* 'Coconut' feature in gateway
* Enabled coconut feature in gateway-requests
* Native client coconut feature
* Ibid for socks5 client
* Ibid for wasm client
* Coconut feature flag for validator-api
* Added coconut feature flag to our CI
* build.yml typo
* Continue on windows errors
* Missing quote
* Another typo in build.yml
* Reclaiming disk space when building for windows on CI
* Sqlx struct stub
* Initial schema
* Initial error enum
* Managed for persisted shared keys
* Initial inbox manager
* Comments
* Using new database in clients handler
* Extending gateway storage API
* tokio::main + placeholder values
* Removed old client store
* Simplified logic of async packet processing
* Renamed table + not null restriction
* BandwidthManager
* Removed sled dependency
* Using centralised storage for bandwidth
* Dead code removal
* WIP connection_handler split and simplification
Maybe it doesn't look like it right now, but once completed it will remove bunch of redundant checks for Nones etc
* Further more explicit clients handler split
* Minor cleanup
* Temporary store for active client handles
* Fixed error types
* Error trait on iv and encrypted address
* Authentication and registration moved to the handler
* Removal of clients handler
* Further logic simplification + returned explicit bandwidth values
* Further cleanup and comments
* Updated config with relevant changes
* Basic bandwidth tracking in client
* FreshHandle doc comments + fixed stagger issue
* Removed side-effects from .map
* More doc comments
* Database migration on build
* Increased default claimed bandwidth
* Renaming
* Fixed client determining available bandwidth
* Removed dead sql table that might be used in the future
* Windows workaround
* Comment
* Return error rather than cap credential
* Set actual value for bandwidth
Also put it as a public attribute, such that it can be actively used
by the credential consumer
* Switch from sending Attribute structs to sending the actual attribute bytes over the wire
* Add atomic bandwidth value to gateway
* Consume bandwidth based on the mix packet size
* Use Bandwidth struct for specific functionality
* Move bandwidth code outside the dependency path of wasm client
* Use u64 instead of AtomicU64, as the handling is not parallel
* Call perform_initial_authentication instead of register in clients
* Refactor the register/authenticate functions a bit
* Introduce Bandwidth request type
* Add encryption layer to cred
* Remove cred pass and check from handshake
* Replaced unreachable! with error
* Changed decrypt_tagged signature to not take mutable ownership of data
* Put handle_bandwidth work inside a function
* Add check before unwrap
* Remove unnecessary async
* Decouple bandwidth credential from authentication
* Use new_error for ServerResponse:Error
* Send a fresh IV each time the BandwidthCredential request is sent
* Remove unwrap of bincode::serialize
* Add comment regarding Bandwidth response
* Remove _mut from naming
* Leave Debug trait alone, as the initial error doesn't reproduce anymore
* Pass iv as Vec<u8> instead of base58 string
* Renamed AuthenticationIV to IV, as it is now used for more the just authentication
* Did some IV refactorization
* Calculating gas fees
* Ability to set custom fees
* Added extra test
* Removed commented code
* Moved all msg types to common contract crate
* Temporarily disabling get_tx method
* Finishing up nymd client API
* Comment fix
* Remaining fee values
* Some cleanup
* Removed needless borrow
* Fixed imports in contract tests
* Moved error types around
* New ValidatorClient
* Experiment with new type of defaults
* Removed dead module
* Dealt with unwrap
* Migrated mixnode to use new validator client
* Migrated gateway to use new validator client
* Mixnode and gateway adjustments
* More exported defaults
* Clients using new validator client
* Fixed mixnode upgrade
* Moved default values to a new crate
* Changed behaviour of validator client features
* Migrated basic functions of validator api
* Updated config + fixed startup
* Fixed wasm client build
* Integration with the explorer api
* Removed tokio dev dependency
* Needless borrow
* Fixex wasm client build
* Fixed tauri client build
* Needless borrows
* Fixed client upgrade print
* Removed redundant comments
* Made note on aggregated verification key into a doc comment
* Removed mixnet contract references from verloc
* Modified default validators structure
* Reformatted validator-api Cargo.toml file
* Removed commented code
