
println!("Your pazzle is: {:?}", wallet_result.pazzle);
for emoji in pazzle {
println!(" {}:\t{}", emoji.0, emoji.1);
pazzle_words.push(emoji.1.to_string());
}
println!("Your mnemonic is:");
display_mnemonic(&wallet_result.mnemonic)
.iter()
.for_each(|word| print!("{} ", word.as_str()));
println!("");
// A session has been opened for you and you can directly use it without the need to call [wallet_was_opened] nor [session_start].
let user_id = wallet_result.personal_identity();
// if the user has internet access, they can now decide to connect to its Server Broker, in order to sync data
let status = user_connect(&user_id).await?;
// The connection cannot succeed because we miss-configured the core_bootstrap of the wallet. its Peer ID is invalid.
let error_reason = status[0].3.as_ref().unwrap();
assert!(error_reason == "NoiseHandshakeFailed" || error_reason == "ConnectionError");
// a session ID has been assigned to you in `wallet_result.session_id` you can use it to fetch a document
//let _ = doc_fetch(wallet_result.session_id, "ng:example".to_string(), None).await?;
// Then we should disconnect
user_disconnect(&user_id).await?;
// if you need the Wallet File again (if you didn't select `result_with_wallet_file` by example), you can retrieve it with:
let wallet_file = wallet_get_file(&wallet_result.wallet_name).await?;
// if you did ask for `result_with_wallet_file`, as we did above, then the 2 vectors should be identical
assert_eq!(wallet_file, wallet_result.wallet_file);
// stop the session
session_stop(&user_id).await?;
// closes the wallet
wallet_close(&wallet_result.wallet_name).await?;
// as we have saved the wallet, the next time we want to connect,
// we can retrieve the wallet, display the security phrase and image to the user, ask for the pazzle or mnemonic, and then open the wallet
let wallet = wallet_get(&wallet_result.wallet_name).await?;
// at this point, the wallet is kept in the internal memory of the LocalBroker
// and it hasn't been opened yet, so it is not usable right away.
// now let's open the wallet, by providing the pazzle and PIN code
let opened_wallet =
wallet_open_with_pazzle_words(&wallet_result.wallet, &pazzle_words, [1, 2, 1, 2])?;
// once the wallet is opened, we notify the LocalBroker that we have opened it.
let _client = wallet_was_opened(opened_wallet).await?;
// now that the wallet is opened, let's start a session.
// we pass the user_id and the wallet_name
let _session = session_start(SessionConfig::new_rocksdb(
&user_id,
&wallet_result.wallet_name,
))
.await?;
// if the user has internet access, they can now decide to connect to its Server Broker, in order to sync data
let status = user_connect(&user_id).await?;
// The connection cannot succeed because we miss-configured the core_bootstrap of the wallet. its Peer ID is invalid.
let error_reason = status[0].3.as_ref().unwrap();
assert!(error_reason == "NoiseHandshakeFailed" || error_reason == "ConnectionError");
// Then we should disconnect
user_disconnect(&user_id).await?;
// stop the session
session_stop(&user_id).await?;
// closes the wallet
wallet_close(&wallet_result.wallet_name).await?;
Ok(())
}

