Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| ffe9084566 | |||
| 8beb33fe92 | |||
| bf5b8fab85 |
Generated
+933
-757
File diff suppressed because it is too large
Load Diff
@@ -1,6 +1,7 @@
|
|||||||
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
|
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
use config::defaults::NymNetworkDetails;
|
||||||
use config::{NymConfig, OptionalSet, DB_FILE_NAME};
|
use config::{NymConfig, OptionalSet, DB_FILE_NAME};
|
||||||
use nymsphinx::params::PacketSize;
|
use nymsphinx::params::PacketSize;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
@@ -499,13 +500,29 @@ pub struct Client<T> {
|
|||||||
|
|
||||||
impl<T: NymConfig> Default for Client<T> {
|
impl<T: NymConfig> Default for Client<T> {
|
||||||
fn default() -> Self {
|
fn default() -> Self {
|
||||||
|
let network = NymNetworkDetails::new_mainnet();
|
||||||
|
let nyxd_urls = network
|
||||||
|
.endpoints
|
||||||
|
.iter()
|
||||||
|
.map(|validator| validator.nyxd_url())
|
||||||
|
.collect();
|
||||||
|
let nym_api_urls = network
|
||||||
|
.endpoints
|
||||||
|
.iter()
|
||||||
|
.filter_map(|validator| validator.api_url())
|
||||||
|
.collect::<Vec<_>>();
|
||||||
|
|
||||||
|
if nym_api_urls.is_empty() {
|
||||||
|
panic!("we do not have any default nym-api urls available!")
|
||||||
|
}
|
||||||
|
|
||||||
// there must be explicit checks for whether id is not empty later
|
// there must be explicit checks for whether id is not empty later
|
||||||
Client {
|
Client {
|
||||||
version: env!("CARGO_PKG_VERSION").to_string(),
|
version: env!("CARGO_PKG_VERSION").to_string(),
|
||||||
id: "".to_string(),
|
id: "".to_string(),
|
||||||
disabled_credentials_mode: true,
|
disabled_credentials_mode: true,
|
||||||
nyxd_urls: vec![],
|
nyxd_urls,
|
||||||
nym_api_urls: vec![],
|
nym_api_urls,
|
||||||
private_identity_key_file: Default::default(),
|
private_identity_key_file: Default::default(),
|
||||||
public_identity_key_file: Default::default(),
|
public_identity_key_file: Default::default(),
|
||||||
private_encryption_key_file: Default::default(),
|
private_encryption_key_file: Default::default(),
|
||||||
|
|||||||
@@ -41,7 +41,7 @@ pub(crate) struct Init {
|
|||||||
|
|
||||||
/// Whether to not start the websocket
|
/// Whether to not start the websocket
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
disable_socket: bool,
|
disable_socket: Option<bool>,
|
||||||
|
|
||||||
/// Port for the socket (if applicable) to listen on in all subsequent runs
|
/// Port for the socket (if applicable) to listen on in all subsequent runs
|
||||||
#[clap(short, long)]
|
#[clap(short, long)]
|
||||||
@@ -60,7 +60,7 @@ pub(crate) struct Init {
|
|||||||
/// with bandwidth credential requirement.
|
/// with bandwidth credential requirement.
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
|
|
||||||
/// Save a summary of the initialization to a json file
|
/// Save a summary of the initialization to a json file
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
|
|||||||
@@ -54,7 +54,7 @@ pub(crate) enum Commands {
|
|||||||
// Configuration that can be overridden.
|
// Configuration that can be overridden.
|
||||||
pub(crate) struct OverrideConfig {
|
pub(crate) struct OverrideConfig {
|
||||||
nym_apis: Option<Vec<url::Url>>,
|
nym_apis: Option<Vec<url::Url>>,
|
||||||
disable_socket: bool,
|
disable_socket: Option<bool>,
|
||||||
port: Option<u16>,
|
port: Option<u16>,
|
||||||
fastmode: bool,
|
fastmode: bool,
|
||||||
no_cover: bool,
|
no_cover: bool,
|
||||||
@@ -62,7 +62,7 @@ pub(crate) struct OverrideConfig {
|
|||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
nyxd_urls: Option<Vec<url::Url>>,
|
nyxd_urls: Option<Vec<url::Url>>,
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
|
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
|
||||||
@@ -80,7 +80,7 @@ pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Syn
|
|||||||
|
|
||||||
pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Config {
|
pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Config {
|
||||||
config = config
|
config = config
|
||||||
.with_disabled_socket(args.disable_socket)
|
.with_optional(Config::with_disabled_socket, args.disable_socket)
|
||||||
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
|
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
|
||||||
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
|
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
|
||||||
.with_optional(Config::with_port, args.port)
|
.with_optional(Config::with_port, args.port)
|
||||||
@@ -100,9 +100,9 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
|
|||||||
network_defaults::var_names::NYXD,
|
network_defaults::var_names::NYXD,
|
||||||
config::parse_urls,
|
config::parse_urls,
|
||||||
)
|
)
|
||||||
.with_base(
|
.with_optional_ext(
|
||||||
BaseConfig::with_disabled_credentials,
|
BaseConfig::with_disabled_credentials,
|
||||||
!args.enabled_credentials_mode,
|
args.enabled_credentials_mode.map(|b| !b),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -38,7 +38,7 @@ pub(crate) struct Run {
|
|||||||
|
|
||||||
/// Whether to not start the websocket
|
/// Whether to not start the websocket
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
disable_socket: bool,
|
disable_socket: Option<bool>,
|
||||||
|
|
||||||
/// Port for the socket to listen on
|
/// Port for the socket to listen on
|
||||||
#[clap(short, long)]
|
#[clap(short, long)]
|
||||||
@@ -57,7 +57,7 @@ pub(crate) struct Run {
|
|||||||
/// with bandwidth credential requirement.
