Compare commits

..

51 Commits

Author SHA1 Message Date
Bogdan-Ștefan Neacşu 65c8982cab Bump defguard to github latest version (#4872) (#4884)
* Bump defguard to github latest version

* Fix comment location
2024-09-16 15:59:34 +02:00
Tommy Verrall 5f7499604d Merge pull request #4861 from nymtech/update-windows-runner
Update windows runner details
2024-09-10 18:22:45 +02:00
Tommy Verrall 8c021e9537 install yarn 2024-09-10 18:02:55 +02:00
Tommy Verrall f2d56882fe adding correct runner name 2024-09-10 17:44:23 +02:00
Tommy Verrall 891fdeb4b5 Update and rename publish-nym-wallet-win10.yml to publish-nym-wallet-win11.yml 2024-09-10 17:22:34 +02:00
benedettadavico 01221a8e8c bump wallet version 2024-09-10 13:51:11 +02:00
Jon Häggblad 58c74199d1 Fix upload-artifacts 2024-09-10 10:59:21 +02:00
Jon Häggblad eb98c1bf33 Fix incorrect sed search-replace 2024-09-10 10:39:30 +02:00
Jon Häggblad d6393c1496 Update download-artifact action to v4 2024-09-10 10:23:40 +02:00
Jon Häggblad 48dfc24c33 Update upload-artifact action to v4 2024-09-10 10:23:02 +02:00
benedettadavico 61eaffe91b update changelog 2024-09-10 09:49:52 +02:00
Jędrzej Stuczyński 0f59fd4eee Merge pull request #4856 from nymtech/bugfix/client-registration-vol2
Bugfix/client registration vol2
2024-09-09 16:49:31 +01:00
Jędrzej Stuczyński c3aec2b01f update wireguard peers without replacing rows 2024-09-09 15:22:20 +01:00
Jędrzej Stuczyński c023c8fb9f updating shared keys without deleting the row 2024-09-09 15:22:20 +01:00
Jędrzej Stuczyński 1162de3673 additional logs 2024-09-09 15:22:20 +01:00
Jędrzej Stuczyński 74252269bc utility to convert private keys into keypairs 2024-09-09 15:22:19 +01:00
Jędrzej Stuczyński fe88321a50 Merge pull request #4857 from nymtech/jon/backport-fixes
Backport 4844 and 4845
2024-09-09 15:21:51 +01:00
Jon Häggblad babc84779c Backport 4844 and 4845 2024-09-09 16:19:04 +02:00
Jędrzej Stuczyński f3fcef60c3 Merge pull request #4822 from nymtech/feature/mixnet-contract-update-admin
added explicit updateable admin to the mixnet contract
2024-09-04 10:22:39 +01:00
Jędrzej Stuczyński ed7a84a1ce made 'owner' field optional to prepare for its future removal 2024-09-04 09:55:23 +01:00
Jędrzej Stuczyński 48e18684a2 Merge pull request #4821 from nymtech/bugfix/bonding-signature
using legacy signing payload in CLI and verifying both variants in contract
2024-09-03 16:36:09 +01:00
Jędrzej Stuczyński e76c8e06be updated contract schema 2024-09-03 16:35:42 +01:00
Jędrzej Stuczyński 858b6c6094 restored (and deprecated) 'owner' field in ContractState 2024-09-03 14:31:11 +01:00
Bogdan-Ștefan Neacşu 7b4dc78f41 Remove wireguard feature flag and pass runtime enabled flag (#4839)
* Remove wireguard feature flag

* Use wg enabled runtime flag

* Fix unintended flag removal
2024-09-03 15:25:05 +02:00
Bogdan-Ștefan Neacşu bb7a8e84e4 Eliminate cancel unsafe sig awaiting (#4834)
* Eliminate cancel unsafe sig awaiting

* Fix wasm build

* Simplify spawn call

* Fix wasm lint
2024-09-03 15:24:49 +02:00
benedetta davico a3183ab313 Merge pull request #4819 from nymtech/add-ecash-contract
adding ecash contract address
2024-08-29 07:26:46 +02:00
benedettadavico 74cd73a58f fmt 2024-08-28 17:35:37 +02:00
benedetta davico dd89026065 Merge pull request #4802 from nymtech/fix/nym-cli-params
Check profit margin of node before defaulting to hardcoded value
2024-08-28 17:34:56 +02:00
Jędrzej Stuczyński 07c80e5150 naming consistency 2024-08-28 16:32:02 +01:00
Jędrzej Stuczyński c17f0ac3f8 added explicit updateable admin to the mixnet contract 2024-08-28 16:30:30 +01:00
Jędrzej Stuczyński 7ae56b08b3 using legacy signing payload in CLI and verifying both variants in contract 2024-08-28 15:19:55 +01:00
benedettadavico 73fc2d6bb2 remove unused import 2024-08-28 11:43:16 +02:00
benedettadavico a5289cd431 update test env with ecash too 2024-08-28 11:39:49 +02:00
benedettadavico ec0e1b67a0 adding ecash contract address 2024-08-28 11:28:17 +02:00
benedettadavico eafbed6c9f wording 2024-08-28 11:21:11 +02:00
benedettadavico 4635db73f1 update code and fmt again 2024-08-27 16:20:44 +02:00
benedettadavico 9a43d1079a cargo fmt 2024-08-27 15:15:45 +02:00
benedettadavico 3238722ade WIP 2024-08-27 14:55:47 +02:00
Bogdan-Ștefan Neacşu a6ad6c7d49 Sync last_seen_bandwidth immediately (#4774) 2024-08-21 14:17:01 +02:00
Jędrzej Stuczyński cbc977c491 Merge pull request #4773 from nymtech/feature/additional-ecash-nym-cli-utils
Feature/additional ecash nym cli utils
2024-08-21 09:36:47 +01:00
Jędrzej Stuczyński f40c05a34c fixed incorrect propagation of client_id in the sdk 2024-08-20 17:01:43 +01:00
Jędrzej Stuczyński 776443131e fixed full display being always printed 2024-08-20 16:57:18 +01:00
Bogdan-Ștefan Neacşu b5eab7f07f Better storage error logging (#4772)
* Better storage error logging

* Print without including error returned to clients
2024-08-20 17:49:27 +02:00
Jędrzej Stuczyński eeeb4b3246 fixed incorrect assertion when validating maximum time between redemption 2024-08-20 16:43:36 +01:00
Jędrzej Stuczyński e3e4dc6db9 added an utility nym-cli command to output binary representation of ecash tickets 2024-08-20 16:31:00 +01:00
Jędrzej Stuczyński 461b7bcfb7 updated sandbox.env 2024-08-20 15:25:40 +01:00
Jędrzej Stuczyński bbf0d06583 updated constants depending on all 30 days expiration 2024-08-20 12:54:42 +01:00
Jędrzej Stuczyński 6393d6093f changed parsing of 'credential_data' when importing ticketbooks 2024-08-20 11:31:07 +01:00
benedettadavico c0ea599913 update changelog and version bump 2024-08-19 10:32:21 +02:00
benedetta davico 16d09a35ba Merge pull request #4764 from nymtech/bugfix/post-050-dkg
bugfix: make sure DKG parses data out of events if logs are empty
2024-08-16 13:46:15 +02:00
Jędrzej Stuczyński e6c5eddbe5 bugfix: make sure DKG parse data out of events if logs are empty
this will be the case on post 0.50 chains
2024-08-16 11:56:48 +01:00
887 changed files with 2636 additions and 37994 deletions
-7
View File
@@ -1,7 +0,0 @@
.git
.github
.gitignore
**/node_modules
**/target
dist
documentation
@@ -62,10 +62,6 @@ jobs:
echo 'RUSTFLAGS="--cfg tokio_unstable"' >> $GITHUB_ENV
if: github.event_name == 'workflow_dispatch' && inputs.add_tokio_unstable == true
- name: Set CARGO_FEATURES
run: |
echo 'CARGO_FEATURES=--features wireguard' >> $GITHUB_ENV
- name: Install Rust stable
uses: actions-rs/toolchain@v1
with:
@@ -91,7 +87,7 @@ jobs:
- name: Upload Artifact
if: github.event_name == 'workflow_dispatch'
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: nym-binaries-artifacts
path: |
+5 -7
View File
@@ -73,29 +73,27 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: build
# Enable wireguard by default on linux only
args: --workspace --features wireguard
- name: Build all examples
if: matrix.os == 'custom-linux'
uses: actions-rs/cargo@v1
with:
command: build
args: --workspace --examples --features wireguard
args: --workspace --examples
- name: Run all tests
if: matrix.os == 'custom-linux'
uses: actions-rs/cargo@v1
with:
command: test
args: --workspace --features wireguard
args: --workspace
- name: Run expensive tests
if: (github.ref == 'refs/heads/develop' || github.event.pull_request.base.ref == 'develop' || github.event.pull_request.base.ref == 'master') && matrix.os == 'custom-linux'
uses: actions-rs/cargo@v1
with:
command: test
args: --workspace --features wireguard -- --ignored
args: --workspace -- --ignored
- name: Annotate with clippy checks
if: matrix.os == 'custom-linux'
@@ -103,10 +101,10 @@ jobs:
continue-on-error: true
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: --workspace --features wireguard
args: --workspace
- name: Clippy
uses: actions-rs/cargo@v1
with:
command: clippy
args: --workspace --all-targets --features wireguard -- -D warnings
args: --workspace --all-targets -- -D warnings
@@ -1,10 +1,9 @@
name: ci-sdk-docs-typescript
on:
workflow_dispatch:
pull_request:
paths:
- "documentation/"
- "sdk/typescript/**"
- "wasm/**"
jobs:
@@ -29,7 +28,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.20"
go-version: '1.20'
- name: Install wasm-pack
run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
@@ -37,7 +36,7 @@ jobs:
