diff --git a/Cargo.lock b/Cargo.lock index 0f1964602c..da6cfaaa46 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3281,9 +3281,7 @@ version = "0.11.0" dependencies = [ "clap", "client-core", - "coconut-interface", "config", - "credentials", "crypto", "dirs", "dotenv", @@ -3336,9 +3334,7 @@ name = "nym-gateway" version = "0.11.0" dependencies = [ "clap", - "coconut-interface", "config", - "credentials", "crypto", "dashmap", "dirs", @@ -3424,9 +3420,7 @@ version = "0.11.0" dependencies = [ "clap", "client-core", - "coconut-interface", "config", - "credentials", "crypto", "dirs", "dotenv", @@ -3457,9 +3451,7 @@ version = "0.11.0" dependencies = [ "anyhow", "clap", - "coconut-interface", "config", - "credentials", "crypto", "dirs", "dotenv", diff --git a/clients/native/Cargo.toml b/clients/native/Cargo.toml index 1ebea3c229..f14869a33e 100644 --- a/clients/native/Cargo.toml +++ b/clients/native/Cargo.toml @@ -31,8 +31,6 @@ tokio-tungstenite = "0.14" # websocket ## internal client-core = { path = "../client-core" } -coconut-interface = { path = "../../common/coconut-interface" } -credentials = { path = "../../common/credentials" } config = { path = "../../common/config" } crypto = { path = "../../common/crypto" } gateway-client = { path = "../../common/client-libs/gateway-client" } diff --git a/clients/native/src/client/mod.rs b/clients/native/src/client/mod.rs index 2b1c28b8cf..c4dfaf7759 100644 --- a/clients/native/src/client/mod.rs +++ b/clients/native/src/client/mod.rs @@ -22,9 +22,6 @@ use client_core::client::topology_control::{ TopologyAccessor, TopologyRefresher, TopologyRefresherConfig, }; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::Credential; -use credentials::bandwidth::prepare_for_spending; -use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::identity; use futures::channel::mpsc; use gateway_client::{ @@ -166,30 +163,6 @@ impl NymClient { .start(self.runtime.handle()) } - async fn prepare_credential(&self) -> Credential { - let verification_key = obtain_aggregate_verification_key( - &self.config.get_base().get_validator_api_endpoints(), - ) - .await - .expect("could not obtain aggregate verification key of validators"); - - let bandwidth_credential = credentials::bandwidth::obtain_signature( - &self.key_manager.identity_keypair().public_key().to_bytes(), - &self.config.get_base().get_validator_api_endpoints(), - ) - .await - .expect("could not obtain bandwidth credential"); - // the above would presumably be loaded from a file - - // the below would only be executed once we know where we want to spend it (i.e. which gateway and stuff) - prepare_for_spending( - &self.key_manager.identity_keypair().public_key().to_bytes(), - &bandwidth_credential, - &verification_key, - ) - .expect("could not prepare out bandwidth credential for spending") - } - fn start_gateway_client( &mut self, mixnet_message_sender: MixnetMessageSender, @@ -208,8 +181,6 @@ impl NymClient { .expect("provided gateway id is invalid!"); self.runtime.block_on(async { - let coconut_credential = self.prepare_credential().await; - let mut gateway_client = GatewayClient::new( gateway_address, self.key_manager.identity_keypair(), @@ -218,7 +189,6 @@ impl NymClient { mixnet_message_sender, ack_sender, self.config.get_base().get_gateway_response_timeout(), - coconut_credential, ); gateway_client diff --git a/clients/native/src/commands/init.rs b/clients/native/src/commands/init.rs index cb37d96b27..1994fe216e 100644 --- a/clients/native/src/commands/init.rs +++ b/clients/native/src/commands/init.rs @@ -6,10 +6,7 @@ use crate::commands::override_config; use clap::{App, Arg, ArgMatches}; use client_core::client::key_manager::KeyManager; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::Credential; use config::NymConfig; -use credentials::bandwidth::prepare_for_spending; -use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use gateway_client::GatewayClient; use gateway_requests::registration::handshake::SharedKeys; @@ -60,34 +57,15 @@ pub fn command_args<'a, 'b>() -> clap::App<'a, 'b> { ) } -// this behaviour should definitely be changed, we shouldn't -// need to get bandwidth credential for registration -async fn prepare_temporary_credential(validators: &[Url], raw_identity: &[u8]) -> Credential { - let verification_key = obtain_aggregate_verification_key(validators) - .await - .expect("could not obtain aggregate verification key of validators"); - - let bandwidth_credential = credentials::bandwidth::obtain_signature(raw_identity, validators) - .await - .expect("could not obtain bandwidth credential"); - - prepare_for_spending(raw_identity, &bandwidth_credential, &verification_key) - .expect("could not prepare out bandwidth credential for spending") -} - async fn register_with_gateway( gateway: &gateway::Node, our_identity: Arc, - validator_urls: Vec, ) -> Arc { let timeout = Duration::from_millis(1500); - let coconut_credential = - prepare_temporary_credential(&validator_urls, &our_identity.public_key().to_bytes()).await; let mut gateway_client = GatewayClient::new_init( gateway.clients_address(), gateway.identity_key, our_identity.clone(), - coconut_credential, timeout, ); gateway_client @@ -210,13 +188,8 @@ pub fn execute(matches: &ArgMatches) { config .get_base_mut() .with_gateway_id(gate_details.identity_key.to_base58_string()); - let validator_urls = config.get_base().get_validator_api_endpoints(); - let shared_keys = register_with_gateway( - &gate_details, - key_manager.identity_keypair(), - validator_urls, - ) - .await; + let shared_keys = + register_with_gateway(&gate_details, key_manager.identity_keypair()).await; (shared_keys, gate_details.clients_address()) }; diff --git a/clients/socks5/Cargo.toml b/clients/socks5/Cargo.toml index b494b510fb..8e9defdc95 100644 --- a/clients/socks5/Cargo.toml +++ b/clients/socks5/Cargo.toml @@ -24,8 +24,6 @@ url = "2.2" # internal client-core = { path = "../client-core" } -coconut-interface = { path = "../../common/coconut-interface" } -credentials = { path = "../../common/credentials" } config = { path = "../../common/config" } crypto = { path = "../../common/crypto" } gateway-client = { path = "../../common/client-libs/gateway-client" } diff --git a/clients/socks5/src/client/mod.rs b/clients/socks5/src/client/mod.rs index 485866673a..2b8f86307b 100644 --- a/clients/socks5/src/client/mod.rs +++ b/clients/socks5/src/client/mod.rs @@ -23,9 +23,6 @@ use client_core::client::topology_control::{ TopologyAccessor, TopologyRefresher, TopologyRefresherConfig, }; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::Credential; -use