|
/// with bandwidth credential requirement.
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<Run> for OverrideConfig {
|
impl From<Run> for OverrideConfig {
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ pub(crate) struct Init {
|
|||||||
/// Note that some service providers might not support this.
|
/// Note that some service providers might not support this.
|
||||||
// the alias here is included for backwards compatibility (1.1.4 and before)
|
// the alias here is included for backwards compatibility (1.1.4 and before)
|
||||||
#[clap(long, alias = "use_anonymous_sender_tag")]
|
#[clap(long, alias = "use_anonymous_sender_tag")]
|
||||||
use_reply_surbs: bool,
|
use_reply_surbs: Option<bool>,
|
||||||
|
|
||||||
/// Id of the gateway we are going to connect to.
|
/// Id of the gateway we are going to connect to.
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
@@ -69,7 +69,7 @@ pub(crate) struct Init {
|
|||||||
/// with bandwidth credential requirement.
|
/// with bandwidth credential requirement.
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
|
|
||||||
/// Save a summary of the initialization to a json file
|
/// Save a summary of the initialization to a json file
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
|
|||||||
@@ -57,14 +57,14 @@ pub(crate) enum Commands {
|
|||||||
pub(crate) struct OverrideConfig {
|
pub(crate) struct OverrideConfig {
|
||||||
nym_apis: Option<Vec<url::Url>>,
|
nym_apis: Option<Vec<url::Url>>,
|
||||||
port: Option<u16>,
|
port: Option<u16>,
|
||||||
use_anonymous_replies: bool,
|
use_anonymous_replies: Option<bool>,
|
||||||
fastmode: bool,
|
fastmode: bool,
|
||||||
no_cover: bool,
|
no_cover: bool,
|
||||||
|
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
nyxd_urls: Option<Vec<url::Url>>,
|
nyxd_urls: Option<Vec<url::Url>>,
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
|
pub(crate) async fn execute(args: &Cli) -> Result<(), Box<dyn Error + Send + Sync>> {
|
||||||
@@ -84,7 +84,7 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
|
|||||||
config = config
|
config = config
|
||||||
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
|
.with_base(BaseConfig::with_high_default_traffic_volume, args.fastmode)
|
||||||
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
|
.with_base(BaseConfig::with_disabled_cover_traffic, args.no_cover)
|
||||||
.with_anonymous_replies(args.use_anonymous_replies)
|
.with_optional(Config::with_anonymous_replies, args.use_anonymous_replies)
|
||||||
.with_optional(Config::with_port, args.port)
|
.with_optional(Config::with_port, args.port)
|
||||||
.with_optional_custom_env_ext(
|
.with_optional_custom_env_ext(
|
||||||
BaseConfig::with_custom_nym_apis,
|
BaseConfig::with_custom_nym_apis,
|
||||||
@@ -102,9 +102,9 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
|
|||||||
network_defaults::var_names::NYXD,
|
network_defaults::var_names::NYXD,
|
||||||
config::parse_urls,
|
config::parse_urls,
|
||||||
)
|
)
|
||||||
.with_base(
|
.with_optional_ext(
|
||||||
BaseConfig::with_disabled_credentials,
|
BaseConfig::with_disabled_credentials,
|
||||||
!args.enabled_credentials_mode,
|
args.enabled_credentials_mode.map(|b| !b),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ pub(crate) struct Run {
|
|||||||
/// Note that some service providers might not support this.
|
/// Note that some service providers might not support this.
|
||||||
// the alias here is included for backwards compatibility (1.1.4 and before)
|
// the alias here is included for backwards compatibility (1.1.4 and before)
|
||||||
#[clap(long, alias = "use_anonymous_sender_tag")]
|
#[clap(long, alias = "use_anonymous_sender_tag")]
|
||||||
use_anonymous_replies: bool,
|
use_anonymous_replies: Option<bool>,
|
||||||
|
|
||||||
/// Address of the socks5 provider to send messages to.
|
/// Address of the socks5 provider to send messages to.