- name: Install wasm-opt
uses: ./.github/actions/install-wasm-opt
with:
version: "116"
version: '116'
- name: Build branch WASM packages
run: make sdk-wasm-build
+2 -2
View File
@@ -20,7 +20,7 @@ jobs:
find . -name Cargo.toml -exec cargo deny --manifest-path {} check \
advisories -A advisory-not-detected --hide-inclusion-graph \; &> \
>(uniq &> .github/workflows/support-files/notifications/deny.message )
- uses: actions/upload-artifact@v3
- uses: actions/upload-artifact@v4
with:
name: report
path: .github/workflows/support-files/notifications/deny.message
@@ -31,7 +31,7 @@ jobs:
- name: Check out repository code
uses: actions/checkout@v2
- name: Download report from previous job
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: report
path: .github/workflows/support-files/notifications
+1 -5
View File
@@ -51,10 +51,6 @@ jobs:
echo 'RUSTFLAGS="--cfg tokio_unstable"' >> $GITHUB_ENV
if: github.event_name == 'workflow_dispatch' && inputs.add_tokio_unstable == true
- name: Set CARGO_FEATURES
run: |
echo 'CARGO_FEATURES=--features wireguard' >> $GITHUB_ENV
- name: Install Rust stable
uses: actions-rs/toolchain@v1
with:
@@ -67,7 +63,7 @@ jobs:
args: --workspace --release ${{ env.CARGO_FEATURES }}
- name: Upload Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: my-artifact
path: |
+2 -2
View File
@@ -26,14 +26,14 @@ jobs:
run: make contracts
- name: Upload Mixnet Contract Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: mixnet_contract.wasm
path: contracts/target/wasm32-unknown-unknown/release/mixnet_contract.wasm
retention-days: 5
- name: Upload Vesting Contract Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: vesting_contract.wasm
path: contracts/target/wasm32-unknown-unknown/release/vesting_contract.wasm
@@ -83,7 +83,7 @@ jobs:
run: yarn && yarn build
- name: Upload Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: nym-wallet.app.tar.gz
path: nym-wallet/target/release/bundle/macos/nym-wallet.app.tar.gz
@@ -62,7 +62,7 @@ jobs:
TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
- name: Upload Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: nym-wallet_1.0.0_amd64.AppImage.tar.gz
path: nym-wallet/target/release/bundle/appimage/nym-wallet*.AppImage.tar.gz
@@ -1,4 +1,4 @@
name: publish-nym-wallet-win10
name: publish-nym-wallet-win11
on:
workflow_dispatch:
release:
@@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
platform: [windows10]
platform: [custom-windows-11]
runs-on: ${{ matrix.platform }}
outputs:
@@ -62,6 +62,9 @@ jobs:
fileName: '.env'
encodedString: ${{ secrets.WALLET_ADMIN_ADDRESS }}
- name: Install Yarn
run: npm install -g yarn
- name: Install project dependencies
shell: bash
run: cd .. && yarn --network-timeout 100000
@@ -82,7 +85,7 @@ jobs:
run: yarn build
- name: Upload Artifact
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: nym-wallet_1.0.0_x64_en-US.msi
path: nym-wallet/target/release/bundle/msi/nym-wallet_1.*.msi
@@ -84,7 +84,7 @@ jobs:
apk/nyms5-arch64-release.apk
- name: Upload APKs
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: nyms5-apk-arch64
path: |
@@ -99,7 +99,7 @@ jobs:
- name: Checkout
uses: actions/checkout@v3
- name: Download binary artifact
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: nyms5-apk-arch64
path: apk
+1 -1
View File
@@ -30,7 +30,7 @@ jobs:
with:
release-tag-or-name-or-id: ${{ inputs.release_tag }}
- uses: actions/upload-artifact@v2
- uses: actions/upload-artifact@v4
with:
name: Asset Hashes
path: hashes.json
+1 -4
View File
@@ -48,7 +48,4 @@ foxyfox.env
.next
ppa-private-key.b64
ppa-private-key.asc
nym-network-monitor/topology.json
nym-network-monitor/__pycache__
nym-network-monitor/*.key
ppa-private-key.asc
+54
View File
@@ -4,6 +4,60 @@ Post 1.0.0 release, the changelog format is based on [Keep a Changelog](https://
## [Unreleased]
## [2024.10-caramello] (2024-09-10)
- Backport 4844 and 4845 ([#4857])
- Bugfix/client registration vol2 ([#4856])
- Remove wireguard feature flag and pass runtime enabled flag ([#4839])
- Eliminate cancel unsafe sig awaiting ([#4834])
- added explicit updateable admin to the mixnet contract ([#4822])
- using legacy signing payload in CLI and verifying both variants in contract ([#4821])
- adding ecash contract address ([#4819])
- Check profit margin of node before defaulting to hardcoded value ([#4802])
- Sync last_seen_bandwidth immediately ([#4774])
- Feature/additional ecash nym cli utils ([#4773])
- Better storage error logging ([#4772])
- bugfix: make sure DKG parses data out of events if logs are empty ([#4764])
- Fix clippy on rustc beta toolchain ([#4746])
- Fix clippy for beta toolchain ([#4742])
- Disable testnet-manager on non-unix ([#4741])
- Don't set NYM_VPN_API to default ([#4740])
- Update publish-nym-binaries.yml ([#4739])
- Update ci-build-upload-binaries.yml ([#4738])
- Add NYM_VPN_API to network config ([#4736])
- Re-export RecipientFormattingError in nym sdk ([#4735])
- Persist wireguard peers ([#4732])
- Fix tokio error in 1.39 ([#4730])
- Feature/vesting purge plus ranged cost params ([#4716])
- Fix (some) feature unification build failures ([#4681])
- Feature Compact Ecash : The One PR ([#4623])
[#4857]: https://github.com/nymtech/nym/pull/4857
[#4856]: https://github.com/nymtech/nym/pull/4856
[#4839]: https://github.com/nymtech/nym/pull/4839
[#4834]: https://github.com/nymtech/nym/pull/4834
[#4822]: https://github.com/nymtech/nym/pull/4822
[#4821]: https://github.com/nymtech/nym/pull/4821
[#4819]: https://github.com/nymtech/nym/pull/4819
[#4802]: https://github.com/nymtech/nym/pull/4802
[#4774]: https://github.com/nymtech/nym/pull/4774
[#4773]: https://github.com/nymtech/nym/pull/4773
[#4772]: https://github.com/nymtech/nym/pull/4772
[#4764]: https://github.com/nymtech/nym/pull/4764
[#4746]: https://github.com/nymtech/nym/pull/4746
[#4742]: https://github.com/nymtech/nym/pull/4742
[#4741]: https://github.com/nymtech/nym/pull/4741
[#4740]: https://github.com/nymtech/nym/pull/4740
[#4739]: https://github.com/nymtech/nym/pull/4739
[#4738]: https://github.com/nymtech/nym/pull/4738
[#4736]: https://github.com/nymtech/nym/pull/4736
[#4735]: https://github.com/nymtech/nym/pull/4735
[#4732]: https://github.com/nymtech/nym/pull/4732
[#4730]: https://github.com/nymtech/nym/pull/4730
[#4716]: https://github.com/nymtech/nym/pull/4716
[#4681]: https://github.com/nymtech/nym/pull/4681
[#4623]: https://github.com/nymtech/nym/pull/4623
## [2024.9-topdeck] (2024-07-26)
- chore: fix 1.80 lint issues ([#4731])
Generated
+94 -318
View File
File diff suppressed because it is too large Load Diff
+3 -4
View File
@@ -14,6 +14,7 @@ panic = "abort"
opt-level = 3
[workspace]
resolver = "2"
members = [
"clients/native",
@@ -93,7 +94,6 @@ members = [
"common/wasm/utils",
"common/wireguard",
"common/wireguard-types",
"documentation/autodoc",
"explorer-api",
"explorer-api/explorer-api-requests",
"explorer-api/explorer-client",
@@ -106,7 +106,6 @@ members = [
"service-providers/common",
"service-providers/ip-packet-router",
"service-providers/network-requester",
"nym-network-monitor",
"nym-api",
"nym-browser-extension/storage",
"nym-api/nym-api-requests",
@@ -160,7 +159,6 @@ homepage = "https://nymtech.net"
documentation = "https://nymtech.net"
edition = "2021"
license = "Apache-2.0"
rust-version = "1.80"
[workspace.dependencies]
addr = "0.15.6"
@@ -206,7 +204,8 @@ ctr = "0.9.1"
cupid = "0.6.1"
curve25519-dalek = "4.1"
dashmap = "5.5.3"
defguard_wireguard_rs = "0.4.2"
# We want https://github.com/DefGuard/wireguard-rs/pull/64 , but there's no crates.io release being pushed out anymore
defguard_wireguard_rs = { git = "https://github.com/DefGuard/wireguard-rs.git", rev = "v0.4.7" }
digest = "0.10.7"
dirs = "4.0"
doc-comment = "0.3"
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nym-client"
version = "1.1.39"
version = "1.1.40"
authors = ["Dave Hrycyszyn <futurechimp@users.noreply.github.com>", "Jędrzej Stuczyński <andrew@nymtech.net>"]
description = "Implementation of the Nym Client"
edition = "2021"
+1 -1
View File
@@ -422,7 +422,7 @@ impl Handler {
) {
// We don't want a crash in the connection handler to trigger a shutdown of the whole
// process.
