Compare commits

..

3 Commits

Author SHA1 Message Date
aniampio ffe9084566 Add public attributes into the commitment hash - security patch 2023-01-11 17:20:07 +00:00
Jędrzej Stuczyński 8beb33fe92 bugfix: set default value for nym-api (and nyxd) for clients (#2822)
* setting default urls in client config

* using the same environmental variable for verloc
2023-01-11 14:37:05 +00:00
Jędrzej Stuczyński bf5b8fab85 made most of cli boolean arguments optional (#2819)
so that if not provided, they would not overwrite config values
2023-01-11 12:14:16 +00:00
17 changed files with 1067 additions and 841 deletions
Generated
+933 -757
View File
File diff suppressed because it is too large Load Diff
+19 -2
View File
@@ -1,6 +1,7 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use config::defaults::NymNetworkDetails;
use config::{NymConfig, OptionalSet, DB_FILE_NAME};
use nymsphinx::params::PacketSize;
use serde::{Deserialize, Serialize};
@@ -499,13 +500,29 @@ pub struct Client<T> {
impl<T: NymConfig> Default for Client<T> {
fn default() -> Self {
let network = NymNetworkDetails::new_mainnet();
let nyxd_urls = network
.endpoints
.iter()
.map(|validator| validator.nyxd_url())
.collect();
let nym_api_urls = network
.endpoints
.iter()
.filter_map(|validator| validator.api_url())
.collect::<Vec<_>>();
if nym_api_urls.is_empty() {
panic!("we do not have any default nym-api urls available!")
}
// there must be explicit checks for whether id is not empty later
Client {
version: env!("CARGO_PKG_VERSION").to_string(),
id: "".to_string(),
disabled_credentials_mode: true,
nyxd_urls: vec![],
nym_api_urls: vec![],
nyxd_urls,
nym_api_urls,
private_identity_key_file: Default::default(),
public_identity_key_file: Default::default(),
private_encryption_key_file: Default::default(),
+2 -2
View File
@@ -41,7 +41,7 @@ pub(crate) struct Init {
/// Whether to not start the websocket
#[clap(long)]
disable_socket: bool,
disable_socket: Option<bool>,
/// Port for the socket (if applicable) to listen on in all subsequent runs
#[clap(short, long)]
@@ -60,7 +60,7 @@ pub(crate) struct Init {
/// with bandwidth credential requirement.
#[cfg(feature = "coconut")]
#[clap(long)]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
/// Save a summary of the initialization to a json file
#[clap(long)]
+5 -5
View File
@@ -54,7 +54,7 @@ pub(crate) enum Commands {
// Configuration that can be overridden.
pub(crate) struct OverrideConfig {
nym_apis: Option<Vec<url::Url>>,
disable_socket: bool,
disable_socket: Option<bool>,
port: Option<u16>,
fastmode: bool,
no_cover: bool,
@@ -62,7 +62,7 @@ pub(crate) struct OverrideConfig {
#[cfg(feature = "coconut")]
nyxd_urls: Option<Vec<url::Url>>,
#[cfg(feature = "coconut")]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
}
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
@@ -80,7 +80,7 @@ pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Syn
pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Config {
config = config
.with_disabled_socket(args.disable_socket)
.with_optional(Config::with_disabled_socket, args.disable_socket)
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
.with_optional(Config::with_port, args.port)
@@ -100,9 +100,9 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
network_defaults::var_names::NYXD,
config::parse_urls,
)
.with_base(
.with_optional_ext(
BaseConfig::with_disabled_credentials,
!args.enabled_credentials_mode,
args.enabled_credentials_mode.map(|b| !b),
);
}
+2 -2
View File
@@ -38,7 +38,7 @@ pub(crate) struct Run {
/// Whether to not start the websocket
#[clap(long)]
disable_socket: bool,
disable_socket: Option<bool>,
/// Port for the socket to listen on
#[clap(short, long)]
@@ -57,7 +57,7 @@ pub(crate) struct Run {
/// with bandwidth credential requirement.
#[cfg(feature = "coconut")]
#[clap(long)]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
}
impl From<Run> for OverrideConfig {
+2 -2
View File
@@ -31,7 +31,7 @@ pub(crate) struct Init {
/// Note that some service providers might not support this.
// the alias here is included for backwards compatibility (1.1.4 and before)
#[clap(long, alias = "use_anonymous_sender_tag")]
use_reply_surbs: bool,
use_reply_surbs: Option<bool>,
/// Id of the gateway we are going to connect to.
