From 0603273a49f4fd44bbf00728855bebc325001b79 Mon Sep 17 00:00:00 2001 From: Simon Wicky Date: Wed, 1 Nov 2023 09:51:21 +0100 Subject: [PATCH] remove secret key from credential storage --- common/bandwidth-controller/src/acquire/mod.rs | 1 - .../migrations/20231020120000_add_ecash_table.sql | 1 - common/credential-storage/src/backends/memory.rs | 3 --- common/credential-storage/src/backends/sqlite.rs | 6 ++---- common/credential-storage/src/ephemeral_storage.rs | 3 +-- common/credential-storage/src/models.rs | 1 - common/credential-storage/src/persistent_storage.rs | 3 +-- common/credential-storage/src/storage.rs | 2 -- 8 files changed, 4 insertions(+), 16 deletions(-) diff --git a/common/bandwidth-controller/src/acquire/mod.rs b/common/bandwidth-controller/src/acquire/mod.rs index 8724a74304..952e30b803 100644 --- a/common/bandwidth-controller/src/acquire/mod.rs +++ b/common/bandwidth-controller/src/acquire/mod.rs @@ -87,7 +87,6 @@ where .insert_ecash_credential( ECASH_INFO.to_string(), wallet.to_bs58(), - state.voucher.ecash_keypair().secret_key().to_bs58(), epoch_id.to_string(), ) .await diff --git a/common/credential-storage/migrations/20231020120000_add_ecash_table.sql b/common/credential-storage/migrations/20231020120000_add_ecash_table.sql index c96b8a1bf6..8ccb380125 100644 --- a/common/credential-storage/migrations/20231020120000_add_ecash_table.sql +++ b/common/credential-storage/migrations/20231020120000_add_ecash_table.sql @@ -8,7 +8,6 @@ CREATE TABLE ecash_credentials id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, voucher_info TEXT NOT NULL, wallet TEXT NOT NULL UNIQUE, - secret_key TEXT NOT NULL, epoch_id TEXT NOT NULL, consumed BOOLEAN NOT NULL ); \ No newline at end of file diff --git a/common/credential-storage/src/backends/memory.rs b/common/credential-storage/src/backends/memory.rs index 3554073aee..fc336e61da 100644 --- a/common/credential-storage/src/backends/memory.rs +++ b/common/credential-storage/src/backends/memory.rs @@ -58,13 +58,11 @@ impl CoconutCredentialManager { /// /// * `voucher_info`: What type of credential it is. /// * `signature`: Ecash wallet credential in the form of a wallet. - /// * `secret_key`: The secret key with which this credential has been created. /// * `epoch_id`: The epoch when it was signed. pub async fn insert_ecash_credential( &self, voucher_info: String, wallet: String, - secret_key: String, epoch_id: String, ) { let mut creds = self.ecash.write().await; @@ -73,7 +71,6 @@ impl CoconutCredentialManager { id, voucher_info, wallet, - secret_key, epoch_id, consumed: false, }); diff --git a/common/credential-storage/src/backends/sqlite.rs b/common/credential-storage/src/backends/sqlite.rs index 66ac672eed..303190ae92 100644 --- a/common/credential-storage/src/backends/sqlite.rs +++ b/common/credential-storage/src/backends/sqlite.rs @@ -51,19 +51,17 @@ impl CoconutCredentialManager { /// /// * `voucher_info`: What type of credential it is. /// * `signature`: Ecash wallet credential in the form of a wallet. - /// * `secret_key`: The secret key with which this credential has been created. /// * `epoch_id`: The epoch when it was signed. pub async fn insert_ecash_credential( &self, voucher_info: String, wallet: String, - secret_key: String, epoch_id: String, ) -> Result<(), sqlx::Error> { sqlx::query!( - "INSERT INTO ecash_credentials(voucher_info, wallet, secret_key, epoch_id, consumed) VALUES (?, ?, ?, ?, ?)", - voucher_info, wallet, secret_key, epoch_id, false + "INSERT INTO ecash_credentials(voucher_info, wallet, epoch_id, consumed) VALUES (?, ?, ?, ?)", + voucher_info, wallet, epoch_id, false ) .execute(&self.connection_pool) .await?; diff --git a/common/credential-storage/src/ephemeral_storage.rs b/common/credential-storage/src/ephemeral_storage.rs index c7b2789406..212e30e9ff 100644 --- a/common/credential-storage/src/ephemeral_storage.rs +++ b/common/credential-storage/src/ephemeral_storage.rs @@ -54,11 +54,10 @@ impl Storage for EphemeralStorage { &self, voucher_info: String, wallet: String, - secret_key: String, epoch_id: String, ) -> Result<(), StorageError> { self.coconut_credential_manager - .insert_ecash_credential(voucher_info, wallet, secret_key, epoch_id) + .insert_ecash_credential(voucher_info, wallet, epoch_id) .await; Ok(()) diff --git a/common/credential-storage/src/models.rs b/common/credential-storage/src/models.rs index 6fa068ca02..08a92014ab 100644 --- a/common/credential-storage/src/models.rs +++ b/common/credential-storage/src/models.rs @@ -20,7 +20,6 @@ pub struct EcashCredential { pub id: i64, pub voucher_info: String, pub wallet: String, - pub secret_key: String, pub epoch_id: String, pub consumed: bool, } diff --git a/common/credential-storage/src/persistent_storage.rs b/common/credential-storage/src/persistent_storage.rs index 440d842dcf..607a7fa06b 100644 --- a/common/credential-storage/src/persistent_storage.rs +++ b/common/credential-storage/src/persistent_storage.rs @@ -85,11 +85,10 @@ impl Storage for PersistentStorage { &self, voucher_info: String, wallet: String, - secret_key: String, epoch_id: String, ) -> Result<(), StorageError> { self.coconut_credential_manager - .insert_ecash_credential(voucher_info, wallet, secret_key, epoch_id) + .insert_ecash_credential(voucher_info, wallet, epoch_id) .await?; Ok(()) diff --git a/common/credential-storage/src/storage.rs b/common/credential-storage/src/storage.rs index 1ebbd8f342..629e625ce7 100644 --- a/common/credential-storage/src/storage.rs +++ b/common/credential-storage/src/storage.rs @@ -35,13 +35,11 @@ pub trait Storage: Send + Sync { /// /// * `voucher_info`: What type of credential it is. /// * `signature`: Ecash wallet credential in the form of a wallet. - /// * `secret_key`: The secret key with which this credential has been created. /// * `epoch_id`: The epoch when it was signed. async fn insert_ecash_credential( &self, voucher_info: String, signature: String, - secret_key: String, epoch_id: String, ) -> Result<(), Self::StorageError>;