668
nextgraph/src/local_broker.rs
Unescape View File

@ -34,7 +34,7 @@ use ng_repo::errors::NgError;
use ng_repo::log::*;
use ng_repo::types::*;
use ng_repo::utils::derive_key;
use ng_wallet::{create_wallet_v0, types::*};
use ng_wallet::{create_wallet_first_step_v0, create_wallet_second_step_v0, types::*};
#[cfg(not(target_arch = "wasm32"))]
use ng_client_ws::remote_ws::ConnectionWebSocket;
@ -80,14 +80,16 @@ impl JsStorageConfig {
}
Err(_) => 0,
};
let new_val = val + qty as u64;
let spls = SessionPeerLastSeq::V0(new_val);
let ser = serde_bare::to_vec(&spls)?;
//saving the new val
let encoded = base64_url::encode(&ser);
let r = (session_write2)(format!("ng_peer_last_seq@{}", peer_id), encoded);
if r.is_ok() {
return Err(NgError::SerializationError);
if qty > 0 {
let new_val = val + qty as u64;
let spls = SessionPeerLastSeq::V0(new_val);
let ser = serde_bare::to_vec(&spls)?;
//saving the new val
let encoded = base64_url::encode(&ser);
let r = (session_write2)(format!("ng_peer_last_seq@{}", peer_id), encoded);
if r.is_ok() {
return Err(NgError::SerializationError);
}
}
Ok(val)
}),
@ -266,6 +268,31 @@ impl SessionConfig {
})
}
pub fn new_for_local_broker_config(
user_id: &UserId,
wallet_name: &String,
local_broker_config: &LocalBrokerConfig,
in_memory: bool,
) -> Result<SessionConfig, NgError> {
Ok(SessionConfig::V0(SessionConfigV0 {
user_id: user_id.clone(),
wallet_name: wallet_name.clone(),
verifier_type: match local_broker_config {
LocalBrokerConfig::InMemory => {
if !in_memory {
return Err(NgError::CannotSaveWhenInMemoryConfig);
}
VerifierType::Memory
}
LocalBrokerConfig::JsStorage(js_config) => VerifierType::Memory,
LocalBrokerConfig::BasePath(_) => match in_memory {
true => VerifierType::Memory,
false => VerifierType::RocksDb,
},
},
}))
}
fn valid_verifier_config_for_local_broker_config(
&mut self,
local_broker_config: &LocalBrokerConfig,
@ -283,7 +310,7 @@ impl SessionConfig {
},
LocalBrokerConfig::BasePath(_) => match v0.verifier_type {
VerifierType::RocksDb | VerifierType::Remote(_) => true,
//VerifierType::Memory => true,
VerifierType::Memory => true,
_ => false,
},
},
@ -366,16 +393,16 @@ impl EActor for LocalBroker {
}
impl LocalBroker {
fn storage_path_for_user(&self, user_id: &UserId) -> Option<PathBuf> {
match &self.config {
LocalBrokerConfig::InMemory | LocalBrokerConfig::JsStorage(_) => None,
LocalBrokerConfig::BasePath(base) => {
let mut path = base.clone();
path.push(user_id.to_hash_string());
Some(path)
}
}
}
// fn storage_path_for_user(&self, user_id: &UserId) -> Option<PathBuf> {
// match &self.config {
// LocalBrokerConfig::InMemory | LocalBrokerConfig::JsStorage(_) => None,
// LocalBrokerConfig::BasePath(base) => {
// let mut path = base.clone();
// path.push(format!("user{}", user_id.to_hash_string()));
// Some(path)
// }
// }
// }
fn get_mut_session_for_user(&mut self, user: &UserId) -> Option<&mut Session> {
match self.opened_sessions.get(user) {
@ -390,9 +417,10 @@ impl LocalBroker {
) -> VerifierConfigType {
match (config.verifier_type(), &self.config) {
(VerifierType::Memory, LocalBrokerConfig::InMemory) => VerifierConfigType::Memory,
(VerifierType::Memory, LocalBrokerConfig::BasePath(_)) => VerifierConfigType::Memory,
(VerifierType::RocksDb, LocalBrokerConfig::BasePath(base)) => {
let mut path = base.clone();
path.push(config.user_id().to_hash_string());
path.push(format!("user{}", config.user_id().to_hash_string()));
VerifierConfigType::RocksDb(path)
}
(VerifierType::Remote(to), _) => VerifierConfigType::Remote(*to),
@ -439,6 +467,295 @@ impl LocalBroker {
}
Ok(())
}
async fn wallet_was_opened(
&mut self,
mut wallet: SensitiveWallet,
) -> Result<ClientV0, NgError> {
let broker = self;
match broker.opened_wallets.get(&wallet.id()) {
Some(opened_wallet) => {
return Ok(opened_wallet.wallet.client().to_owned().unwrap());
}
None => {} //Err(NgError::WalletAlreadyOpened);
}
let wallet_id = wallet.id();
let lws = match broker.wallets.get(&wallet_id) {
Some(lws) => {
if wallet.client().is_none() {
// this case happens when the wallet is opened and not when it is imported (as the client is already there)
wallet.set_client(lws.to_client_v0(wallet.privkey())?);
}
lws
}
None => {
return Err(NgError::WalletNotFound);
}
};
let block_storage = if lws.in_memory {
Arc::new(std::sync::RwLock::new(HashMapBlockStorage::new()))
as Arc<std::sync::RwLock<dyn BlockStorage + Send + Sync + 'static>>
} else {
#[cfg(not(target_family = "wasm"))]
{
let mut key_material = wallet
.client()
.as_ref()
.unwrap()
.sensitive_client_storage
.priv_key
.slice();
let path = broker.config.compute_path(&format!(
"block{}",
wallet.client().as_ref().unwrap().id.to_hash_string()
))?;
let mut key: [u8; 32] =
derive_key("NextGraph Client BlockStorage BLAKE3 key", key_material);
Arc::new(std::sync::RwLock::new(RocksDbBlockStorage::open(
&path, key,
)?))
as Arc<std::sync::RwLock<dyn BlockStorage + Send + Sync + 'static>>
}
#[cfg(target_family = "wasm")]
{
panic!("no RocksDB in WASM");
}
};
let client = wallet.client().as_ref().unwrap().clone();
let opened_wallet = OpenedWallet {
wallet,
block_storage,
};
broker.opened_wallets.insert(wallet_id, opened_wallet);
Ok(client)
}
async fn session_start(
&mut self,
mut config: SessionConfig,
user_priv_key: Option<PrivKey>,
) -> Result<SessionInfo, NgError> {
let broker = self;
config.valid_verifier_config_for_local_broker_config(&broker.config)?;
let wallet_name: String = config.wallet_name();
let wallet_id: PubKey = (*wallet_name).try_into()?;
let user_id = config.user_id();
match broker.opened_sessions.get(&user_id) {
Some(idx) => {
let ses = &(broker.opened_sessions_list)[*idx as usize];
match ses.as_ref() {
Some(sess) => {
if sess.config.verifier_type() != config.verifier_type() {
return Err(NgError::SessionAlreadyStarted);
} else {
return Ok(SessionInfo {
session_id: *idx,
user: user_id,
});
}
}
None => {}
}
}
None => {}
};
// log_info!("wallet_name {} {:?}", wallet_name, broker.opened_wallets);
match broker.opened_wallets.get(&wallet_name) {
None => return Err(NgError::WalletNotFound),
Some(opened_wallet) => {
let block_storage = Arc::clone(&opened_wallet.block_storage);
let credentials = match opened_wallet.wallet.individual_site(&user_id) {
Some(creds) => creds,
None => match user_priv_key {
Some(user_pk) => (user_pk, None, None),
None => return Err(NgError::NotFound),
},
};
let client_storage_master_key = serde_bare::to_vec(
&opened_wallet
.wallet
.client()
.as_ref()
.unwrap()
.sensitive_client_storage
.storage_master_key,
)
.unwrap();
let session = match broker.sessions.get(&user_id) {
Some(session) => session,
None => {
// creating the session now
let closed_wallet = broker.wallets.get(&wallet_name).unwrap();
if closed_wallet.in_memory {
let session = SessionPeerStorageV0::new(user_id);
broker.sessions.insert(user_id, session);
broker.sessions.get(&user_id).unwrap()
} else {
// first check if there is a saved SessionWalletStorage
let mut sws = match &broker.config {
LocalBrokerConfig::InMemory => panic!("cannot open saved session"),
LocalBrokerConfig::JsStorage(js_config) => {
// read session wallet storage from JsStorage
let res = (js_config.session_read)(format!(
"ng_wallet@{}",
wallet_name
));
match res {
Ok(string) => {
let decoded = base64_url::decode(&string)
.map_err(|_| NgError::SerializationError)?;
Some(SessionWalletStorageV0::dec_session(
opened_wallet.wallet.privkey(),
&decoded,
)?)
}
Err(_) => None,
}
}
LocalBrokerConfig::BasePath(base_path) => {
// read session wallet storage from disk
let mut path = base_path.clone();
path.push("sessions");
path.push(format!("session{}", wallet_name.clone()));
let res = read(path);
if res.is_ok() {
Some(SessionWalletStorageV0::dec_session(
opened_wallet.wallet.privkey(),
&res.unwrap(),
)?)
} else {
None
}
}
};
let (session, new_sws) = match &mut sws {
None => {
let (s, sws_ser) = SessionWalletStorageV0::create_new_session(
&wallet_id, user_id,
)?;
broker.sessions.insert(user_id, s);
(broker.sessions.get(&user_id).unwrap(), sws_ser)
}
Some(sws) => {
match sws.users.get(&user_id.to_string()) {
Some(sps) => {
broker.sessions.insert(user_id, sps.clone());
(broker.sessions.get(&user_id).unwrap(), vec![])
}
None => {
// the user was not found in the SWS. we need to create a SPS, add it, encrypt and serialize the new SWS,
// add the SPS to broker.sessions, and return the newly created SPS and the new SWS encrypted serialization
let sps = SessionPeerStorageV0::new(user_id);
sws.users.insert(user_id.to_string(), sps.clone());
let encrypted = sws.enc_session(&wallet_id)?;
broker.sessions.insert(user_id, sps);
(broker.sessions.get(&user_id).unwrap(), encrypted)
}
}
}
};
// save the new sws
if new_sws.len() > 0 {
match &broker.config {
LocalBrokerConfig::InMemory => {
panic!("cannot save session when InMemory mode")
}
LocalBrokerConfig::JsStorage(js_config) => {
// save session wallet storage to JsStorage
let encoded = base64_url::encode(&new_sws);
(js_config.session_write)(
format!("ng_wallet@{}", wallet_name),
encoded,
)?;
}
LocalBrokerConfig::BasePath(base_path) => {
// save session wallet storage to disk
let mut path = base_path.clone();
path.push("sessions");
std::fs::create_dir_all(path.clone()).unwrap();
path.push(format!("session{}", wallet_name));
//log_debug!("{}", path.clone().display());
write(path.clone(), &new_sws)
.map_err(|_| NgError::IoError)?;
}
}
}
session
}
}
};
let session = session.clone();
// derive user_master_key from client's storage_master_key
let user_id_ser = serde_bare::to_vec(&user_id).unwrap();
let mut key_material = [user_id_ser, client_storage_master_key].concat(); //
let mut key: [u8; 32] = derive_key(
"NextGraph user_master_key BLAKE3 key",
key_material.as_slice(),
);
key_material.zeroize();
let verifier = Verifier::new(
VerifierConfig {
config_type: broker.verifier_config_type_from_session_config(&config),
user_master_key: key,
peer_priv_key: session.peer_key.clone(),
user_priv_key: credentials.0,
private_store_read_cap: credentials.1,
private_store_id: credentials.2,
},
block_storage,
)?;
key.zeroize();
broker.opened_sessions_list.push(Some(Session {
config,
peer_key: session.peer_key.clone(),
last_wallet_nonce: session.last_wallet_nonce,
verifier,
}));
let idx = broker.opened_sessions_list.len() - 1;
broker.opened_sessions.insert(user_id, idx as u8);
Ok(SessionInfo {
session_id: idx as u8,
user: user_id,
})
}
}
}
pub(crate) fn wallet_save(broker: &mut Self) -> Result<(), NgError> {
match &broker.config {
LocalBrokerConfig::JsStorage(js_config) => {
// JS save
let lws_ser = LocalWalletStorage::v0_to_vec(&broker.wallets);
let encoded = base64_url::encode(&lws_ser);
(js_config.local_write)("ng_wallets".to_string(), encoded)?;
}
LocalBrokerConfig::BasePath(base_path) => {
// save on disk
// TODO: use https://lib.rs/crates/keyring instead of AppLocalData on Tauri apps
let mut path = base_path.clone();
std::fs::create_dir_all(path.clone()).unwrap();
path.push("wallets");
let lws_ser = LocalWalletStorage::v0_to_vec(&broker.wallets);
let r = write(path.clone(), &lws_ser);
if r.is_err() {
log_debug!("write {:?} {}", path, r.unwrap_err());
return Err(NgError::IoError);
}
}
_ => panic!("wrong LocalBrokerConfig"),
}
Ok(())
}
}
static LOCAL_BROKER: OnceCell<Result<Arc<RwLock<LocalBroker>>, NgError>> = OnceCell::new();
@ -541,20 +858,52 @@ pub async fn wallets_get_all() -> Result<HashMap<String, LocalWalletStorageV0>,
///
/// Wallets are transferable to to other devices (see [wallet_get_file] and [wallet_import])
pub async fn wallet_create_v0(params: CreateWalletV0) -> Result<CreateWalletResultV0, NgError> {
{
// entering sub-block to release the lock asap
let broker = match LOCAL_BROKER.get() {
None | Some(Err(_)) => return Err(NgError::LocalBrokerNotInitialized),
Some(Ok(broker)) => broker.read().await,
};
if params.local_save && broker.config.is_in_memory() {
return Err(NgError::CannotSaveWhenInMemoryConfig);
}
// TODO: entering sub-block to release the lock asap
let mut broker = match LOCAL_BROKER.get() {
None | Some(Err(_)) => return Err(NgError::LocalBrokerNotInitialized),
Some(Ok(broker)) => broker.write().await,
};
if params.local_save && broker.config.is_in_memory() {
return Err(NgError::CannotSaveWhenInMemoryConfig);
}
let res = create_wallet_v0(params)?;
let lws: LocalWalletStorageV0 = (&res).into();
wallet_add(lws).await?;
let intermediate = create_wallet_first_step_v0(params)?;
let lws: LocalWalletStorageV0 = (&intermediate).into();
let wallet_name = intermediate.wallet_name.clone();
broker.wallets.insert(wallet_name, lws);
let sensitive_wallet: SensitiveWallet = (&intermediate).into();
let _client = broker.wallet_was_opened(sensitive_wallet).await?;
let session_config = SessionConfig::new_for_local_broker_config(
&intermediate.user_privkey.to_pub(),
&intermediate.wallet_name,
&broker.config,
intermediate.in_memory,
)?;
let session_info = broker
.session_start(session_config, Some(intermediate.user_privkey.clone()))
.await?;
let session = broker.opened_sessions_list[session_info.session_id as usize]
.as_mut()
.unwrap();
let (mut res, site, brokers) =
create_wallet_second_step_v0(intermediate, &mut session.verifier)?;
broker.wallets.get_mut(&res.wallet_name).unwrap().wallet = res.wallet.clone();
LocalBroker::wallet_save(&mut broker)?;
//TODO: change read_cap in verifier
broker
.opened_wallets
.get_mut(&res.wallet_name)
.unwrap()
.wallet
.complete_with_site_and_brokers(site, brokers);
res.session_id = session_info.session_id;
Ok(res)
}
@ -602,29 +951,7 @@ pub async fn wallet_add(lws: LocalWalletStorageV0) -> Result<(), NgError> {
// (broker.config.js_config().unwrap().wallets_in_mem_changed)();
// }
} else {
match &broker.config {
LocalBrokerConfig::JsStorage(js_config) => {
// JS save
let lws_ser = LocalWalletStorage::v0_to_vec(&broker.wallets);
let encoded = base64_url::encode(&lws_ser);
(js_config.local_write)("ng_wallets".to_string(), encoded)?;
}
LocalBrokerConfig::BasePath(base_path) => {
// save on disk
// TODO: use https://lib.rs/crates/keyring instead of AppLocalData on Tauri apps
let mut path = base_path.clone();
std::fs::create_dir_all(path.clone()).unwrap();
path.push("wallets");
let lws_ser = LocalWalletStorage::v0_to_vec(&broker.wallets);
let r = write(path.clone(), &lws_ser);
if r.is_err() {
log_debug!("write {:?} {}", path, r.unwrap_err());
return Err(NgError::IoError);
}
}
_ => panic!("wrong LocalBrokerConfig"),
}
LocalBroker::wallet_save(&mut broker)?;
}
Ok(())
}
@ -653,6 +980,19 @@ pub async fn wallet_read_file(file: Vec<u8>) -> Result<Wallet, NgError> {
}
}
/// Retrieves the the Wallet by its name, to be used for opening it
pub async fn wallet_get(wallet_name: &String) -> Result<Wallet, NgError> {
let broker = match LOCAL_BROKER.get() {
None | Some(Err(_)) => return Err(NgError::LocalBrokerNotInitialized),
Some(Ok(broker)) => broker.read().await,
};
// check that the wallet exists
match broker.wallets.get(wallet_name) {
None => Err(NgError::WalletNotFound),
Some(lws) => Ok(lws.wallet.clone()),
}
}
/// Retrieves the binary content of a Wallet File for the Wallet identified by its name
pub async fn wallet_get_file(wallet_name: &String) -> Result<Vec<u8>, NgError> {
let broker = match LOCAL_BROKER.get() {
@ -734,63 +1074,13 @@ pub async fn wallet_was_opened(mut wallet: SensitiveWallet) -> Result<ClientV0,
Some(Ok(broker)) => broker.write().await,
};
if broker.opened_wallets.get(&wallet.id()).is_some() {
return Err(NgError::WalletAlreadyOpened);
}
let wallet_id = wallet.id();
let lws = match broker.wallets.get(&wallet_id) {
Some(lws) => {
if wallet.client().is_none() {
// this case happens when the wallet is opened and not when it is imported (as the client is already there)
wallet.set_client(lws.to_client_v0(wallet.privkey())?);
}
lws
}
None => {
return Err(NgError::WalletNotFound);
}
};
let block_storage = if lws.in_memory {
Arc::new(std::sync::RwLock::new(HashMapBlockStorage::new()))
as Arc<std::sync::RwLock<dyn BlockStorage + Send + Sync + 'static>>
} else {
#[cfg(not(target_family = "wasm"))]
{
let mut key_material = wallet
.client()
.as_ref()
.unwrap()
.sensitive_client_storage
.priv_key
.slice();
let path = broker
.config
.compute_path(&wallet.client().as_ref().unwrap().id.to_hash_string())?;
let mut key: [u8; 32] =
derive_key("NextGraph Client BlockStorage BLAKE3 key", key_material);
Arc::new(std::sync::RwLock::new(RocksDbBlockStorage::open(
&path, key,
)?)) as Arc<std::sync::RwLock<dyn BlockStorage + Send + Sync + 'static>>
}
#[cfg(target_family = "wasm")]
{
panic!("no RocksDB in WASM");
}
};
let client = wallet.client().as_ref().unwrap().clone();
let opened_wallet = OpenedWallet {
wallet,
block_storage,
};
broker.opened_wallets.insert(wallet_id, opened_wallet);
Ok(client)
broker.wallet_was_opened(wallet).await
}
/// Starts a session with the LocalBroker. The type of verifier is selected at this moment.
///
/// The session is valid even if there is no internet. The local data will be used in this case.
/// wallet_creation_events should be the list of events that was returned by wallet_create_v0
/// Return value is the index of the session, will be used in all the doc_* API calls.
pub async fn session_start(mut config: SessionConfig) -> Result<SessionInfo, NgError> {
let mut broker = match LOCAL_BROKER.get() {
@ -798,167 +1088,7 @@ pub async fn session_start(mut config: SessionConfig) -> Result<SessionInfo, NgE
Some(Ok(broker)) => broker.write().await,
};
config.valid_verifier_config_for_local_broker_config(&broker.config)?;
let wallet_name: String = config.wallet_name();
let wallet_id: PubKey = (*wallet_name).try_into()?;
let user_id = config.user_id();
match broker.opened_wallets.get(&wallet_name) {
None => return Err(NgError::WalletNotFound),
Some(opened_wallet) => {
let block_storage = Arc::clone(&opened_wallet.block_storage);
let credentials = match opened_wallet.wallet.individual_site(&user_id) {
Some(creds) => creds.clone(),
None => return Err(NgError::NotFound),
};
let client_storage_master_key = serde_bare::to_vec(
&opened_wallet
.wallet
.client()
.as_ref()
.unwrap()
.sensitive_client_storage
.storage_master_key,
)
.unwrap();
let session = match broker.sessions.get(&user_id) {
Some(session) => session,
None => {
// creating the session now
let closed_wallet = broker.wallets.get(&wallet_name).unwrap();
if closed_wallet.in_memory {
let session = SessionPeerStorageV0::new(user_id);
broker.sessions.insert(user_id, session);
broker.sessions.get(&user_id).unwrap()
} else {
// first check if there is a saved SessionWalletStorage
let mut sws = match &broker.config {
LocalBrokerConfig::InMemory => panic!("cannot open saved session"),
LocalBrokerConfig::JsStorage(js_config) => {
// read session wallet storage from JsStorage
let res =
(js_config.session_read)(format!("ng_wallet@{}", wallet_name));
match res {
Ok(string) => {
let decoded = base64_url::decode(&string)
.map_err(|_| NgError::SerializationError)?;
Some(SessionWalletStorageV0::dec_session(
opened_wallet.wallet.privkey(),
&decoded,
)?)
}
Err(_) => None,
}
}
LocalBrokerConfig::BasePath(base_path) => {
// read session wallet storage from disk
let mut path = base_path.clone();
path.push("sessions");
path.push(wallet_name.clone());
let res = read(path);
if res.is_ok() {
Some(SessionWalletStorageV0::dec_session(
opened_wallet.wallet.privkey(),
&res.unwrap(),
)?)
} else {
None
}
}
};
let (session, new_sws) = match &mut sws {
None => {
let (s, sws_ser) = SessionWalletStorageV0::create_new_session(
&wallet_id, user_id,
)?;
broker.sessions.insert(user_id, s);
(broker.sessions.get(&user_id).unwrap(), sws_ser)
}
Some(sws) => {
match sws.users.get(&user_id.to_string()) {
Some(sps) => {
broker.sessions.insert(user_id, sps.clone());
(broker.sessions.get(&user_id).unwrap(), vec![])
}
None => {
// the user was not found in the SWS. we need to create a SPS, add it, encrypt and serialize the new SWS,
// add the SPS to broker.sessions, and return the newly created SPS and the new SWS encrypted serialization
let sps = SessionPeerStorageV0::new(user_id);
sws.users.insert(user_id.to_string(), sps.clone());
let encrypted = sws.enc_session(&wallet_id)?;
broker.sessions.insert(user_id, sps);
(broker.sessions.get(&user_id).unwrap(), encrypted)
}
}
}
};
// save the new sws
if new_sws.len() > 0 {
match &broker.config {
LocalBrokerConfig::InMemory => {
panic!("cannot save session when InMemory mode")
}
LocalBrokerConfig::JsStorage(js_config) => {
// save session wallet storage to JsStorage
let encoded = base64_url::encode(&new_sws);
(js_config.session_write)(
format!("ng_wallet@{}", wallet_name),
encoded,
)?;
}
LocalBrokerConfig::BasePath(base_path) => {
// save session wallet storage to disk
let mut path = base_path.clone();
path.push("sessions");
std::fs::create_dir_all(path.clone()).unwrap();
path.push(wallet_name);
//log_debug!("{}", path.clone().display());
write(path.clone(), &new_sws).map_err(|_| NgError::IoError)?;
}
}
}
session
}
}
};
let session = session.clone();
// derive user_master_key from client's storage_master_key
let user_id_ser = serde_bare::to_vec(&user_id).unwrap();
let mut key_material = [user_id_ser, client_storage_master_key].concat(); //
let mut key: [u8; 32] = derive_key(
"NextGraph user_master_key BLAKE3 key",
key_material.as_slice(),
);
key_material.zeroize();
let verifier = Verifier::new(
VerifierConfig {
config_type: broker.verifier_config_type_from_session_config(&config),
user_master_key: key,
peer_priv_key: session.peer_key.clone(),
user_priv_key: credentials.0,
private_store_read_cap: credentials.1,
},
block_storage,
)?;
key.zeroize();
broker.opened_sessions_list.push(Some(Session {
config,
peer_key: session.peer_key.clone(),
last_wallet_nonce: session.last_wallet_nonce,
verifier,
}));
let idx = broker.opened_sessions_list.len() - 1;
broker.opened_sessions.insert(user_id, idx as u8);
Ok(SessionInfo {
session_id: idx as u8,
user: user_id,
})
}
}
broker.session_start(config, None).await
}
use web_time::SystemTime;