#[clap(long)]
@@ -69,7 +69,7 @@ pub(crate) struct Init {
/// with bandwidth credential requirement.
#[cfg(feature = "coconut")]
#[clap(long)]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
/// Save a summary of the initialization to a json file
#[clap(long)]
+5 -5
View File
@@ -57,14 +57,14 @@ pub(crate) enum Commands {
pub(crate) struct OverrideConfig {
nym_apis: Option<Vec<url::Url>>,
port: Option<u16>,
use_anonymous_replies: bool,
use_anonymous_replies: Option<bool>,
fastmode: bool,
no_cover: bool,
#[cfg(feature = "coconut")]
nyxd_urls: Option<Vec<url::Url>>,
#[cfg(feature = "coconut")]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
}
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
@@ -84,7 +84,7 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
config = config
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
.with_anonymous_replies(args.use_anonymous_replies)
.with_optional(Config::with_anonymous_replies, args.use_anonymous_replies)
.with_optional(Config::with_port, args.port)
.with_optional_custom_env_ext(
BaseConfig::with_custom_nym_apis,
@@ -102,9 +102,9 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
network_defaults::var_names::NYXD,
config::parse_urls,
)
.with_base(
.with_optional_ext(
BaseConfig::with_disabled_credentials,
!args.enabled_credentials_mode,
args.enabled_credentials_mode.map(|b| !b),
);
}
+2 -2
View File
@@ -31,7 +31,7 @@ pub(crate) struct Run {
/// Note that some service providers might not support this.
// the alias here is included for backwards compatibility (1.1.4 and before)
#[clap(long, alias = "use_anonymous_sender_tag")]
use_anonymous_replies: bool,
use_anonymous_replies: Option<bool>,
/// Address of the socks5 provider to send messages to.
#[clap(long)]
@@ -68,7 +68,7 @@ pub(crate) struct Run {
/// with bandwidth credential requirement.
#[cfg(feature = "coconut")]
#[clap(long)]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
}
impl From<Run> for OverrideConfig {
+3 -6
View File
@@ -2,6 +2,7 @@
// SPDX-License-Identifier: Apache-2.0
use handlebars::Handlebars;
use network_defaults::mainnet::read_var_if_not_default;
use network_defaults::var_names::CONFIGURED;
use serde::de::DeserializeOwned;
use serde::Serialize;
@@ -154,12 +155,10 @@ pub trait OptionalSet {
<T as FromStr>::Err: Debug,
Self: Sized,
{
// if explicit value is provided, use it
if let Some(val) = val {
return f(self, val);
} else if std::env::var(CONFIGURED).is_ok() {
// otherwise if environmental variable is configured, fallback to that and parse it from string
if let Ok(raw) = std::env::var(env_var) {
if let Some(raw) = read_var_if_not_default(env_var) {
return f(
self,
raw.parse().unwrap_or_else(|err| {
@@ -187,12 +186,10 @@ pub trait OptionalSet {
G: Fn(&str) -> T,
Self: Sized,
{
// if explicit value is provided, use it
if let Some(val) = val {
return f(self, val);
} else if std::env::var(CONFIGURED).is_ok() {
// otherwise if environmental variable is configured, fallback to that
if let Ok(raw) = std::env::var(env_var) {
if let Some(raw) = read_var_if_not_default(env_var) {
return f(self, parser(&raw));
}
}
+1
View File
@@ -19,6 +19,7 @@ url = "2.2"
thiserror = "1.0.37"
crypto = { path = "../crypto" }
network-defaults = { path = "../network-defaults" }
nymsphinx-acknowledgements = { path = "../nymsphinx/acknowledgements" }
nymsphinx-addressing = { path = "../nymsphinx/addressing" }
nymsphinx-forwarding = { path = "../nymsphinx/forwarding" }
+2 -1
View File
@@ -7,6 +7,7 @@ use crypto::asymmetric::identity;
use futures::stream::FuturesUnordered;
use futures::StreamExt;
use log::*;
use network_defaults::mainnet::NYM_API;
use rand::seq::SliceRandom;
use rand::thread_rng;
use std::net::SocketAddr;
@@ -160,7 +161,7 @@ impl Default for ConfigBuilder {
tested_nodes_batch_size: DEFAULT_BATCH_SIZE,
testing_interval: DEFAULT_TESTING_INTERVAL,
retry_timeout: DEFAULT_RETRY_TIMEOUT,
nym_api_urls: vec![],
nym_api_urls: vec![NYM_API.parse().expect("Invalid default API URL")],
})
}
}
+54 -35
View File
@@ -7,17 +7,18 @@ use std::borrow::Borrow;
use std::convert::TryInto;
use bls12_381::{G1Projective, G2Projective, Scalar};
use digest::generic_array::typenum::Unsigned;
use digest::Digest;
use digest::generic_array::typenum::Unsigned;
use group::GroupEncoding;
use itertools::izip;
use sha2::Sha256;
use crate::Attribute;
use crate::error::{CoconutError, Result};
use crate::scheme::issuance::compute_commitment_hash;
use crate::scheme::setup::Parameters;
use crate::scheme::VerificationKey;
use crate::utils::{hash_g1, try_deserialize_scalar, try_deserialize_scalar_vec};
use crate::Attribute;
// as per the reference python implementation
type ChallengeDigest = Sha256;
@@ -38,10 +39,10 @@ pub struct ProofCmCs {
// and as per the bls12-381 library all elements are using big-endian form
/// Generates a Scalar [or Fp] challenge by hashing a number of elliptic curve points.