task_client.disarm();
task_client.mark_as_success();
let ws_stream = match accept_async(socket).await {
Ok(ws_stream) => ws_stream,
+1 -1
View File
@@ -1,6 +1,6 @@
[package]
name = "nym-socks5-client"
version = "1.1.39"
version = "1.1.40"
authors = ["Dave Hrycyszyn <futurechimp@users.noreply.github.com>"]
description = "A SOCKS5 localhost proxy that converts incoming messages to Sphinx and sends them to a Nym address"
edition = "2021"
@@ -2,7 +2,9 @@
// SPDX-License-Identifier: Apache-2.0
use crate::error::BandwidthControllerError;
use crate::utils::{get_coin_index_signatures, get_expiration_date_signatures};
use crate::utils::{
get_aggregate_verification_key, get_coin_index_signatures, get_expiration_date_signatures,
};
use log::info;
use nym_credential_storage::storage::Storage;
use nym_credentials::ecash::bandwidth::IssuanceTicketBook;
@@ -55,7 +57,7 @@ where
))
}
pub async fn query_and_persist_required_global_signatures<S>(
pub async fn query_and_persist_required_global_data<S>(
storage: &S,
epoch_id: EpochId,
expiration_date: Date,
@@ -65,6 +67,10 @@ where
S: Storage,
<S as Storage>::StorageError: Send + Sync + 'static,
{
log::info!("Getting master verification key");
// this will also persist the key in the storage if was not there already
get_aggregate_verification_key(storage, epoch_id, apis.clone()).await?;
log::info!("Getting expiration date signatures");
// this will also persist the signatures in the storage if they were not there already
get_expiration_date_signatures(storage, epoch_id, expiration_date, apis.clone()).await?;
+4 -2
View File
@@ -16,7 +16,7 @@ use nym_credential_storage::models::RetrievedTicketbook;
use nym_credential_storage::storage::Storage;
use nym_credentials::ecash::bandwidth::CredentialSpendingData;
use nym_credentials_interface::{
AnnotatedCoinIndexSignature, AnnotatedExpirationDateSignature, NymPayInfo, VerificationKeyAuth,
AnnotatedCoinIndexSignature, AnnotatedExpirationDateSignature, VerificationKeyAuth,
};
use nym_ecash_time::Date;
use nym_validator_client::nym_api::EpochId;
@@ -165,7 +165,9 @@ impl<C, St: Storage> BandwidthController<C, St> {
.get_coin_index_signatures(epoch_id, &mut api_clients)
.await?;
let pay_info = NymPayInfo::generate(provider_pk);
let pay_info = retrieved_ticketbook
.ticketbook
.generate_pay_info(provider_pk);
let spend_request = retrieved_ticketbook.ticketbook.prepare_for_spending(
&verification_key,
-1
View File
@@ -19,7 +19,6 @@ futures = { workspace = true }
humantime-serde = { workspace = true }
log = { workspace = true }
rand = { workspace = true }
rand_chacha = { workspace = true }
serde = { workspace = true, features = ["derive"] }
serde_json = { workspace = true }
sha2 = { workspace = true }
@@ -455,7 +455,7 @@ where
Err(ClientCoreError::CustomGatewaySelectionExpected)
} else {
// and make sure to invalidate the task client so we wouldn't cause premature shutdown
shutdown.disarm();
shutdown.mark_as_success();
custom_gateway_transceiver.set_packet_router(packet_router)?;
Ok(custom_gateway_transceiver)
};
@@ -562,7 +562,7 @@ where
if topology_config.disable_refreshing {
// if we're not spawning the refresher, don't cause shutdown immediately
info!("The topology refesher is not going to be started");
shutdown.disarm();
shutdown.mark_as_success();
} else {
// don't spawn the refresher if we don't want to be refreshing the topology.
// only use the initial values obtained
@@ -458,7 +458,7 @@ impl PacketStatisticsControl {
fn report_rates(&self) {
if let Some((_, rates)) = self.rates.back() {
log::debug!("{}", rates.summary());
log::info!("{}", rates.summary());
log::debug!("{}", rates.detailed_summary());
}
}
@@ -486,7 +486,7 @@ impl PacketStatisticsControl {
// Check what the number of retransmissions was during the recording window
if let Some((_, start_stats)) = self.history.front() {
let delta = self.stats.clone() - start_stats.clone();
log::debug!(
log::info!(
"mix packet retransmissions/real mix packets: {}/{}",
delta.retransmissions_queued,
delta.real_packets_queued,
@@ -453,7 +453,6 @@ where
let mut pending_acks = Vec::with_capacity(fragments.len());
let mut real_messages = Vec::with_capacity(fragments.len());
debug!("Splitting message into {} fragments", fragments.len());
for fragment in fragments {
// we need to clone it because we need to keep it in memory in case we had to retransmit
// it. And then we'd need to recreate entire ACK again.
@@ -474,6 +474,13 @@ where
Poll::Ready(Some((real_messages, conn_id))) => {
log::trace!("handling real_messages: size: {}", real_messages.len());
// This is the last step in the pipeline where we know the type of the message, so
// lets count the number of retransmissions here.