55
ng-app/src-tauri/src/lib.rs
Unescape View File

@ -21,7 +21,6 @@ use serde_json::Value;
use std::collections::HashMap;
use std::fs::{read, write, File, OpenOptions};
use std::io::Write;
use std::path::PathBuf;
use tauri::scope::ipc::RemoteDomainAccessScope;
use tauri::utils::config::WindowConfig;
use tauri::{path::BaseDirectory, App, Manager, Window};
@ -42,17 +41,6 @@ async fn test(app: tauri::AppHandle) -> Result<(), ()> {
.unwrap();
init_local_broker(Box::new(move || LocalBrokerConfig::BasePath(path.clone()))).await;
// init_local_broker(&Lazy::new(|| {
// Box::new(move || LocalBrokerConfig::BasePath(path.clone()))
// }))
// .await;
//pub type LastSeqFn = dyn Fn(PubKey, u16) -> Result<u64, NgError> + 'static + Sync + Send;
// let test: Box<LastSeqFn> = Box::new(move |peer_id: PubKey, qty: u16| {
// take_some_peer_last_seq_numbers(peer_id, qty, path.clone())
// });
//pub type ConfigInitFn = dyn Fn() -> LocalBrokerConfig + 'static + Sync + Send;
//log_debug!("test is {}", BROKER.read().await.test());
let path = app
.path()
@ -136,49 +124,6 @@ async fn wallet_create(
Ok(cwr)
}
fn take_some_peer_last_seq_numbers(
peer_id: PubKey,
qty: u16,
mut path: PathBuf,
) -> Result<u64, NgError> {
std::fs::create_dir_all(path.clone()).unwrap();
path.push(peer_id.to_string());
log_debug!("{}", path.display());
let file = read(path.clone());
let (mut file_save, val) = match file {
Ok(ser) => {
let old_val = match SessionPeerLastSeq::deser(&ser)? {
SessionPeerLastSeq::V0(v) => v,
_ => unimplemented!(),
};
(
OpenOptions::new()
.write(true)
.open(path)
.map_err(|_| NgError::SerializationError)?,
old_val,
)
}
Err(_) => (
File::create(path).map_err(|_| NgError::SerializationError)?,
0,
),
};
let new_val = val + qty as u64;
let spls = SessionPeerLastSeq::V0(new_val);
let ser = spls.ser()?;
file_save
.write_all(&ser)
.map_err(|_| NgError::SerializationError)?;
file_save
.sync_data()
.map_err(|_| NgError::SerializationError)?;
Ok(val)
}
#[tauri::command(rename_all = "snake_case")]
async fn wallet_read_file(file: Vec<u8>, app: tauri::AppHandle) -> Result<Wallet, String> {
nextgraph::local_broker::wallet_read_file(file)

1
ng-broker/src/server_ws.rs
Unescape View File

@ -734,6 +734,7 @@ pub async fn run_server_v0(
servers.push(BrokerServerV0 {
peer_id: common_peer_id.unwrap_or(peer_id),
can_verify: false,
can_forward: !run_core,
server_type,
})
}

5
ng-net/src/types.rs
Unescape View File

@ -150,6 +150,9 @@ pub struct BrokerServerV0 {
/// is this server capable of running a verifier
pub can_verify: bool,
/// is this server capable of forwarding client connections to another broker
pub can_forward: bool,
/// peerId of the server
pub peer_id: PubKey,
}
@ -164,6 +167,7 @@ impl BrokerServerV0 {
BrokerServerV0 {
server_type: BrokerServerTypeV0::Localhost(WS_PORT_ALTERNATE[0]),
can_verify: false,
can_forward: true,
peer_id,
}
}
@ -3772,6 +3776,7 @@ mod test {
servers: vec![BrokerServerV0 {
server_type: BrokerServerTypeV0::Localhost(14400),
can_verify: false,
can_forward: false,
peer_id: PubKey::Ed25519PubKey([
95, 73, 225, 250, 3, 147, 24, 164, 177, 211, 34, 244, 45, 130, 111, 136,
229, 145, 53, 167, 50, 168, 140, 227, 65, 111, 203, 41, 210, 186, 162, 149,

7
ng-repo/src/commit.rs
Unescape View File

@ -402,6 +402,11 @@ impl Commit {
}
}
/// Get branch ID this commit is about
pub fn branch(&self) -> &BranchId {
self.content().branch()
}
/// Get commit signature
pub fn header(&self) -> &Option<CommitHeader> {
match self {
@ -701,7 +706,7 @@ impl Commit {
}
self.verify_sig(repo)?;
self.verify_perm(repo)?;
//self.verify_full_object_refs_of_branch_at_commit(repo.store.unwrap())?;
self.verify_full_object_refs_of_branch_at_commit(&repo.store)?;
Ok(())
}
}

4
ng-repo/src/errors.rs
Unescape View File

@ -44,6 +44,10 @@ pub enum NgError {
WalletError(String),
BrokerError,
SessionNotFound,
SessionAlreadyStarted,
RepoNotFound,
BranchNotFound,
StoreNotFound,
}
impl Error for NgError {}

76
ng-repo/src/event.rs
Unescape View File

@ -8,13 +8,20 @@
//! Event, a message sent in the PUB/SUB
use zeroize::Zeroize;
use crate::block_storage::*;
use crate::errors::*;
use crate::object::*;
use crate::repo::Repo;
use crate::store::Store;
use crate::types::*;
use crate::utils::*;
use core::fmt;
use std::sync::Arc;
use chacha20::cipher::{KeyIvInit, StreamCipher};
use chacha20::ChaCha20;
impl fmt::Display for Event {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
@ -54,38 +61,75 @@ impl fmt::Display for EventContentV0 {
}
impl Event {
pub fn new<'a>(
pub fn new(
publisher: &PrivKey,
seq: u64,
commit: &Commit,
additional_blocks: &Vec<BlockId>,
topic_id: TopicId,
topic_priv_key: &BranchWriteCapSecret,
store: &'a Store,
repo: &Repo,
) -> Result<Event, NgError> {
Ok(Event::V0(EventV0::new(
publisher,
seq,
commit,
additional_blocks,
topic_id,
topic_priv_key,
store,
repo,
)?))
}
pub fn seq_num(&self) -> u64 {
match self {
Event::V0(v0) => v0.content.seq,
}
}
}
impl EventV0 {
pub fn new<'a>(
pub fn derive_key(
repo_id: &RepoId,
branch_id: &BranchId,
branch_secret: &ReadCapSecret,
publisher: &PubKey,
) -> [u8; blake3::OUT_LEN] {
let mut key_material = match (*repo_id, *branch_id, branch_secret.clone(), *publisher) {
(
PubKey::Ed25519PubKey(repo),
PubKey::Ed25519PubKey(branch),
SymKey::ChaCha20Key(branch_sec),
PubKey::Ed25519PubKey(publ),
) => [repo, branch, branch_sec, publ].concat(),
(_, _, _, _) => panic!("cannot derive key with Montgomery key"),
};
let res = blake3::derive_key(
"NextGraph Event Commit ObjectKey ChaCha20 key",
key_material.as_slice(),
);
key_material.zeroize();
res
}
pub fn new(
publisher: &PrivKey,
seq: u64,
commit: &Commit,
additional_blocks: &Vec<BlockId>,
topic_id: TopicId,
topic_priv_key: &BranchWriteCapSecret,
store: &'a Store,
repo: &Repo,
) -> Result<EventV0, NgError> {
let branch_read_cap_secret = &store.get_store_readcap().key;
let branch_id = commit.branch();
let repo_id = repo.id;
let store = Arc::clone(&repo.store);
let branch = repo.branch(branch_id)?;
let topic_id = &branch.topic;
let topic_priv_key = &branch.topic_priv_key;
let publisher_pubkey = publisher.to_pub();
let key = Self::derive_key(&repo_id, branch_id, &branch.read_cap.key, &publisher_pubkey);
let commit_key = commit.key().unwrap();
let mut encrypted_commit_key = Vec::from(commit_key.slice());
let mut nonce = seq.to_le_bytes().to_vec();
nonce.append(&mut vec![0; 4]);
let mut cipher = ChaCha20::new((&key).into(), (nonce.as_slice()).into());
cipher.apply_keystream(encrypted_commit_key.as_mut_slice());
let mut blocks = vec![];
for bid in commit.blocks().iter() {
blocks.push(store.get(bid)?);
@ -93,10 +137,8 @@ impl EventV0 {
for bid in additional_blocks.iter() {
blocks.push(store.get(bid)?);
}
// (*seq) += 1;
let publisher_pubkey = publisher.to_pub();
let event_content = EventContentV0 {
topic: topic_id,
topic: *topic_id,
publisher: PeerId::Forwarded(publisher_pubkey),
seq,
blocks,
@ -104,10 +146,10 @@ impl EventV0 {
.header()
.as_ref()
.map_or_else(|| vec![], |h| h.files().to_vec()),
key: vec![], // TODO
key: encrypted_commit_key,
};
let event_content_ser = serde_bare::to_vec(&event_content).unwrap();
let topic_sig = sign(topic_priv_key, &topic_id, &event_content_ser)?;
let topic_sig = sign(topic_priv_key, topic_id, &event_content_ser)?;
let peer_sig = sign(publisher, &publisher_pubkey, &event_content_ser)?;
Ok(EventV0 {
content: event_content,

