* cleaned up MixProcessingError
* Added Error impl to (hopefully) all error enums in the codebase
* Replaced all occurences of error("{0}") with error(transparent)
* Changelog entry
* Rename to ExtendedPacketSize32
* Add two more extended packet sizes
* Update config handling for new packet sizes
* Update wasm-client
* Changelog: update
* wasm-client: fix ref
* Switch use enum instead of string for config
* Add coconut verifier structure for coconut protocol in gateway
* Add endpoint for validator-api cred verification
* Remove unused signature field
* Register new endpoint
* Improve validator-api config handling
* Aggregate verif result from all apis
* Simplify aggregate functions
* Verify cred on apis correctly
* Introduced coconut bandwidth contract to validator client
* Fix rebase double import
* Fix clippy on non-coconut
* Add multisig contract address to validator client
* Refactor Credential struct
* Do bincode magic in the coconut interface
* Implement serialization for credential and remove bindcode
* Fix clippy and don't remove dkg
* Client release funds proposal
* Add wrapper for blinded serial number
Also compare theta with a blinded serial number (in base 58 form)
for future double spend protection.
* Only post blinded serial number to blockchain
* Validator api propose credential spending
* Fix wallet
* Gateway calls proposal creation
* Query for proposal in verify coconut
* Remove db from git
* Verify against proposal description
* Validator apis vote based on verification of cred
* Fix wallet fmt
* Execute the release of funds
* Fix translation between token and bytes
* Update CHANGELOG
* Fix clippy on relevant lints
return_self_not_must_use still produces errors, but that will be
auto-fixed once the change to move it to pedantic is released to beta
channel
* Run fmt
* Removed outdated constant
* ClaimFreeTestnetBandwidth ClientControlRequest
* Configuration option for the testnet mode in gateway
* Made testnet mode deserialize to default value if not present
* Fixed testnet mode override
* Testnet config options for clients and validator api
* Changed error message for when gateway is not using testnet mode
* Incorporated testnet mode into gateway client
* Activating testnet mode based on config values
* Allowing clippy warnings
* Fixed use of moved value in wasm build
Co-authored-by: Bogdan-Ștefan Neacșu <bogdan@nymtech.net>
* Remove check for bandwidth for incoming packets
We should only accunt for packets that the client inputs to the mixnet
* Introduce BandwidthController for both types of bandwidth creds
* Add some non-coconut token bandwidth handling
* Use thiserror for gateway-client lib
* Add error handling
* Unable to build for wasm for now
* Fix wasm strange error
* Disable non-coconut credentials for wasm client
* Check for status and throw the error up
* Send encrypted token cred from client
* Gateway receive message and signature validation
* Put the correct amount of tokens that were burned
* [ci skip] Generate TS types
* Eth endpoint and secret key as config parameters
* Add eth_endpoint config argument for gateway
* Update test as well
* Separate panicable code from the safe one
* Move some bandwidth controller panics up the call stack
* Save contract corresponding to the eth endpoint
* Fix template
* Pass the web3 interface as well
* Made event reads possible in gateway
* Add checks for event data
* Cosmos contract for double spending prevention
* Add workflow for the new contract
* Add validator rest URL to config
* Rename eth_events to erc20_bridge
* Pass cosmos mnemonic as well, and put the nymd client in ERC20Bridge
* Call cosmos contract for final verification
* Ask for config parameters in cli
* Fix various stuff
* Increase timeout to allow gateway to check the two chains
* Put some logs for the new flow
* Set consumed bandwidth invariantly of coconut feature
* Fix clippy error
* Add non-coconut checks
* Use 2018 rust instead of 2021
* More verbose nymd error
* Explicitly specify TOKENS_TO_BURN constant
* Put eth burn function in a constant
* Replace to_vec & append with iter & chain
* Test for (de)serialization of TokenCredential
* Minor rename
* Separate credential creation from bandwidth claiming
* Switch from panics to errors when claiming coconut bandwidth
* Another append changed to chain
* Update QA cosmos contract address
* Simplify build/test/clippy separation on coconut feature
* Fix bad features arg positioning
* Use the start_after in cosmos contract query
* Set a limit in line with a range on cosmos queries
* Added unit tests for new cosmos contract
* Fix bandwidth_remaining comparation
* Get remaining bandwidth from gateway
* Add contract build flag
* Add a useful info log
* Use a more robust eth depth for release builds
* Include recipt logs in error message
* Fix clippy for tests
* Use Arc instead of clone
* Rename as_bytes to to_bytes