if conn_id == TransmissionLane::Retransmission {
self.stats_tx
.report(PacketStatisticsEvent::RetransmissionQueued);
}
// First store what we got for the given connection id
self.transmission_buffer.store(&conn_id, real_messages);
let real_next = self.pop_next_message().expect("we just added one");
+18 -40
View File
@@ -46,34 +46,13 @@ const MEASUREMENTS: usize = 3;
const CONN_TIMEOUT: Duration = Duration::from_millis(1500);
const PING_TIMEOUT: Duration = Duration::from_millis(1000);
// The abstraction that some of these helpers use
pub trait ConnectableGateway {
fn identity(&self) -> &identity::PublicKey;
fn clients_address(&self) -> String;
fn is_wss(&self) -> bool;
}
impl ConnectableGateway for gateway::Node {
fn identity(&self) -> &identity::PublicKey {
self.identity()
}
fn clients_address(&self) -> String {
self.clients_address()
}
fn is_wss(&self) -> bool {
self.clients_wss_port.is_some()
}
}
struct GatewayWithLatency<'a, G: ConnectableGateway> {
gateway: &'a G,
struct GatewayWithLatency<'a> {
gateway: &'a gateway::Node,
latency: Duration,
}
impl<'a, G: ConnectableGateway> GatewayWithLatency<'a, G> {
fn new(gateway: &'a G, latency: Duration) -> Self {
impl<'a> GatewayWithLatency<'a> {
fn new(gateway: &'a gateway::Node, latency: Duration) -> Self {
GatewayWithLatency { gateway, latency }
}
}
@@ -151,14 +130,11 @@ async fn connect(endpoint: &str) -> Result<WsConn, ClientCoreError> {
JSWebsocket::new(endpoint).map_err(|_| ClientCoreError::GatewayJsConnectionFailure)
}
async fn measure_latency<G>(gateway: &G) -> Result<GatewayWithLatency<G>, ClientCoreError>
where
G: ConnectableGateway,
{
async fn measure_latency(gateway: &gateway::Node) -> Result<GatewayWithLatency, ClientCoreError> {
let addr = gateway.clients_address();
trace!(
"establishing connection to {} ({addr})...",
gateway.identity(),
gateway.identity_key,
);
let mut stream = connect(&addr).await?;
@@ -201,7 +177,7 @@ where
let count = results.len() as u64;
if count == 0 {
return Err(ClientCoreError::NoGatewayMeasurements {
identity: gateway.identity().to_base58_string(),
identity: gateway.identity_key.to_base58_string(),
});
}
@@ -211,11 +187,11 @@ where
Ok(GatewayWithLatency::new(gateway, avg))
}
pub async fn choose_gateway_by_latency<'a, R: Rng, G: ConnectableGateway + Clone>(
pub async fn choose_gateway_by_latency<R: Rng>(
rng: &mut R,
gateways: &[G],
gateways: &[gateway::Node],
must_use_tls: bool,
) -> Result<G, ClientCoreError> {
) -> Result<gateway::Node, ClientCoreError> {
let gateways = filter_by_tls(gateways, must_use_tls)?;
info!(
@@ -247,19 +223,21 @@ pub async fn choose_gateway_by_latency<'a, R: Rng, G: ConnectableGateway + Clone
info!(
"chose gateway {} with average latency of {:?}",
chosen.gateway.identity(),
chosen.latency
chosen.gateway.identity_key, chosen.latency
);
Ok(chosen.gateway.clone())
}
fn filter_by_tls<G: ConnectableGateway>(
gateways: &[G],
fn filter_by_tls(
gateways: &[gateway::Node],
must_use_tls: bool,
) -> Result<Vec<&G>, ClientCoreError> {
) -> Result<Vec<&gateway::Node>, ClientCoreError> {
if must_use_tls {
let filtered = gateways.iter().filter(|g| g.is_wss()).collect::<Vec<_>>();
let filtered = gateways
.iter()
.filter(|g| g.clients_wss_port.is_some())
.collect::<Vec<_>>();
if filtered.is_empty() {
return Err(ClientCoreError::NoWssGateways);
@@ -417,6 +417,8 @@ impl<C, St> GatewayClient<C, St> {
self.local_identity.as_ref(),
self.gateway_identity,
self.cfg.bandwidth.require_tickets,
#[cfg(not(target_arch = "wasm32"))]
self.task_client.clone(),
)
.await
.map_err(GatewayClientError::RegistrationFailure),
@@ -70,8 +70,8 @@ impl PacketRouter {
Ok(())
}
pub fn disarm(&mut self) {
self.shutdown.disarm();
pub fn mark_as_success(&mut self) {
self.shutdown.mark_as_success();
}
}
@@ -113,8 +113,8 @@ impl PartiallyDelegatedRouter {
let return_res = match ret {
Err(err) => self.stream_return.send(Err(err)),
Ok(_) => {
self.packet_router.disarm();
task_client.disarm();
self.packet_router.mark_as_success();
task_client.mark_as_success();
self.stream_return.send(Ok(split_stream))
}
};
@@ -90,6 +90,4 @@ default = ["http-client"]
http-client = ["cosmrs/rpc"]
generate-ts = []
contract-testing = ["nym-mixnet-contract-common/contract-testing"]
# Features below are added to make clippy happy, it seems like they're unused we should remove them
tendermint-rpc-http-client = ["tendermint-rpc/http-client"]
tendermint-rpc-websocket-client = ["tendermint-rpc/websocket-client"]
@@ -49,7 +49,5 @@ pub const COMPUTE_REWARD_ESTIMATION: &str = "compute-reward-estimation";
pub const AVG_UPTIME: &str = "avg_uptime";
pub const STAKE_SATURATION: &str = "stake-saturation";
pub const INCLUSION_CHANCE: &str = "inclusion-probability";
pub const SUBMIT_GATEWAY: &str = "submit-gateway-monitoring-results";
pub const SUBMIT_NODE: &str = "submit-node-monitoring-results";
pub const SERVICE_PROVIDERS: &str = "services";
@@ -42,6 +42,10 @@ pub trait MixnetQueryClient {
// state/sys-params-related
async fn admin(&self) -> Result<cw_controllers::AdminResponse, NyxdError> {
self.query_mixnet_contract(MixnetQueryMsg::Admin {}).await
}
async fn get_mixnet_contract_version(&self) -> Result<ContractBuildInformation, NyxdError> {
self.query_mixnet_contract(MixnetQueryMsg::GetContractVersion {})
.await
@@ -580,6 +584,7 @@ mod tests {
msg: MixnetQueryMsg,
) -> u32 {
match msg {
MixnetQueryMsg::Admin {} => client.admin().ignore(),
MixnetQueryMsg::GetAllFamiliesPaged { limit, start_after } => client
.get_all_family_members_paged(start_after, limit)
.ignore(),
@@ -31,6 +31,15 @@ pub trait MixnetSigningClient {
// state/sys-params-related
async fn update_admin(
&self,
admin: String,
fee: Option<Fee>,
) -> Result<ExecuteResult, NyxdError> {
self.execute_mixnet_contract(fee, MixnetExecuteMsg::UpdateAdmin { admin }, vec![])
.await
}
async fn update_rewarding_validator_address(
&self,
address: AccountId,
@@ -760,6 +769,7 @@ mod tests {
msg: MixnetExecuteMsg,
) {
match msg {
MixnetExecuteMsg::UpdateAdmin { admin } => client.update_admin(admin, None).ignore(),
MixnetExecuteMsg::AssignNodeLayer { mix_id, layer } => {
client.assign_node_layer(mix_id, layer, None).ignore()
}
@@ -1,6 +1,7 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::nyxd::cosmwasm_client::types::ExecuteResult;
use crate::nyxd::error::NyxdError;
use cosmrs::abci::TxMsgData;
use cosmrs::cosmwasm::MsgExecuteContractResponse;
@@ -9,7 +10,6 @@ use log::error;
use prost::bytes::Bytes;
use tendermint_rpc::endpoint::broadcast;
use crate::nyxd::cosmwasm_client::types::ExecuteResult;
pub use cosmrs::abci::MsgResponse;
pub fn parse_msg_responses(data: Bytes) -> Vec<MsgResponse> {
@@ -21,7 +21,8 @@ pub struct Log {
/// Searches in logs for the first event of the given event type and in that event
/// for the first attribute with the given attribute key.
pub fn find_attribute<'a>(
#[deprecated]
pub fn find_attribute_in_logs<'a>(
logs: &'a [Log],
event_type: &str,
attribute_key: &str,
@@ -35,6 +36,7 @@ pub fn find_attribute<'a>(
}
/// Search for the proposal id in the given log. It'll be in the LAST wasm event, with attribute key "proposal_id"
#[deprecated]
pub fn find_proposal_id(logs: &[Log]) -> Result<u64, NyxdError> {
let maybe_attributes = logs
.iter()
@@ -300,8 +300,8 @@ where
}
#[cfg(any(
feature = "tendermint-rpc-http-client",
feature = "tendermint-rpc-websocket-client"
feature = "tendermint-rpc/http-client",
feature = "tendermint-rpc/websocket-client"
))]
async fn wait_until_healthy<T>(&self, timeout: T) -> Result<(), Error>
where
@@ -1,12 +1,24 @@
// Copyright 2023 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::nyxd::cosmwasm_client::logs::Log;
use crate::nyxd::TxResponse;
use cosmrs::tendermint::abci;
pub use abci::Event;
// Searches in events for an event of the given event type which contains an
// attribute for with the given key.
pub fn find_tx_attribute(tx: &TxResponse, event_type: &str, attribute_key: &str) -> Option<String> {
let event = tx.tx_result.events.iter().find(|e| e.kind == event_type)?;
find_event_attribute(&tx.tx_result.events, event_type, attribute_key)
}
pub fn find_event_attribute(
events: &[Event],
event_type: &str,
attribute_key: &str,
) -> Option<String> {
let event = events.iter().find(|e| e.kind == event_type)?;
let attribute = event.attributes.iter().find(|&attr| {
if let Ok(key_str) = attr.key_str() {
key_str == attribute_key
@@ -16,3 +28,23 @@ pub fn find_tx_attribute(tx: &TxResponse, event_type: &str, attribute_key: &str)
})?;
Some(attribute.value_str().ok().map(|str| str.to_string())).flatten()
}
pub fn find_attribute_value_in_logs_or_events(
logs: &[Log],
events: &[Event],
event_type: &str,
attribute_key: &str,
) -> Option<String> {
// if logs are empty, i.e. we're using post 0.50 code, parse the events instead
if !logs.is_empty() {
#[allow(deprecated)]
return crate::nyxd::cosmwasm_client::logs::find_attribute_in_logs(
logs,
event_type,
attribute_key,
)
.map(|attr| attr.value.clone());
}
find_event_attribute(events, event_type, attribute_key)
}
@@ -820,8 +820,8 @@ where
}
#[cfg(any(
feature = "tendermint-rpc-http-client",
feature = "tendermint-rpc-websocket-client"
feature = "tendermint-rpc/http-client",
feature = "tendermint-rpc/websocket-client"
))]
async fn wait_until_healthy<T>(&self, timeout: T) -> Result<(), Error>
where
@@ -300,8 +300,8 @@ pub trait TendermintRpcClient {
}
#[cfg(any(
feature = "tendermint-rpc-http-client",
feature = "tendermint-rpc-websocket-client"
feature = "tendermint-rpc/http-client",
feature = "tendermint-rpc/websocket-client"
))]
/// Poll the `/health` endpoint until it returns a successful result or
/// the given `timeout` has elapsed.