2
ng-repo/src/lib.rs
Unescape View File

@ -22,8 +22,6 @@ pub mod branch;
pub mod repo;
pub mod site;
pub mod store;
pub mod event;

12
ng-repo/src/object.rs
Unescape View File

@ -60,19 +60,17 @@ pub struct Object {
}
impl Object {
pub(crate) fn convergence_key(
/*store_pubkey: &StoreRepo,
store_readcap_secret: &ReadCapSecret,*/
store: &Store,
) -> [u8; blake3::OUT_LEN] {
// if it is a Store root repo, the key_material is derived from RepoId + RepoWriteCapSecret
// for a private store root repo, the repowritecapsecret is omitted (zeros)
pub(crate) fn convergence_key(store: &Store) -> [u8; blake3::OUT_LEN] {
let mut key_material = match (
*store.get_store_repo().repo_id(),
store.get_store_readcap_secret().clone(),
store.get_store_overlay_branch_readcap_secret().clone(),
) {
(PubKey::Ed25519PubKey(pubkey), SymKey::ChaCha20Key(secret)) => {
[pubkey, secret].concat()
}
(_, _) => panic!("cannot sign with Montgomery key"),
(_, _) => panic!("cannot derive key with Montgomery key"),
};
let res = blake3::derive_key("NextGraph Data BLAKE3 key", key_material.as_slice());
key_material.zeroize();

55
ng-repo/src/repo.rs
Unescape View File

@ -74,15 +74,36 @@ impl UserInfo {
}
}
#[derive(Debug)]
pub struct BranchInfo {
pub id: BranchId,
pub branch_type: BranchType,
pub topic: TopicId,
pub topic_priv_key: BranchWriteCapSecret,
pub read_cap: ReadCap,
}
/// In memory Repository representation. With helper functions that access the underlying UserStore and keeps proxy of the values
#[derive(Debug)]
pub struct Repo {
pub id: RepoId,
/// Repo definition
pub repo_def: Repository,
pub read_cap: Option<ReadCap>,
pub write_cap: Option<RepoWriteCapSecret>,
pub signer: Option<SignerCap>,
pub members: HashMap<Digest, UserInfo>,
pub branches: HashMap<BranchId, BranchInfo>,
pub store: Arc<Store>,
}
@ -139,16 +160,19 @@ impl Repo {
members,
store,
signer: None,
read_cap: None,
write_cap: None,
branches: HashMap::new(),
}
}
pub fn verify_permission(&self, commit: &Commit) -> Result<(), NgError> {
let content_author = commit.content_v0().author;
// let body = commit.load_body(self.store.unwrap())?;
// match self.members.get(&content_author) {
// Some(info) => return info.has_any_perm(&body.required_permission()),
// None => {}
// }
let body = commit.load_body(&self.store)?;
match self.members.get(&content_author) {
Some(info) => return info.has_any_perm(&body.required_permission()),
None => {}
}
Err(NgError::PermissionDenied)
}
@ -159,6 +183,27 @@ impl Repo {
}
}
pub fn branch(&self, id: &BranchId) -> Result<&BranchInfo, NgError> {
//TODO: load the BranchInfo from storage
self.branches.get(id).ok_or(NgError::BranchNotFound)
}
pub fn overlay_branch(&self) -> Option<&BranchInfo> {
for (_, branch) in self.branches.iter() {
if branch.branch_type == BranchType::Overlay {
return Some(branch);
}
}
None
}
pub fn overlay_branch_read_cap(&self) -> Option<&ReadCap> {
match self.overlay_branch() {
Some(bi) => Some(&bi.read_cap),
None => self.read_cap.as_ref(), // this is for private stores that don't have an overlay branch
}
}
// pub(crate) fn get_store(&self) -> &Store {
// self.store.unwrap()
// }

68
ng-repo/src/store.rs
Unescape View File

@ -11,30 +11,51 @@
//! Store of a Site, or of a Group or Dialog
use core::fmt;
use std::collections::HashMap;
use std::sync::{Arc, RwLock};
use crate::block_storage::BlockStorage;
use crate::errors::{NgError, StorageError};
use crate::object::Object;
use crate::repo::Repo;
use crate::repo::{BranchInfo, Repo};
use crate::types::*;
use crate::utils::{generate_keypair, sign, verify};
use crate::log::*;
use rand::prelude::*;
use threshold_crypto::{SecretKeySet, SecretKeyShare};
pub struct Store {
store_repo: StoreRepo,
store_readcap: ReadCap,
store_overlay_branch_readcap: ReadCap,
overlay_id: OverlayId,
storage: Arc<RwLock<dyn BlockStorage + Send + Sync>>,
//repos: HashMap<RepoId, Repo>,
}
impl fmt::Debug for Store {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
writeln!(f, "Store.\nstore_repo {:?}", self.store_repo)?;
writeln!(f, "store_readcap {:?}", self.store_readcap)?;
writeln!(
f,
"store_overlay_branch_readcap {:?}",
self.store_overlay_branch_readcap
)?;
writeln!(f, "overlay_id {:?}", self.overlay_id)
}
}
impl Store {
pub fn set_read_caps(&mut self, read_cap: ReadCap, overlay_read_cap: Option<ReadCap>) {
self.store_readcap = read_cap;
if let Some(overlay_read_cap) = overlay_read_cap {
self.store_overlay_branch_readcap = overlay_read_cap;
}
}
pub fn get_store_repo(&self) -> &StoreRepo {
&self.store_repo
}
@ -43,6 +64,10 @@ impl Store {
&self.store_readcap
}
pub fn get_store_overlay_branch_readcap_secret(&self) -> &ReadCapSecret {
&self.store_overlay_branch_readcap.key
}
pub fn get_store_readcap_secret(&self) -> &ReadCapSecret {
&self.store_readcap.key
}
@ -83,6 +108,7 @@ impl Store {
self: Arc<Self>,
creator: &UserId,
creator_priv_key: &PrivKey,
repo_write_cap_secret: SymKey,
) -> Result<(Repo, Vec<(Commit, Vec<Digest>)>), NgError> {
let mut events = Vec::with_capacity(6);
@ -118,8 +144,6 @@ impl Store {
// creating the RootBranch commit, acks to Repository commit
let repo_write_cap_secret = SymKey::random();
let root_branch_commit_body =
CommitBody::V0(CommitBodyV0::RootBranch(RootBranch::V0(RootBranchV0 {
id: repo_pub_key,
@ -316,7 +340,7 @@ impl Store {
repo_pub_key,
QuorumType::IamTheSignature,
vec![add_branch_commit.reference().unwrap()],
vec![root_branch_readcap],
vec![root_branch_readcap.clone()],
sync_sig_commit_body.clone(),
&self,
)?;
@ -340,7 +364,7 @@ impl Store {
main_branch_pub_key,
QuorumType::IamTheSignature,
vec![branch_read_cap.clone()],
vec![branch_read_cap],
vec![branch_read_cap.clone()],
sync_sig_commit_body,
&self,
)?;
@ -358,12 +382,34 @@ impl Store {
// preparing the Repo
let root_branch = BranchInfo {
id: repo_pub_key.clone(),
branch_type: BranchType::Root,
topic: topic_pub_key,
topic_priv_key: topic_priv_key,
read_cap: root_branch_readcap.clone(),
};
let main_branch = BranchInfo {
id: main_branch_pub_key.clone(),
branch_type: BranchType::Main,
topic: main_branch_topic_pub_key,
topic_priv_key: main_branch_topic_priv_key,
read_cap: branch_read_cap,
};
let repo = Repo {
id: repo_pub_key,
repo_def: repository,
signer: Some(signer_cap),
members: HashMap::new(),
store: self,
store: Arc::clone(&self),
read_cap: Some(root_branch_readcap),
write_cap: Some(repo_write_cap_secret),
branches: HashMap::from([
(repo_pub_key, root_branch),
(main_branch_pub_key, main_branch),
]),
};
Ok((repo, events))
@ -372,6 +418,7 @@ impl Store {
pub fn new(
store_repo: StoreRepo,
store_readcap: ReadCap,
store_overlay_branch_readcap: ReadCap,
storage: Arc<RwLock<dyn BlockStorage + Send + Sync>>,
) -> Self {
Self {
@ -379,6 +426,7 @@ impl Store {
store_readcap,
overlay_id: store_repo.overlay_id_for_storage_purpose(),
storage,
store_overlay_branch_readcap,
}
}
@ -388,9 +436,11 @@ impl Store {
use crate::block_storage::HashMapBlockStorage;
let store_repo = StoreRepo::dummy_public_v0();
let store_readcap = ReadCap::dummy();
let store_overlay_branch_readcap = ReadCap::dummy();
Arc::new(Self::new(
store_repo,
store_readcap,
store_overlay_branch_readcap,
Arc::new(RwLock::new(HashMapBlockStorage::new()))
as Arc<RwLock<dyn BlockStorage + Send + Sync>>,
))
@ -401,9 +451,11 @@ impl Store {
use crate::block_storage::HashMapBlockStorage;
let store_repo = StoreRepo::dummy_with_key(repo_pubkey);
let store_readcap = ReadCap::dummy();
let store_overlay_branch_readcap = ReadCap::dummy();
Arc::new(Self::new(
store_repo,
store_readcap,
store_overlay_branch_readcap,
Arc::new(RwLock::new(HashMapBlockStorage::new()))
as Arc<RwLock<dyn BlockStorage + Send + Sync>>,
))