credentials::bandwidth::prepare_for_spending; -use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::identity; use futures::channel::mpsc; use gateway_client::{ @@ -154,30 +151,6 @@ impl NymClient { .start(self.runtime.handle()) } - async fn prepare_credential(&self) -> Credential { - let verification_key = obtain_aggregate_verification_key( - &self.config.get_base().get_validator_api_endpoints(), - ) - .await - .expect("could not obtain aggregate verification key of validators"); - - let bandwidth_credential = credentials::bandwidth::obtain_signature( - &self.key_manager.identity_keypair().public_key().to_bytes(), - &self.config.get_base().get_validator_api_endpoints(), - ) - .await - .expect("could not obtain bandwidth credential"); - // the above would presumably be loaded from a file - - // the below would only be executed once we know where we want to spend it (i.e. which gateway and stuff) - prepare_for_spending( - &self.key_manager.identity_keypair().public_key().to_bytes(), - &bandwidth_credential, - &verification_key, - ) - .expect("could not prepare out bandwidth credential for spending") - } - fn start_gateway_client( &mut self, mixnet_message_sender: MixnetMessageSender, @@ -196,8 +169,6 @@ impl NymClient { .expect("provided gateway id is invalid!"); self.runtime.block_on(async { - let coconut_credential = self.prepare_credential().await; - let mut gateway_client = GatewayClient::new( gateway_address, self.key_manager.identity_keypair(), @@ -206,7 +177,6 @@ impl NymClient { mixnet_message_sender, ack_sender, self.config.get_base().get_gateway_response_timeout(), - coconut_credential, ); gateway_client diff --git a/clients/socks5/src/commands/init.rs b/clients/socks5/src/commands/init.rs index 58916dd45c..f24dc53322 100644 --- a/clients/socks5/src/commands/init.rs +++ b/clients/socks5/src/commands/init.rs @@ -6,10 +6,7 @@ use crate::commands::override_config; use clap::{App, Arg, ArgMatches}; use client_core::client::key_manager::KeyManager; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::Credential; use config::NymConfig; -use credentials::bandwidth::prepare_for_spending; -use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use gateway_client::GatewayClient; use gateway_requests::registration::handshake::SharedKeys; @@ -60,34 +57,15 @@ pub fn command_args<'a, 'b>() -> clap::App<'a, 'b> { ) } -// this behaviour should definitely be changed, we shouldn't -// need to get bandwidth credential for registration -async fn prepare_temporary_credential(validators: &[Url], raw_identity: &[u8]) -> Credential { - let verification_key = obtain_aggregate_verification_key(validators) - .await - .expect("could not obtain aggregate verification key of validators"); - - let bandwidth_credential = credentials::bandwidth::obtain_signature(raw_identity, validators) - .await - .expect("could not obtain bandwidth credential"); - - prepare_for_spending(raw_identity, &bandwidth_credential, &verification_key) - .expect("could not prepare out bandwidth credential for spending") -} - async fn register_with_gateway( gateway: &gateway::Node, our_identity: Arc, - validator_urls: Vec, ) -> Arc { let timeout = Duration::from_millis(1500); - let coconut_credential = - prepare_temporary_credential(&validator_urls, &our_identity.public_key().to_bytes()).await; let mut gateway_client = GatewayClient::new_init( gateway.clients_address(), gateway.identity_key, our_identity.clone(), - coconut_credential, timeout, ); gateway_client @@ -211,13 +189,8 @@ pub fn execute(matches: &ArgMatches) { config .get_base_mut() .with_gateway_id(gate_details.identity_key.to_base58_string()); - let validator_urls = config.get_base().get_validator_api_endpoints(); - let shared_keys = register_with_gateway( - &gate_details, - key_manager.identity_keypair(), - validator_urls, - ) - .await; + let shared_keys = + register_with_gateway(&gate_details, key_manager.identity_keypair()).await; (shared_keys, gate_details.clients_address()) }; diff --git a/common/client-libs/gateway-client/src/client.rs b/common/client-libs/gateway-client/src/client.rs index d250bc720d..2efbd5b52a 100644 --- a/common/client-libs/gateway-client/src/client.rs +++ b/common/client-libs/gateway-client/src/client.rs @@ -8,7 +8,6 @@ pub use crate::packet_router::{ AcknowledgementReceiver, AcknowledgementSender, MixnetMessageReceiver, MixnetMessageSender, }; use crate::socket_state::{PartiallyDelegated, SocketState}; -use coconut_interface::Credential; use crypto::asymmetric::identity; use futures::{FutureExt, SinkExt, StreamExt}; use gateway_requests::authentication::encrypted_address::EncryptedAddressBytes; @@ -36,8 +35,6 @@ const DEFAULT_RECONNECTION_BACKOFF: Duration = Duration::from_secs(5); pub struct GatewayClient { authenticated: bool, - // TODO: This should be replaced by an actual bandwidth value, with 0 meaning no bandwidth - has_bandwidth: bool, gateway_address: String, gateway_identity: identity::PublicKey, local_identity: Arc, @@ -54,7 +51,6 @@ pub struct GatewayClient { reconnection_attempts: usize, /// Delay between each subsequent reconnection attempt. reconnection_backoff: Duration, - coconut_credential: Credential, } impl GatewayClient { @@ -68,11 +64,9 @@ impl GatewayClient { mixnet_message_sender: MixnetMessageSender, ack_sender: AcknowledgementSender, response_timeout_duration: Duration, - coconut_credential: Credential, ) -> Self { GatewayClient { authenticated: false, - has_bandwidth: false, gateway_address, gateway_identity, local_identity, @@ -83,7 +77,6 @@ impl GatewayClient { should_reconnect_on_failure: true, reconnection_attempts: DEFAULT_RECONNECTION_ATTEMPTS, reconnection_backoff: DEFAULT_RECONNECTION_BACKOFF, - coconut_credential, } } @@ -104,7 +97,6 @@ impl GatewayClient { gateway_address: String, gateway_identity: identity::PublicKey, local_identity: Arc, - coconut_credential: Credential, response_timeout_duration: Duration, ) -> Self { use futures::channel::mpsc; @@ -117,7 +109,6 @@ impl GatewayClient { GatewayClient { authenticated: false, - has_bandwidth: false, gateway_address, gateway_identity, local_identity, @@ -128,7 +119,6 @@ impl GatewayClient { should_reconnect_on_failure: false, reconnection_attempts: DEFAULT_RECONNECTION_ATTEMPTS, reconnection_backoff: DEFAULT_RECONNECTION_BACKOFF, - coconut_credential, } } @@ -456,32 +446,6 @@ impl GatewayClient { } } - pub async fn claim_bandwidth(&mut self) -> Result<(), GatewayClientError> { - if !self.authenticated { - return Err(GatewayClientError::NotAuthenticated); - } - if self.shared_key.is_none() { - return