@@ -518,8 +518,8 @@ mod non_wasm {
}
#[cfg(any(
feature = "tendermint-rpc-http-client",
feature = "tendermint-rpc-websocket-client"
feature = "tendermint-rpc/http-client",
feature = "tendermint-rpc/websocket-client"
))]
async fn wait_until_healthy<T>(&self, timeout: T) -> Result<(), Error>
where
+5 -4
View File
@@ -7,9 +7,10 @@ license.workspace = true
[dependencies]
anyhow = { workspace = true }
base64 = "0.13.0"
base64 = { workspace = true }
bip39 = { workspace = true }
bs58 = { workspace = true }
colored = { workspace = true }
comfy-table = { workspace = true }
cfg-if = { workspace = true }
clap = { workspace = true, features = ["derive"] }
@@ -21,13 +22,13 @@ humantime-serde = { workspace = true }
inquire = { workspace = true }
k256 = { workspace = true, features = ["ecdsa", "sha256"] }
log = { workspace = true }
rand = {version = "0.6", features = ["std"] }
rand = { workspace = true, features = ["std"] }
serde = { workspace = true, features = ["derive"] }
serde_json = { workspace = true }
thiserror = { workspace = true }
time = { workspace = true, features = ["parsing", "formatting"] }
tokio = { workspace = true, features = ["sync"]}
toml = "0.5.6"
tokio = { workspace = true, features = ["sync"] }
toml = { workspace = true }
url = { workspace = true }
tap = { workspace = true }
zeroize = { workspace = true }
@@ -0,0 +1,178 @@
// Copyright 2024 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::utils::CommonConfigsWrapper;
use anyhow::{anyhow, bail};
use clap::Parser;
use colored::Colorize;
use comfy_table::Table;
use nym_credential_storage::initialise_persistent_storage;
use nym_credential_storage::storage::Storage;
use nym_credentials::ecash::bandwidth::serialiser::VersionedSerialise;
use std::path::PathBuf;
#[derive(Debug, Parser)]
pub struct Args {
/// Specify the index of the ticket to retrieve from the ticketbook.
/// By default, the current unspent value is used.
#[clap(long, group = "output")]
pub(crate) ticket_index: Option<u64>,
/// Specify whether we should display payments for ALL available tickets
#[clap(long, group = "output")]
pub(crate) full: bool,
/// Base58-encoded identity of the provider (must be 32 bytes long)
#[clap(long)]
pub(crate) provider: String,
/// Config file of the client that is supposed to use the credential.
#[clap(long, group = "source")]
pub(crate) client_config: Option<PathBuf>,
/// Path to the dedicated credential storage database
#[clap(long, group = "source")]
pub(crate) credential_storage: Option<PathBuf>,
}
pub async fn execute(args: Args) -> anyhow::Result<()> {
let credentials_store = if let Some(explicit) = args.credential_storage {
explicit
} else {
// SAFETY: at least one of them MUST HAVE been specified
let cfg = args.client_config.unwrap();
let loaded = CommonConfigsWrapper::try_load(cfg)?;
if let Ok(id) = loaded.try_get_id() {
println!("loaded config file for client '{id}'");
}
let Ok(credentials_store) = loaded.try_get_credentials_store() else {
bail!("the loaded config does not have a credentials store information")
};
credentials_store
};
let decoded_provider = bs58::decode(&args.provider).into_vec()?;
if decoded_provider.len() != 32 {
bail!("the provided provider information is malformed")
}
let provider_arr: [u8; 32] = decoded_provider.try_into().unwrap();
let persistent_storage = initialise_persistent_storage(&credentials_store).await;
let Some(mut next_ticketbook) = persistent_storage
.get_next_unspent_usable_ticketbook(0)
.await?
else {
bail!(
"there are no valid ticketbooks in the storage at {}",
credentials_store.display()
)
};
let epoch_id = next_ticketbook.ticketbook.epoch_id();
let expiration_date = next_ticketbook.ticketbook.expiration_date();
let verification_key = persistent_storage
.get_master_verification_key(epoch_id)
.await?
.ok_or_else(|| {
anyhow!("ticketbook got incorrectly imported - the master verification key is missing")
})?;
let expiration_signatures = persistent_storage
.get_expiration_date_signatures(expiration_date)
.await?
.ok_or_else(|| {
anyhow!(
"ticketbook got incorrectly imported - the expiration date signatures are missing"
)
})?;
let coin_indices_signatures = persistent_storage
.get_coin_index_signatures(epoch_id)
.await?
.ok_or_else(|| {
anyhow!("ticketbook got incorrectly imported - the coin index signatures are missing")
})?;
let ticketbook_data = next_ticketbook.ticketbook.pack();
let next_ticket = args
.ticket_index
.unwrap_or(next_ticketbook.ticketbook.spent_tickets());
let pay_info = next_ticketbook.ticketbook.generate_pay_info(provider_arr);
println!("{}", "TICKETBOOK DATA:".bold());
println!("{}", bs58::encode(&ticketbook_data.data).into_string());
println!();
// display it only for a single ticket
if !args.full {
println!("attempting to generate payment for ticket {next_ticket}...");
println!();
next_ticketbook.ticketbook.update_spent_tickets(next_ticket);
let req = next_ticketbook.ticketbook.prepare_for_spending(
&verification_key,
pay_info.into(),
&coin_indices_signatures,
&expiration_signatures,
1,
)?;
let payment = req.payment;
println!("{}", format!("PAYMENT FOR TICKET {next_ticket}: ").bold());
println!("{}", bs58::encode(&payment.to_bytes()).into_string());
return Ok(());
}
println!(
"generating payment information for {} tickets. this might take a while!...",
next_ticketbook.ticketbook.params_total_tickets()
);
// otherwise generate all the payments
let last_spent = next_ticketbook.ticketbook.spent_tickets();
let mut table = Table::new();
table.set_header(vec!["index", "binary data", "spend status"]);
for i in 0..next_ticketbook.ticketbook.params_total_tickets() {
let status = if i < last_spent {
"SPENT".red()
} else {
"NOT SPENT".green()
};
next_ticketbook.ticketbook.update_spent_tickets(i);
let req = next_ticketbook.ticketbook.prepare_for_spending(
&verification_key,
pay_info.into(),
&coin_indices_signatures,
&expiration_signatures,
1,
)?;
let payment = req.payment;
let payment_bytes = payment.to_bytes();
let len = payment_bytes.len();
let display_size = 100;
let remaining = len - display_size;
table.add_row(vec![
i.to_string(),
format!(
"{}{remaining}bytes remaining",
bs58::encode(&payment_bytes[..display_size]).into_string()
),
status.to_string(),
]);
}
println!("{}", "AVAILABLE TICKETS".bold());
println!("{table}");
Ok(())
}
@@ -9,9 +9,17 @@ use nym_credential_storage::initialise_persistent_storage;
use nym_id::import_credential;
use std::fs;
use std::path::PathBuf;
use std::str::FromStr;
fn parse_encoded_credential_data(raw: &str) -> bs58::decode::Result<Vec<u8>> {
bs58::decode(raw).into_vec()
#[derive(Debug, Clone)]
pub struct CredentialDataWrapper(Vec<u8>);
impl FromStr for CredentialDataWrapper {
type Err = bs58::decode::Error;
fn from_str(s: &str) -> Result<Self, Self::Err> {
bs58::decode(s).into_vec().map(CredentialDataWrapper)
}
}
#[derive(Debug, Parser)]
@@ -22,8 +30,8 @@ pub struct Args {
pub(crate) client_config: PathBuf,
/// Explicitly provide the encoded credential data (as base58)
#[clap(long, group = "cred_data", value_parser = parse_encoded_credential_data)]
pub(crate) credential_data: Option<Vec<u8>>,
#[clap(long, group = "cred_data")]
pub(crate) credential_data: Option<CredentialDataWrapper>,
/// Specifies the path to file containing binary credential data
#[clap(long, group = "cred_data")]
@@ -52,7 +60,7 @@ pub async fn execute(args: Args) -> anyhow::Result<()> {
let credentials_store = initialise_persistent_storage(credentials_store).await;
let raw_credential = match args.credential_data {
Some(data) => data,
Some(data) => data.0,
None => {
// SAFETY: one of those arguments must have been set
fs::read(args.credential_path.unwrap())?
@@ -9,6 +9,9 @@ use nym_credential_storage::initialise_persistent_storage;
use nym_credential_utils::utils;
use nym_credentials_interface::TicketType;
use nym_crypto::asymmetric::identity;
use rand::rngs::OsRng;
use rand::RngCore;
use std::fs::create_dir_all;
use std::path::PathBuf;
#[derive(Debug, Parser)]
@@ -18,12 +21,20 @@ pub struct Args {
pub(crate) ticketbook_type: TicketType,
/// Config file of the client that is supposed to use the credential.