42
ng-repo/src/types.rs
Unescape View File

@ -91,7 +91,6 @@ impl SymKey {
pub fn from_array(array: [u8; 32]) -> Self {
SymKey::ChaCha20Key(array)
}
#[deprecated(note = "**Don't use nil method**")]
pub fn nil() -> Self {
SymKey::ChaCha20Key([0; 32])
}
@ -399,7 +398,6 @@ impl BlockId {
Digest::Blake3Digest32([0u8; 32])
}
#[deprecated(note = "**Don't use nil method**")]
pub fn nil() -> Self {
Digest::Blake3Digest32([0u8; 32])
}
@ -414,7 +412,6 @@ impl BlockRef {
}
}
#[deprecated(note = "**Don't use nil method**")]
pub fn nil() -> Self {
BlockRef {
id: Digest::Blake3Digest32([0u8; 32]),
@ -742,29 +739,6 @@ pub enum SiteName {
Name(String),
}
/// Site V0
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
pub struct SiteV0 {
pub site_type: SiteType,
pub id: PubKey,
pub name: SiteName,
// Identity::OrgPublicStore or Identity::IndividualPublicStore
pub public: SiteStore,
// Identity::OrgProtectedStore or Identity::IndividualProtectedStore
pub protected: SiteStore,
// Identity::OrgPrivateStore or Identity::IndividualPrivateStore
pub private: SiteStore,
/// Only for IndividualSite: TODO reorganize those 2 fields
pub cores: Vec<(PubKey, Option<[u8; 32]>)>,
pub bootstraps: Vec<PubKey>,
}
/// Reduced Site (for QRcode)
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
pub struct ReducedSiteV0 {
@ -971,9 +945,8 @@ pub enum Block {
///
/// First commit published in root branch, signed by repository key
/// For the Root repo of a store(overlay), the convergence_key should be derived from :
/// "NextGraph Store Root Repo BLAKE3 convergence key",
/// RepoId + RepoWriteCapSecret)
/// for a private store root repo, the repowritecapsecret can be omitted
/// "NextGraph Data BLAKE3 key", RepoId + RepoWriteCapSecret)
/// for a private store root repo, the RepoWriteCapSecret can be omitted
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
pub struct RepositoryV0 {
/// Repo public key ID
@ -1077,7 +1050,7 @@ pub struct RootBranchV0 {
/// Mutable App-specific metadata
/// when the list of owners is changed, a crypto_box containing the RepoWriteCapSecret should be included here for each owner.
/// this should also be done at creation time, with the UserId of the first owner, except for individual store repo, because it doesnt have a RepoWriteCapSecret
/// this should also be done at creation time, with the UserId of the first owner, except for individual private store repo, because it doesnt have a RepoWriteCapSecret
#[serde(with = "serde_bytes")]
pub metadata: Vec<u8>,
}
@ -1247,7 +1220,8 @@ pub enum BranchType {
Store,
Overlay,
User,
Transactional, // this could have been called OtherTransaction, but for the sake of simplicity, we use Transaction for any branch that is not the Main one.
Transactional, // this could have been called OtherTransaction, but for the sake of simplicity, we use Transactional for any branch that is not the Main one.
Root, // only used for BranchInfo
}
impl fmt::Display for BranchType {
@ -1262,6 +1236,7 @@ impl fmt::Display for BranchType {
Self::Overlay => "Overlay",
Self::User => "User",
Self::Transactional => "Transactional",
Self::Root => "Root",
}
)
}
@ -2161,6 +2136,11 @@ impl CommitContent {
CommitContent::V0(v0) => &v0.author,
}
}
pub fn branch(&self) -> &BranchId {
match self {
CommitContent::V0(v0) => &v0.branch,
}
}
pub fn author_digest(author: &UserId, overlay: OverlayId) -> Digest {
let author_id = serde_bare::to_vec(author).unwrap();

68
ng-sdk-js/src/lib.rs
Unescape View File

@ -162,74 +162,6 @@ pub async fn get_wallets() -> Result<JsValue, JsValue> {
Ok(JsValue::UNDEFINED)
}
fn take_some_peer_last_seq_numbers(peer_id: PubKey, qty: u16) -> Result<u64, NgError> {
let res = session_get(format!("ng_peer_last_seq@{}", peer_id));
let val = match res {
Some(old_str) => {
let decoded = base64_url::decode(&old_str).map_err(|_| NgError::SerializationError)?;
match serde_bare::from_slice(&decoded)? {
SessionPeerLastSeq::V0(old_val) => old_val,
_ => unimplemented!(),
}
}
None => 0,
};
let new_val = val + qty as u64;
let spls = SessionPeerLastSeq::V0(new_val);
let ser = serde_bare::to_vec(&spls)?;
//saving the new val
let encoded = base64_url::encode(&ser);
let r = session_save(format!("ng_peer_last_seq@{}", peer_id), encoded);
if r.is_some() {
return Err(NgError::SerializationError);
}
Ok(val)
}
// #[cfg(target_arch = "wasm32")]
// #[wasm_bindgen]
// async fn init_local_broker_persistent() -> Result<(), String> {
// init_local_broker_(false, None).await
// }
// #[cfg(target_arch = "wasm32")]
// #[wasm_bindgen]
// async fn init_local_broker_with_path(path: String) -> Result<(), String> {
// init_local_broker_(false, Some(path)).await
// }
// #[cfg(target_arch = "wasm32")]
// #[wasm_bindgen]
// async fn init_local_broker_in_memory() -> Result<(), String> {
// init_local_broker_(true, None).await
// }
async fn init_local_broker_(in_memory: bool, path: Option<String>) -> Result<(), String> {
// INIT_BROKER
// .get_or_init(async {
// BROKER
// .write()
// .await
// .register_last_seq_function(Box::new(take_some_peer_last_seq_numbers));
// true
// })
// .await;
Ok(())
}
async fn init_local_broker_internal() -> Result<(), String> {
// INIT_BROKER
// .get_or_init(async {
// BROKER
// .write()
// .await
// .register_last_seq_function(Box::new(take_some_peer_last_seq_numbers));
// true
// })
// .await;
Ok(())
}
#[cfg(target_arch = "wasm32")]
#[wasm_bindgen]
pub async fn session_start(wallet_name: String, user_js: JsValue) -> Result<JsValue, String> {

5
ng-storage-rocksdb/src/kcv_storage.rs
Unescape View File

@ -585,7 +585,10 @@ impl RocksdbKCVStore {
let db: TransactionDB =
TransactionDB::open_cf(&opts, &tx_options, &path, vec!["cf0", "cf1"]).unwrap();
log_info!("created db with Rocksdb Version: {}", Env::version());
log_info!(
"created kcv storage with Rocksdb Version: {}",
Env::version()
);
Ok(RocksdbKCVStore {
db: db,

3
ng-verifier/Cargo.toml
Unescape View File

@ -15,6 +15,9 @@ rust-version.workspace = true
[badges]
maintenance = { status = "actively-developed" }
[features]
testing = []
[dependencies]
ng-repo = { path = "../ng-repo", version = "0.1.0" }
ng-net = { path = "../ng-net", version = "0.1.0" }

2
ng-verifier/src/lib.rs
Unescape View File

@ -4,5 +4,7 @@ pub mod user_storage;
pub mod verifier;
pub mod site;
#[cfg(not(target_family = "wasm"))]
pub mod rocksdb_user_storage;

109
ng-repo/src/site.rs → ng-verifier/src/site.rs
Unescape View File

@ -11,9 +11,35 @@
//! Site (Public, Protected, Private) of Individual and Org
use crate::errors::NgError;
use crate::types::*;
use crate::utils::{generate_keypair, sign, verify};
use crate::verifier::Verifier;
use ng_repo::errors::NgError;
use ng_repo::types::*;
use ng_repo::utils::{generate_keypair, sign, verify};
use serde::{Deserialize, Serialize};
/// Site V0
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
pub struct SiteV0 {
pub site_type: SiteType,
pub id: PubKey,
pub name: SiteName,
// Identity::OrgPublicStore or Identity::IndividualPublicStore
pub public: SiteStore,
// Identity::OrgProtectedStore or Identity::IndividualProtectedStore
pub protected: SiteStore,
// Identity::OrgPrivateStore or Identity::IndividualPrivateStore
pub private: SiteStore,
/// Only for IndividualSite: TODO reorganize those 2 fields
pub cores: Vec<(PubKey, Option<[u8; 32]>)>,
pub bootstraps: Vec<PubKey>,
}
impl SiteV0 {
pub fn get_individual_user_priv_key(&self) -> Option<PrivKey> {
@ -23,9 +49,18 @@ impl SiteV0 {
}
}
pub fn create_personal(
fn site_store_to_store_repo(site_store: &SiteStore) -> StoreRepo {
StoreRepo::V0(match site_store.store_type {
SiteStoreType::Public => StoreRepoV0::PublicStore(site_store.id),
SiteStoreType::Protected => StoreRepoV0::ProtectedStore(site_store.id),
SiteStoreType::Private => StoreRepoV0::PrivateStore(site_store.id),
})
}
fn create_individual_(
user_priv_key: PrivKey,
private_store_read_cap: ReadCap,
verifier: &mut Verifier,
site_name: SiteName,
) -> Result<Self, NgError> {
let site_pubkey = user_priv_key.to_pub();
@ -50,10 +85,31 @@ impl SiteV0 {
store_type: SiteStoreType::Private,
};
let public_store = Self::site_store_to_store_repo(&public);
let protected_store = Self::site_store_to_store_repo(&protected);
let private_store = Self::site_store_to_store_repo(&private);
verifier.reserve_more(18)?;
let public_repo =
verifier.new_store_default(&site_pubkey, &user_priv_key, &public_store, false)?;
let protected_repo =
verifier.new_store_default(&site_pubkey, &user_priv_key, &protected_store, false)?;
let private_repo =
verifier.new_store_default(&site_pubkey, &user_priv_key, &private_store, true)?;
// TODO: create user branch
// TODO: add the 2 commits in user branch about StoreUpdate of public and protected stores.
Ok(Self {
site_type: SiteType::Individual((user_priv_key, private_store_read_cap)),
site_type: SiteType::Individual((
user_priv_key,
private_repo.read_cap.to_owned().unwrap(),
)),
id: site_pubkey,
name: SiteName::Personal,
name: site_name,
public,
protected,
private,
@ -65,41 +121,16 @@ impl SiteV0 {
pub fn create_individual(
name: String,
user_priv_key: PrivKey,
private_store_read_cap: ReadCap,
verifier: &mut Verifier,
) -> Result<Self, NgError> {
let site_pubkey = user_priv_key.to_pub();
let (public_store_privkey, public_store_pubkey) = generate_keypair();
let (protected_store_privkey, protected_store_pubkey) = generate_keypair();
let (private_store_privkey, private_store_pubkey) = generate_keypair();
let public = SiteStore {
id: public_store_pubkey,
store_type: SiteStoreType::Public,
};
let protected = SiteStore {
id: protected_store_pubkey,
store_type: SiteStoreType::Protected,
};
let private = SiteStore {
id: private_store_pubkey,
store_type: SiteStoreType::Private,
};
Self::create_individual_(user_priv_key, verifier, SiteName::Name(name))
}
Ok(Self {
site_type: SiteType::Individual((user_priv_key, private_store_read_cap)),
id: site_pubkey,
name: SiteName::Name(name),
public,
protected,
private,
cores: vec![],
bootstraps: vec![],
})
pub fn create_personal(
user_priv_key: PrivKey,
verifier: &mut Verifier,
) -> Result<Self, NgError> {
Self::create_individual_(user_priv_key, verifier, SiteName::Personal)
}
pub fn create_org(name: String) -> Result<Self, NgError> {

31
ng-verifier/src/types.rs
Unescape View File

@ -36,7 +36,22 @@ use serde::{Deserialize, Serialize};
use web_time::SystemTime;
//use yrs::{StateVector, Update};
#[derive(Debug, Clone)]
#[derive(Clone, Debug, Serialize, Deserialize)]
pub enum SessionPeerLastSeq {
V0(u64),
V1((u64, Sig)),
}
impl SessionPeerLastSeq {
pub fn ser(&self) -> Result<Vec<u8>, NgError> {
Ok(serde_bare::to_vec(self)?)
}
pub fn deser(ser: &[u8]) -> Result<Self, NgError> {
Ok(serde_bare::from_slice(ser).map_err(|_| NgError::SerializationError)?)
}
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum VerifierType {
/// nothing will be saved on disk during the session
Memory,
@ -59,7 +74,7 @@ impl VerifierType {
}
}
//type LastSeqFn = fn(PubKey, u16) -> Result<u64, NgError>;
//type LastSeqFn = fn(peer_id: PubKey, qty: u16) -> Result<u64, NgError>;
pub type LastSeqFn = dyn Fn(PubKey, u16) -> Result<u64, NgError> + 'static + Sync + Send;
// peer_id: PubKey, seq_num:u64, event_ser: vec<u8>,
@ -96,6 +111,15 @@ pub enum VerifierConfigType {
WebRocksDb,
}
impl VerifierConfigType {
pub(crate) fn should_load_last_seq_num(&self) -> bool {
match self {
Self::JsSaveSession(_) | Self::RocksDb(_) => true,
_ => false,
}
}
}
#[derive(Debug)]
pub struct VerifierConfig {
pub config_type: VerifierConfigType,
@ -104,7 +128,8 @@ pub struct VerifierConfig {
/// not used for Memory
pub peer_priv_key: PrivKey,
pub user_priv_key: PrivKey,
pub private_store_read_cap: ObjectRef,
pub private_store_read_cap: Option<ObjectRef>,
pub private_store_id: Option<RepoId>,
}
pub type CancelFn = Box<dyn FnOnce()>;