Err(GatewayClientError::NoSharedKeyAvailable); - } - - let mut rng = OsRng; - let iv = IV::new_random(&mut rng); - - let msg = ClientControlRequest::new_enc_bandwidth_credential( - &self.coconut_credential, - self.shared_key.as_ref().unwrap(), - iv, - ) - .ok_or(GatewayClientError::SerializeCredential)? - .into(); - self.has_bandwidth = match self.send_websocket_message(msg).await? { - ServerResponse::Bandwidth { status } => Ok(status), - ServerResponse::Error { message } => Err(GatewayClientError::GatewayError(message)), - _ => Err(GatewayClientError::UnexpectedResponse), - }?; - Ok(()) - } - pub async fn batch_send_mix_packets( &mut self, packets: Vec, @@ -489,9 +453,6 @@ impl GatewayClient { if !self.authenticated { return Err(GatewayClientError::NotAuthenticated); } - if !self.has_bandwidth { - return Err(GatewayClientError::NotEnoughBandwidth); - } if !self.connection.is_established() { return Err(GatewayClientError::ConnectionNotEstablished); } @@ -550,9 +511,6 @@ impl GatewayClient { if !self.authenticated { return Err(GatewayClientError::NotAuthenticated); } - if !self.has_bandwidth { - return Err(GatewayClientError::NotEnoughBandwidth); - } if !self.connection.is_established() { return Err(GatewayClientError::ConnectionNotEstablished); } @@ -598,9 +556,6 @@ impl GatewayClient { if !self.authenticated { return Err(GatewayClientError::NotAuthenticated); } - if !self.has_bandwidth { - return Err(GatewayClientError::NotEnoughBandwidth); - } if self.connection.is_partially_delegated() { return Ok(()); } @@ -633,7 +588,6 @@ impl GatewayClient { self.establish_connection().await?; } let shared_key = self.perform_initial_authentication().await?; - self.claim_bandwidth().await?; // this call is NON-blocking self.start_listening_for_mixnet_messages()?; diff --git a/contracts/mixnet/Cargo.lock b/contracts/mixnet/Cargo.lock index 8dcd1c31c6..90c5f59a0f 100644 --- a/contracts/mixnet/Cargo.lock +++ b/contracts/mixnet/Cargo.lock @@ -2,6 +2,45 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "Inflector" +version = "0.11.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" +dependencies = [ + "lazy_static", + "regex", +] + +[[package]] +name = "aho-corasick" +version = "0.7.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e37cfd5e7657ada45f742d6e99ca5788580b5c529dc78faf11ece6dc702656f" +dependencies = [ + "memchr", +] + +[[package]] +name = "ast_node" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93f52ce8fac3d0e6720a92b0576d737c01b1b5db4dd786e962e5925f00bf755" +dependencies = [ + "darling", + "pmutil", + "proc-macro2", + "quote", + "swc_macros_common", + "syn", +] + +[[package]] +name = "autocfg" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" + [[package]] name = "base64" version = "0.13.0" @@ -38,6 +77,12 @@ dependencies = [ "byte-tools", ] +[[package]] +name = "bumpalo" +version = "3.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9df67f7bf9ef8498769f994239c45613ef0c5899415fb58e9add412d2c1a538" + [[package]] name = "byte-tools" version = "0.3.1" @@ -50,6 +95,12 @@ version = "1.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + [[package]] name = "cfg-if" version = "1.0.0" @@ -178,6 +229,41 @@ dependencies = [ "zeroize", ] +[[package]] +name = "darling" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d706e75d87e35569db781a9b5e2416cff1236a47ed380831f959382ccd5f858" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72" +dependencies = [ + "darling_core", + "quote", + "syn", +] + [[package]] name = "der" version = "0.4.0" @@ -205,6 +291,45 @@ dependencies = [ "generic-array 0.14.4", ] +[[package]] +name = "dprint-core" +version = "0.35.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93bd44f40b1881477837edc7112695d4b174f058c36c1cbc4c50f8d0482e2ac8" +dependencies = [ + "bumpalo", + "fnv", + "serde", +] + +[[package]] +name = "dprint-plugin-typescript" +version = "0.43.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67ba0077bd2ab9235848e793fbbfb563e6a04b4c8e4149827802a84063c15805" +dependencies = [ + "dprint-core", + "dprint-swc-ecma-ast-view", + "fnv", + "serde", + "swc_common", + "swc_ecmascript", +] + +[[package]] +name = "dprint-swc-ecma-ast-view" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecf692a2ee5c5f699ed0e95f21686cf6367f3a591e5d8e7bd3041bbf184651f9" +dependencies = [ + "bumpalo", + "fnv", + "num-bigint", + "swc_atoms", + "swc_common", + "swc_ecmascript", +] + [[package]] name = "dyn-clone" version = "1.0.4" @@ -237,6 +362,12 @@ dependencies = [ "thiserror", ] +[[package]] +name = "either" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" + [[package]] name = "elliptic-curve" version = "0.10.4" @@ -253,6 +384,18 @@ dependencies = [ "zeroize", ] +[[package]] +name = "enum_kind" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78b940da354ae81ef0926c5eaa428207b8f4f091d3956c891dfbd124162bed99" +dependencies = [ + "pmutil", + "proc-macro2", + "swc_macros_common", + "syn", +] + [[package]] name = "fake-simd" version = "0.1.2" @@ -269,6 +412,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + [[package]] name = "form_urlencoded" version = "1.0.1" @@ -279,6 +428,27 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "from_variant" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0951635027ca477be98f8774abd6f0345233439d63f307e47101acb40c7cc63d" +dependencies = [ + "pmutil", + "proc-macro2", + "swc_macros_common", + "syn", +] + +[[package]] +name = "fxhash" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c31b6d751ae2c7f11320402d34e41349dd1016f8d5d45e48c4312bc8625af50c" +dependencies = [ + "byteorder", +] + [[package]] name = "generic-array" version = "0.12.4" @@ -304,7 +474,7 @@ version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", "wasi 0.9.0+wasi-snapshot-preview1", ] @@ -315,7 +485,7 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7fcd999463524c52659517fe2cea98493cfe485d10565e7b0fb07dbba7ad2753" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", "wasi 0.10.2+wasi-snapshot-preview1", ] @@ -377,6 +547,12 @@ dependencies = [ "serde", ] +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + [[package]] name = "idna" version = "0.2.3" @@ -388,6 +564,19 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "is-macro" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a322dd16d960e322c3d92f541b4c1a4f0a2e81e1fdeee430d8cecc8b72e8015f" +dependencies = [ + "Inflector", + "pmutil", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "itoa" version = "0.4.7" @@ -400,12 +589,18 @@ version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "008b0281ca8032567c9711cd48631781c15228301860a39b32deb28d63125e46" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "ecdsa", "elliptic-curve", "sha2", ] +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + [[package]] name = "libc" version = "0.2.100" @@ -418,7 +613,7 @@ version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", ] [[package]] @@ -433,6 +628,12 @@ version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08" +[[package]] +name = "memchr" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" + [[package]] name = "mixnet-contract" version = "0.1.0" @@ -441,6 +642,7 @@ dependencies = [ "schemars", "serde", "serde_repr", + "ts-rs", ] [[package]] @@ -461,10 +663,54 @@ dependencies = [ name = "network-defaults" version = "0.1.0" dependencies = [ + "serde", "time", "url", ] +[[package]] +name = "new_debug_unreachable" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" + +[[package]] +name = "num-bigint" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", + "serde", +] + +[[package]] +name = "num-integer" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +dependencies = [ + "autocfg", +] + +[[package]] +name = "once_cell" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56" + [[package]] name = "opaque-debug" version = "0.2.3" @@ -477,6 +723,15 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +[[package]] +name = "owning_ref" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ff55baddef9e4ad00f88b6c743a2a8062d4c6ade126c2a528644b8e444d52ce" +dependencies = [ + "stable_deref_trait", +] + [[package]] name = "percent-encoding" version = "2.1.0" @@ -526,6 +781,25 @@ dependencies = [ "sha-1", ] +[[package]] +name = "phf_generator" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17367f0cc86f2d25802b2c26ee58a7b23faeccf78a396094c13dced0d0182526" +dependencies = [ + "phf_shared", + "rand", +] + +[[package]] +name = "phf_shared" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c00cf8b9eafe68dde5e9eaa2cef8ee84a9336a47d566ec55ca16589633b65af7" +dependencies = [ + "siphasher", +] + [[package]] name = "pkcs8" version = "0.7.5" @@ -536,6 +810,29 @@ dependencies = [ "spki", ] +[[package]] +name = "pmutil" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3894e5d549cccbe44afecf72922f277f603cd4bb0219c8342631ef18fffbe004" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac74c624d6b2d21f425f752262f42188365d7b8ff1aff74c82e45136510a4857" + +[[package]] +name = "precomputed-hash" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" + [[package]] name = "proc-macro2" version = "1.0.24" @@ -560,6 +857,30 @@ dependencies = [ "proc-macro2", ] +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom 0.1.16", + "libc", + "rand_chacha", + "rand_core 0.5.1", + "rand_hc", + "rand_pcg", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core 0.5.1", +] + [[package]] name = "rand_core" version = "0.5.1" @@ -578,6 +899,41 @@ dependencies = [ "getrandom 0.2.3", ] +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core 0.5.1", +] + +[[package]] +name = "rand_pcg" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16abd0c1b639e9eb4d7c50c0b8100b0d0f849be2349829c740fe8e6eb4816429" +dependencies = [ + "rand_core 0.5.1", +] + +[[package]] +name = "regex" +version = "1.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.6.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b" + [[package]] name = "ryu" version = "1.0.5" @@ -608,6 +964,12 @@ dependencies = [ "syn", ] +[[package]] +name = "scoped-tls" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea6a9290e3c9cf0f18145ef7ffa62d68ee0bf5fcd651017e586dc7fd5da448c2" + [[package]] name = "serde" version = "1.0.122" @@ -689,7 +1051,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b362ae5752fd2137731f9fa25fd4d9058af34666ca1966fb969119cc35719f12" dependencies = [ "block-buffer 0.9.0", - "cfg-if", + "cfg-if 1.0.0", "cpufeatures", "digest 0.9.0", "opaque-debug 0.3.0", @@ -705,6 +1067,18 @@ dependencies = [ "rand_core 0.6.3", ] +[[package]] +name = "siphasher" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "533494a8f9b724d33625ab53c6c4800f7cc445895924a8ef649222dcb76e938b" + +[[package]] +name = "smallvec" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" + [[package]] name = "spki" version = "0.4.0" @@ -714,18 +1088,206 @@ dependencies = [ "der", ] +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + [[package]] name = "static_assertions" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" +[[package]] +name = "string_cache" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ddb1139b5353f96e429e1a5e19fbaf663bddedaa06d1dbd49f82e352601209a" +dependencies = [ + "lazy_static", + "new_debug_unreachable", + "phf_shared", + "precomputed-hash", + "serde", +] + +[[package]] +name = "string_cache_codegen" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f24c8e5e19d22a726626f1a5e16fe15b132dcf21d10177fa5a45ce7962996b97" +dependencies = [ + "phf_generator", + "phf_shared", + "proc-macro2", + "quote", +] + +[[package]] +name = "string_enum" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f584cc881e9e5f1fd6bf827b0444aa94c30d8fe6378cf241071b5f5700b2871f" +dependencies = [ + "pmutil", + "proc-macro2", + "quote", + "swc_macros_common", + "syn", +] + +[[package]] +name = "strsim" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c" + [[package]] name = "subtle" version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e81da0851ada1f3e9d4312c704aa4f8806f0f9d69faaf8df2f3464b4a9437c2" +[[package]] +name = "swc_atoms" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "837a3ef86c2817228e733b6f173c821fd76f9eb21a0bc9001a826be48b00b4e7" +dependencies = [ + "string_cache", + "string_cache_codegen", +] + +[[package]] +name = "swc_common" +version = "0.10.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c93df65683ec1a001e15ce1de438c7c2c226c0c2462d1cb93fa1bd2a7664170b" +dependencies = [ + "ast_node", + "cfg-if 0.1.10", + "either", + "from_variant", + "fxhash", + "log", + "num-bigint", + "once_cell", + "owning_ref", + "scoped-tls", + "serde", + "string_cache", + "swc_eq_ignore_macros", + "swc_visit", + "unicode-width", +] + +[[package]] +name = "swc_ecma_ast" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83eb6a73820660a5af3c24ae1d436e84e4d4c13822021140011361e678df247b" +dependencies = [ + "is-macro", + "num-bigint", + "serde", + "string_enum", + "swc_atoms", + "swc_common", +] + +[[package]] +name = "swc_ecma_parser" +version = "0.52.