* Make signature verification in contract more verbose
* Missed rename of paging constant
* Fix gateway start with coconut enabled
* Rename function to claim_token
* Simplify nymd client setup
* Check with block buffer on gateway as well
* Update comment of double spending protection
* Correct contract address
* Backup the keypairs used for buying tokens, in case of error cases
* Don't take any chances with the gateway timeout
* [ci skip] Generate TS types
* Updated cosmos contract to latest QA address
* Add cli options for eth
* Update network monitor timeout value as well
Co-authored-by: neacsu <neacsu@users.noreply.github.com>
* 'Coconut' feature in gateway
* Enabled coconut feature in gateway-requests
* Native client coconut feature
* Ibid for socks5 client
* Ibid for wasm client
* Coconut feature flag for validator-api
* Added coconut feature flag to our CI
* build.yml typo
* Continue on windows errors
* Missing quote
* Another typo in build.yml
* Reclaiming disk space when building for windows on CI
* Sqlx struct stub
* Initial schema
* Initial error enum
* Managed for persisted shared keys
* Initial inbox manager
* Comments
* Using new database in clients handler
* Extending gateway storage API
* tokio::main + placeholder values
* Removed old client store
* Simplified logic of async packet processing
* Renamed table + not null restriction
* BandwidthManager
* Removed sled dependency
* Using centralised storage for bandwidth
* Dead code removal
* WIP connection_handler split and simplification
Maybe it doesn't look like it right now, but once completed it will remove bunch of redundant checks for Nones etc
* Further more explicit clients handler split
* Minor cleanup
* Temporary store for active client handles
* Fixed error types
* Error trait on iv and encrypted address
* Authentication and registration moved to the handler
* Removal of clients handler
* Further logic simplification + returned explicit bandwidth values
* Further cleanup and comments
* Updated config with relevant changes
* Basic bandwidth tracking in client
* FreshHandle doc comments + fixed stagger issue
* Removed side-effects from .map
* More doc comments
* Database migration on build
* Increased default claimed bandwidth
* Renaming
* Fixed client determining available bandwidth
* Removed dead sql table that might be used in the future
* Windows workaround
* Comment
* Return error rather than cap credential
* Update hmac and blake3
* Remain paranoid for `0.*` crates
* Most paranoid versions :)
* Updated aes and using published version of blake3
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
* Call perform_initial_authentication instead of register in clients
* Refactor the register/authenticate functions a bit
* Introduce Bandwidth request type
* Add encryption layer to cred
* Remove cred pass and check from handshake
* Replaced unreachable! with error
* Changed decrypt_tagged signature to not take mutable ownership of data
* Put handle_bandwidth work inside a function
* Add check before unwrap
* Remove unnecessary async
* Decouple bandwidth credential from authentication
* Use new_error for ServerResponse:Error
* Send a fresh IV each time the BandwidthCredential request is sent
* Remove unwrap of bincode::serialize
* Add comment regarding Bandwidth response
* Remove _mut from naming
* Leave Debug trait alone, as the initial error doesn't reproduce anymore
* Pass iv as Vec<u8> instead of base58 string
* Renamed AuthenticationIV to IV, as it is now used for more the just authentication
* Did some IV refactorization
* Hand coconut issuance off the validator-api
* git to cargo
* Move to own module
* Integrate tauri-client, extract common interface
* cargo fmt
* Ergonomics
* Facelift
* Wrap up tauri client
* Set up publish
* Fix fmt
* Install CI dependencies
* Inline deps
* Remove mac deps
* Add dist dir
* Fix beta clippy nag
* Commit some gateway work
* Thread coconut creds through gateway handshake
* Push in progress patch
* Move State from tauri client to coconut interface
* Move get_aggregated_signature from tauri client to coconut interface
* Move prove_credential from tauri client to coconut interface
* Update sphinx version
* Mount coconut routes and manage config file in rocket
* Split default validator endpoint into host and port
* Add init for simple credential initialization
* Fix common gateway client
* Add coconut cred to webassembly client
* Add coconut cred to socks5 client
* Add coconut cred to native client
* Remove direct coconut-rs dependency
* Use only coconut interface in validator api
* Leave validator-api out of workspace and update Cargo.lock
* Fix clippy warnings and update Cargo.lock after rebase
* Switch from attohttpc to reqwest for async gets
This is not only needed for using async requests, but also because attohttpc
causes OpenSSL issues when cross compiling the webassembly client.