384
ng-verifier/src/verifier.rs
Unescape View File

@ -21,6 +21,9 @@ use ng_repo::{
types::*,
utils::{generate_keypair, sign},
};
use std::cmp::max;
use std::fs::{create_dir_all, read, write, File, OpenOptions};
use std::io::Write;
use core::fmt;
//use oxigraph::io::{RdfFormat, RdfParser, RdfSerializer};
@ -55,6 +58,8 @@ pub struct Verifier {
last_reservation: SystemTime,
stores: HashMap<OverlayId, Arc<Store>>,
repos: HashMap<RepoId, Repo>,
/// only used for InMemory type, to store the outbox
in_memory_outbox: Vec<Event>,
}
impl fmt::Debug for Verifier {
@ -65,7 +70,8 @@ impl fmt::Debug for Verifier {
}
impl Verifier {
#[cfg(test)]
#[allow(deprecated)]
#[cfg(any(test, feature = "testing"))]
pub fn new_dummy() -> Self {
use ng_repo::block_storage::HashMapBlockStorage;
let (peer_priv_key, peer_id) = generate_keypair();
@ -77,7 +83,8 @@ impl Verifier {
user_master_key: [0; 32],
peer_priv_key,
user_priv_key: PrivKey::random_ed(),
private_store_read_cap: ObjectRef::nil(),
private_store_read_cap: None,
private_store_id: None,
},
connected_server_id: None,
graph_dataset: None,
@ -86,35 +93,105 @@ impl Verifier {
last_seq_num: 0,
peer_id,
max_reserved_seq_num: 1,
last_reservation: SystemTime::now(),
last_reservation: SystemTime::UNIX_EPOCH,
stores: HashMap::new(),
repos: HashMap::new(),
in_memory_outbox: vec![],
}
}
pub fn get_store(&mut self, store_repo: &StoreRepo) -> Arc<Store> {
pub fn get_store_mut(&mut self, store_repo: &StoreRepo) -> Arc<Store> {
let overlay_id = store_repo.overlay_id_for_storage_purpose();
let store = self.stores.entry(overlay_id).or_insert_with(|| {
// FIXME: get store_readcap from user storage
let store_readcap = ReadCap::nil();
let store_overlay_branch_readcap = ReadCap::nil();
let store = Store::new(
*store_repo,
store_readcap,
store_overlay_branch_readcap,
Arc::clone(
&self
.block_storage
.as_ref()
.ok_or(core::fmt::Error)
.expect("get_store cannot be called on Remote Verifier"),
.expect("get_store_mut cannot be called on Remote Verifier"),
),
);
//self.stores.insert(overlay_id, store);
//let store = self.stores.entry(overlay_id).or_insert(store);
Arc::new(store)
});
Arc::clone(store)
}
pub fn complete_site_store(
&mut self,
store_repo: &StoreRepo,
mut repo: Repo,
//read_cap: &ReadCap,
//overlay_read_cap: Option<&ReadCap>,
) -> Result<Repo, NgError> {
let read_cap = repo.read_cap.to_owned().unwrap();
let overlay_read_cap = repo.overlay_branch_read_cap().cloned();
let overlay_id = store_repo.overlay_id_for_storage_purpose();
let store = self
.stores
.remove(&overlay_id)
.ok_or(NgError::StoreNotFound)?;
// let mut repo = self
// .repos
// .remove(store_repo.repo_id())
// .ok_or(NgError::RepoNotFound)?;
// log_info!(
// "{}",
// Arc::<ng_repo::store::Store>::strong_count(&repo.store)
// );
drop(repo.store);
//log_info!("{}", Arc::<ng_repo::store::Store>::strong_count(&store));
let mut mut_store = Arc::<ng_repo::store::Store>::into_inner(store).unwrap();
mut_store.set_read_caps(read_cap, overlay_read_cap);
let new_store = Arc::new(mut_store);
let _ = self.stores.insert(overlay_id, Arc::clone(&new_store));
repo.store = new_store;
//let _ = self.repos.insert(*store_repo.repo_id(), repo);
Ok(repo)
}
pub fn get_store(&self, store_repo: &StoreRepo) -> Result<Arc<Store>, NgError> {
let overlay_id = store_repo.overlay_id_for_storage_purpose();
let store = self.stores.get(&overlay_id).ok_or(NgError::StoreNotFound)?;
Ok(Arc::clone(store))
}
pub fn get_repo_mut(
&mut self,
id: RepoId,
store_repo: &StoreRepo,
) -> Result<&mut Repo, NgError> {
let store = self.get_store(store_repo);
let repo_ref = self.repos.get_mut(&id).ok_or(NgError::RepoNotFound);
// .or_insert_with(|| {
// // load from storage
// Repo {
// id,
// repo_def: Repository::new(&PubKey::nil(), &vec![]),
// read_cap: None,
// write_cap: None,
// signer: None,
// members: HashMap::new(),
// branches: HashMap::new(),
// store,
// }
// });
repo_ref
}
pub fn get_repo(&self, id: RepoId, store_repo: &StoreRepo) -> Result<&Repo, NgError> {
//let store = self.get_store(store_repo);
let repo_ref = self.repos.get(&id).ok_or(NgError::RepoNotFound);
repo_ref
}
pub fn add_store(&mut self, store: Arc<Store>) {
let overlay_id = store.get_store_repo().overlay_id_for_storage_purpose();
if self.stores.contains_key(&overlay_id) {
@ -131,12 +208,13 @@ impl Verifier {
additional_blocks: &Vec<BlockId>,
//topic_id: TopicId,
//topic_priv_key: &BranchWriteCapSecret,
store: &Store, // store could be omitted and a store repo ID would be given instead.
) -> Result<Event, NgError> {
repo_id: RepoId,
store_repo: &StoreRepo,
) -> Result<(), NgError> {
if self.last_seq_num + 1 >= self.max_reserved_seq_num {
self.reserve_more(1)?;
}
self.new_event_(commit, additional_blocks, store)
self.new_event_(commit, additional_blocks, repo_id, store_repo)
}
fn new_event_(
@ -147,67 +225,187 @@ impl Verifier {
additional_blocks: &Vec<BlockId>,
//topic_id: TopicId,
//topic_priv_key: &BranchWriteCapSecret,
store: &Store, // store could be omitted and a store repo ID would be given instead.
) -> Result<Event, NgError> {
let topic_id = TopicId::nil(); // should be fetched from user storage, based on the Commit.branch
let topic_priv_key = BranchWriteCapSecret::nil(); // should be fetched from user storage, based on repoId found in user storage (search by branchId)
// store: &Store, // store could be omitted and a store repo ID would be given instead.
repo_id: RepoId,
store_repo: &StoreRepo,
) -> Result<(), NgError> {
//let topic_id = TopicId::nil(); // should be fetched from user storage, based on the Commit.branch
//let topic_priv_key = BranchWriteCapSecret::nil(); // should be fetched from user storage, based on repoId found in user storage (search by branchId)
//self.get_store(store_repo)
let publisher = self.config.peer_priv_key.clone();
self.last_seq_num += 1;
let seq_num = self.last_seq_num;
let repo = self.get_repo(repo_id, store_repo)?;
let event = Event::new(&publisher, seq_num, commit, additional_blocks, repo)?;
self.send_or_save_event_to_outbox(event)?;
Ok(())
}
fn new_event_with_repo_(
&mut self,
//publisher: &PrivKey,
//seq: &mut u64,
commit: &Commit,
additional_blocks: &Vec<BlockId>,
//topic_id: TopicId,
//topic_priv_key: &BranchWriteCapSecret,
// store: &Store, // store could be omitted and a store repo ID would be given instead.
repo: &Repo,
) -> Result<(), NgError> {
//let topic_id = TopicId::nil(); // should be fetched from user storage, based on the Commit.branch
//let topic_priv_key = BranchWriteCapSecret::nil(); // should be fetched from user storage, based on repoId found in user storage (search by branchId)
//self.get_store(store_repo)
let publisher = self.config.peer_priv_key.clone();
self.last_seq_num += 1;
Event::new(
&self.config.peer_priv_key,
self.last_seq_num,
commit,
additional_blocks,
topic_id,
&topic_priv_key,
store,
)
let seq_num = self.last_seq_num;
let event = Event::new(&publisher, seq_num, commit, additional_blocks, repo)?;
self.send_or_save_event_to_outbox(event)?;
Ok(())
}
pub(crate) fn last_seq_number(&mut self) -> Result<u64, NgError> {
if self.last_seq_num + 1 >= self.max_reserved_seq_num {
if self.available_seq_nums() <= 1 {
self.reserve_more(1)?;
}
self.last_seq_num += 1;
Ok(self.last_seq_num)
}
pub(crate) fn new_events_with_repo(
&mut self,
events: Vec<(Commit, Vec<Digest>)>,
repo: &Repo,
) -> Result<(), NgError> {
let missing_count = events.len() as i64 - self.available_seq_nums() as i64;
// this is reducing the capacity of reserver_seq_num by half (cast from u64 to i64)
// but we will never reach situation where so many seq_nums are reserved, neither such a big list of events to process
if missing_count >= 0 {
self.reserve_more(missing_count as u64 + 1)?;
}
for event in events {
self.new_event_with_repo_(&event.0, &event.1, repo)?;
}
Ok(())
}
pub(crate) fn new_events(
&mut self,
events: Vec<(Commit, Vec<Digest>)>,
store: &Store,
) -> Result<Vec<Event>, NgError> {
repo_id: RepoId,
store_repo: &StoreRepo,
) -> Result<(), NgError> {
let missing_count = events.len() as i64 - self.available_seq_nums() as i64;
// this is reducing the capacity of reserver_seq_num by half (cast from u64 to i64)
// but we will never reach situation where so many seq_nums are reserved, neither such a big list of events to process
if missing_count >= 0 {
self.reserve_more(missing_count as u64 + 1)?;
}
let mut res = vec![];
for event in events {
let event = self.new_event_(&event.0, &event.1, store)?;
res.push(event);
self.new_event_(&event.0, &event.1, repo_id.clone(), store_repo)?;
}
Ok(res)
Ok(())
}
fn available_seq_nums(&self) -> u64 {
self.max_reserved_seq_num - self.last_seq_num
}
fn reserve_more(&mut self, at_least: u64) -> Result<(), NgError> {
// the qty should be calculated based on the last_reservation. the closer to now, the higher the qty.
pub(crate) fn reserve_more(&mut self, at_least: u64) -> Result<(), NgError> {
// the qty is calculated based on the last_reservation. the closer to now, the higher the qty.
// below 1 sec, => 100
// below 5 sec, => 10
// below 10 sec => 1
self.take_some_peer_last_seq_numbers(10)
// above 5 sec => 1
let qty = match self.last_reservation.elapsed().unwrap().as_secs() {
0..=1 => 100u16,
2..=5 => 10u16,
6.. => 1u16,
};
self.take_some_peer_last_seq_numbers(max(at_least as u16, qty))
}
fn take_some_peer_last_seq_numbers(&mut self, qty: u16) -> Result<(), NgError> {
// TODO the magic
fn send_or_save_event_to_outbox<'a>(&'a mut self, event: Event) -> Result<(), NgError> {
log_debug!("========== EVENT {:03}: {}", event.seq_num(), event);
if self.connected_server_id.is_some() {
// send the events to the server already
} else {
match &self.config.config_type {
VerifierConfigType::JsSaveSession(js) => {
(js.outbox_write_function)(
self.peer_id,
event.seq_num(),
serde_bare::to_vec(&event)?,
)?;
}
VerifierConfigType::RocksDb(path) => {}
VerifierConfigType::Memory => {
self.in_memory_outbox.push(event);
}
_ => unimplemented!(),
}
}
Ok(())
}
self.max_reserved_seq_num += qty as u64;
fn take_some_peer_last_seq_numbers(&mut self, qty: u16) -> Result<(), NgError> {
match &self.config.config_type {
VerifierConfigType::JsSaveSession(js) => {
let res = (js.last_seq_function)(self.peer_id, qty)?;
self.max_reserved_seq_num = res + qty as u64;
}
VerifierConfigType::RocksDb(path) => {
let mut path = path.clone();
std::fs::create_dir_all(path.clone()).unwrap();
path.push(format!("lastseq{}", self.peer_id.to_string()));
log_debug!("last_seq path {}", path.display());
let file = read(path.clone());
let (mut file_save, val) = match file {
Ok(ser) => {
let old_val = if ser.len() > 0 {
match SessionPeerLastSeq::deser(&ser)? {
SessionPeerLastSeq::V0(v) => v,
_ => unimplemented!(),
}
} else {
0
};
(
OpenOptions::new()
.write(true)
.open(path)
.map_err(|_| NgError::SerializationError)?,
old_val,
)
}
Err(_) => (
File::create(path).map_err(|_| NgError::SerializationError)?,
0,
),
};
if qty > 0 {
let new_val = val + qty as u64;
let spls = SessionPeerLastSeq::V0(new_val);
let ser = spls.ser()?;
file_save
.write_all(&ser)
.map_err(|_| NgError::SerializationError)?;
file_save
.sync_data()
.map_err(|_| NgError::SerializationError)?;
}
self.max_reserved_seq_num = val + qty as u64;
}
_ => {
self.max_reserved_seq_num += qty as u64;
}
}
self.last_reservation = SystemTime::now();
log_debug!(
"reserving more seq_nums {qty}. now at {}",
"reserving more {qty} seq_nums. now at {}",
self.max_reserved_seq_num
);
Ok(())
@ -224,21 +422,33 @@ impl Verifier {
Some(block_storage),
),
#[cfg(not(target_family = "wasm"))]
VerifierConfigType::RocksDb(path) => (
// FIXME BIG TIME: we are reusing the same encryption key here.
// this is very temporary, until we remove the code in oxi_rocksdb of oxigraph,
// and have oxigraph use directly the UserStorage
Some(oxigraph::store::Store::open_with_key(path, config.user_master_key).unwrap()),
Some(
Box::new(RocksDbUserStorage::open(path, config.user_master_key)?)
as Box<dyn UserStorage>,
),
Some(block_storage),
),
VerifierConfigType::RocksDb(path) => {
let mut path_oxi = path.clone();
path_oxi.push("graph");
create_dir_all(path_oxi.clone()).unwrap();
let mut path_user = path.clone();
path_user.push("user");
create_dir_all(path_user.clone()).unwrap();
(
// FIXME BIG TIME: we are reusing the same encryption key here.
// this is very temporary, until we remove the code in oxi_rocksdb of oxigraph,
// and have oxigraph use directly the UserStorage
Some(
oxigraph::store::Store::open_with_key(path_oxi, config.user_master_key)
.unwrap(),
),
Some(Box::new(RocksDbUserStorage::open(
&path_user,
config.user_master_key,
)?) as Box<dyn UserStorage>),
Some(block_storage),
)
}
VerifierConfigType::Remote(_) => (None, None, None),
_ => unimplemented!(), // can be WebRocksDb or RocksDb on wasm platforms
};
let peer_id = config.peer_priv_key.to_pub();
let should_load_last_seq_num = config.config_type.should_load_last_seq_num();
let mut verif = Verifier {
config,
connected_server_id: None,
@ -246,13 +456,18 @@ impl Verifier {
user_storage: user,
block_storage: block,
peer_id,
last_reservation: SystemTime::now(),
last_reservation: SystemTime::UNIX_EPOCH, // this is to avoid reserving 100 seq_nums at every start of a new session
max_reserved_seq_num: 0,
last_seq_num: 0,
stores: HashMap::new(),
repos: HashMap::new(),
in_memory_outbox: vec![],
};
verif.take_some_peer_last_seq_numbers(1)?;
// this is important as it will load the last seq from storage
if should_load_last_seq_num {
verif.take_some_peer_last_seq_numbers(0)?;
verif.last_seq_num = verif.max_reserved_seq_num;
}
Ok(verif)
}
@ -272,24 +487,66 @@ impl Verifier {
unimplemented!();
}
pub fn new_store_default<'a>(
&'a mut self,
creator: &UserId,
creator_priv_key: &PrivKey,
store_repo: &StoreRepo,
private: bool,
) -> Result<&'a Repo, NgError> {
let repo_write_cap_secret = match private {
false => SymKey::random(),
true => SymKey::nil(),
};
let overlay_id = store_repo.overlay_id_for_storage_purpose();
let store = self.stores.entry(overlay_id).or_insert_with(|| {
let store_readcap = ReadCap::nil();
// temporarily set the store_overlay_branch_readcap to an objectRef that has an empty id, and a key = to the repo_write_cap_secret
let store_overlay_branch_readcap =
ReadCap::from_id_key(ObjectId::nil(), repo_write_cap_secret.clone());
let store = Store::new(
*store_repo,
store_readcap,
store_overlay_branch_readcap,
Arc::clone(
&self
.block_storage
.as_ref()
.ok_or(core::fmt::Error)
.expect("get_store_mut cannot be called on Remote Verifier"),
),
);
Arc::new(store)
});
let (repo, proto_events) = Arc::clone(store).create_repo_default(
creator,
creator_priv_key,
repo_write_cap_secret,
)?;
self.new_events_with_repo(proto_events, &repo)?;
let repo = self.complete_site_store(store_repo, repo)?;
let repo_ref = self.repos.entry(repo.id).or_insert(repo);
Ok(repo_ref)
}
/// returns the Repo and the last seq_num of the peer
pub fn new_repo_default<'a>(
&'a mut self,
creator: &UserId,
creator_priv_key: &PrivKey,
store_repo: &StoreRepo,
) -> Result<(&'a Repo, Vec<Event>), NgError> {
let store = self.get_store(store_repo);
let (repo, proto_events) = store.create_repo_default(creator, creator_priv_key)?;
let events = self.new_events(proto_events, &repo.store)?;
) -> Result<&'a Repo, NgError> {
let store = self.get_store_mut(store_repo);
let repo_write_cap_secret = SymKey::random();
let (repo, proto_events) =
store.create_repo_default(creator, creator_priv_key, repo_write_cap_secret)?;
self.new_events_with_repo(proto_events, &repo)?;
// let mut events = vec![];
// for event in proto_events {
// events.push(self.new_event(&event.0, &event.1, &repo.store)?);
// }
let repo_ref = self.repos.entry(repo.id).or_insert(repo);
Ok((repo_ref, events))
Ok(repo_ref)
}
}
#[cfg(test)]
@ -312,19 +569,12 @@ mod test {
let mut verifier = Verifier::new_dummy();
verifier.add_store(store);
let (repo, events) = verifier
let repo = verifier
.new_repo_default(&creator_pub_key, &creator_priv_key, &store_repo)
.expect("new_default");
log_debug!("REPO OBJECT {}", repo);
log_debug!("events: {}\n", events.len());
let mut i = 0;
for e in events {
log_debug!("========== EVENT {:03}: {}", i, e);
i += 1;
}
assert_eq!(verifier.last_seq_number(), Ok(6));
assert_eq!(verifier.last_seq_num, 5);
}
}