fn compute_challenge<D, I, B>(iter: I) -> Scalar
where
D: Digest,
I: Iterator<Item = B>,
B: AsRef<[u8]>,
where
D: Digest,
I: Iterator<Item=B>,
B: AsRef<[u8]>,
{
let mut h = D::new();
for point_representation in iter {
@@ -69,8 +70,8 @@ fn produce_response(witness: &Scalar, challenge: &Scalar, secret: &Scalar) -> Sc
// note: it's caller's responsibility to ensure witnesses.len() = secrets.len()
fn produce_responses<S>(witnesses: &[Scalar], challenge: &Scalar, secrets: &[S]) -> Vec<Scalar>
where
S: Borrow<Scalar>,
where
S: Borrow<Scalar>,
{
debug_assert_eq!(witnesses.len(), secrets.len());
@@ -91,6 +92,7 @@ impl ProofCmCs {
commitments: &[G1Projective],
pedersen_commitments_openings: &[Scalar],
private_attributes: &[Attribute],
public_attributes: &[Attribute],
) -> Self {
// note: this is only called from `prepare_blind_sign` that already checks
// whether private attributes are non-empty and whether we don't have too many
@@ -104,7 +106,7 @@ impl ProofCmCs {
let witness_attributes = params.n_random_scalars(private_attributes.len());
// recompute h
let h = hash_g1(commitment.to_bytes());
let h = compute_commitment_hash(*commitment, public_attributes);
let hs_bytes = params
.gen_hs()
.iter()
@@ -119,10 +121,10 @@ impl ProofCmCs {
// Ccm = (wr * g1) + (wm[0] * hs[0]) + ... + (wm[i] * hs[i])
let commitment_attributes = g1 * witness_commitment_opening
+ witness_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(wm_i, hs_i)| hs_i * wm_i)
.sum::<G1Projective>();
.iter()
.zip(params.gen_hs().iter())
.map(|(wm_i, hs_i)| hs_i * wm_i)
.sum::<G1Projective>();
// zkp commitments for the individual attributes
let commitments_attributes = witness_pedersen_commitments_openings
@@ -186,7 +188,7 @@ impl ProofCmCs {
}
// recompute h
let h = hash_g1(commitment.to_bytes());
let h = compute_commitment_hash(*commitment, public_attributes);
let g1 = params.gen1();
let hs_bytes = params
@@ -199,26 +201,26 @@ impl ProofCmCs {
// Cw = (cm * c) + (rr * g1) + (rm[0] * hs[0]) + ... + (rm[n] * hs[n])
let commitment_attributes = (commitment
- public_attributes
.iter()
.zip(params.gen_hs().iter().skip(self.response_attributes.len()))
.map(|(pub_attr, hs)| hs * pub_attr)
.sum::<G1Projective>())
.iter()
.zip(params.gen_hs().iter().skip(self.response_attributes.len()))
.map(|(pub_attr, hs)| hs * pub_attr)
.sum::<G1Projective>())
* self.challenge
+ g1 * self.response_opening
+ self
.response_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(res_attr, hs)| hs * res_attr)
.sum::<G1Projective>();
.response_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(res_attr, hs)| hs * res_attr)
.sum::<G1Projective>();
let commitments_attributes = izip!(
commitments.iter(),
self.response_openings.iter(),
self.response_attributes.iter()
)
