From db2769b59baebf68a668bcf5846c921e571bf58e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bogdan-=C8=98tefan=20Neac=C8=99u?= Date: Wed, 2 Mar 2022 16:16:23 +0200 Subject: [PATCH] Do verification on validator-apis with hardcoded aggr vk --- clients/tauri-client/src-tauri/src/main.rs | 9 ++++---- .../validator-client/src/client.rs | 6 ++--- .../validator-client/src/validator_api/mod.rs | 4 ++-- common/credentials/src/coconut/bandwidth.rs | 8 +++---- common/credentials/src/coconut/utils.rs | 20 +++++----------- common/nymcoconut/src/lib.rs | 2 ++ validator-api/src/coconut/mod.rs | 23 +++++++++++++------ 7 files changed, 36 insertions(+), 36 deletions(-) diff --git a/clients/tauri-client/src-tauri/src/main.rs b/clients/tauri-client/src-tauri/src/main.rs index dd9e98d486..8659dcc8d0 100644 --- a/clients/tauri-client/src-tauri/src/main.rs +++ b/clients/tauri-client/src-tauri/src/main.rs @@ -178,7 +178,6 @@ async fn verify_credential( let state = state.read().await; - let public_attributes = vec![state.voucher_value, state.voucher_info]; let public_attributes_bytes = vec![ state.voucher_value.to_byte_vec(), state.voucher_info.to_byte_vec(), @@ -193,15 +192,15 @@ async fn verify_credential( .get(idx) .ok_or("Got invalid signature idx")?, ); + println!("Using verification key: {:?}", verification_key.to_bs58()); let local_check = credential.verify(&verification_key); println!("Local check: {}", local_check); if !local_check { return Ok(false); } - let remote_check = - verify_credential_remote(state.n_attributes, public_attributes, &parsed_urls, &theta) - .await - .unwrap(); + let remote_check = verify_credential_remote(&parsed_urls, credential) + .await + .unwrap(); println!("Remote check: {}", remote_check); Ok(remote_check) diff --git a/common/client-libs/validator-client/src/client.rs b/common/client-libs/validator-client/src/client.rs index 35b58a7b29..2d4e3defcb 100644 --- a/common/client-libs/validator-client/src/client.rs +++ b/common/client-libs/validator-client/src/client.rs @@ -3,7 +3,7 @@ use crate::{validator_api, ValidatorClientError}; use coconut_interface::{ - BlindSignRequestBody, BlindedSignatureResponse, VerificationKeyResponse, VerifyCredentialBody, + BlindSignRequestBody, BlindedSignatureResponse, Credential, VerificationKeyResponse, VerifyCredentialResponse, }; use mixnet_contract_common::{GatewayBond, IdentityKeyRef, MixNodeBond}; @@ -577,7 +577,7 @@ impl Client { pub async fn verify_credential( &self, - request_body: &VerifyCredentialBody, + request_body: &Credential, ) -> Result { Ok(self.validator_api.verify_credential(request_body).await?) } @@ -686,7 +686,7 @@ impl ApiClient { pub async fn verify_credential( &self, - request_body: &VerifyCredentialBody, + request_body: &Credential, ) -> Result { Ok(self.validator_api.verify_credential(request_body).await?) } diff --git a/common/client-libs/validator-client/src/validator_api/mod.rs b/common/client-libs/validator-client/src/validator_api/mod.rs index 415afc790b..9fd335373a 100644 --- a/common/client-libs/validator-client/src/validator_api/mod.rs +++ b/common/client-libs/validator-client/src/validator_api/mod.rs @@ -4,7 +4,7 @@ use crate::validator_api::error::ValidatorAPIError; use crate::validator_api::routes::{CORE_STATUS_COUNT, SINCE_ARG}; use coconut_interface::{ - BlindSignRequestBody, BlindedSignatureResponse, VerificationKeyResponse, VerifyCredentialBody, + BlindSignRequestBody, BlindedSignatureResponse, Credential, VerificationKeyResponse, VerifyCredentialResponse, }; use mixnet_contract_common::{GatewayBond, IdentityKeyRef, MixNodeBond}; @@ -276,7 +276,7 @@ impl Client { pub async fn verify_credential( &self, - request_body: &VerifyCredentialBody, + request_body: &Credential, ) -> Result { self.post_validator_api( &[routes::API_VERSION, routes::COCONUT_VERIFY_CREDENTIAL], diff --git a/common/credentials/src/coconut/bandwidth.rs b/common/credentials/src/coconut/bandwidth.rs index 2f09fcde1c..e908c83ae0 100644 --- a/common/credentials/src/coconut/bandwidth.rs +++ b/common/credentials/src/coconut/bandwidth.rs @@ -7,7 +7,7 @@ // it's the simplest possible case use coconut_interface::{ - Credential, Parameters, PrivateAttribute, PublicAttribute, Signature, Theta, VerificationKey, + Credential, Parameters, PrivateAttribute, PublicAttribute, Signature, VerificationKey, }; use network_defaults::BANDWIDTH_VALUE; use url::Url; @@ -64,12 +64,10 @@ pub async fn obtain_signature( } pub async fn verify_credential_remote( - n_params: u32, - public_attributes: Vec, validators: &[Url], - theta: &Theta, + credential: Credential, ) -> Result { - obtain_aggregate_verify_credential(validators, n_params, theta, &public_attributes).await + obtain_aggregate_verify_credential(validators, credential).await } pub fn prepare_for_spending( diff --git a/common/credentials/src/coconut/utils.rs b/common/credentials/src/coconut/utils.rs index 28abe88ee0..90e759005c 100644 --- a/common/credentials/src/coconut/utils.rs +++ b/common/credentials/src/coconut/utils.rs @@ -4,7 +4,7 @@ use coconut_interface::{ aggregate_signature_shares, aggregate_verification_keys, prepare_blind_sign, prove_bandwidth_credential, Attribute, BlindSignRequestBody, Credential, Parameters, Signature, - SignatureShare, Theta, VerificationKey, VerifyCredentialBody, + SignatureShare, VerificationKey, }; use url::Url; @@ -56,15 +56,14 @@ pub async fn obtain_aggregate_verification_key( indices.push(id as u64); shares.push(response.key); } + let ret = aggregate_verification_keys(&shares, Some(&indices))?; - Ok(aggregate_verification_keys(&shares, Some(&indices))?) + Ok(ret) } pub async fn obtain_aggregate_verify_credential( validators: &[Url], - n_params: u32, - theta: &Theta, - public_attributes: &[Attribute], + credential: Credential, ) -> Result { if validators.is_empty() { return Err(Error::NoValidatorsAvailable); @@ -72,20 +71,13 @@ pub async fn obtain_aggregate_verify_credential( let mut ret = true; - let verify_credential_request_body = - VerifyCredentialBody::new(n_params, theta, public_attributes); - let mut client = validator_client::ApiClient::new(validators[0].clone()); - let response = client - .verify_credential(&verify_credential_request_body) - .await?; + let response = client.verify_credential(&credential).await?; ret &= response.response; for validator_url in validators.iter().skip(1) { client.change_validator_api(validator_url.clone()); - let response = client - .verify_credential(&verify_credential_request_body) - .await?; + let response = client.verify_credential(&credential).await?; ret &= response.response; } diff --git a/common/nymcoconut/src/lib.rs b/common/nymcoconut/src/lib.rs index 936b27005f..042ad660cd 100644 --- a/common/nymcoconut/src/lib.rs +++ b/common/nymcoconut/src/lib.rs @@ -1,6 +1,8 @@ // Copyright 2021 - Nym Technologies SA // SPDX-License-Identifier: Apache-2.0 +extern crate core; + use std::convert::TryInto; use bls12_381::Scalar; diff --git a/validator-api/src/coconut/mod.rs b/validator-api/src/coconut/mod.rs index 7f3a0d88b4..d83e2794b9 100644 --- a/validator-api/src/coconut/mod.rs +++ b/validator-api/src/coconut/mod.rs @@ -4,9 +4,9 @@ use bandwidth_claim_contract::events::{VOUCHER_ACQUIRED_EVENT_TYPE, VOUCHER_VALUE}; use bip39::Mnemonic; use coconut_interface::{ - elgamal::PublicKey, Attribute, BlindSignRequest, BlindSignRequestBody, BlindedSignature, - BlindedSignatureResponse, KeyPair, Parameters, VerificationKeyResponse, VerifyCredentialBody, - VerifyCredentialResponse, + elgamal::PublicKey, Attribute, Base58, BlindSignRequest, BlindSignRequestBody, + BlindedSignature, BlindedSignatureResponse, Credential, KeyPair, Parameters, VerificationKey, + VerificationKeyResponse, VerifyCredentialResponse, }; use config::defaults::VALIDATOR_API_VERSION; use getset::{CopyGetters, Getters}; @@ -139,10 +139,19 @@ pub async fn get_verification_key(key_pair: &State) -> Json, - _key_pair: &State, + verify_credential_body: Json, + key_pair: &State, ) -> Json { - Json(VerifyCredentialResponse { response: true }) + println!( + "Using verification key: {:?}", + key_pair.verification_key().to_bs58() + ); + let aggregated_verification_key = VerificationKey::try_from_bs58("4V4dv1G1sXaCndCUa8EBEubWZaxiHFJknBBakyKzPZGoGcGawyYgNoRBb2ipEckJA8hbmKETimkQZAdTjydUG1je3CVKnFh6xviFgE6SEUmKAyWVyT74MgagTdcEir5437kz7msyYnBa6eUznb2wsxQYjJHegZQs2BrEXjXbTn2pr4Nh1wcX6KYTUNTh5XfBHrhTWwDfmN7Smk2ta6hRPxroG3nFtzzUnswthtowBe5dhyJNV8AMaJ8uVmeSt6kk3uyy1T78LzCTC8nHTmgg91HRWLkNcimQFvbSLLiDsxoFLFKZ6hWw6cwXsToZ76xVyGCtKygBg2UMWdDHJwPR4QHypqrS8rbmxtXdhuBde1g5cKrppfwkLm5z9dRcnDpx8yuNszHc8vwdd66c8CP8yMdTaoyd9vpvmr1WRmX5bBJbbVLUG4N2jc91DcupmedPvEUgut7M75r5wW5GheK8jTQfAikJytYQFrY5oEMLq2f5PGAcjLCpqTLiMGJwHsJYxfGtmiPh17z6ogNN5A3FqW9sUT7gJfnLk6y1vPk1EJcRxFX22kH5bemBZRvF5JLb777SQS34gRSEYSfssNpAZfjyXDE4iuv5KX7m1UK1JP6FnyFw8FQx7BtAH6ydA2H3dCsoVPP9apTDPvMUcff4CQo29cH").unwrap(); + let response = verify_credential_body + .0 + .verify(&aggregated_verification_key); + println!("Sending response: {}", response); + Json(VerifyCredentialResponse { response }) }