* Replace attohttpc with reqwest for puts too
* Make tauri client commands async
* Fix borrow error
* Guard gateway server code from compiling for wasm (client)
* Fix clippy wasm client
* Fix tests
* Fix clippy in tauri client
* Remove commented code
* Update comment of init message
* Remove unnecessary hex dependency
* Replace config argument with key_pair
* Use `trim()` for whitespace removal
* Move verification key query higher up the function calls
* Put KeyPair instead of Config into rocket's managed items
* Re-enable tauri client verify button
* Move verification key up the function calls for prove_credential
* Use consts for verification_key and blind_sign routes of validator-api
* Replace `match` with `map_err`
* Fix typo
* Remove now unnecessary `Clone` derives
... as config is no longer managed by rocket
* Replace `match` with `map_err`
* Make `InternalSignRequest` really internal to validator-api
* Make `with_keypair` live up to its name
* Update Cargo.lock after rebase
* Replace String error with HandshakeError
* Add CoconutInterfaceError to coconut-interface
* Format the new error in tauri client
* Remove from default, as wasm client doesn't build
* Put public key as init argument...
... for the public attributes of the credential
* Use the hash_to_scalar function to make public key into attribute
Use the function from cli-demo-rs from https://github.com/nymtech/coconut
to make the identity public key into a public attribute.
* Replace vector with array for InitMessage
As we know beforehand the size of the keys, we can use fixed size array
instead of vectors. This eliminates the need for a prefixed length in
the serialized form of the InitMessage structure and enables a easy
deserialization of the remote identity before the actual bincode
deserialization that we do in the handshake process.
Before this, the `extract_remote_identity_from_register_init` function
attempted to deserialize into a public key the length-prefixed public key
received from the client, thus failing sporadically with a `Cannot decompress
Edwards point` error.
* Pass public and private attributes to state `init` instead of PublicKey
* Make tauri call with dummy attributes
* Make clients call with their keypairs
* Revert "Make clients call with their keypairs"
This reverts commit b348f47f7a.