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c03250697857164f16fa98f8e1726f566652d13e52ea3f0c3ecea9deb63ee327" +dependencies = [ + "either", + "enum_kind", + "fxhash", + "log", + "num-bigint", + "serde", + "smallvec", + "swc_atoms", + "swc_common", + "swc_ecma_ast", + "swc_ecma_visit", + "unicode-xid", +] + +[[package]] +name = "swc_ecma_visit" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd3d60b9dc97ae4f181d4d60f43142d8ac9669953db410bcedefb29a14627e19" +dependencies = [ + "num-bigint", + "swc_atoms", + "swc_common", + "swc_ecma_ast", + "swc_visit", +] + +[[package]] +name = "swc_ecmascript" +version = "0.29.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ffb53afe008c15d4dc4957e80148c4b457659f93e4d4e8736eaeae352e48ec8" +dependencies = [ + "swc_ecma_ast", + "swc_ecma_parser", +] + +[[package]] +name = "swc_eq_ignore_macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c8f200a2eaed938e7c1a685faaa66e6d42fa9e17da5f62572d3cbc335898f5e" +dependencies = [ + "pmutil", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "swc_macros_common" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08ed2e930f5a1a4071fe62c90fd3a296f6030e5d94bfe13993244423caf59a78" +dependencies = [ + "pmutil", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "swc_visit" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a423caa0b4585118164dbad8f1ad52b592a9a9370b25decc4d84c6b4309132c0" +dependencies = [ + "either", + "swc_visit_macros", +] + +[[package]] +name = "swc_visit_macros" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3b2825fee79f10d0166e8e650e79c7a862fb991db275743083f07555d7641f0" +dependencies = [ + "Inflector", + "pmutil", + "proc-macro2", + "quote", + "swc_macros_common", + "syn", +] + [[package]] name = "syn" version = "1.0.65" @@ -797,6 +1359,28 @@ dependencies = [ "serde", ] +[[package]] +name = "ts-rs" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "369e48de67506679b3a576b0faf666fa9f9acf2fd00b4c61e28bdb6c8e08ec06" +dependencies = [ + "dprint-plugin-typescript", + "ts-rs-macros", +] + +[[package]] +name = "ts-rs-macros" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f269e8fd28e26b4cdbd01f81f345aaf666131511e54a735a76a614b5062d0a5a" +dependencies = [ + "Inflector", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "typenum" version = "1.13.0" @@ -839,6 +1423,12 @@ dependencies = [ "tinyvec", ] +[[package]] +name = "unicode-width" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" + [[package]] name = "unicode-xid" version = "0.2.1" diff --git a/gateway/Cargo.toml b/gateway/Cargo.toml index 5248800246..18d133a13c 100644 --- a/gateway/Cargo.toml +++ b/gateway/Cargo.toml @@ -28,8 +28,6 @@ tokio-tungstenite = "0.14" url = { version = "2.2", features = [ "serde" ] } # internal -coconut-interface = { path = "../common/coconut-interface" } -credentials = { path = "../common/credentials" } config = { path = "../common/config" } crypto = { path = "../common/crypto" } gateway-requests = { path = "gateway-requests" } diff --git a/gateway/gateway-requests/src/types.rs b/gateway/gateway-requests/src/types.rs index 3ada132538..e6d8eccf34 100644 --- a/gateway/gateway-requests/src/types.rs +++ b/gateway/gateway-requests/src/types.rs @@ -5,7 +5,6 @@ use crate::authentication::encrypted_address::EncryptedAddressBytes; use crate::iv::IV; use crate::registration::handshake::SharedKeys; use crate::GatewayMacSize; -use coconut_interface::Credential; use crypto::generic_array::typenum::Unsigned; use crypto::hmac::recompute_keyed_hmac_and_verify_tag; use crypto::symmetric::stream_cipher; @@ -113,10 +112,6 @@ pub enum ClientControlRequest { }, #[serde(alias = "handshakePayload")] RegisterHandshakeInitRequest { data: Vec }, - BandwidthCredential { - enc_credential: Vec, - iv: Vec, - }, } impl ClientControlRequest { @@ -131,34 +126,6 @@ impl ClientControlRequest { iv: iv.to_base58_string(), } } - - pub fn new_enc_bandwidth_credential( - credential: &Credential, - shared_key: &SharedKeys, - iv: IV, - ) -> Option { - match bincode::serialize(credential) { - Ok(serialized_credential) => { - let enc_credential = - shared_key.encrypt_and_tag(&serialized_credential, Some(iv.inner())); - - Some(ClientControlRequest::BandwidthCredential { - enc_credential, - iv: iv.to_bytes(), - }) - } - _ => None, - } - } - - pub fn try_from_enc_bandwidth_credential( - enc_credential: Vec, - shared_key: &SharedKeys, - iv: IV, - ) -> Result { - let credential = shared_key.decrypt_tagged(&enc_credential, Some(iv.inner()))?; - bincode::deserialize(&credential).map_err(|_| GatewayRequestsError::MalformedEncryption) - } } impl From for Message { diff --git a/gateway/src/node/client_handling/bandwidth.rs b/gateway/src/node/client_handling/bandwidth.rs deleted file mode 100644 index 203b75fd0a..0000000000 --- a/gateway/src/node/client_handling/bandwidth.rs +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2021 - Nym Technologies SA -// SPDX-License-Identifier: Apache-2.0 - -use std::collections::HashMap; -use std::convert::TryFrom; -use std::sync::Arc; -use tokio::sync::RwLock; - -use coconut_interface::Credential; -use credentials::error::Error; -use nymsphinx::DestinationAddressBytes; - -const BANDWIDTH_INDEX: usize = 0; - -pub type BandwidthDatabase = Arc>>; - -pub fn empty_bandwidth_database() -> BandwidthDatabase { - Arc::new(RwLock::new(HashMap::new())) -} - -pub struct Bandwidth { - value: u64, -} - -impl Bandwidth { - pub fn value(&self) -> u64 { - self.value - } - - pub async fn consume_bandwidth( - bandwidths: &BandwidthDatabase, - remote_address: &DestinationAddressBytes, - consumed: u64, - ) -> Result<(), Error> { - if let Some(bandwidth) = bandwidths.write().await.get_mut(remote_address) { - if let Some(res) = bandwidth.checked_sub(consumed) { - *bandwidth = res; - Ok(()) - } else { - Err(Error::BandwidthOverflow(String::from( - "Allocate more bandwidth for consumption", - ))) - } - } else { - Err(Error::MissingBandwidth) - } - } - - pub async fn increase_bandwidth( - bandwidths: &BandwidthDatabase, - remote_address: &DestinationAddressBytes, - increase: u64, - ) -> Result<(), Error> { - let mut db = bandwidths.write().await; - if let Some(bandwidth) = db.get_mut(remote_address) { - if let Some(new_bandwidth) = bandwidth.checked_add(increase) { - *bandwidth = new_bandwidth; - } else { - return Err(Error::BandwidthOverflow(String::from( - "Use some of the already allocated bandwidth", - ))); - } - } else { - db.insert(*remote_address, increase); - } - Ok(()) - } -} - -impl TryFrom for Bandwidth { - type Error = Error; - - fn try_from(credential: Credential) -> Result { - match credential.public_attributes().get(BANDWIDTH_INDEX) { - None => Err(Error::NotEnoughPublicAttributes), - Some(attr) => match <[u8; 8]>::try_from(attr.as_slice()) { - Ok(bandwidth_bytes) => { - let