* Made the doc comment example a no-run
* Fixed a upgrade print... again
* Adjusted the doc example
* Removed unused import
* Hand coconut issuance off the validator-api
* git to cargo
* Move to own module
* Integrate tauri-client, extract common interface
* cargo fmt
* Ergonomics
* Facelift
* Wrap up tauri client
* Set up publish
* Fix fmt
* Install CI dependencies
* Inline deps
* Remove mac deps
* Add dist dir
* Fix beta clippy nag
* Commit some gateway work
* Thread coconut creds through gateway handshake
* Push in progress patch
* Move State from tauri client to coconut interface
* Move get_aggregated_signature from tauri client to coconut interface
* Move prove_credential from tauri client to coconut interface
* Update sphinx version
* Mount coconut routes and manage config file in rocket
* Split default validator endpoint into host and port
* Add init for simple credential initialization
* Fix common gateway client
* Add coconut cred to webassembly client
* Add coconut cred to socks5 client
* Add coconut cred to native client
* Remove direct coconut-rs dependency
* Use only coconut interface in validator api
* Leave validator-api out of workspace and update Cargo.lock
* Fix clippy warnings and update Cargo.lock after rebase
* Switch from attohttpc to reqwest for async gets
This is not only needed for using async requests, but also because attohttpc
causes OpenSSL issues when cross compiling the webassembly client.
* Replace attohttpc with reqwest for puts too
* Make tauri client commands async
* Fix borrow error
* Guard gateway server code from compiling for wasm (client)
* Fix clippy wasm client
* Fix tests
* Fix clippy in tauri client
* Remove commented code
* Update comment of init message
* Remove unnecessary hex dependency
* Replace config argument with key_pair
* Use `trim()` for whitespace removal
* Move verification key query higher up the function calls
* Put KeyPair instead of Config into rocket's managed items
* Re-enable tauri client verify button
* Move verification key up the function calls for prove_credential
* Use consts for verification_key and blind_sign routes of validator-api
* Replace `match` with `map_err`
* Fix typo
* Remove now unnecessary `Clone` derives
... as config is no longer managed by rocket
* Replace `match` with `map_err`
* Make `InternalSignRequest` really internal to validator-api
* Make `with_keypair` live up to its name
* Update Cargo.lock after rebase
* Replace String error with HandshakeError
* Add CoconutInterfaceError to coconut-interface
* Format the new error in tauri client
* Remove from default, as wasm client doesn't build
* Put public key as init argument...
... for the public attributes of the credential
* Use the hash_to_scalar function to make public key into attribute
Use the function from cli-demo-rs from https://github.com/nymtech/coconut
to make the identity public key into a public attribute.
* Replace vector with array for InitMessage
As we know beforehand the size of the keys, we can use fixed size array
instead of vectors. This eliminates the need for a prefixed length in
the serialized form of the InitMessage structure and enables a easy
deserialization of the remote identity before the actual bincode
deserialization that we do in the handshake process.
Before this, the `extract_remote_identity_from_register_init` function
attempted to deserialize into a public key the length-prefixed public key
received from the client, thus failing sporadically with a `Cannot decompress
Edwards point` error.
* Pass public and private attributes to state `init` instead of PublicKey
* Make tauri call with dummy attributes
* Make clients call with their keypairs
* Revert "Make clients call with their keypairs"
This reverts commit b348f47f7a.
* Put dummy, bandwidth private attribute
Co-authored-by: Bogdan-Ștefan Neacșu <bogdan@nymtech.net>
* Add validator-api common client
* Call validator-api from different clients for gateway topology
* Call validator-api from different clients for mixnode topology
* Use consts for the validator-api queries
* Rename the new query_validator function to query_validator_api
* Add mut to mixnode validator client
* Add refreshValidatorAPIGateways as a way to get the gateways...
... from validator-api
* Add refreshValidatorAPIGateways as a way to get the mixnodes...
... from validator-api
* Add yet another mut
* Change the port to validator-api service when querying the topology
* Add parsing check on the config phase...
... to make sure the validator URLs are in the correct format.