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
@@ -68,7 +68,7 @@ pub(crate) struct Run {
|
|||||||
/// with bandwidth credential requirement.
|
/// with bandwidth credential requirement.
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<Run> for OverrideConfig {
|
impl From<Run> for OverrideConfig {
|
||||||
|
|||||||
@@ -2,6 +2,7 @@
|
|||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
use handlebars::Handlebars;
|
use handlebars::Handlebars;
|
||||||
|
use network_defaults::mainnet::read_var_if_not_default;
|
||||||
use network_defaults::var_names::CONFIGURED;
|
use network_defaults::var_names::CONFIGURED;
|
||||||
use serde::de::DeserializeOwned;
|
use serde::de::DeserializeOwned;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
@@ -154,12 +155,10 @@ pub trait OptionalSet {
|
|||||||
<T as FromStr>::Err: Debug,
|
<T as FromStr>::Err: Debug,
|
||||||
Self: Sized,
|
Self: Sized,
|
||||||
{
|
{
|
||||||
// if explicit value is provided, use it
|
|
||||||
if let Some(val) = val {
|
if let Some(val) = val {
|
||||||
return f(self, val);
|
return f(self, val);
|
||||||
} else if std::env::var(CONFIGURED).is_ok() {
|
} else if std::env::var(CONFIGURED).is_ok() {
|
||||||
// otherwise if environmental variable is configured, fallback to that and parse it from string
|
if let Some(raw) = read_var_if_not_default(env_var) {
|
||||||
if let Ok(raw) = std::env::var(env_var) {
|
|
||||||
return f(
|
return f(
|
||||||
self,
|
self,
|
||||||
raw.parse().unwrap_or_else(|err| {
|
raw.parse().unwrap_or_else(|err| {
|
||||||
@@ -187,12 +186,10 @@ pub trait OptionalSet {
|
|||||||
G: Fn(&str) -> T,
|
G: Fn(&str) -> T,
|
||||||
Self: Sized,
|
Self: Sized,
|
||||||
{
|
{
|
||||||
// if explicit value is provided, use it
|
|
||||||
if let Some(val) = val {
|
if let Some(val) = val {
|
||||||
return f(self, val);
|
return f(self, val);
|
||||||
} else if std::env::var(CONFIGURED).is_ok() {
|
} else if std::env::var(CONFIGURED).is_ok() {
|
||||||
// otherwise if environmental variable is configured, fallback to that
|
if let Some(raw) = read_var_if_not_default(env_var) {
|
||||||
if let Ok(raw) = std::env::var(env_var) {
|
|
||||||
return f(self, parser(&raw));
|
return f(self, parser(&raw));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -19,6 +19,7 @@ url = "2.2"
|
|||||||
thiserror = "1.0.37"
|
thiserror = "1.0.37"
|
||||||
|
|
||||||
crypto = { path = "../crypto" }
|
crypto = { path = "../crypto" }
|
||||||
|
network-defaults = { path = "../network-defaults" }
|
||||||
nymsphinx-acknowledgements = { path = "../nymsphinx/acknowledgements" }
|
nymsphinx-acknowledgements = { path = "../nymsphinx/acknowledgements" }
|
||||||
nymsphinx-addressing = { path = "../nymsphinx/addressing" }
|
nymsphinx-addressing = { path = "../nymsphinx/addressing" }
|
||||||
nymsphinx-forwarding = { path = "../nymsphinx/forwarding" }
|
nymsphinx-forwarding = { path = "../nymsphinx/forwarding" }
|
||||||
|
|||||||
@@ -7,6 +7,7 @@ use crypto::asymmetric::identity;
|
|||||||
use futures::stream::FuturesUnordered;
|
use futures::stream::FuturesUnordered;
|
||||||
use futures::StreamExt;
|
use futures::StreamExt;
|
||||||
use log::*;
|
use log::*;
|
||||||
|
use network_defaults::mainnet::NYM_API;
|
||||||
use rand::seq::SliceRandom;
|
use rand::seq::SliceRandom;
|
||||||
use rand::thread_rng;
|
use rand::thread_rng;
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
@@ -160,7 +161,7 @@ impl Default for ConfigBuilder {
|
|||||||
tested_nodes_batch_size: DEFAULT_BATCH_SIZE,
|
tested_nodes_batch_size: DEFAULT_BATCH_SIZE,
|
||||||
testing_interval: DEFAULT_TESTING_INTERVAL,
|
testing_interval: DEFAULT_TESTING_INTERVAL,
|
||||||
retry_timeout: DEFAULT_RETRY_TIMEOUT,
|
retry_timeout: DEFAULT_RETRY_TIMEOUT,
|
||||||
nym_api_urls: vec![],
|
nym_api_urls: vec![NYM_API.parse().expect("Invalid default API URL")],