* Put dummy, bandwidth private attribute
Co-authored-by: Bogdan-Ștefan Neacșu <bogdan@nymtech.net>
* Running CI also on windows and macOS
* Rust 2021 formatting
* clippy::upper_case_acronyms where appropriate
* Allowing unknown clippy lints
* Further clippy updates
* Building wasm client during CI
* wasm actions update
* added working directory to cargo jobs
* Temporarily disabled wasm test and clippy
* Added github actions templates
* removed travis .yml file
* initial clippy cleanup pass
* fixed the rest of clippy warnings
* Made github badges more fancy and consistent with the ones in sphinx
* Updated local rustc version and removed compilation warningns
* ... and fresh clippy warnings
* formatting
* beta clippy specific warnings fixed
* Fixed all nightly clippy warnings
* Fixed trying to unwrap a ()
* Actually running all tests
* Correctly passing the --all flag
* Hopefullly third time's a charm in fixing argument passing
* Ability to set client in vpn mode
* Connection handler for mixnode
* Initial vpn mode for mixes
* Updated SphinxCodec to contain more metadata
* Renaming
* Removed handle from mixnet client and introduced forwarder
* Mixnode using new forwarder
* Mixnode common module containing shared packet processing
* ibid. incorporated inside mixnode
* New processing for gateway
* Type cleanup
* Wasm fix
* Fixed client config
* Fixed mixnode runtime issues
* Formatting
* Client re-using secret on 'normal' packets
* Using the same key for acks
* WIP
* vpn key manager cleanup
* wasm fix
* VPN_KEY_REUSE_LIMIT moved to config
* Moved AckDelayQueue to separate common crate
* Key cache invalidator
* Updated dashmap used in gateway
* Old typo
* Additional comment
* Cargo fmt
* Fixed tests
* Sphinx update
* cache ttl as config option
* Cargo fmt
* Split text and binary client apis
* Very initial attempt at new serialization
* Defined ser+de for Recipient and ReplySURB
* Response errors
* builds with changes
* Working WS API + moved to separate crate
* updated python examples
* Fixed parsing bug
* Updated go examples
* Updated rust examples
* formatting
* Removed unused imports
* dependency updates
* Further dependency changes
* nymsphinx exposingn framing only if not in wasm32
* Cargo lock changes before develop merge
* Pending work
* Actually sending and receiving websocket from rust!
* more WIP
* Initial wasm client + establishing shared key with gateway!
* Splitting and sending a message!
* WIP
* WIP
* Initial wasm-ification of the gateway client
* Passing reconstruction result to js callback!
* Initial WASM cleaning pass
* Dependency pruning
* Moved processing loop to received_processor + at least ack unwrappingn
* Post merge fix
* Kinda updated react example
* Old print statement removed
* Removed yarn.lock
* Fixed building issue for other clients
* Fixed travis test command
* Changed identity keypair to use ed25519
* Encryption key is now x25519 based + compatibiltiy with sphinx
* Pathing and import fixes
* Moved all asymmetric keys to sub-module in crypto
* Extracted aes to separate module
* kdf module in crypto
* Ability to perform diffie hellman on encryption keys
* ecdsa on identity keys
* Extremely rough and incomplete registration handshake
* Authentication primitives
* Creating new random authenticationIV
* Wrapper type for the derived shared key
* Removed AuthToken in favour of using SharedKey for authentication
* Gateway identity keys
* Registration handshake without error mapping
* Gateway address in client config
* Added extra key for gateway presence
* Updated pemstore to work on borrows instead
* Gateway client trying to perform the handshake
* Gateway changes to allow for handshake and shared key
* Debug trait on sharedkey
* native client using updated gateway client
* Slightly updated gateway API
* Minor cleanup
* Fixed pemstore to correctly save multiple keypairs
* Gateway actually deriving shared key during handshake
* Gateway sending correct mid-handshake message
* Missing quotation mark in client config template
* Fixed template for correct shared key serialization
* Fixed gateway authentication
* Fixed tests
* Using correct gateway key when converting to sphinx node
* "get_all_clients" takes them from gateways as opposed to providers now
* cargo fmt
* Renamed pemstore methods
* Unused import
* Encryption of forward requests between client and gateway
* Updated sphinx dependency to use public revision
* Sending 'error' on handshake processing error
* Removed some dead code
* Dead code I forgot to remove before
* Extracted AckAes128Key into a struct
* Slight pemstore revamp allowing for symmetric key store
* ibid.
* PemStorableKey for SharedKey
* Introduced single location responsible for key management for client
* WIP
* Sphinx version update
* Stop using NodeAddressBytes for two distinct and confusing purposes
* Abstracting away SocketAddr from sphinx forwarding
* Passing the bool for reply surbs
* Attack plan for replies + encryption
* Comment + removed variable binding
* ReplySURB usage
* Topology import in nymsphinx
* Sphinx version update
* Changed 'Recipient' to contain client's encryption key
* Message preparation taking shape!
