removing redundant epoch_id field

This commit is contained in:
Jędrzej Stuczyński
2024-02-12 16:56:55 +00:00
parent edbcade5f5
commit fa93c4598f
9 changed files with 32 additions and 47 deletions
@@ -25,7 +25,6 @@ use nym_gateway_requests::{
use nym_network_defaults::{REMAINING_BANDWIDTH_THRESHOLD, TOKENS_TO_BURN};
use nym_sphinx::forwarding::packet::MixPacket;
use nym_task::TaskClient;
use nym_validator_client::nym_api::EpochId;
use nym_validator_client::nyxd::contract_traits::DkgQueryClient;
use rand::rngs::OsRng;
use std::convert::TryFrom;
@@ -527,14 +526,12 @@ impl<C, St> GatewayClient<C, St> {
async fn claim_coconut_bandwidth(
&mut self,
credential: CredentialSpendingData,
epoch_id: EpochId,
) -> Result<(), GatewayClientError> {
let mut rng = OsRng;
let iv = IV::new_random(&mut rng);
let msg = ClientControlRequest::new_enc_coconut_bandwidth_credential_v2(
credential,
epoch_id,
self.shared_key.as_ref().unwrap(),
iv,
)
@@ -587,7 +584,7 @@ impl<C, St> GatewayClient<C, St> {
.prepare_bandwidth_credential()
.await?;
self.claim_coconut_bandwidth(prepared_credential.data, prepared_credential.epoch_id)
self.claim_coconut_bandwidth(prepared_credential.data)
.await?;
self.bandwidth_controller
.as_ref()
+3
View File
@@ -92,6 +92,9 @@ pub struct CredentialSpendingData {
pub public_attributes_plain: Vec<String>,
pub typ: CredentialType,
/// The (DKG) epoch id under which the credential has been issued so that the verifier could use correct verification key for validation.
pub epoch_id: u64,
}
impl CredentialSpendingData {
@@ -14,9 +14,9 @@ use nym_credentials_interface::prove_bandwidth_credential;
use nym_credentials_interface::{
Parameters, PrivateAttribute, PublicAttribute, Signature, VerificationKey,
};
use nym_validator_client::nym_api::EpochId;
use serde::{Deserialize, Serialize};
use zeroize::{Zeroize, ZeroizeOnDrop};
use nym_validator_client::nym_api::EpochId;
pub const CURRENT_SERIALIZATION_REVISION: u8 = 1;
@@ -92,9 +92,9 @@ pub struct IssuedBandwidthCredential {
/// type of the bandwdith credential hashed onto a scalar
#[serde(with = "scalar_serde_helper")]
type_prehashed: PublicAttribute,
/// Specifies the (DKG) epoch id when this credential has been issued
epoch_id: EpochId
epoch_id: EpochId,
}
impl IssuedBandwidthCredential {
@@ -104,7 +104,7 @@ impl IssuedBandwidthCredential {
signature: Signature,
variant_data: BandwidthCredentialIssuedDataVariant,
type_prehashed: PublicAttribute,
epoch_id: EpochId
epoch_id: EpochId,
) -> Self {
IssuedBandwidthCredential {
serial_number,
@@ -172,6 +172,7 @@ impl IssuedBandwidthCredential {
verify_credential_request,
public_attributes_plain: self.get_plain_public_attributes(),
typ: self.typ(),
epoch_id: self.epoch_id,
})
}
}
+12 -19
View File
@@ -22,7 +22,7 @@ pub struct OldV1Credential {
}
// attempt to convert the old request type into the new variant
impl TryFrom<OldV1Credential> for CredentialSpendingWithEpoch {
impl TryFrom<OldV1Credential> for CredentialSpendingRequest {
type Error = GatewayRequestsError;
fn try_from(value: OldV1Credential) -> Result<Self, Self::Error> {
@@ -35,14 +35,14 @@ impl TryFrom<OldV1Credential> for CredentialSpendingWithEpoch {
let typ = value.voucher_info.parse()?;
let public_attributes_plain = vec![value.voucher_value.to_string(), value.voucher_info];
Ok(CredentialSpendingWithEpoch {
Ok(CredentialSpendingRequest {
data: CredentialSpendingData {
embedded_private_attributes,
verify_credential_request: value.theta,
public_attributes_plain,
typ,
epoch_id: value.epoch_id,
},
epoch_id: value.epoch_id,
})
}
}
@@ -106,13 +106,9 @@ impl OldV1Credential {
}
#[derive(Debug, Serialize, Deserialize, PartialEq, Eq)]
pub struct CredentialSpendingWithEpoch {
pub struct CredentialSpendingRequest {
/// The cryptographic material required for spending the underlying credential.