* Fix another clippy error
* Use all provided validators instead of just the first one
* The mutable reference was not actually needed, so remove it
* Use global variable for validator-api port
* Use url crate for checking the format and changing the port
* Use URL for parsing and move constants of validator-api to index.ts...
... until we find a way to link to the values from the validator-api
crate.
* Change global variables naming and have the API version into each API query
* Revert the changes to the index on connect...
... as they were working correctly before.
* Use all provided validators for mixnodes as well
* Remove location and layer
* Updated smart contract to work with future cosmwasm 0.14.0 update
* Updated the rest of the codebase
* Reordered imports
* Missing imports
* cargo fmt
* More cargo fmt action
* Introduced type alias for IdentityKey reference
* Constant defined arguments for gateway and mixnode
* Spliting host into explicit address and port(s)
* Using more type restrictive IpAddr rather than String for listening address
* Updated config templates
* Tentative upgrade commands, probably to be further changed before release
* Fixed mixnet contract test fixtures
* Further missing test adjustments
* Connecting to gateway with a timeout
* Added address value to InvalidAddress error
* Initial updated network monitor (does not submit results yet)
* Created client for node status api
* Changed default address to the local one
* Removed old validator client
* Renamed validator client rest to validator client
* Print conversion warnings using Display rather than Debug formattingn
* WIP for adding owner field in monitor
* Preserving changes before branch switch
* Keeping track of node owners during monitoring + using those for node status api
* Removed temporary log statement
* Dont notify node status api if good nodes are broken
* Changed default monitor interval to 5min
* Post merge issues
* Allowing dead version field in seocksrequest
* Updated monitor run interval to 15min
* Reporting gateways and mixnodes separately with the new api
* Unused imports
* Decreased testing interval to temporarily bypass the silent timeout issue
* Formattingn
* Rust half done
* Removed the temporary 'test'
* Using multiple validator endpoints in the javascript client
* Dont attempt any switches with a single validator endpoint
* Removed the unused temporary function
* Updated validator-client version
* Simplify some Option / Result / ? operator patterns
... when they have a direct combinator equivalent.
Tool-aided by [comby-rust](https://github.com/huitseeker/comby-rust)
* Remove panic in socket state
* Updated all non-breaking dependencies
* Updated common/crypto dependencies
* Updated all tokio [and associated] dependencies to most recent version
* Bumped version of rand_distr
* Fixed api changes in tests
* Made clippy happier about the acronym
* Fixed the type while trying to make clippy even happier
* nightly cargo fmt
* Removed reputation field from existing topology
* ibid for registration time
* Basic bond to topology conversion
* Made existing tests compilable
* Added owner and stake fields to mix and gateway topology entries
* Moved node conversion to topology crate
* Added mixnet contract field to clients configs
* topology refresher trying to use new validator
* Removed clients depepdency on the old validator client
* Removed mixnode dependency on the old validator client
* Removed gateway dependency on the old validator client
* Removed location field fron mixnode and gateway configs
* Removed incentives address from mixnodes and gateways
* Cargo.lock changes
* Ignoring clippy warnings originating from codegen from JsonSchema
* no longer formating string with a literal
* Moved definition of mixnet contract common items to separate module
* Removed schemars dependency from being wasm32 specific
* Moved query responses to the shared module
* Fixed tests due to differerent import paths
* Updated dashmap in other crates to help with once_cell version selection
* Reexporting coin and humanaddr
* Deserializing response from validator
* Deserializing smart result directly to specific type
* Ability to query for mixnodes and gateways from rust
* Fixed compilation warning due to updated dashmap
* Running CI also on windows and macOS
* Rust 2021 formatting
* clippy::upper_case_acronyms where appropriate
* Allowing unknown clippy lints
* Further clippy updates
* Building wasm client during CI
* wasm actions update