#[clap(long)]
pub(crate) client_config: PathBuf,
#[clap(long, group = "output")]
pub(crate) client_config: Option<PathBuf>,
/// Path to the dedicated credential storage database
#[clap(long, group = "output")]
pub(crate) credential_storage: Option<PathBuf>,
}
pub async fn execute(args: Args, client: SigningClient) -> anyhow::Result<()> {
let loaded = CommonConfigsWrapper::try_load(args.client_config)?;
async fn issue_client_ticketbook(
cfg: PathBuf,
typ: TicketType,
client: SigningClient,
) -> anyhow::Result<()> {
let loaded = CommonConfigsWrapper::try_load(cfg)?;
if let Ok(id) = loaded.try_get_id() {
println!("loaded config file for client '{id}'");
@@ -48,9 +59,40 @@ pub async fn execute(args: Args, client: SigningClient) -> anyhow::Result<()> {
&client,
&persistent_storage,
&private_id_key.to_bytes(),
args.ticketbook_type,
typ,
)
.await?;
Ok(())
}
async fn issue_standalone_ticketbook(
credentials_store: PathBuf,
typ: TicketType,
client: SigningClient,
) -> anyhow::Result<()> {
println!("attempting to issue a standalone ticketbook");
let mut rng = OsRng;
let mut random_seed = [0u8; 32];
rng.fill_bytes(&mut random_seed);
if let Some(parent) = credentials_store.parent() {
create_dir_all(parent)?;
}
let persistent_storage = initialise_persistent_storage(credentials_store).await;
utils::issue_credential(&client, &persistent_storage, &random_seed, typ).await?;
Ok(())
}
pub async fn execute(args: Args, client: SigningClient) -> anyhow::Result<()> {
match (args.client_config, args.credential_storage) {
(Some(cfg), None) => issue_client_ticketbook(cfg, args.ticketbook_type, client).await,
(None, Some(storage)) => {
issue_standalone_ticketbook(storage, args.ticketbook_type, client).await
}
_ => unreachable!("clap should have made this branch impossible to reach!"),
}
}
@@ -3,6 +3,7 @@
use clap::{Args, Subcommand};
pub mod generate_ticket;
pub mod import_ticket_book;
pub mod issue_ticket_book;
pub mod recover_ticket_book;
@@ -19,4 +20,5 @@ pub enum EcashCommands {
IssueTicketBook(issue_ticket_book::Args),
RecoverTicketBook(recover_ticket_book::Args),
ImportTicketBook(import_ticket_book::Args),
GenerateTicket(generate_ticket::Args),
}
+1 -1
View File
@@ -1,7 +1,7 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
pub mod coconut;
pub mod context;
pub mod ecash;
pub mod utils;
pub mod validator;
@@ -6,7 +6,7 @@ use crate::utils::{account_id_to_cw_addr, DataWrapper};
use clap::Parser;
use cosmwasm_std::Coin;
use nym_bin_common::output_format::OutputFormat;
use nym_mixnet_contract_common::construct_gateway_bonding_sign_payload;
use nym_mixnet_contract_common::construct_legacy_gateway_bonding_sign_payload;
use nym_network_defaults::{DEFAULT_CLIENT_LISTENING_PORT, DEFAULT_MIX_LISTENING_PORT};
use nym_validator_client::nyxd::contract_traits::MixnetQueryClient;
@@ -71,7 +71,7 @@ pub async fn create_payload(args: Args, client: SigningClient) {
let address = account_id_to_cw_addr(&client.address());
let payload = construct_gateway_bonding_sign_payload(nonce, address, coin, gateway);
let payload = construct_legacy_gateway_bonding_sign_payload(nonce, address, coin, gateway);
let wrapper = DataWrapper::new(payload.to_base58_string().unwrap());
println!("{}", args.output.format(&wrapper))
}
@@ -10,7 +10,11 @@ pub struct Args {
}
pub fn decode_mixnode_key(args: Args) {
let b64_decoded = base64::decode(args.key).expect("failed to decode base64 string");
use base64::{engine::general_purpose::STANDARD, Engine as _};
let b64_decoded = STANDARD
.decode(args.key)
.expect("failed to decode base64 string");
let b58_encoded = bs58::encode(&b64_decoded).into_string();
println!("{b58_encoded}")
@@ -7,7 +7,9 @@ use clap::Parser;
use cosmwasm_std::{Coin, Uint128};
use nym_bin_common::output_format::OutputFormat;
use nym_contracts_common::Percent;
use nym_mixnet_contract_common::{construct_mixnode_bonding_sign_payload, MixNodeCostParams};
use nym_mixnet_contract_common::{
construct_legacy_mixnode_bonding_sign_payload, MixNodeCostParams,
};
use nym_network_defaults::{
DEFAULT_HTTP_API_LISTENING_PORT, DEFAULT_MIX_LISTENING_PORT, DEFAULT_VERLOC_LISTENING_PORT,
};
@@ -98,7 +100,7 @@ pub async fn create_payload(args: Args, client: SigningClient) {
let address = account_id_to_cw_addr(&client.address());
let payload =
construct_mixnode_bonding_sign_payload(nonce, address, coin, mixnode, cost_params);
construct_legacy_mixnode_bonding_sign_payload(nonce, address, coin, mixnode, cost_params);
let wrapper = DataWrapper::new(payload.to_base58_string().unwrap());
println!("{}", args.output.format(&wrapper))
}
@@ -6,14 +6,14 @@ use clap::Parser;
use cosmwasm_std::Uint128;
use log::info;
use nym_mixnet_contract_common::{MixNodeCostParams, Percent};
use nym_validator_client::nyxd::contract_traits::MixnetSigningClient;
use nym_validator_client::nyxd::contract_traits::{MixnetQueryClient, MixnetSigningClient};
use nym_validator_client::nyxd::CosmWasmCoin;
#[derive(Debug, Parser)]
pub struct Args {
#[clap(
long,
help = "input your profit margin as follows; (so it would be 10, rather than 0.1)"
help = "input your profit margin as follows; (so it would be 20, rather than 0.2)"
)]
pub profit_margin_percent: Option<u8>,
@@ -27,11 +27,48 @@ pub struct Args {
pub async fn update_cost_params(args: Args, client: SigningClient) {
let denom = client.current_chain_details().mix_denom.base.as_str();
fn convert_to_percent(value: u64) -> Percent {
Percent::from_percentage_value(value).expect("Invalid value")
}
let default_profit_margin: Percent = convert_to_percent(20);
let mixownership_response = match client.get_owned_mixnode(&client.address()).await {
Ok(response) => response,
Err(_) => {
eprintln!("Failed to obtain owned mixnode");
return;
}
};
let mix_id = match mixownership_response.mixnode_details {
Some(details) => details.bond_information.mix_id,
None => {
eprintln!("Failed to obtain mixnode details");
return;
}
};
let rewarding_response = match client.get_mixnode_rewarding_details(mix_id).await {
Ok(details) => details,
Err(_) => {
eprintln!("Failed to obtain rewarding details");
return;
}
};
let profit_margin_percent = rewarding_response
.rewarding_details
.map(|rd| rd.cost_params.profit_margin_percent)
.unwrap_or(default_profit_margin);
let profit_margin_value = args
.profit_margin_percent
.map(|pm| convert_to_percent(pm as u64))
.unwrap_or(profit_margin_percent);
let cost_params = MixNodeCostParams {
profit_margin_percent: Percent::from_percentage_value(
args.profit_margin_percent.unwrap_or(10) as u64,
)
.unwrap(),
profit_margin_percent: profit_margin_value,
interval_operating_cost: CosmWasmCoin {
denom: denom.into(),
amount: Uint128::new(args.interval_operating_cost.unwrap_or(40_000_000)),
@@ -248,3 +248,31 @@ impl<T> ContractMessageContent<T> {
}
}
}
impl<T> From<ContractMessageContent<T>> for LegacyContractMessageContent<T> {
fn from(value: ContractMessageContent<T>) -> Self {
LegacyContractMessageContent {
sender: value.sender,
proxy: None,
funds: value.funds,
data: value.data,
}
}
}
#[derive(Serialize)]
pub struct LegacyContractMessageContent<T> {
pub sender: Addr,
pub proxy: Option<Addr>,
pub funds: Vec<Coin>,
pub data: T,
}
impl<T> SigningPurpose for LegacyContractMessageContent<T>
where
T: SigningPurpose,
{
fn message_type() -> MessageType {
T::message_type()
}
}
@@ -12,6 +12,7 @@ repository = { workspace = true }
bs58 = "0.4.0"
cosmwasm-std = { workspace = true }
cosmwasm-schema = { workspace = true }
cw-controllers = { workspace = true }
cw2 = { workspace = true, optional = true }
serde = { workspace = true, features = ["derive"] }
serde_repr = { workspace = true }
@@ -5,6 +5,7 @@ use crate::{EpochEventId, EpochState, IdentityKey, MixId, OperatingCostRange, Pr
use contracts_common::signing::verifier::ApiVerifierError;
use contracts_common::Percent;
use cosmwasm_std::{Addr, Coin, Decimal, Uint128};
use cw_controllers::AdminError;
use thiserror::Error;
#[derive(Error, Debug, PartialEq)]
@@ -12,6 +13,9 @@ pub enum MixnetContractError {
#[error("could not perform contract migration: {comment}")]
FailedMigration { comment: String },
#[error(transparent)]
Admin(#[from] AdminError),
#[error("{source}")]
StdErr {
#[from]
@@ -110,6 +110,11 @@ impl InitialRewardingParams {
#[cw_serde]
pub enum ExecuteMsg {
/// Change the admin
UpdateAdmin {
admin: String,
},
AssignNodeLayer {
mix_id: MixId,
layer: Layer,
@@ -292,6 +297,7 @@ pub enum ExecuteMsg {
impl ExecuteMsg {
pub fn default_memo(&self) -> String {
match self {
ExecuteMsg::UpdateAdmin { admin } => format!("updating contract admin to {admin}"),
ExecuteMsg::AssignNodeLayer { mix_id, layer } => {
format!("assigning mix {mix_id} for layer {layer:?}")
}
@@ -408,6 +414,9 @@ impl ExecuteMsg {
#[cw_serde]
#[cfg_attr(feature = "schema", derive(QueryResponses))]
pub enum QueryMsg {
#[cfg_attr(feature = "schema", returns(cw_controllers::AdminResponse))]
Admin {},
// families
/// Gets the list of families registered in this contract.