.map(|(cm_j, r_o_j, r_m_j)| cm_j * self.challenge + g1 * r_o_j + h * r_m_j)
.collect::<Vec<_>>();
.map(|(cm_j, r_o_j, r_m_j)| cm_j * self.challenge + g1 * r_o_j + h * r_m_j)
.collect::<Vec<_>>();
let commitments_bytes = commitments
.iter()
@@ -365,10 +367,10 @@ impl ProofKappaZeta {
let commitment_kappa = params.gen2() * witness_blinder
+ verification_key.alpha
+ witness_attributes
.iter()
.zip(verification_key.beta_g2.iter())
.map(|(wm_i, beta_i)| beta_i * wm_i)
.sum::<G2Projective>();
.iter()
.zip(verification_key.beta_g2.iter())
.map(|(wm_i, beta_i)| beta_i * wm_i)
.sum::<G2Projective>();
// zeta is the public value associated with the serial number
let commitment_zeta = params.gen2() * witness_serial_number;
@@ -422,10 +424,10 @@ impl ProofKappaZeta {
+ params.gen2() * self.response_blinder
+ verification_key.alpha * (Scalar::one() - self.challenge)
+ response_attributes
.iter()
.zip(verification_key.beta_g2.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>();
.iter()
.zip(verification_key.beta_g2.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>();
// zeta is the public value associated with the serial number
let commitment_zeta = zeta * self.challenge + params.gen2() * self.response_serial_number;
@@ -529,9 +531,18 @@ mod tests {
let cms: [G1Projective; 1] = [G1Projective::random(&mut rng)];
let rs = params.n_random_scalars(1);
let private_attributes = params.n_random_scalars(1);
let public_attributes = params.n_random_scalars(1);
// 0 public 1 private
let pi_s = ProofCmCs::construct(&params, &cm, &r, &cms, &rs, &private_attributes);
let pi_s = ProofCmCs::construct(
&params,
&cm,
&r,
&cms,
&rs,
&private_attributes,
&public_attributes,
);
let bytes = pi_s.to_bytes();
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
@@ -547,7 +558,15 @@ mod tests {
let private_attributes = params.n_random_scalars(2);
// 0 public 2 privates
let pi_s = ProofCmCs::construct(&params, &cm, &r, &cms, &rs, &private_attributes);
let pi_s = ProofCmCs::construct(
&params,
&cm,
&r,
&cms,
&rs,
&private_attributes,
&public_attributes,
);
let bytes = pi_s.to_bytes();
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
+13 -4
View File
@@ -201,8 +201,16 @@ pub fn compute_pedersen_commitments_for_private_attributes(
(commitments_openings, pedersen_commitments)
}
pub fn compute_commitment_hash(commitment: G1Projective) -> G1Projective {
hash_g1(commitment.to_bytes())
pub fn compute_commitment_hash(
commitment: G1Projective,
public_attributes: &[Attribute],
) -> G1Projective {
let mut msg_bytes = Vec::with_capacity(public_attributes.len() * 32);
msg_bytes.extend_from_slice(&commitment.to_affine().to_compressed());
for attr in public_attributes {
msg_bytes.extend_from_slice(&attr.to_bytes());
}
hash_g1(msg_bytes)
}
/// Builds cryptographic material required for blind sign.