* added working directory to cargo jobs
* Temporarily disabled wasm test and clippy
* Added github actions templates
* removed travis .yml file
* initial clippy cleanup pass
* fixed the rest of clippy warnings
* Made github badges more fancy and consistent with the ones in sphinx
* Updated local rustc version and removed compilation warningns
* ... and fresh clippy warnings
* formatting
* beta clippy specific warnings fixed
* Fixed all nightly clippy warnings
* Fixed trying to unwrap a ()
* Actually running all tests
* Correctly passing the --all flag
* Hopefullly third time's a charm in fixing argument passing
* No backoff
* reconnections
* Increased default network monitor default sending rate
* Comment for the future
* Maximum connection buffer size as part of config
* Initial idea for the delayer
* Initial rought integration into mixnode
* Removed lock requirement from 'received' metrics
* 'sent' metrics
* Comment fix
* Maximum number of allowed reconnection attempts
* Requiring initial internode connection to be successful
* Decreased logging level for failing to establish initial connection
* Initial changes to validator client API
* Updated models
* GatewayRegistrationInfo constructor
* Change validator topology to convert into NymTopology without failure
* Mixnode registering and unregistering presence
* Directory -> Validator renamings + adjustments
* Updated upgrade command for mixnode
* Extracted metrics part of directory client into separate library
* Removed no longer needed traits
* Integrated new metrics client into mixnode
* Introduced the same set of changes to the gateway
* Getting active topology in client core via validator client
* Updated clients to get correct topology
* Introduced mix mining endpoints to validator client
* Network monitor using validator client
* Removed directory client
* Updated wasm client
* Temporarily disabled the test
* Checking ok status for validator client response
* Updated upgrade command for clients
* Allowing using old presence directory as new validator endpoint for mixnodes and gateways
* Fixed tests in non-default crates
* Ability to set client in vpn mode
* Connection handler for mixnode
* Initial vpn mode for mixes
* Updated SphinxCodec to contain more metadata
* Renaming
* Removed handle from mixnet client and introduced forwarder
* Mixnode using new forwarder
* Mixnode common module containing shared packet processing
* ibid. incorporated inside mixnode
* New processing for gateway
* Type cleanup
* Wasm fix
* Fixed client config
* Fixed mixnode runtime issues
* Formatting
* Client re-using secret on 'normal' packets
* Using the same key for acks
* WIP
* vpn key manager cleanup
* wasm fix
* VPN_KEY_REUSE_LIMIT moved to config
* Moved AckDelayQueue to separate common crate
* Key cache invalidator
* Updated dashmap used in gateway
* Old typo
* Additional comment
* Cargo fmt
* Fixed tests
* Sphinx update
* cache ttl as config option
* Cargo fmt
* Feature/wasm update (#341)
* Split text and binary client apis
* Very initial attempt at new serialization
* Defined ser+de for Recipient and ReplySURB
* Response errors
* builds with changes
* Working WS API + moved to separate crate
* updated python examples
* Fixed parsing bug
* Updated go examples
* Updated rust examples
* formatting
* Removed unused imports
* dependency updates
* Further dependency changes
* nymsphinx exposingn framing only if not in wasm32
* Cargo lock changes before develop merge
* Pending work
* Actually sending and receiving websocket from rust!
* more WIP
* Initial wasm client + establishing shared key with gateway!
* Splitting and sending a message!
* WIP
* WIP
* Initial wasm-ification of the gateway client
* Passing reconstruction result to js callback!
* Initial WASM cleaning pass
* Dependency pruning
* Moved processing loop to received_processor + at least ack unwrappingn
* Post merge fix
* Kinda updated react example
* Old print statement removed
* Removed yarn.lock
* Fixed building issue for other clients
* Fixed travis test command
* Updated wasm publishing instructions
* Increased default presence and metrics sending interval (#354)
* Defaulting to mix layer with fewest node if no argument provided (#353)
* Defaulting to mix layer with fewest node if no argument provided
* cargo fmt
* Selecting the gateway randomly from 2 known good ones. (#355)
* Selecting the gateway randomly from 2 known good ones. There's a problem with the config file in this commit though.