8
ng-wallet/Cargo.toml
Unescape View File

@ -20,6 +20,7 @@ serde_bytes = "0.11.7"
serde-big-array = "0.5.1"
ng-repo = { path = "../ng-repo", version = "0.1.0" }
ng-net = { path = "../ng-net", version = "0.1.0" }
ng-verifier = { path = "../ng-verifier", version = "0.1.0" }
image = "0.24.6"
getrandom = { version = "0.1.1", features = ["wasm-bindgen"] }
rand = { version = "0.7", features = ["getrandom"] }
@ -35,4 +36,9 @@ web-time = "0.2.0"
lazy_static = "1.4.0"
zeroize = { version = "1.6.0", features = ["zeroize_derive"] }
crypto_box = { version = "0.8.2", features = ["seal"] }
blake3 = "1.3.1"
blake3 = "1.3.1"
[dev-dependencies]
ng-repo = { path = "../ng-repo", version = "0.1.0", features = ["testing"] }
ng-verifier = { path = "../ng-verifier", version = "0.1.0", features = ["testing"] }

139
ng-wallet/src/lib.rs
Unescape View File

@ -19,6 +19,7 @@ pub mod bip39;
pub mod emojis;
use ng_verifier::{site::SiteV0, verifier::Verifier};
use rand::distributions::{Distribution, Uniform};
use std::{collections::HashMap, io::Cursor, sync::Arc};
@ -46,26 +47,31 @@ impl Wallet {
pub fn id(&self) -> WalletId {
match self {
Wallet::V0(v0) => v0.id,
_ => unimplemented!(),
}
}
pub fn content_as_bytes(&self) -> Vec<u8> {
match self {
Wallet::V0(v0) => serde_bare::to_vec(&v0.content).unwrap(),
_ => unimplemented!(),
}
}
pub fn sig(&self) -> Sig {
match self {
Wallet::V0(v0) => v0.sig,
_ => unimplemented!(),
}
}
pub fn pazzle_length(&self) -> u8 {
match self {
Wallet::V0(v0) => v0.content.pazzle_length,
_ => unimplemented!(),
}
}
pub fn name(&self) -> String {
match self {
Wallet::V0(v0) => base64_url::encode(&v0.id.slice()),
_ => unimplemented!(),
}
}
@ -90,6 +96,7 @@ impl Wallet {
let mut wallet_content = match self {
Wallet::V0(v0) => v0.content.clone(),
_ => unimplemented!(),
};
wallet_content.timestamp = timestamp;
@ -347,6 +354,7 @@ pub fn open_wallet_with_pazzle(
v0.id,
)?))
}
_ => unimplemented!(),
}
}
@ -385,6 +393,7 @@ pub fn open_wallet_with_mnemonic(
v0.id,
)?))
}
_ => unimplemented!(),
}
}
@ -447,9 +456,9 @@ pub fn gen_shuffle_for_pin() -> Vec<u8> {
/// creates a Wallet from a pin, a security text and image (with option to send the bootstrap and wallet to nextgraph.one)
/// and returns the Wallet, the pazzle and the mnemonic
pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResultV0, NgWalletError> {
let creating_pazzle = Instant::now();
pub fn create_wallet_first_step_v0(
params: CreateWalletV0,
) -> Result<CreateWalletIntermediaryV0, NgWalletError> {
// pazzle_length can only be 9, 12, or 15
if params.pazzle_length != 9
//&& params.pazzle_length != 12
@ -533,11 +542,53 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
let (wallet_privkey, wallet_id) = generate_keypair();
// TODO: should be derived from OwnershipProof
let user_priv_key = PrivKey::random_ed();
let user_privkey = PrivKey::random_ed();
let user = user_privkey.to_pub();
let client = ClientV0::new_with_auto_open(user);
let intermediary = CreateWalletIntermediaryV0 {
wallet_privkey,
wallet_name: base64_url::encode(&wallet_id.slice()),
client,
user_privkey,
in_memory: !params.local_save,
security_img: cursor.into_inner(),
security_txt: new_string,
pazzle_length: params.pazzle_length,
pin: params.pin,
send_bootstrap: params.send_bootstrap,
send_wallet: params.send_wallet,
result_with_wallet_file: params.result_with_wallet_file,
core_bootstrap: params.core_bootstrap.clone(),
core_registration: params.core_registration,
additional_bootstrap: params.additional_bootstrap.clone(),
};
Ok(intermediary)
}
pub fn create_wallet_second_step_v0(
mut params: CreateWalletIntermediaryV0,
verifier: &mut Verifier,
) -> Result<
(
CreateWalletResultV0,
SiteV0,
HashMap<String, Vec<BrokerInfoV0>>,
),
NgWalletError,
> {
let creating_pazzle = Instant::now();
let mut site = SiteV0::create_personal(params.user_privkey.clone(), verifier).map_err(|e| {
log_err!("{e}");
NgWalletError::InternalError
})?;
// TODO: private_store_read_cap
let site = SiteV0::create_personal(user_priv_key.clone(), BlockRef::nil())
.map_err(|e| NgWalletError::InternalError)?;
let user = params.user_privkey.to_pub();
let wallet_id = params.wallet_privkey.to_pub();
let mut ran = thread_rng();
@ -565,17 +616,12 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
//.ok_or(NgWalletError::InternalError)?
//.clone(),
let user = user_priv_key.to_pub();
// Creating a new client
let client = ClientV0::new_with_auto_open(user);
let create_op = WalletOpCreateV0 {
wallet_privkey: wallet_privkey.clone(),
wallet_privkey: params.wallet_privkey.clone(),
// pazzle: pazzle.clone(),
// mnemonic,
// pin: params.pin,
personal_site: site,
personal_site: site.clone(),
save_to_ng_one: if params.send_wallet {
SaveToNGOne::Wallet
} else if params.send_bootstrap {
@ -599,15 +645,20 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
// #[zeroize(skip)]
// pub additional_bootstrap: Option<BootstrapContentV0>,
let mut brokers: HashMap<String, Vec<BrokerInfoV0>> = HashMap::new();
let core_pubkey = params
.core_bootstrap
.get_first_peer_id()
.ok_or(NgWalletError::InvalidBootstrap)?;
wallet_log.add(WalletOperation::AddSiteCoreV0((
user,
params
.core_bootstrap
.get_first_peer_id()
.ok_or(NgWalletError::InvalidBootstrap)?,
core_pubkey,
params.core_registration,
)));
site.cores.push((core_pubkey, params.core_registration));
if let Some(additional) = &params.additional_bootstrap {
params.core_bootstrap.merge(additional);
}
@ -615,6 +666,17 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
for server in &params.core_bootstrap.servers {
wallet_log.add(WalletOperation::AddBrokerServerV0(server.clone()));
wallet_log.add(WalletOperation::AddSiteBootstrapV0((user, server.peer_id)));
site.bootstraps.push(server.peer_id);
let broker = BrokerInfoV0::ServerV0(server.clone());
let key = broker.get_id().to_string();
let mut list = brokers.get_mut(&key);
if list.is_none() {
let new_list = vec![];
brokers.insert(key.clone(), new_list);
list = brokers.get_mut(&key);
}
list.unwrap().push(broker);
}
let mut master_key = [0u8; 32];
@ -664,8 +726,8 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
master_key.zeroize();
let wallet_content = WalletContentV0 {
security_img: cursor.into_inner(),
security_txt: new_string,
security_img: params.security_img.clone(),
security_txt: params.security_txt.clone(),
pazzle_length: params.pazzle_length,
salt_pazzle,
salt_mnemonic,
@ -680,7 +742,7 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
let ser_wallet = serde_bare::to_vec(&wallet_content).unwrap();
let sig = sign(&wallet_privkey, &wallet_id, &ser_wallet).unwrap();
let sig = sign(&params.wallet_privkey, &wallet_id, &ser_wallet).unwrap();
let wallet_v0 = WalletV0 {
/// ID
@ -705,22 +767,27 @@ pub fn create_wallet_v0(mut params: CreateWalletV0) -> Result<CreateWalletResult
"creating of wallet took: {} ms",
creating_pazzle.elapsed().as_millis()
);
let wallet = Wallet::V0(wallet_v0);
let wallet_file = match params.result_with_wallet_file {
false => vec![],
true => to_vec(&NgFile::V0(NgFileV0::Wallet(wallet.clone()))).unwrap(),
};
Ok(CreateWalletResultV0 {
wallet: wallet,
wallet_privkey,
wallet_file,
pazzle,
mnemonic: mnemonic.clone(),
wallet_name: base64_url::encode(&wallet_id.slice()),
client,
user,
in_memory: !params.local_save,
})
Ok((
CreateWalletResultV0 {
wallet: wallet,
wallet_file,
pazzle,
mnemonic: mnemonic.clone(),
wallet_name: params.wallet_name.clone(),
client: params.client.clone(),
user,
in_memory: params.in_memory,
session_id: 0,
},
site,
brokers,
))
}
#[cfg(test)]
@ -766,7 +833,7 @@ mod test {
let creation = Instant::now();
let res = create_wallet_v0(CreateWalletV0::new(
let res = create_wallet_first_step_v0(CreateWalletV0::new(
img_buffer,
" know yourself ".to_string(),
pin,
@ -777,7 +844,11 @@ mod test {
None,
None,
))
.expect("create_wallet_v0");
.expect("create_wallet_first_step_v0");
let mut verifier = Verifier::new_dummy();
let (res, _, _) =
create_wallet_second_step_v0(res, &mut verifier).expect("create_wallet_second_step_v0");
log_debug!(
"creation of wallet took: {} ms",