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -7,17 +7,18 @@ use std::borrow::Borrow;
|
|||||||
use std::convert::TryInto;
|
use std::convert::TryInto;
|
||||||
|
|
||||||
use bls12_381::{G1Projective, G2Projective, Scalar};
|
use bls12_381::{G1Projective, G2Projective, Scalar};
|
||||||
use digest::generic_array::typenum::Unsigned;
|
|
||||||
use digest::Digest;
|
use digest::Digest;
|
||||||
|
use digest::generic_array::typenum::Unsigned;
|
||||||
use group::GroupEncoding;
|
use group::GroupEncoding;
|
||||||
use itertools::izip;
|
use itertools::izip;
|
||||||
use sha2::Sha256;
|
use sha2::Sha256;
|
||||||
|
|
||||||
|
use crate::Attribute;
|
||||||
use crate::error::{CoconutError, Result};
|
use crate::error::{CoconutError, Result};
|
||||||
|
use crate::scheme::issuance::compute_commitment_hash;
|
||||||
use crate::scheme::setup::Parameters;
|
use crate::scheme::setup::Parameters;
|
||||||
use crate::scheme::VerificationKey;
|
use crate::scheme::VerificationKey;
|
||||||
use crate::utils::{hash_g1, try_deserialize_scalar, try_deserialize_scalar_vec};
|
use crate::utils::{hash_g1, try_deserialize_scalar, try_deserialize_scalar_vec};
|
||||||
use crate::Attribute;
|
|
||||||
|
|
||||||
// as per the reference python implementation
|
// as per the reference python implementation
|
||||||
type ChallengeDigest = Sha256;
|
type ChallengeDigest = Sha256;
|
||||||
@@ -38,10 +39,10 @@ pub struct ProofCmCs {
|
|||||||
// and as per the bls12-381 library all elements are using big-endian form
|
// and as per the bls12-381 library all elements are using big-endian form
|
||||||
/// Generates a Scalar [or Fp] challenge by hashing a number of elliptic curve points.
|
/// Generates a Scalar [or Fp] challenge by hashing a number of elliptic curve points.
|
||||||
fn compute_challenge<D, I, B>(iter: I) -> Scalar
|
fn compute_challenge<D, I, B>(iter: I) -> Scalar
|
||||||
where
|
where
|
||||||
D: Digest,
|
D: Digest,
|
||||||
I: Iterator<Item = B>,
|
I: Iterator<Item=B>,
|
||||||
B: AsRef<[u8]>,
|
B: AsRef<[u8]>,
|
||||||
{
|
{
|
||||||
let mut h = D::new();
|
let mut h = D::new();
|
||||||
for point_representation in iter {
|
for point_representation in iter {
|
||||||
@@ -69,8 +70,8 @@ fn produce_response(witness: &Scalar, challenge: &Scalar, secret: &Scalar) -> Sc
|
|||||||
|
|
||||||
// note: it's caller's responsibility to ensure witnesses.len() = secrets.len()
|
// note: it's caller's responsibility to ensure witnesses.len() = secrets.len()
|
||||||
fn produce_responses<S>(witnesses: &[Scalar], challenge: &Scalar, secrets: &[S]) -> Vec<Scalar>
|
fn produce_responses<S>(witnesses: &[Scalar], challenge: &Scalar, secrets: &[S]) -> Vec<Scalar>
|
||||||
where
|
where
|
||||||
S: Borrow<Scalar>,
|
S: Borrow<Scalar>,
|
||||||
{
|
{
|
||||||
debug_assert_eq!(witnesses.len(), secrets.len());
|
debug_assert_eq!(witnesses.len(), secrets.len());
|
||||||
|
|
||||||
@@ -91,6 +92,7 @@ impl ProofCmCs {
|
|||||||
commitments: &[G1Projective],
|
commitments: &[G1Projective],
|
||||||
pedersen_commitments_openings: &[Scalar],
|
pedersen_commitments_openings: &[Scalar],
|
||||||
private_attributes: &[Attribute],
|
private_attributes: &[Attribute],
|
||||||
|
public_attributes: &[Attribute],
|
||||||
) -> Self {
|
) -> Self {
|
||||||
// note: this is only called from `prepare_blind_sign` that already checks
|
// note: this is only called from `prepare_blind_sign` that already checks
|
||||||
// whether private attributes are non-empty and whether we don't have too many
|
// whether private attributes are non-empty and whether we don't have too many
|
||||||
@@ -104,7 +106,7 @@ impl ProofCmCs {
|
|||||||
let witness_attributes = params.n_random_scalars(private_attributes.len());
|
let witness_attributes = params.n_random_scalars(private_attributes.len());
|
||||||
|
|
||||||