value = u64::from_be_bytes(bandwidth_bytes); - Ok(Self { value }) - } - Err(_) => Err(Error::InvalidBandwidthSize), - }, - } - } -} diff --git a/gateway/src/node/client_handling/mod.rs b/gateway/src/node/client_handling/mod.rs index 8e8013fb93..9ad982e49b 100644 --- a/gateway/src/node/client_handling/mod.rs +++ b/gateway/src/node/client_handling/mod.rs @@ -1,6 +1,5 @@ // Copyright 2020 - Nym Technologies SA // SPDX-License-Identifier: Apache-2.0 -mod bandwidth; pub(crate) mod clients_handler; pub(crate) mod websocket; diff --git a/gateway/src/node/client_handling/websocket/connection_handler.rs b/gateway/src/node/client_handling/websocket/connection_handler.rs index dc81c5b1dd..66035a3d98 100644 --- a/gateway/src/node/client_handling/websocket/connection_handler.rs +++ b/gateway/src/node/client_handling/websocket/connection_handler.rs @@ -1,14 +1,12 @@ // Copyright 2020 - Nym Technologies SA // SPDX-License-Identifier: Apache-2.0 -use crate::node::client_handling::bandwidth::{Bandwidth, BandwidthDatabase}; use crate::node::client_handling::clients_handler::{ ClientsHandlerRequest, ClientsHandlerRequestSender, ClientsHandlerResponse, }; use crate::node::client_handling::websocket::message_receiver::{ MixMessageReceiver, MixMessageSender, }; -use coconut_interface::VerificationKey; use crypto::asymmetric::identity; use futures::{ channel::{mpsc, oneshot}, @@ -25,7 +23,6 @@ use mixnet_client::forwarder::MixForwardingSender; use nymsphinx::DestinationAddressBytes; use rand::{CryptoRng, Rng}; use std::convert::TryFrom; -use std::mem; use std::sync::Arc; use tokio::io::{AsyncRead, AsyncWrite}; use tokio_tungstenite::{ @@ -58,10 +55,8 @@ pub(crate) struct Handle { clients_handler_sender: ClientsHandlerRequestSender, outbound_mix_sender: MixForwardingSender, socket_connection: SocketStream, - local_identity: Arc, - aggregated_verification_key: VerificationKey, - bandwidths: BandwidthDatabase, + local_identity: Arc, } impl Handle @@ -76,8 +71,6 @@ where clients_handler_sender: ClientsHandlerRequestSender, outbound_mix_sender: MixForwardingSender, local_identity: Arc, - aggregated_verification_key: VerificationKey, - bandwidths: BandwidthDatabase, ) -> Self { Handle { rng, @@ -87,8 +80,6 @@ where outbound_mix_sender, socket_connection: SocketStream::RawTcp(conn), local_identity, - aggregated_verification_key, - bandwidths, } } @@ -209,19 +200,8 @@ where Ok(request) => match request { // currently only a single type exists BinaryRequest::ForwardSphinx(mix_packet) => { - let consumed_bandwidth = mem::size_of_val(&mix_packet) as u64; - if let Err(e) = Bandwidth::consume_bandwidth( - &self.bandwidths, - &self.remote_address.unwrap(), - consumed_bandwidth, - ) - .await - { - ServerResponse::new_error(format!("{:?}", e)) - } else { - self.outbound_mix_sender.unbounded_send(mix_packet).unwrap(); - ServerResponse::Send { status: true } - } + self.outbound_mix_sender.unbounded_send(mix_packet).unwrap(); + ServerResponse::Send { status: true } } }, } @@ -357,68 +337,12 @@ where } } - async fn handle_bandwidth(&mut self, enc_credential: Vec, iv: Vec) -> ServerResponse { - if self.shared_key.is_none() { - return ServerResponse::new_error("No shared key has been exchanged with the gateway"); - } - if self.remote_address.is_none() { - return ServerResponse::new_error("No remote address has been set"); - } - let iv = match IV::try_from_bytes(&iv) { - Ok(iv) => iv, - Err(e) => { - trace!("failed to parse received IV {:?}", e); - return ServerResponse::new_error("malformed iv"); - } - }; - let credential = match ClientControlRequest::try_from_enc_bandwidth_credential( - enc_credential, - self.shared_key.as_ref().unwrap(), - iv, - ) { - Ok(c) => c, - Err(e) => { - return ServerResponse::new_error(e.to_string()); - } - }; - if credential.verify(&self.aggregated_verification_key) { - match Bandwidth::try_from(credential) { - Ok(bandwidth) => { - if let Err(e) = Bandwidth::increase_bandwidth( - &self.bandwidths, - &self.remote_address.unwrap(), - bandwidth.value(), - ) - .await - { - return ServerResponse::Error { - message: format!("{:?}", e), - }; - } - ServerResponse::Bandwidth { status: true } - } - Err(e) => ServerResponse::Error { - message: format!("{:?}", e), - }, - } - } else { - ServerResponse::Bandwidth { status: false } - } - } + // currently there are no valid control messages you can send after authentication + async fn handle_text(&mut self, _: String) -> Message { + trace!("Handling text message (presumably control message)"); - // currently the bandwidth credential request is the only one we can receive after - // authentication - async fn handle_text(&mut self, raw_request: String) -> Message { - if let Ok(request) = ClientControlRequest::try_from(raw_request) { - match request { - ClientControlRequest::BandwidthCredential { enc_credential, iv } => { - self.handle_bandwidth(enc_credential, iv).await.into() - } - _ => ServerResponse::new_error("invalid request").into(), - } - } else { - ServerResponse::new_error("malformed request").into() - } + error!("Currently there are no text messages besides 'Authenticate' and 'Register' and they were already dealt with!"); + ServerResponse::new_error("invalid request").into() } async fn handle_request(&mut self, raw_request: Message) -> Option { @@ -455,7 +379,6 @@ where ClientControlRequest::RegisterHandshakeInitRequest { data } => { self.handle_register(data, mix_sender).await } - _ => ServerResponse::new_error("invalid request"), } } else { // TODO: is this a malformed request or rather a network error and diff --git a/gateway/src/node/client_handling/websocket/listener.rs b/gateway/src/node/client_handling/websocket/listener.rs index fa1c26aaa6..970263eb5b 100644 --- a/gateway/src/node/client_handling/websocket/listener.rs +++ b/gateway/src/node/client_handling/websocket/listener.rs @@ -1,10 +1,8 @@ // Copyright 2020 - Nym Technologies SA // SPDX-License-Identifier: Apache-2.0 -use crate::node::client_handling::bandwidth::empty_bandwidth_database; use crate::node::client_handling::clients_handler::ClientsHandlerRequestSender; use crate::node::client_handling::websocket::connection_handler::Handle; -use coconut_interface::VerificationKey; use crypto::asymmetric::identity; use log::*; use mixnet_client::forwarder::MixForwardingSender; @@ -17,19 +15,13 @@ use tokio::task::JoinHandle; pub(crate) struct Listener { address: SocketAddr, local_identity: Arc, - aggregated_verification_key: VerificationKey, } impl Listener { - pub(crate) fn new( - address: SocketAddr, - local_identity: Arc, - aggregated_verification_key: VerificationKey, - ) -> Self { + pub(crate) fn new(address: SocketAddr, local_identity: Arc) -> Self { Listener { address, local_identity, - aggregated_verification_key, } } @@ -47,8 +39,6 @@ impl Listener { } }; - let bandwidths = empty_bandwidth_database(); - loop { match tcp_listener.accept().await { Ok((socket, remote_addr)) => { @@ -61,8 +51,6 @@ impl Listener { clients_handler_sender.clone(), outbound_mix_sender.clone(), Arc::clone(&self.local_identity), - self.aggregated_verification_key.clone(), - Arc::clone(&bandwidths), ); tokio::spawn(async move { handle.start_handling().await }); } diff --git a/gateway/src/node/mod.rs b/gateway/src/node/mod.rs index a67da4f33d..ec112334e4 100644 --- a/gateway/src/node/mod.rs +++ b/gateway/src/node/mod.rs @@ -6,8 +6,6 @@ use crate::node::client_handling::clients_handler::{ClientsHandler, ClientsHandl use crate::node::client_handling::websocket; use crate::node::mixnet_handling::receiver::connection_handler::ConnectionHandler; use crate::node::storage::{inboxes, ClientLedger}; -use coconut_interface::VerificationKey; -use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use log::*; use mixnet_client::forwarder::{MixForwardingSender, PacketForwarder}; @@ -85,7 +83,6 @@ impl Gateway { &self, forwarding_channel: MixForwardingSender, clients_handler_sender: ClientsHandlerRequestSender, - verification_key: VerificationKey, ) { info!("Starting client [web]socket listener..."); @@ -94,12 +91,8 @@ impl Gateway { self.config.get_clients_port(), ); - websocket::Listener::new( - listening_address, - Arc::clone(&self.identity), - verification_key, - ) - .start(clients_handler_sender, forwarding_channel); + websocket::Listener::new(listening_address, Arc::clone(&self.identity)) + .start(clients_handler_sender, forwarding_channel); } fn start_packet_forwarder(&self) -> MixForwardingSender { @@ -183,13 +176,11 @@ impl Gateway { } } - let validators_verification_key = obtain_aggregate_verification_key(&self.config.get_validator_api_endpoints()).await.expect("failed to contact validators to obtain their verification keys"); - let mix_forwarding_channel = self.start_packet_forwarder(); let clients_handler_sender = self.start_clients_handler(); self.start_mix_socket_listener(clients_handler_sender.clone(), mix_forwarding_channel.clone()); - self.start_client_websocket_listener(mix_forwarding_channel, clients_handler_sender, validators_verification_key); + self.start_client_websocket_listener(mix_forwarding_channel, clients_handler_sender); info!("Finished nym gateway startup procedure - it should now be able to receive mix and client traffic!"); diff --git a/validator-api/Cargo.toml b/validator-api/Cargo.toml index 099f0c0a38..e90a22d708 100644 --- a/validator-api/Cargo.toml +++ b/validator-api/Cargo.toml @@ -48,9 +48,6 @@ nymsphinx = { path="../common/nymsphinx" } topology = { path="../common/topology" } validator-client = { path="../common/client-libs/validator-client", features = ["nymd-client"] } version-checker = { path="../common/version-checker" } -coconut-interface = { path = "../common/coconut-interface" } -credentials = { path = "../common/credentials" } - [build-dependencies] tokio = { version = "1.4", features = ["rt-multi-thread", "macros"] } diff --git a/validator-api/src/coconut/mod.rs b/validator-api/src/coconut/mod.rs deleted file mode 100644 index ace0c62851..0000000000 --- a/validator-api/src/coconut/mod.rs +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2021 - Nym Technologies SA -// SPDX-License-Identifier: Apache-2.0 - -use coconut_interface::{ - elgamal::PublicKey, Attribute, BlindSignRequest, BlindSignRequestBody, BlindedSignature, - BlindedSignatureResponse, KeyPair, Parameters, VerificationKeyResponse, -}; -use config::defaults::VALIDATOR_API_VERSION; -use getset::{CopyGetters, Getters}; -use rocket::fairing::AdHoc; -use rocket::serde::json::Json; -use rocket::State; - -#[derive(Getters, CopyGetters, Debug)] -pub(crate) struct InternalSignRequest { - // Total number of parameters to generate for - #[getset(get_copy)] - total_params: u32, - #[getset(get)] - public_attributes: Vec, - #[getset(get)] - public_key: PublicKey, - #[getset(get)] - blind_sign_request: BlindSignRequest, -} - -impl InternalSignRequest { - pub fn new( - total_params: u32, - public_attributes: Vec, - public_key: PublicKey, - blind_sign_request: BlindSignRequest, - ) -> InternalSignRequest { - InternalSignRequest { - total_params, - public_attributes, - public_key, - blind_sign_request, - } - } - - pub fn stage(key_pair: KeyPair) -> AdHoc { - AdHoc::on_ignite("Internal Sign Request Stage", |rocket| async { - rocket.manage(key_pair).mount( - // this format! is so ugly... - format!("/{}", VALIDATOR_API_VERSION), - routes![post_blind_sign, get_verification_key], - ) - }) - } -} - -fn blind_sign(request: InternalSignRequest, key_pair: &KeyPair) -> BlindedSignature { - let params = Parameters::new(request.total_params()).unwrap(); - coconut_interface::blind_sign( - ¶ms, - &key_pair.secret_key(), - request.public_key(), - request.blind_sign_request(), - request.public_attributes(), - ) - .unwrap() -} - -#[post("/blind_sign", data = "")] -// Until we have serialization and deserialization traits we'll be using a crutch -pub async fn post_blind_sign( - blind_sign_request_body: Json, - key_pair: &State, -) -> Json { - debug!("{:?}", blind_sign_request_body); - let internal_request = InternalSignRequest::new( - *blind_sign_request_body.total_params(), - blind_sign_request_body.public_attributes(), - blind_sign_request_body.public_key().clone(), - blind_sign_request_body.blind_sign_request().clone(), - ); - let blinded_signature = blind_sign(internal_request, key_pair); - Json(BlindedSignatureResponse::new(blinded_signature)) -} - -#[get("/verification_key")] -pub async fn get_verification_key(key_pair: &State) -> Json { - Json(VerificationKeyResponse::new(key_pair.verification_key())) -} diff --git a/validator-api/src/config/mod.rs b/validator-api/src/config/mod.rs index 285eb6b6c6..5715743d71 100644 --- a/validator-api/src/config/mod.rs +++ b/validator-api/src/config/mod.rs @@ -2,7 +2,6 @@ // SPDX-License-Identifier: Apache-2.0 use crate::config::template::config_template; -use coconut_interface::{Base58, KeyPair}; use config::defaults::{ default_api_endpoints, DEFAULT_EPOCH_LENGTH, DEFAULT_FIRST_EPOCH_START, DEFAULT_MIXNET_CONTRACT_ADDRESS, @@ -80,9 +79,6 @@ pub struct Base { /// Address of the validator contract managing the network mixnet_contract_address: String, - - // Avoid breaking derives for