154
ng-wallet/src/types.rs
Unescape View File

@ -20,6 +20,7 @@ use ng_net::types::*;
use ng_repo::errors::NgError;
use ng_repo::types::*;
use ng_repo::utils::{encrypt_in_place, generate_keypair, now_timestamp, sign};
use ng_verifier::site::SiteV0;
/// WalletId is a PubKey
pub type WalletId = PubKey;
@ -64,21 +65,6 @@ impl Bootstrap {
}
}
#[derive(Clone, Debug, Serialize, Deserialize)]
pub enum SessionPeerLastSeq {
V0(u64),
V1((u64, Sig)),
}
impl SessionPeerLastSeq {
pub fn ser(&self) -> Result<Vec<u8>, NgError> {
Ok(serde_bare::to_vec(self)?)
}
pub fn deser(ser: &[u8]) -> Result<Self, NgError> {
Ok(serde_bare::from_slice(ser).map_err(|_| NgError::SerializationError)?)
}
}
#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct SessionWalletStorageV0 {
// string is base64_url encoding of userId(pubkey)
@ -231,11 +217,11 @@ pub struct LocalWalletStorageV0 {
pub encrypted_client_storage: Vec<u8>,
}
impl From<&CreateWalletResultV0> for LocalWalletStorageV0 {
fn from(res: &CreateWalletResultV0) -> Self {
impl From<&CreateWalletIntermediaryV0> for LocalWalletStorageV0 {
fn from(res: &CreateWalletIntermediaryV0) -> Self {
LocalWalletStorageV0 {
bootstrap: BootstrapContent::V0(BootstrapContentV0::new_empty()),
wallet: res.wallet.clone(),
wallet: Wallet::TemporarilyEmpty,
in_memory: res.in_memory,
client_id: res.client.id,
client_auto_open: res.client.auto_open.clone(),
@ -249,6 +235,38 @@ impl From<&CreateWalletResultV0> for LocalWalletStorageV0 {
}
}
impl From<&CreateWalletIntermediaryV0> for SensitiveWalletV0 {
fn from(res: &CreateWalletIntermediaryV0) -> Self {
SensitiveWalletV0 {
wallet_privkey: res.wallet_privkey.clone(),
wallet_id: res.wallet_name.clone(),
save_to_ng_one: if res.send_wallet {
SaveToNGOne::Wallet
} else if res.send_bootstrap {
SaveToNGOne::Bootstrap
} else {
SaveToNGOne::No
},
// for now, personal_site is null. will be replaced later
personal_site: PubKey::nil(),
personal_site_id: "".to_string(),
sites: HashMap::new(),
brokers: HashMap::new(),
overlay_core_overrides: HashMap::new(),
third_parties: HashMap::new(),
log: None,
master_key: None,
client: None,
}
}
}
impl From<&CreateWalletIntermediaryV0> for SensitiveWallet {
fn from(res: &CreateWalletIntermediaryV0) -> SensitiveWallet {
SensitiveWallet::V0(res.into())
}
}
impl LocalWalletStorageV0 {
#[doc(hidden)]
pub fn new(
@ -468,11 +486,16 @@ impl SensitiveWallet {
Self::V0(v0) => v0.client = Some(client),
}
}
pub fn individual_site(&self, user_id: &UserId) -> Option<&(PrivKey, ReadCap)> {
pub fn individual_site(
&self,
user_id: &UserId,
) -> Option<(PrivKey, Option<ReadCap>, Option<RepoId>)> {
match self {
Self::V0(v0) => match v0.sites.get(&user_id.to_string()) {
Some(site) => match &site.site_type {
SiteType::Individual(creds) => Some(creds),
SiteType::Individual((user, readcap)) => {
Some((user.clone(), Some(readcap.clone()), Some(site.private.id)))
}
_ => None,
},
None => None,
@ -498,6 +521,16 @@ impl SensitiveWallet {
Self::V0(v0) => v0.import(encrypted_wallet, in_memory),
}
}
pub fn complete_with_site_and_brokers(
&mut self,
site: SiteV0,
brokers: HashMap<String, Vec<BrokerInfoV0>>,
) {
match self {
Self::V0(v0) => v0.complete_with_site_and_brokers(site, brokers),
}
}
}
impl SensitiveWalletV0 {
@ -546,6 +579,19 @@ impl SensitiveWalletV0 {
.overlay_core_overrides
.insert(overlay.to_string(), cores.to_vec());
}
pub fn complete_with_site_and_brokers(
&mut self,
site: SiteV0,
brokers: HashMap<String, Vec<BrokerInfoV0>>,
) {
let personal_site = site.id;
let personal_site_id = personal_site.to_string();
self.personal_site = personal_site;
self.personal_site_id = personal_site_id.clone();
self.sites.insert(personal_site_id, site);
self.brokers = brokers;
}
}
/// Wallet content Version 0
@ -1067,6 +1113,7 @@ pub struct WalletV0 {
#[derive(Clone, Debug, Serialize, Deserialize)]
pub enum Wallet {
V0(WalletV0),
TemporarilyEmpty,
}
/// Add Wallet Version 0
@ -1186,16 +1233,28 @@ impl CreateWalletV0 {
}
}
// #[derive(Clone, Zeroize, ZeroizeOnDrop, Debug, Serialize, Deserialize)]
// pub struct WalletCreationSiteEventsV0 {
// store_id: RepoId,
// store_read_cap: ReadCap,
// topic_id: TopicId,
// topic_priv_key: BranchWriteCapSecret,
// events: Vec<(Commit, Vec<Digest>)>,
// }
// #[derive(Clone, Zeroize, ZeroizeOnDrop, Debug, Serialize, Deserialize)]
// pub struct WalletCreationEventsV0 {}
#[derive(Clone, Zeroize, ZeroizeOnDrop, Debug, Serialize, Deserialize)]
pub struct CreateWalletResultV0 {
#[zeroize(skip)]
/// The encrypted form of the Wallet object that was created.
/// basically the same as what the file contains.
pub wallet: Wallet,
#[serde(skip)]
/// The private key of the Wallet. Used for signing the wallet and other internal purposes.
/// it is contained in the opened wallet. No need to save it anywhere.
pub wallet_privkey: PrivKey,
// #[serde(skip)]
// /// The private key of the Wallet. Used for signing the wallet and other internal purposes.
// /// it is contained in the opened wallet. No need to save it anywhere.
// pub wallet_privkey: PrivKey,
#[serde(with = "serde_bytes")]
#[zeroize(skip)]
/// The binary file that can be saved to disk and given to the user
@ -1216,6 +1275,53 @@ pub struct CreateWalletResultV0 {
#[zeroize(skip)]
/// is this an in_memory wallet that should not be saved to disk by the LocalBroker?
pub in_memory: bool,
pub session_id: u8,
}
impl CreateWalletResultV0 {
pub fn personal_identity(&self) -> UserId {
self.user
}
}
#[derive(Clone, Zeroize, ZeroizeOnDrop, Debug)]
pub struct CreateWalletIntermediaryV0 {
/// The private key of the Wallet. Used for signing the wallet and other internal purposes.
/// it is contained in the opened wallet. No need to save it anywhere.
pub wallet_privkey: PrivKey,
#[zeroize(skip)]
/// a string identifying uniquely the wallet
pub wallet_name: String,
/// newly created Client that uniquely identifies the device where the wallet has been created.
pub client: ClientV0,
/// User priv key of the "personal identity" of the user
pub user_privkey: PrivKey,
#[zeroize(skip)]
/// is this an in_memory wallet that should not be saved to disk by the LocalBroker?
pub in_memory: bool,
#[zeroize(skip)]
pub security_img: Vec<u8>,
pub security_txt: String,
pub pazzle_length: u8,
pub pin: [u8; 4],
#[zeroize(skip)]
pub send_bootstrap: bool,
#[zeroize(skip)]
pub send_wallet: bool,
#[zeroize(skip)]
pub result_with_wallet_file: bool,
#[zeroize(skip)]
pub core_bootstrap: BootstrapContentV0,
pub core_registration: Option<[u8; 32]>,
#[zeroize(skip)]
pub additional_bootstrap: Option<BootstrapContentV0>,
}
#[derive(Debug, Eq, PartialEq, Clone)]

1
ngd/src/main.rs
Unescape View File

@ -950,6 +950,7 @@ async fn main_inner() -> Result<(), ()> {
overlays_config.forward = vec![BrokerServerV0 {
server_type,
can_verify: false,
can_forward: false,
peer_id,
}];
}

Write Preview
Loading…
Cancel
Save