#[cfg_attr(feature = "schema", returns(PagedFamiliesResponse))]
@@ -4,13 +4,18 @@
use crate::families::FamilyHead;
use crate::{Gateway, IdentityKey, MixNode, MixNodeCostParams};
use contracts_common::signing::{
ContractMessageContent, MessageType, Nonce, SignableMessage, SigningPurpose,
ContractMessageContent, LegacyContractMessageContent, MessageType, Nonce, SignableMessage,
SigningPurpose,
};
use cosmwasm_std::{Addr, Coin};
use serde::Serialize;
pub type SignableMixNodeBondingMsg = SignableMessage<ContractMessageContent<MixnodeBondingPayload>>;
pub type SignableGatewayBondingMsg = SignableMessage<ContractMessageContent<GatewayBondingPayload>>;
pub type SignableLegacyMixNodeBondingMsg =
SignableMessage<LegacyContractMessageContent<MixnodeBondingPayload>>;
pub type SignableLegacyGatewayBondingMsg =
SignableMessage<LegacyContractMessageContent<GatewayBondingPayload>>;
pub type SignableFamilyJoinPermitMsg = SignableMessage<FamilyJoinPermit>;
#[derive(Serialize)]
@@ -47,6 +52,20 @@ pub fn construct_mixnode_bonding_sign_payload(
SignableMessage::new(nonce, content)
}
pub fn construct_legacy_mixnode_bonding_sign_payload(
nonce: Nonce,
sender: Addr,
pledge: Coin,
mix_node: MixNode,
cost_params: MixNodeCostParams,
) -> SignableLegacyMixNodeBondingMsg {
let payload = MixnodeBondingPayload::new(mix_node, cost_params);
let content: LegacyContractMessageContent<_> =
ContractMessageContent::new(sender, vec![pledge], payload).into();
SignableMessage::new(nonce, content)
}
#[derive(Serialize)]
pub struct GatewayBondingPayload {
gateway: Gateway,
@@ -76,6 +95,19 @@ pub fn construct_gateway_bonding_sign_payload(
SignableMessage::new(nonce, content)
}
pub fn construct_legacy_gateway_bonding_sign_payload(
nonce: Nonce,
sender: Addr,
pledge: Coin,
gateway: Gateway,
) -> SignableLegacyGatewayBondingMsg {
let payload = GatewayBondingPayload::new(gateway);
let content: LegacyContractMessageContent<_> =
ContractMessageContent::new(sender, vec![pledge], payload).into();
SignableMessage::new(nonce, content)
}
#[derive(Serialize)]
pub struct FamilyJoinPermit {
// the granter of this permit
@@ -187,7 +187,11 @@ impl Index<Layer> for LayerDistribution {
#[cw_serde]
pub struct ContractState {
/// Address of the contract owner.
pub owner: Addr,
#[deprecated(
note = "use explicit ADMIN instead. this field will be removed in future release"
)]
#[serde(default)]
pub owner: Option<Addr>,
/// Address of "rewarding validator" (nym-api) that's allowed to send any rewarding-related transactions.
pub rewarding_validator_address: Addr,
+5 -11
View File
@@ -3,9 +3,7 @@
use crate::errors::{Error, Result};
use log::*;
use nym_bandwidth_controller::acquire::{
get_ticket_book, query_and_persist_required_global_signatures,
};
use nym_bandwidth_controller::acquire::{get_ticket_book, query_and_persist_required_global_data};
use nym_client_core::config::disk_persistence::CommonClientPaths;
use nym_config::DEFAULT_DATA_DIR;
use nym_credential_storage::persistent_storage::PersistentStorage;
@@ -45,14 +43,10 @@ where
let apis = all_ecash_api_clients(client, epoch_id).await?;
let ticketbook_expiration = ecash_default_expiration_date();
// make sure we have all required coin indices and expiration date signatures before attempting the deposit
query_and_persist_required_global_signatures(
storage,
epoch_id,
ticketbook_expiration,
apis.clone(),
)
.await?;
// make sure we have all required coin indices and expiration date signatures alongside the master verification key
// before attempting the deposit
query_and_persist_required_global_data(storage, epoch_id, ticketbook_expiration, apis.clone())
.await?;
let issuance_data = nym_bandwidth_controller::acquire::make_deposit(
client,
@@ -6,7 +6,7 @@ use crate::ecash::bandwidth::CredentialSpendingData;
use crate::ecash::utils::ecash_today;
use crate::error::Error;
use nym_credentials_interface::{
CoinIndexSignature, ExpirationDateSignature, PayInfo, SecretKeyUser, TicketType,
CoinIndexSignature, ExpirationDateSignature, NymPayInfo, PayInfo, SecretKeyUser, TicketType,
VerificationKeyAuth, Wallet, WalletSignatures,
};
use nym_ecash_time::EcashTime;
@@ -114,6 +114,10 @@ impl IssuedTicketBook {
&self.signatures_wallet
}
pub fn generate_pay_info(&self, provider_pk: [u8; 32]) -> NymPayInfo {
NymPayInfo::generate(provider_pk)
}
pub fn prepare_for_spending<BI, BE>(
&mut self,
verification_key: &VerificationKeyAuth,
@@ -81,6 +81,15 @@ impl KeyPair {
}
}
impl From<PrivateKey> for KeyPair {
fn from(private_key: PrivateKey) -> Self {
KeyPair {
public_key: (&private_key).into(),
private_key,
}
}
}
impl PemStorableKeyPair for KeyPair {
type PrivatePemKey = PrivateKey;
type PublicPemKey = PublicKey;
@@ -91,6 +91,15 @@ impl KeyPair {
}
}
impl From<PrivateKey> for KeyPair {
fn from(private_key: PrivateKey) -> Self {
KeyPair {
public_key: (&private_key).into(),
private_key,
}
}
}
impl PemStorableKeyPair for KeyPair {
type PrivatePemKey = PrivateKey;
type PublicPemKey = PublicKey;
+1
View File
@@ -24,6 +24,7 @@ zeroize = { workspace = true }
nym-crypto = { path = "../crypto" }
nym-pemstore = { path = "../pemstore" }
nym-sphinx = { path = "../nymsphinx" }
nym-task = { path = "../task" }
nym-credentials = { path = "../credentials" }
nym-credentials-interface = { path = "../credentials-interface" }
@@ -25,6 +25,7 @@ impl<'a> ClientHandshake<'a> {
identity: &'a nym_crypto::asymmetric::identity::KeyPair,
gateway_pubkey: identity::PublicKey,
expects_credential_usage: bool,
#[cfg(not(target_arch = "wasm32"))] shutdown: nym_task::TaskClient,
) -> Self
where
S: Stream<Item = WsItem> + Sink<WsMessage> + Unpin + Send + 'a,
@@ -35,6 +36,8 @@ impl<'a> ClientHandshake<'a> {
identity,
Some(gateway_pubkey),
expects_credential_usage,
#[cfg(not(target_arch = "wasm32"))]
shutdown,
);
ClientHandshake {
@@ -25,6 +25,8 @@ pub enum HandshakeError {
MalformedRequest,
#[error("sent request was malformed")]
HandshakeFailure,
#[error("received shutdown")]
ReceivedShutdown,
#[error("timed out waiting for a handshake message")]
Timeout,
@@ -8,6 +8,7 @@ use futures::future::BoxFuture;
use futures::task::{Context, Poll};
use futures::{Future, Sink, Stream};
use nym_crypto::asymmetric::encryption;
use nym_task::TaskClient;
use rand::{CryptoRng, RngCore};
use std::pin::Pin;
use tungstenite::Message as WsMessage;
@@ -22,11 +23,12 @@ impl<'a> GatewayHandshake<'a> {
ws_stream: &'a mut S,
identity: &'a nym_crypto::asymmetric::identity::KeyPair,
received_init_payload: Vec<u8>,
shutdown: TaskClient,
) -> Self
where
S: Stream<Item = WsItem> + Sink<WsMessage> + Unpin + Send + 'a,
{
let mut state = State::new(rng, ws_stream, identity, None, true);
let mut state = State::new(rng, ws_stream, identity, None, true, shutdown);
GatewayHandshake {