now - keypair_bs58: String, } impl Default for Base { @@ -92,7 +88,6 @@ impl Default for Base { .parse() .expect("default local validator is malformed!"), mixnet_contract_address: DEFAULT_MIXNET_CONTRACT_ADDRESS.to_string(), - keypair_bs58: String::default(), } } } @@ -254,10 +249,6 @@ impl Config { Config::default() } - pub fn keypair(&self) -> KeyPair { - KeyPair::try_from_bs58(self.base.keypair_bs58.clone()).unwrap() - } - pub fn with_network_monitor_enabled(mut self, enabled: bool) -> Self { self.network_monitor.enabled = enabled; self @@ -298,11 +289,6 @@ impl Config { self } - pub fn with_keypair>(mut self, keypair_bs58: S) -> Self { - self.base.keypair_bs58 = keypair_bs58.into(); - self - } - pub fn with_custom_validator_apis(mut self, validator_api_urls: Vec) -> Self { self.network_monitor.all_validator_apis = validator_api_urls; self @@ -391,6 +377,7 @@ impl Config { self.node_status_api.database_path.clone() } + #[allow(dead_code)] pub fn get_all_validator_api_endpoints(&self) -> Vec { self.network_monitor.all_validator_apis.clone() } diff --git a/validator-api/src/main.rs b/validator-api/src/main.rs index 737f688d85..c7e27f457d 100644 --- a/validator-api/src/main.rs +++ b/validator-api/src/main.rs @@ -16,7 +16,6 @@ use ::config::{defaults::DEFAULT_VALIDATOR_API_PORT, NymConfig}; use anyhow::Result; use cache::ValidatorCache; use clap::{App, Arg, ArgMatches}; -use coconut::InternalSignRequest; use log::{info, warn}; use rocket::fairing::AdHoc; use rocket::http::Method; @@ -32,7 +31,6 @@ use url::Url; use validator_client::nymd::SigningNymdClient; pub(crate) mod cache; -mod coconut; pub(crate) mod config; mod network_monitor; mod node_status_api; @@ -49,7 +47,6 @@ const DETAILED_REPORT_ARG: &str = "detailed-report"; const MIXNET_CONTRACT_ARG: &str = "mixnet-contract"; const MNEMONIC_ARG: &str = "mnemonic"; const WRITE_CONFIG_ARG: &str = "save-config"; -const KEYPAIR_ARG: &str = "keypair"; const NYMD_VALIDATOR_ARG: &str = "nymd-validator"; const EPOCH_LENGTH_ARG: &str = "epoch-length"; @@ -133,12 +130,6 @@ fn parse_args<'a>() -> ArgMatches<'a> { .long(WRITE_CONFIG_ARG) .short("w") ) - .arg( - Arg::with_name(KEYPAIR_ARG) - .help("Path to the secret key file") - .takes_value(true) - .long(KEYPAIR_ARG) - ) .arg( Arg::with_name(FIRST_REWARDING_EPOCH_ARG) .help("Datetime specifying beginning of the first rewarding epoch of this length. It must be a valid rfc3339 datetime.") @@ -264,13 +255,6 @@ fn override_config(mut config: Config, matches: &ArgMatches) -> Config { if matches.is_present(DETAILED_REPORT_ARG) { config = config.with_detailed_network_monitor_report(true) } - if let Some(keypair_path) = matches.value_of(KEYPAIR_ARG) { - let keypair_bs58 = std::fs::read_to_string(keypair_path) - .unwrap() - .trim() - .to_string(); - config = config.with_keypair(keypair_bs58) - } if matches.is_present(WRITE_CONFIG_ARG) { info!("Saving the configuration to a file"); @@ -382,8 +366,7 @@ async fn setup_rocket(config: &Config, liftoff_notify: Arc) -> Result NetworkMonitorBuilder<'a> { *encryption_keypair.public_key(), ); - let bandwidth_credential = - TEMPORARY_obtain_bandwidth_credential(self.config, identity_keypair.public_key()).await; - let packet_sender = new_packet_sender( self.config, gateway_status_update_sender, Arc::clone(&identity_keypair), - bandwidth_credential, self.config.get_gateway_sending_rate(), ); @@ -161,44 +154,15 @@ fn new_packet_preparer( ) } -// SECURITY: -// this implies we are re-using the same credential for all gateways all the time (which unfortunately is true!) -#[allow(non_snake_case)] -async fn TEMPORARY_obtain_bandwidth_credential( - config: &Config, - identity: &identity::PublicKey, -) -> Credential { - info!("Trying to obtain bandwidth credential..."); - let validators = config.get_all_validator_api_endpoints(); - - let verification_key = obtain_aggregate_verification_key(&validators) - .await - .expect("could not obtain aggregate verification key of ALL validators"); - - let bandwidth_credential = - credentials::bandwidth::obtain_signature(&identity.to_bytes(), &validators) - .await - .expect("failed to obtain bandwidth credential!"); - - prepare_for_spending( - &identity.to_bytes(), - &bandwidth_credential, - &verification_key, - ) - .expect("failed to prepare bandwidth credential for spending!") -} - fn new_packet_sender( config: &Config, gateways_status_updater: GatewayClientUpdateSender, local_identity: Arc, - bandwidth_credential: Credential, max_sending_rate: usize, ) -> PacketSender { PacketSender::new( gateways_status_updater, local_identity, - bandwidth_credential, config.get_gateway_response_timeout(), config.get_gateway_connection_timeout(), config.get_max_concurrent_gateway_clients(), diff --git a/validator-api/src/network_monitor/monitor/sender.rs b/validator-api/src/network_monitor/monitor/sender.rs index 7c36dda326..cc10e3f316 100644 --- a/validator-api/src/network_monitor/monitor/sender.rs +++ b/validator-api/src/network_monitor/monitor/sender.rs @@ -2,7 +2,6 @@ // SPDX-License-Identifier: Apache-2.0 use crate::network_monitor::monitor::receiver::{GatewayClientUpdate, GatewayClientUpdateSender}; -use coconut_interface::Credential; use crypto::asymmetric::identity::{self, PUBLIC_KEY_LENGTH}; use futures::channel::mpsc; use futures::stream::{self, FuturesUnordered, StreamExt}; @@ -63,15 +62,6 @@ struct FreshGatewayClientData { gateways_status_updater: GatewayClientUpdateSender, local_identity: Arc, gateway_response_timeout: Duration, - - // I guess in the future this struct will require aggregated verification key and.... - // ... something for obtaining actual credential - - // TODO: - // SECURITY: - // since currently we have no double spending protection, just to get things running - // we're re-using the same credential for all gateways all the time. THIS IS VERY BAD!! - bandwidth_credential: Credential, } pub(crate) struct PacketSender { @@ -93,7 +83,6 @@ impl PacketSender { pub(crate) fn new( gateways_status_updater: GatewayClientUpdateSender, local_identity: Arc, - bandwidth_credential: Credential, gateway_response_timeout: Duration, gateway_connection_timeout: Duration, max_concurrent_clients: usize, @@ -105,7 +94,6 @@ impl PacketSender { gateways_status_updater, local_identity, gateway_response_timeout, - bandwidth_credential, }), gateway_connection_timeout, max_concurrent_clients, @@ -137,7 +125,6 @@ impl PacketSender { message_sender, ack_sender, fresh_gateway_client_data.gateway_response_timeout, - fresh_gateway_client_data.bandwidth_credential.clone(), ), (message_receiver, ack_receiver), )