* Saving value of chosen gateway
* Removed duplicate printing of gateway being used
Co-authored-by: jstuczyn <jedrzej.stuczynski@gmail.com>
* More detailed error response on authentication/registration failure (#356)
* Updated changelog
* Updated version numbers
Co-authored-by: Dave Hrycyszyn <futurechimp@users.noreply.github.com>
* Changed identity keypair to use ed25519
* Encryption key is now x25519 based + compatibiltiy with sphinx
* Pathing and import fixes
* Moved all asymmetric keys to sub-module in crypto
* Extracted aes to separate module
* kdf module in crypto
* Ability to perform diffie hellman on encryption keys
* ecdsa on identity keys
* Extremely rough and incomplete registration handshake
* Authentication primitives
* Creating new random authenticationIV
* Wrapper type for the derived shared key
* Removed AuthToken in favour of using SharedKey for authentication
* Gateway identity keys
* Registration handshake without error mapping
* Gateway address in client config
* Added extra key for gateway presence
* Updated pemstore to work on borrows instead
* Gateway client trying to perform the handshake
* Gateway changes to allow for handshake and shared key
* Debug trait on sharedkey
* native client using updated gateway client
* Slightly updated gateway API
* Minor cleanup
* Fixed pemstore to correctly save multiple keypairs
* Gateway actually deriving shared key during handshake
* Gateway sending correct mid-handshake message
* Missing quotation mark in client config template
* Fixed template for correct shared key serialization
* Fixed gateway authentication
* Fixed tests
* Using correct gateway key when converting to sphinx node
* "get_all_clients" takes them from gateways as opposed to providers now
* cargo fmt
* Renamed pemstore methods
* Unused import
* Encryption of forward requests between client and gateway
* Updated sphinx dependency to use public revision
* Sending 'error' on handshake processing error
* Removed some dead code
* Dead code I forgot to remove before
* Extracted AckAes128Key into a struct
* Slight pemstore revamp allowing for symmetric key store
* ibid.
* PemStorableKey for SharedKey
* Introduced single location responsible for key management for client
* WIP
* Sphinx version update
* Stop using NodeAddressBytes for two distinct and confusing purposes
* Abstracting away SocketAddr from sphinx forwarding
* Passing the bool for reply surbs
* Attack plan for replies + encryption
* Comment + removed variable binding
* ReplySURB usage
* Topology import in nymsphinx
* Sphinx version update
* Changed 'Recipient' to contain client's encryption key
* Message preparation taking shape!
* reply surb also containing the encryption key
* Very initial message receiver
* Sphinx version update
* A possibly working way of receiving surbs
* Fixed incorrect field name in client config template
* camel casing all request arguments
* Renamed and moved `MessageMode` to more appropriate file
* Restored reconstruction tests
* Removed dead code from chunking
* Made rust examples compilable
* reply SURB key storage
* Replies as an InputMessage
* Forgotten commented code
* No retransmission processing for cover or replies
* Received reply processing
* Renamed client pathfinder to something more appropriate
* Made HasherOutputSize public
* Added key store path to config
* Reply surb attaching key digest when used
* Changes due to previous renaming
* Removed comment
* Fixed insert_encryption_key
* Assigning initial value of key store path
* Computing key digest with correct algorithm
* Initial and presumably temporary request serialization
* hacky way of introducing 'FragmentIdentifier' for replies
* Moved responsibility of reply encryption, padding, etc, to message preparer
* Optional recipient in try_get_valid_topology_ref
* Handling new reply surbs with acks and padding
* Updated go and python examples to include replies in text and binary cases
* Updated rust examples + binaryserverresponse
* Helpers in rust examples
* And updated JS example
* Moved shared key generation function to crypto crate
* Cover traffic encryption!