// recompute h
|
// recompute h
|
||||||
let h = hash_g1(commitment.to_bytes());
|
let h = compute_commitment_hash(*commitment, public_attributes);
|
||||||
let hs_bytes = params
|
let hs_bytes = params
|
||||||
.gen_hs()
|
.gen_hs()
|
||||||
.iter()
|
.iter()
|
||||||
@@ -119,10 +121,10 @@ impl ProofCmCs {
|
|||||||
// Ccm = (wr * g1) + (wm[0] * hs[0]) + ... + (wm[i] * hs[i])
|
// Ccm = (wr * g1) + (wm[0] * hs[0]) + ... + (wm[i] * hs[i])
|
||||||
let commitment_attributes = g1 * witness_commitment_opening
|
let commitment_attributes = g1 * witness_commitment_opening
|
||||||
+ witness_attributes
|
+ witness_attributes
|
||||||
.iter()
|
.iter()
|
||||||
.zip(params.gen_hs().iter())
|
.zip(params.gen_hs().iter())
|
||||||
.map(|(wm_i, hs_i)| hs_i * wm_i)
|
.map(|(wm_i, hs_i)| hs_i * wm_i)
|
||||||
.sum::<G1Projective>();
|
.sum::<G1Projective>();
|
||||||
|
|
||||||
// zkp commitments for the individual attributes
|
// zkp commitments for the individual attributes
|
||||||
let commitments_attributes = witness_pedersen_commitments_openings
|
let commitments_attributes = witness_pedersen_commitments_openings
|
||||||
@@ -186,7 +188,7 @@ impl ProofCmCs {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// recompute h
|
// recompute h
|
||||||
let h = hash_g1(commitment.to_bytes());
|
let h = compute_commitment_hash(*commitment, public_attributes);
|
||||||
let g1 = params.gen1();
|
let g1 = params.gen1();
|
||||||
|
|
||||||
let hs_bytes = params
|
let hs_bytes = params
|
||||||
@@ -199,26 +201,26 @@ impl ProofCmCs {
|
|||||||
// Cw = (cm * c) + (rr * g1) + (rm[0] * hs[0]) + ... + (rm[n] * hs[n])
|
// Cw = (cm * c) + (rr * g1) + (rm[0] * hs[0]) + ... + (rm[n] * hs[n])
|
||||||
let commitment_attributes = (commitment
|
let commitment_attributes = (commitment
|
||||||
- public_attributes
|
- public_attributes
|
||||||
.iter()
|
.iter()
|
||||||
.zip(params.gen_hs().iter().skip(self.response_attributes.len()))
|
.zip(params.gen_hs().iter().skip(self.response_attributes.len()))
|
||||||
.map(|(pub_attr, hs)| hs * pub_attr)
|
.map(|(pub_attr, hs)| hs * pub_attr)
|
||||||
.sum::<G1Projective>())
|
.sum::<G1Projective>())
|
||||||
* self.challenge
|
* self.challenge
|
||||||
+ g1 * self.response_opening
|
+ g1 * self.response_opening
|
||||||
+ self
|
+ self
|
||||||
.response_attributes
|
.response_attributes
|
||||||
.iter()
|
.iter()
|
||||||
.zip(params.gen_hs().iter())
|
.zip(params.gen_hs().iter())
|
||||||
.map(|(res_attr, hs)| hs * res_attr)
|
.map(|(res_attr, hs)| hs * res_attr)
|
||||||
.sum::<G1Projective>();
|
.sum::<G1Projective>();
|
||||||
|
|
||||||
let commitments_attributes = izip!(
|
let commitments_attributes = izip!(
|
||||||
commitments.iter(),
|
commitments.iter(),
|
||||||
self.response_openings.iter(),
|
self.response_openings.iter(),
|
||||||
self.response_attributes.iter()
|
self.response_attributes.iter()
|
||||||
)
|
)
|
||||||
.map(|(cm_j, r_o_j, r_m_j)| cm_j * self.challenge + g1 * r_o_j + h * r_m_j)
|
.map(|(cm_j, r_o_j, r_m_j)| cm_j * self.challenge + g1 * r_o_j + h * r_m_j)
|
||||||
.collect::<Vec<_>>();
|
.collect::<Vec<_>>();
|
||||||
|
|
||||||
let commitments_bytes = commitments
|
let commitments_bytes = commitments
|
||||||
.iter()
|
.iter()
|
||||||
@@ -365,10 +367,10 @@ impl ProofKappaZeta {
|
|||||||
let commitment_kappa = params.gen2() * witness_blinder
|
let commitment_kappa = params.gen2() * witness_blinder
|
||||||
+ verification_key.alpha
|
+ verification_key.alpha
|
||||||
+ witness_attributes
|
+ witness_attributes
|
||||||
.iter()
|
.iter()
|
||||||
.zip(verification_key.beta_g2.iter())
|
.zip(verification_key.beta_g2.iter())
|
||||||
.map(|(wm_i, beta_i)| beta_i * wm_i)
|
.map(|(wm_i, beta_i)| beta_i * wm_i)
|
||||||
.sum::<G2Projective>();
|
.sum::<G2Projective>();
|
||||||
|
|
||||||
// zeta is the public value associated with the serial number