pub data: CredentialSpendingData,
/// The (DKG) epoch id under which the credential has been issued so that the verifier
/// could use correct verification key for validation.
pub epoch_id: u64,
}
// just a helper macro for checking required length and advancing the buffer
@@ -132,9 +128,9 @@ macro_rules! ensure_len_and_advance {
}};
}
impl CredentialSpendingWithEpoch {
pub fn new(data: CredentialSpendingData, epoch_id: u64) -> Self {
CredentialSpendingWithEpoch { data, epoch_id }
impl CredentialSpendingRequest {
pub fn new(data: CredentialSpendingData) -> Self {
CredentialSpendingRequest { data }
}
pub fn matches_blinded_serial_number(
@@ -183,7 +179,7 @@ impl CredentialSpendingWithEpoch {
bytes.extend_from_slice(&typ_len);
bytes.extend_from_slice(typ_bytes);
bytes.extend_from_slice(&self.epoch_id.to_be_bytes());
bytes.extend_from_slice(&self.data.epoch_id.to_be_bytes());
bytes
}
@@ -227,14 +223,14 @@ impl CredentialSpendingWithEpoch {
let epoch_id_bytes = ensure_len_and_advance!(b, 8);
let epoch_id = u64::from_be_bytes(epoch_id_bytes.try_into().unwrap());
Ok(CredentialSpendingWithEpoch {
Ok(CredentialSpendingRequest {
data: CredentialSpendingData {
embedded_private_attributes,
verify_credential_request: theta,
public_attributes_plain,
typ,
epoch_id,
},
epoch_id,
})
}
}
@@ -332,13 +328,10 @@ mod tests {
.prepare_for_spending(keypair.verification_key())
.unwrap();
let with_epoch = CredentialSpendingWithEpoch {
data: spending,
epoch_id: 42,
};
let with_epoch = CredentialSpendingRequest { data: spending };
let bytes = with_epoch.to_bytes();
let recovered = CredentialSpendingWithEpoch::try_from_bytes(&bytes).unwrap();
let recovered = CredentialSpendingRequest::try_from_bytes(&bytes).unwrap();
assert_eq!(with_epoch, recovered);
}
+4 -5
View File
@@ -3,7 +3,7 @@
use crate::authentication::encrypted_address::EncryptedAddressBytes;
use crate::iv::IV;
use crate::models::{CredentialSpendingWithEpoch, OldV1Credential};
use crate::models::{CredentialSpendingRequest, OldV1Credential};
use crate::registration::handshake::SharedKeys;
use crate::{GatewayMacSize, CURRENT_PROTOCOL_VERSION};
use log::error;
@@ -190,11 +190,10 @@ impl ClientControlRequest {
pub fn new_enc_coconut_bandwidth_credential_v2(
credential: CredentialSpendingData,
epoch_id: u64,
shared_key: &SharedKeys,
iv: IV,
) -> Self {
let cred = CredentialSpendingWithEpoch::new(credential, epoch_id);
let cred = CredentialSpendingRequest::new(credential);
let serialized_credential = cred.to_bytes();
let enc_credential = shared_key.encrypt_and_tag(&serialized_credential, Some(iv.inner()));
@@ -208,9 +207,9 @@ impl ClientControlRequest {
enc_credential: Vec<u8>,
shared_key: &SharedKeys,
iv: IV,
) -> Result<CredentialSpendingWithEpoch, GatewayRequestsError> {
) -> Result<CredentialSpendingRequest, GatewayRequestsError> {
let credential_bytes = shared_key.decrypt_tagged(&enc_credential, Some(iv.inner()))?;
CredentialSpendingWithEpoch::try_from_bytes(&credential_bytes)
CredentialSpendingRequest::try_from_bytes(&credential_bytes)
.map_err(|_| GatewayRequestsError::MalformedEncryption)
}
}
@@ -22,7 +22,7 @@ use futures::{
use log::*;
use nym_credentials::coconut::bandwidth::{bandwidth_credential_params, CredentialType};