* reply surb also containing the encryption key
* Very initial message receiver
* Sphinx version update
* A possibly working way of receiving surbs
* Fixed incorrect field name in client config template
* camel casing all request arguments
* Renamed and moved `MessageMode` to more appropriate file
* Restored reconstruction tests
* Removed dead code from chunking
* Made rust examples compilable
* reply SURB key storage
* Replies as an InputMessage
* Forgotten commented code
* No retransmission processing for cover or replies
* Received reply processing
* Renamed client pathfinder to something more appropriate
* Made HasherOutputSize public
* Added key store path to config
* Reply surb attaching key digest when used
* Changes due to previous renaming
* Removed comment
* Fixed insert_encryption_key
* Assigning initial value of key store path
* Computing key digest with correct algorithm
* Initial and presumably temporary request serialization
* hacky way of introducing 'FragmentIdentifier' for replies
* Moved responsibility of reply encryption, padding, etc, to message preparer
* Optional recipient in try_get_valid_topology_ref
* Handling new reply surbs with acks and padding
* Updated go and python examples to include replies in text and binary cases
* Updated rust examples + binaryserverresponse
* Helpers in rust examples
* And updated JS example
* Moved shared key generation function to crypto crate
* Cover traffic encryption!
* hmac computation in crypto
* Updated aes imports due to new dependencies
* hkdf made more generic
* crypto cleanup + algorithms in params
* Clippy cleanup pass
* Generating encryption+mac shared keys between client and gateway
* MACs attached to forward requests to gateway
* Gateway messages encrypted and mac'd
* Lowered logging level
* compiler warning cleanup
* Some minor cleanup
* Generic stream cipher
* Generic shared key derivation + algorithm definitions
* Project-wide AES clean-up
* Comment fix
* Removed commented imports
* Updated comments
* Fixed topology test fixture
* Changed identity keypair to use ed25519
* Encryption key is now x25519 based + compatibiltiy with sphinx
* Pathing and import fixes
* Moved all asymmetric keys to sub-module in crypto
* Extracted aes to separate module
* kdf module in crypto
* Ability to perform diffie hellman on encryption keys
* ecdsa on identity keys
* Extremely rough and incomplete registration handshake
* Authentication primitives
* Creating new random authenticationIV
* Wrapper type for the derived shared key
* Removed AuthToken in favour of using SharedKey for authentication
* Gateway identity keys
* Registration handshake without error mapping
* Gateway address in client config
* Added extra key for gateway presence
* Updated pemstore to work on borrows instead
* Gateway client trying to perform the handshake
* Gateway changes to allow for handshake and shared key
* Debug trait on sharedkey
* native client using updated gateway client
* Slightly updated gateway API
* Minor cleanup
* Fixed pemstore to correctly save multiple keypairs
* Gateway actually deriving shared key during handshake
* Gateway sending correct mid-handshake message
* Missing quotation mark in client config template
* Fixed template for correct shared key serialization
* Fixed gateway authentication
* Fixed tests
* Using correct gateway key when converting to sphinx node
* "get_all_clients" takes them from gateways as opposed to providers now
* cargo fmt
* Renamed pemstore methods
* Unused import
* Encryption of forward requests between client and gateway
* Updated sphinx dependency to use public revision
* Sending 'error' on handshake processing error
* Removed some dead code
* Ability to send sphinx packets of different sizes + more efficient decoding
* Closing connection on connection corruption
* Missing semicolons
* Missing license notices
* Default for packetsize
* Split nymsphinx
* Replaced Mutex with RwLock for TopologyAccessor + impl Deref
* Sphinx update + import cleanup
* Moved packet_sizes file
* Updated NymTopology API
* sphinx version bump
* Missing license notice
* nymsphinx-params crate
* Changes due to ibid.
* Chunking rework to allow variable size fragments
* Initial ack crate
* Version bump to new dev build
* Cargo lock changes
* random_route_to_gateway by node address
* exposing getting read permit
* Very initial draft on ack control
* Correctly dereferencing out of topology read permit
* All pending changes + compilation todo!s
* Restricted scope of deref on TopologyAccessorInner
* Type path alias for generate_key
* Derived traits for MessageChunker
* Ack control starting to take shape!