|
// zeta is the public value associated with the serial number
|
||||||
let commitment_zeta = params.gen2() * witness_serial_number;
|
let commitment_zeta = params.gen2() * witness_serial_number;
|
||||||
@@ -422,10 +424,10 @@ impl ProofKappaZeta {
|
|||||||
+ params.gen2() * self.response_blinder
|
+ params.gen2() * self.response_blinder
|
||||||
+ verification_key.alpha * (Scalar::one() - self.challenge)
|
+ verification_key.alpha * (Scalar::one() - self.challenge)
|
||||||
+ response_attributes
|
+ response_attributes
|
||||||
.iter()
|
.iter()
|
||||||
.zip(verification_key.beta_g2.iter())
|
.zip(verification_key.beta_g2.iter())
|
||||||
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
|
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
|
||||||
.sum::<G2Projective>();
|
.sum::<G2Projective>();
|
||||||
|
|
||||||
// zeta is the public value associated with the serial number
|
// zeta is the public value associated with the serial number
|
||||||
let commitment_zeta = zeta * self.challenge + params.gen2() * self.response_serial_number;
|
let commitment_zeta = zeta * self.challenge + params.gen2() * self.response_serial_number;
|
||||||
@@ -529,9 +531,18 @@ mod tests {
|
|||||||
let cms: [G1Projective; 1] = [G1Projective::random(&mut rng)];
|
let cms: [G1Projective; 1] = [G1Projective::random(&mut rng)];
|
||||||
let rs = params.n_random_scalars(1);
|
let rs = params.n_random_scalars(1);
|
||||||
let private_attributes = params.n_random_scalars(1);
|
let private_attributes = params.n_random_scalars(1);
|
||||||
|
let public_attributes = params.n_random_scalars(1);
|
||||||
|
|
||||||
// 0 public 1 private
|
// 0 public 1 private
|
||||||
let pi_s = ProofCmCs::construct(¶ms, &cm, &r, &cms, &rs, &private_attributes);
|
let pi_s = ProofCmCs::construct(
|
||||||
|
¶ms,
|
||||||
|
&cm,
|
||||||
|
&r,
|
||||||
|
&cms,
|
||||||
|
&rs,
|
||||||
|
&private_attributes,
|
||||||
|
&public_attributes,
|
||||||
|
);
|
||||||
|
|
||||||
let bytes = pi_s.to_bytes();
|
let bytes = pi_s.to_bytes();
|
||||||
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
|
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
|
||||||
@@ -547,7 +558,15 @@ mod tests {
|
|||||||
let private_attributes = params.n_random_scalars(2);
|
let private_attributes = params.n_random_scalars(2);
|
||||||
|
|
||||||
// 0 public 2 privates
|
// 0 public 2 privates
|
||||||
let pi_s = ProofCmCs::construct(¶ms, &cm, &r, &cms, &rs, &private_attributes);
|
let pi_s = ProofCmCs::construct(
|
||||||
|
¶ms,
|
||||||
|
&cm,
|
||||||
|
&r,
|
||||||
|
&cms,
|
||||||
|
&rs,
|
||||||
|
&private_attributes,
|
||||||
|
&public_attributes,
|
||||||
|
);
|
||||||
|
|
||||||
let bytes = pi_s.to_bytes();
|
let bytes = pi_s.to_bytes();
|
||||||
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
|
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
|
||||||
|
|||||||
@@ -201,8 +201,16 @@ pub fn compute_pedersen_commitments_for_private_attributes(
|
|||||||
(commitments_openings, pedersen_commitments)
|
(commitments_openings, pedersen_commitments)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn compute_commitment_hash(commitment: G1Projective) -> G1Projective {
|
pub fn compute_commitment_hash(
|
||||||
hash_g1(commitment.to_bytes())
|
commitment: G1Projective,
|
||||||
|
public_attributes: &[Attribute],
|
||||||
|
) -> G1Projective {
|
||||||
|
let mut msg_bytes = Vec::with_capacity(public_attributes.len() * 32);
|
||||||
|
msg_bytes.extend_from_slice(&commitment.to_affine().to_compressed());
|
||||||
|
for attr in public_attributes {
|
||||||
|
msg_bytes.extend_from_slice(&attr.to_bytes());
|
||||||
|
}
|
||||||
|
hash_g1(msg_bytes)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds cryptographic material required for blind sign.
|
/// Builds cryptographic material required for blind sign.