@@ -230,7 +238,7 @@ pub fn prepare_blind_sign(
compute_attributes_commitment(params, private_attributes, public_attributes, hs);
// Compute the challenge as the commitment hash
let commitment_hash = compute_commitment_hash(commitment);
let commitment_hash = compute_commitment_hash(commitment, public_attributes);
let (pedersen_commitments_openings, pedersen_commitments) =
compute_pedersen_commitments_for_private_attributes(
@@ -246,6 +254,7 @@ pub fn prepare_blind_sign(
&pedersen_commitments,
&pedersen_commitments_openings,
private_attributes,
public_attributes,
);
Ok((
@@ -276,7 +285,7 @@ pub fn blind_sign(
}
// Verify the commitment hash
let h = hash_g1(blind_sign_request.commitment.to_bytes());
let h = compute_commitment_hash(blind_sign_request.commitment, public_attributes);
if !(h == blind_sign_request.commitment_hash) {
return Err(CoconutError::Issuance(
"Failed to verify the commitment hash".to_string(),
+4 -4
View File
@@ -68,11 +68,11 @@ pub struct Init {
/// bypass bandwidth credential requirement
#[cfg(feature = "coconut")]
#[clap(long)]
only_coconut_credentials: bool,
only_coconut_credentials: Option<bool>,
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
#[clap(long)]
enabled_statistics: bool,
enabled_statistics: Option<bool>,
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
#[clap(long)]
@@ -182,11 +182,11 @@ mod tests {
nym_apis: None,
mnemonic: None,
statistics_service_url: None,
enabled_statistics: false,
enabled_statistics: None,
#[cfg(feature = "coconut")]
nyxd_urls: None,
#[cfg(feature = "coconut")]
only_coconut_credentials: false,
only_coconut_credentials: None,
};
std::env::set_var(BECH32_PREFIX, "n");
+7 -4
View File
@@ -52,7 +52,7 @@ pub(crate) struct OverrideConfig {
clients_port: Option<u16>,
datastore: Option<PathBuf>,
announce_host: Option<String>,
enabled_statistics: bool,
enabled_statistics: Option<bool>,
statistics_service_url: Option<url::Url>,
nym_apis: Option<Vec<url::Url>>,
mnemonic: Option<bip39::Mnemonic>,
@@ -60,7 +60,7 @@ pub(crate) struct OverrideConfig {
#[cfg(feature = "coconut")]
nyxd_urls: Option<Vec<url::Url>>,
#[cfg(feature = "coconut")]
only_coconut_credentials: bool,
only_coconut_credentials: Option<bool>,
}
pub(crate) async fn execute(args: Cli) {
@@ -103,7 +103,7 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
NYM_API,
config::parse_urls,
)
.with_enabled_statistics(args.enabled_statistics)
.with_optional(Config::with_enabled_statistics, args.enabled_statistics)
.with_optional_env(
Config::with_custom_statistics_service_url,
args.statistics_service_url,
@@ -130,7 +130,10 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
NYXD,
config::parse_urls,
)
.with_only_coconut_credentials(args.only_coconut_credentials);
.with_optional(
Config::with_only_coconut_credentials,
args.only_coconut_credentials,
);
}
config
+2 -2
View File
@@ -68,11 +68,11 @@ pub struct Run {
/// bypass bandwidth credential requirement
#[cfg(feature = "coconut")]
#[clap(long)]
only_coconut_credentials: bool,
only_coconut_credentials: Option<bool>,
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
#[clap(long)]
enabled_statistics: bool,
enabled_statistics: Option<bool>,
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
#[clap(long)]
+11 -8
View File
@@ -94,11 +94,11 @@ struct ApiArgs {
/// Specifies whether network monitoring is enabled on this API
#[clap(short = 'm', long)]
enable_monitor: bool,
enable_monitor: Option<bool>,
/// Specifies whether network rewarding is enabled on this API
#[clap(short = 'r', long, requires = "enable_monitor", requires = "mnemonic")]
enable_rewarding: bool,
enable_rewarding: Option<bool>,
/// Endpoint to nyxd instance from which the monitor will grab nodes to test
#[clap(long)]
@@ -132,7 +132,7 @@ struct ApiArgs {
/// Set this nym api to work in a enabled credentials that would attempt to use gateway with the bandwidth credential requirement
#[clap(long)]
enabled_credentials_mode: bool,
enabled_credentials_mode: Option<bool>,
/// Announced address where coconut clients will connect.
#[cfg(feature = "coconut")]
@@ -142,7 +142,7 @@ struct ApiArgs {
/// Flag to indicate whether coconut signer authority is enabled on this API
#[cfg(feature = "coconut")]
#[clap(long, requires = "mnemonic", requires = "announce-address")]
enable_coconut: bool,
enable_coconut: Option<bool>,
}
async fn wait_for_interrupt(mut shutdown: TaskManager) {
@@ -186,15 +186,18 @@ fn override_config(mut config: Config, args: ApiArgs) -> Config {
Config::with_min_gateway_reliability,
args.min_gateway_reliability,
)
.with_network_monitor_enabled(args.enable_monitor)
.with_rewarding_enabled(args.enable_rewarding)
.with_disabled_credentials_mode(!args.enabled_credentials_mode);
.with_optional(Config::with_network_monitor_enabled, args.enable_monitor)
.with_optional(Config::with_rewarding_enabled, args.enable_rewarding)
.with_optional(
Config::with_disabled_credentials_mode,
args.enabled_credentials_mode.map(|b| !b),
);
#[cfg(feature = "coconut")]
{
config = config
.with_optional(Config::with_announce_address, args.announce_address)
.with_coconut_signer_enabled(args.enable_coconut);
.with_optional(Config::with_coconut_signer_enabled, args.enable_coconut);
}
if args.save_config {