* Awaiting callbacks
* Most of work done on acks. Now to wire it all together
* Import cleanup
* rng generalization
* Connected real traffic together; only acks from gateway left
* Removed redundant things from nymsphinx::utils
* nymsphinx-cover crate
* Ack-related fields in client config
* Decreased packet store log level
* Restored forward sphinx request
* Slight adjustements to surb acks
* Changed TopologyReadPermit from type alias into a struct
* Changes due to ibid.
* Sphinx version upgrade
* Gateway being able to understand and handle acks
* Special Cover FragmentIdentifier + removal of dead code
* Initial packet router for gateway client
* Kill client if it fails to send to gateway too many times
* Cover messages with acks
* Moved out gateway client errors
* Ignoring cover traffic acks
* Changes in ack control
* Another sphinx version upgrade
* websocket handler delegating message chunking
* Using config defined ack wait additions
* Other minor changes I should have been more dilligent with splitting
* Import path fix
* sphinx_receiver => mixnet_receiver
* Missing renamed variable instance
* Updated aes-ctr to 0.4.0
* Removed concept of 'unfragmented' single fragment
* Replay fragments detection
* Long method split
* typo
* Cleaner client init
* Fixed race condition
* Fixed similar issue for retransmission
* Cargo fmt
* Minor clenaup
* Ability to send sphinx packets of different sizes + more efficient decoding
* Closing connection on connection corruption
* Missing semicolons
* Missing license notices
* Default for packetsize
* Updated wasm code to work with new gateway and updated the example
* cargo fmt
* Fixed test by ensuring destination is present at a gateway
* Updated hardcoded default port
* ibid. to correct value
* Initial draft for ClientsHandler
* Created listener struct
* typo
* Stateful websocket connection handler
* Exposing modules
* Depdendencies updates
* Moved listener to correct file + made start consume listener
* Main starting new listener
* Catching sigint
* Copied client storage from provider into gateway
* Exposed websocket listener type for nicer import path
* Defined websocket message receiver concrete type
* Client ledger struct without implementation
* ClientsHandler using more concrete types
* Mixnet sender + receiver and exposed listener type
* Handling mix packets
* Ability to forward mix packets
* "starting" both listeners at main
* Depedencies updates
* Initial type definitions for client messages
* Initial "gateway-requests" with AuthToken
* ibid.
* Restored most of ledger's functionalities
* Ability to retrieve all messages regardless of rate limit
* ClientsHandler request handling logic
* Required 'new' dependencies
* Main changes required for compilation
* PacketProcessor getting private key pointer
* "moved" types into gateway requests crate
* Moved and renamed types
* ibid.
* Added required serde_json dependency
* Skeleton for websocket request handling
* helper methods on ServerResponse
* WebSocket Handler pushing received mix messages directly to client
* PacketForwarder returning JoinHandle alongside the channel
* ClientsHandler following the same pattern
* Made websocket listener start method consistent with mix listener
* Syntax error + formatting
* Websocket handler having access to mix forwarder
* Minimal binary request parsing
* Implicitly derived std::error::Error on GatewayRequestsError
* Handling of all websocket requests
* Types import cleanup
* Updated placeholder fields
* Everything put into main
* Missing license notices
* Cleaned up unused code
* Copied and did initial minor changes to commands and config
* It's actually gateway
* Gateway sending its regular presence to directory server
* Re-organisation of gateway code + Gateway struct
* Updated provider argument description
* Restored duplicate ip check without importing NymTopology trait
* Moved hardcoded values into config
* Cargo fmt
* Compilation errors in other crates due to topology adjustments
* Test fixes
* Initial gateway-client
* Seemingly working version with bunch of hardcoded and temporary values
* cargo fmt
* Removed provider poller
* Updated config with gateway values instead of provider
* Gateway address including ws
* Removed hardcoded gateway address
* Properly skipping loop cover messages
* Updated log filter with tokio tungstenite related modules
* Updated sphinx version used
* Very minor cleanup
* unused import