* hmac computation in crypto
* Updated aes imports due to new dependencies
* hkdf made more generic
* crypto cleanup + algorithms in params
* Clippy cleanup pass
* Generating encryption+mac shared keys between client and gateway
* MACs attached to forward requests to gateway
* Gateway messages encrypted and mac'd
* Lowered logging level
* compiler warning cleanup
* Some minor cleanup
* Generic stream cipher
* Generic shared key derivation + algorithm definitions
* Project-wide AES clean-up
* Comment fix
* Removed commented imports
* Updated comments
* Fixed topology test fixture
* VersionFilterable for HashMap
* Removed NymTopology trait in favour of concrete type
* Removed providers from NymTopology
* Made gateway conversion use reference, similarly to mixes
* Using more concrete types in topology rather than b58 strings
* Allowing gateways to have DNS-resolvable mix listener address
* Error propagation for gateway key conversion
* Changed identity keypair to use ed25519
* Encryption key is now x25519 based + compatibiltiy with sphinx
* Pathing and import fixes
* Moved all asymmetric keys to sub-module in crypto
* Extracted aes to separate module
* kdf module in crypto
* Ability to perform diffie hellman on encryption keys
* ecdsa on identity keys
* Extremely rough and incomplete registration handshake
* Authentication primitives
* Creating new random authenticationIV
* Wrapper type for the derived shared key
* Removed AuthToken in favour of using SharedKey for authentication
* Gateway identity keys
* Registration handshake without error mapping
* Gateway address in client config
* Added extra key for gateway presence
* Updated pemstore to work on borrows instead
* Gateway client trying to perform the handshake
* Gateway changes to allow for handshake and shared key
* Debug trait on sharedkey
* native client using updated gateway client
* Slightly updated gateway API
* Minor cleanup
* Fixed pemstore to correctly save multiple keypairs
* Gateway actually deriving shared key during handshake
* Gateway sending correct mid-handshake message
* Missing quotation mark in client config template
* Fixed template for correct shared key serialization
* Fixed gateway authentication
* Fixed tests
* Using correct gateway key when converting to sphinx node
* "get_all_clients" takes them from gateways as opposed to providers now
* cargo fmt
* Renamed pemstore methods
* Unused import
* Encryption of forward requests between client and gateway
* Updated sphinx dependency to use public revision
* Sending 'error' on handshake processing error
* Removed some dead code
* Reducing ACK packet size to exactly what we need
* Made fragmentidentifier into an array
* Padding all sent messages so they'd be split into constant length packets
* Ability to send sphinx packets of different sizes + more efficient decoding
* Closing connection on connection corruption
* Missing semicolons
* Missing license notices
* Default for packetsize
* Split nymsphinx
* Replaced Mutex with RwLock for TopologyAccessor + impl Deref
* Sphinx update + import cleanup
* Moved packet_sizes file
* Updated NymTopology API
* sphinx version bump
* Missing license notice
* nymsphinx-params crate
* Changes due to ibid.
* Chunking rework to allow variable size fragments
* Initial ack crate
* Version bump to new dev build
* Cargo lock changes
* random_route_to_gateway by node address
* exposing getting read permit
* Very initial draft on ack control
* Correctly dereferencing out of topology read permit
* All pending changes + compilation todo!s
* Restricted scope of deref on TopologyAccessorInner
* Type path alias for generate_key
* Derived traits for MessageChunker
* Ack control starting to take shape!
* Awaiting callbacks
* Most of work done on acks. Now to wire it all together
* Import cleanup
* rng generalization
* Connected real traffic together; only acks from gateway left
* Removed redundant things from nymsphinx::utils
* nymsphinx-cover crate
* Ack-related fields in client config
* Decreased packet store log level
* Restored forward sphinx request
* Slight adjustements to surb acks
* Changed TopologyReadPermit from type alias into a struct
* Changes due to ibid.
* Sphinx version upgrade
* Gateway being able to understand and handle acks
* Special Cover FragmentIdentifier + removal of dead code
* Initial packet router for gateway client
* Kill client if it fails to send to gateway too many times
* Cover messages with acks
* Moved out gateway client errors
* Ignoring cover traffic acks
* Changes in ack control
* Another sphinx version upgrade
* websocket handler delegating message chunking
* Using config defined ack wait additions
* Other minor changes I should have been more dilligent with splitting
* Import path fix
* sphinx_receiver => mixnet_receiver
* Missing renamed variable instance
* Updated aes-ctr to 0.4.0
* Removed concept of 'unfragmented' single fragment
* Replay fragments detection
* Long method split
* typo
* Cleaner client init
* Fixed race condition
* Fixed similar issue for retransmission
* Cargo fmt
* Minor clenaup
* Ability to send sphinx packets of different sizes + more efficient decoding
* Closing connection on connection corruption
* Missing semicolons
* Missing license notices
* Default for packetsize
* Some clippy and compiler warning fixes
* Removed healthchecker from the client
* Cargo fmt issue after 100 explicit saves.........
* Changes accidentally removed in previous PR