use nym_credentials_interface::CoconutError;
use nym_gateway_requests::models::CredentialSpendingWithEpoch;
use nym_gateway_requests::models::CredentialSpendingRequest;
use nym_gateway_requests::{
iv::{IVConversionError, IV},
types::{BinaryRequest, ServerResponse},
@@ -220,12 +220,12 @@ where
async fn handle_bandwidth_request(
&mut self,
credential: CredentialSpendingWithEpoch,
credential: CredentialSpendingRequest,
) -> Result<ServerResponse, RequestHandlingError> {
let aggregated_verification_key = self
.inner
.coconut_verifier
.verification_key(credential.epoch_id)
.verification_key(credential.data.epoch_id)
.await?;
if !credential.data.validate_type_attribute() {
@@ -251,7 +251,7 @@ where
let api_clients = self
.inner
.coconut_verifier
.api_clients(credential.epoch_id)
.api_clients(credential.data.epoch_id)
.await?;
self.inner
@@ -4,7 +4,7 @@
use super::authenticated::RequestHandlingError;
use log::*;
use nym_credentials_interface::VerificationKey;
use nym_gateway_requests::models::CredentialSpendingWithEpoch;
use nym_gateway_requests::models::CredentialSpendingRequest;
use nym_validator_client::coconut::all_coconut_api_clients;
use nym_validator_client::nym_api::EpochId;
use nym_validator_client::nyxd::contract_traits::{MultisigQueryClient, NymContractsProvider};
@@ -180,7 +180,7 @@ impl CoconutVerifier {
pub async fn release_bandwidth_voucher_funds(
&self,
api_clients: &[CoconutApiClient],
credential: CredentialSpendingWithEpoch,
credential: CredentialSpendingRequest,
) -> Result<(), RequestHandlingError> {
if !credential.data.typ.is_voucher() {
unimplemented!()
@@ -230,7 +230,6 @@ impl CoconutVerifier {
let req = nym_api_requests::coconut::VerifyCredentialBody::new(
credential.data,
credential.epoch_id,
proposal_id,
self.address.clone(),
);
@@ -17,10 +17,6 @@ pub struct VerifyCredentialBody {
/// The cryptographic material required for spending the underlying credential.
pub credential_data: CredentialSpendingData,
/// The (DKG) epoch id under which the credential has been issued so that the verifier
/// could use correct verification key for validation.
pub epoch_id: u64,
/// Multisig proposal for releasing funds for the provided bandwidth credential
pub proposal_id: u64,
@@ -31,13 +27,11 @@ pub struct VerifyCredentialBody {
impl VerifyCredentialBody {
pub fn new(
credential_data: CredentialSpendingData,
epoch_id: u64,
proposal_id: u64,
gateway_cosmos_addr: AccountId,
) -> VerifyCredentialBody {
VerifyCredentialBody {
credential_data,
epoch_id,
proposal_id,
gateway_cosmos_addr,
}
@@ -68,7 +62,6 @@ pub struct BlindSignRequestBody {
/// Signature on the inner sign request and the tx hash
pub signature: identity::Signature,
// public_attributes: Vec<String>,
pub public_attributes_plain: Vec<String>,
}
+1 -1
View File
@@ -239,8 +239,8 @@ pub async fn verify_bandwidth_credential(
state: &RocketState<State>,
) -> Result<Json<VerifyCredentialResponse>> {
let proposal_id = verify_credential_body.proposal_id;
let epoch_id = verify_credential_body.epoch_id;
let credential_data = &verify_credential_body.credential_data;
let epoch_id = credential_data.epoch_id;
let theta = &credential_data.verify_credential_request;
let voucher_value: u64 = if credential_data.typ.is_voucher() {