|
||||||
@@ -230,7 +238,7 @@ pub fn prepare_blind_sign(
|
|||||||
compute_attributes_commitment(params, private_attributes, public_attributes, hs);
|
compute_attributes_commitment(params, private_attributes, public_attributes, hs);
|
||||||
|
|
||||||
// Compute the challenge as the commitment hash
|
// Compute the challenge as the commitment hash
|
||||||
let commitment_hash = compute_commitment_hash(commitment);
|
let commitment_hash = compute_commitment_hash(commitment, public_attributes);
|
||||||
|
|
||||||
let (pedersen_commitments_openings, pedersen_commitments) =
|
let (pedersen_commitments_openings, pedersen_commitments) =
|
||||||
compute_pedersen_commitments_for_private_attributes(
|
compute_pedersen_commitments_for_private_attributes(
|
||||||
@@ -246,6 +254,7 @@ pub fn prepare_blind_sign(
|
|||||||
&pedersen_commitments,
|
&pedersen_commitments,
|
||||||
&pedersen_commitments_openings,
|
&pedersen_commitments_openings,
|
||||||
private_attributes,
|
private_attributes,
|
||||||
|
public_attributes,
|
||||||
);
|
);
|
||||||
|
|
||||||
Ok((
|
Ok((
|
||||||
@@ -276,7 +285,7 @@ pub fn blind_sign(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Verify the commitment hash
|
// Verify the commitment hash
|
||||||
let h = hash_g1(blind_sign_request.commitment.to_bytes());
|
let h = compute_commitment_hash(blind_sign_request.commitment, public_attributes);
|
||||||
if !(h == blind_sign_request.commitment_hash) {
|
if !(h == blind_sign_request.commitment_hash) {
|
||||||
return Err(CoconutError::Issuance(
|
return Err(CoconutError::Issuance(
|
||||||
"Failed to verify the commitment hash".to_string(),
|
"Failed to verify the commitment hash".to_string(),
|
||||||
|
|||||||
@@ -68,11 +68,11 @@ pub struct Init {
|
|||||||
/// bypass bandwidth credential requirement
|
/// bypass bandwidth credential requirement
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
only_coconut_credentials: bool,
|
only_coconut_credentials: Option<bool>,
|
||||||
|
|
||||||
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
|
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_statistics: bool,
|
enabled_statistics: Option<bool>,
|
||||||
|
|
||||||
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
|
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
@@ -182,11 +182,11 @@ mod tests {
|
|||||||
nym_apis: None,
|
nym_apis: None,
|
||||||
mnemonic: None,
|
mnemonic: None,
|
||||||
statistics_service_url: None,
|
statistics_service_url: None,
|
||||||
enabled_statistics: false,
|
enabled_statistics: None,
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
nyxd_urls: None,
|
nyxd_urls: None,
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
only_coconut_credentials: false,
|
only_coconut_credentials: None,
|
||||||
};
|
};
|
||||||
std::env::set_var(BECH32_PREFIX, "n");
|
std::env::set_var(BECH32_PREFIX, "n");
|
||||||
|
|
||||||
|
|||||||
@@ -52,7 +52,7 @@ pub(crate) struct OverrideConfig {
|
|||||||
clients_port: Option<u16>,
|
clients_port: Option<u16>,
|
||||||
datastore: Option<PathBuf>,
|
datastore: Option<PathBuf>,
|
||||||
announce_host: Option<String>,
|
announce_host: Option<String>,
|
||||||
enabled_statistics: bool,
|
enabled_statistics: Option<bool>,
|
||||||
statistics_service_url: Option<url::Url>,
|
statistics_service_url: Option<url::Url>,
|
||||||
nym_apis: Option<Vec<url::Url>>,
|
nym_apis: Option<Vec<url::Url>>,
|
||||||
mnemonic: Option<bip39::Mnemonic>,
|
mnemonic: Option<bip39::Mnemonic>,
|
||||||
@@ -60,7 +60,7 @@ pub(crate) struct OverrideConfig {
|
|||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
nyxd_urls: Option<Vec<url::Url>>,
|
nyxd_urls: Option<Vec<url::Url>>,
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
only_coconut_credentials: bool,
|
only_coconut_credentials: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) async fn execute(args: Cli) {
|
pub(crate) async fn execute(args: Cli) {
|
||||||
@@ -103,7 +103,7 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
|
|||||||
NYM_API,
|
NYM_API,
|
||||||
config::parse_urls,
|
config::parse_urls,
|
||||||
)
|
)
|
||||||
.with_enabled_statistics(args.enabled_statistics)
|
.with_optional(Config::with_enabled_statistics, args.enabled_statistics)
|
||||||
.with_optional_env(
|
.with_optional_env(
|
||||||
Config::with_custom_statistics_service_url,
|
Config::with_custom_statistics_service_url,
|
||||||
args.statistics_service_url,
|
args.statistics_service_url,
|
||||||
@@ -130,7 +130,10 @@ pub(crate) fn override_config(mut config: Config, args: OverrideConfig) -> Confi
|
|||||||
NYXD,
|
NYXD,
|
||||||
config::parse_urls,
|
config::parse_urls,
|
||||||
)
|
)
|
||||||
.with_only_coconut_credentials(args.only_coconut_credentials);
|
.with_optional(
|
||||||
|
Config::with_only_coconut_credentials,
|
||||||
|
args.only_coconut_credentials,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
config
|
config
|
||||||
|
|||||||
@@ -68,11 +68,11 @@ pub struct Run {
|
|||||||
/// bypass bandwidth credential requirement
|
/// bypass bandwidth credential requirement
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
only_coconut_credentials: bool,
|
only_coconut_credentials: Option<bool>,
|
||||||
|
|
||||||
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
|
/// Enable/disable gateway anonymized statistics that get sent to a statistics aggregator server
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_statistics: bool,
|
enabled_statistics: Option<bool>,
|
||||||
|
|
||||||
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
|
/// URL where a statistics aggregator is running. The default value is a Nym aggregator server
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
|
|||||||
+11
-8
@@ -94,11 +94,11 @@ struct ApiArgs {
|
|||||||
|
|
||||||
/// Specifies whether network monitoring is enabled on this API
|
/// Specifies whether network monitoring is enabled on this API
|
||||||
#[clap(short = 'm', long)]
|
#[clap(short = 'm', long)]
|
||||||
enable_monitor: bool,
|
enable_monitor: Option<bool>,
|
||||||
|
|
||||||
/// Specifies whether network rewarding is enabled on this API
|
/// Specifies whether network rewarding is enabled on this API
|
||||||
#[clap(short = 'r', long, requires = "enable_monitor", requires = "mnemonic")]
|
#[clap(short = 'r', long, requires = "enable_monitor", requires = "mnemonic")]
|
||||||
enable_rewarding: bool,
|
enable_rewarding: Option<bool>,
|
||||||
|
|
||||||
/// Endpoint to nyxd instance from which the monitor will grab nodes to test
|
/// Endpoint to nyxd instance from which the monitor will grab nodes to test
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
@@ -132,7 +132,7 @@ struct ApiArgs {
|
|||||||
|
|
||||||
/// Set this nym api to work in a enabled credentials that would attempt to use gateway with the bandwidth credential requirement
|
/// Set this nym api to work in a enabled credentials that would attempt to use gateway with the bandwidth credential requirement
|
||||||
#[clap(long)]
|
#[clap(long)]
|
||||||
enabled_credentials_mode: bool,
|
enabled_credentials_mode: Option<bool>,
|
||||||
|
|
||||||
/// Announced address where coconut clients will connect.
|
/// Announced address where coconut clients will connect.
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
@@ -142,7 +142,7 @@ struct ApiArgs {
|
|||||||
/// Flag to indicate whether coconut signer authority is enabled on this API
|
/// Flag to indicate whether coconut signer authority is enabled on this API
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
#[clap(long, requires = "mnemonic", requires = "announce-address")]
|
#[clap(long, requires = "mnemonic", requires = "announce-address")]
|
||||||
enable_coconut: bool,
|
enable_coconut: Option<bool>,
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn wait_for_interrupt(mut shutdown: TaskManager) {
|
async fn wait_for_interrupt(mut shutdown: TaskManager) {
|
||||||
@@ -186,15 +186,18 @@ fn override_config(mut config: Config, args: ApiArgs) -> Config {
|
|||||||
Config::with_min_gateway_reliability,
|
Config::with_min_gateway_reliability,
|
||||||
args.min_gateway_reliability,
|
args.min_gateway_reliability,
|
||||||
)
|
)
|
||||||
.with_network_monitor_enabled(args.enable_monitor)
|
.with_optional(Config::with_network_monitor_enabled, args.enable_monitor)
|
||||||
.with_rewarding_enabled(args.enable_rewarding)
|
.with_optional(Config::with_rewarding_enabled, args.enable_rewarding)
|
||||||
.with_disabled_credentials_mode(!args.enabled_credentials_mode);
|
.with_optional(
|
||||||
|
Config::with_disabled_credentials_mode,
|
||||||
|
args.enabled_credentials_mode.map(|b| !b),
|
||||||
|
);
|
||||||
|
|
||||||
#[cfg(feature = "coconut")]
|
#[cfg(feature = "coconut")]
|
||||||
{
|
{
|
||||||
config = config
|
config = config
|
||||||
.with_optional(Config::with_announce_address, args.announce_address)
|
.with_optional(Config::with_announce_address, args.announce_address)
|
||||||
.with_coconut_signer_enabled(args.enable_coconut);
|
.with_optional(Config::with_coconut_signer_enabled, args.enable_coconut);
|
||||||
}
|
}
|
||||||
|
|
||||||
if args.save_config {
|
if args.save_config {
|
||||||
|
|||||||
Reference in New Issue
Block a user