handshake_future: Box::pin(async move {
// If any step along the way failed (that are non-network related),
@@ -8,6 +8,8 @@ use self::gateway::GatewayHandshake;
pub use self::shared_key::{SharedKeySize, SharedKeys};
use futures::{Sink, Stream};
use nym_crypto::asymmetric::identity;
#[cfg(not(target_arch = "wasm32"))]
use nym_task::TaskClient;
use rand::{CryptoRng, RngCore};
use tungstenite::{Error as WsError, Message as WsMessage};
@@ -31,6 +33,7 @@ pub async fn client_handshake<'a, S>(
identity: &'a identity::KeyPair,
gateway_pubkey: identity::PublicKey,
expects_credential_usage: bool,
#[cfg(not(target_arch = "wasm32"))] shutdown: TaskClient,
) -> Result<SharedKeys, HandshakeError>
where
S: Stream<Item = WsItem> + Sink<WsMessage> + Unpin + Send + 'a,
@@ -41,6 +44,8 @@ where
identity,
gateway_pubkey,
expects_credential_usage,
#[cfg(not(target_arch = "wasm32"))]
shutdown,
)
.await
}
@@ -51,11 +56,12 @@ pub async fn gateway_handshake<'a, S>(
ws_stream: &'a mut S,
identity: &'a identity::KeyPair,
received_init_payload: Vec<u8>,
shutdown: TaskClient,
) -> Result<SharedKeys, HandshakeError>
where
S: Stream<Item = WsItem> + Sink<WsMessage> + Unpin + Send + 'a,
{
GatewayHandshake::new(rng, ws_stream, identity, received_init_payload).await
GatewayHandshake::new(rng, ws_stream, identity, received_init_payload, shutdown).await
}
/*
@@ -13,6 +13,8 @@ use nym_crypto::{
symmetric::stream_cipher,
};
use nym_sphinx::params::{GatewayEncryptionAlgorithm, GatewaySharedKeyHkdfAlgorithm};
#[cfg(not(target_arch = "wasm32"))]
use nym_task::TaskClient;
use rand::{CryptoRng, RngCore};
use tracing::log::*;
@@ -48,6 +50,10 @@ pub(crate) struct State<'a, S> {
// this field is really out of place here, however, we need to propagate this information somehow
// in order to establish correct protocol for backwards compatibility reasons
expects_credential_usage: bool,
// channel to receive shutdown signal
#[cfg(not(target_arch = "wasm32"))]
shutdown: TaskClient,
}
impl<'a, S> State<'a, S> {
@@ -57,6 +63,7 @@ impl<'a, S> State<'a, S> {
identity: &'a identity::KeyPair,
remote_pubkey: Option<identity::PublicKey>,
expects_credential_usage: bool,
#[cfg(not(target_arch = "wasm32"))] shutdown: TaskClient,
) -> Self {
let ephemeral_keypair = encryption::KeyPair::new(rng);
State {
@@ -66,6 +73,8 @@ impl<'a, S> State<'a, S> {
remote_pubkey,
derived_shared_keys: None,
expects_credential_usage,
#[cfg(not(target_arch = "wasm32"))]
shutdown,
}
}
@@ -199,46 +208,76 @@ impl<'a, S> State<'a, S> {
self.remote_pubkey = Some(remote_pubkey)
}
fn on_wg_msg(msg: Option<WsItem>) -> Result<Option<Vec<u8>>, HandshakeError> {
let Some(msg) = msg else {
return Err(HandshakeError::ClosedStream);
};
let Ok(msg) = msg else {
return Err(HandshakeError::NetworkError);
};
match msg {
WsMessage::Text(ref ws_msg) => {
match types::RegistrationHandshake::from_str(ws_msg) {
Ok(reg_handshake_msg) => {
match reg_handshake_msg {
// hehe, that's a bit disgusting that the type system requires we explicitly ignore the
// protocol_version field that we actually never attach at this point
// yet another reason for the overdue refactor
types::RegistrationHandshake::HandshakePayload { data, .. } => {
Ok(Some(data))
}
types::RegistrationHandshake::HandshakeError { message } => {
Err(HandshakeError::RemoteError(message))
}
}
}
Err(_) => {
error!("Received a non-handshake message during the registration handshake! It's getting dropped. The received content was: '{msg}'");
Ok(None)
}
}
}
_ => {
error!("Received non-text message during registration handshake");
Ok(None)
}
}
}
#[cfg(not(target_arch = "wasm32"))]
async fn _receive_handshake_message(&mut self) -> Result<Vec<u8>, HandshakeError>
where
S: Stream<Item = WsItem> + Unpin,
{
loop {
let Some(msg) = self.ws_stream.next().await else {
return Err(HandshakeError::ClosedStream);
};
let Ok(msg) = msg else {
return Err(HandshakeError::NetworkError);
};
match msg {
WsMessage::Text(ref ws_msg) => {
match types::RegistrationHandshake::from_str(ws_msg) {
Ok(reg_handshake_msg) => {
return match reg_handshake_msg {
// hehe, that's a bit disgusting that the type system requires we explicitly ignore the
// protocol_version field that we actually never attach at this point
// yet another reason for the overdue refactor
types::RegistrationHandshake::HandshakePayload { data, .. } => {
Ok(data)
}
types::RegistrationHandshake::HandshakeError { message } => {
Err(HandshakeError::RemoteError(message))
}
};
}
Err(_) => {
error!("Received a non-handshake message during the registration handshake! It's getting dropped. The received content was: '{msg}'");
continue;
}
}
tokio::select! {
biased;
_ = self.shutdown.recv() => return Err(HandshakeError::ReceivedShutdown),
msg = self.ws_stream.next() => {
let Some(ret) = Self::on_wg_msg(msg)? else {
continue;
};
return Ok(ret);
}
_ => error!("Received non-text message during registration handshake"),
}
}
}
#[cfg(target_arch = "wasm32")]
async fn _receive_handshake_message(&mut self) -> Result<Vec<u8>, HandshakeError>
where
S: Stream<Item = WsItem> + Unpin,
{
loop {
let msg = self.ws_stream.next().await;
let Some(ret) = Self::on_wg_msg(msg)? else {
continue;
};
return Ok(ret);
}
}
pub(crate) async fn receive_handshake_message(&mut self) -> Result<Vec<u8>, HandshakeError>
where
S: Stream<Item = WsItem> + Unpin,
+2 -5
View File
@@ -10,8 +10,8 @@ license.workspace = true
[dependencies]
async-trait = { workspace = true }
bincode = { workspace = true, optional = true }
defguard_wireguard_rs = { workspace = true, optional = true }
bincode = { workspace = true }
defguard_wireguard_rs = { workspace = true }
log = { workspace = true }
sqlx = { workspace = true, features = [
"runtime-tokio-rustls",
@@ -36,6 +36,3 @@ sqlx = { workspace = true, features = [
"macros",
"migrate",
] }
[features]
wireguard = ["defguard_wireguard_rs", "bincode"]
+1 -12
View File
@@ -22,10 +22,9 @@ use tracing::{debug, error};
pub mod bandwidth;
pub mod error;
mod inboxes;
pub mod models;
pub(crate) mod models;
mod shared_keys;
mod tickets;
#[cfg(feature = "wireguard")]
mod wireguard_peers;
#[async_trait]
@@ -217,7 +216,6 @@ pub trait Storage: Send + Sync {
///
/// * `peer`: wireguard peer data to be stored
/// * `suspended`: if peer exists, but it's currently suspended
#[cfg(feature = "wireguard")]
async fn insert_wireguard_peer(
&self,
peer: &defguard_wireguard_rs::host::Peer,
@@ -229,14 +227,12 @@ pub trait Storage: Send + Sync {
/// # Arguments
///
/// * `peer_public_key`: wireguard public key of the peer to be retrieved.
#[cfg(feature = "wireguard")]
async fn get_wireguard_peer(
&self,
peer_public_key: &str,
) -> Result<Option<WireguardPeer>, StorageError>;
/// Retrieves all wireguard peers.
#[cfg(feature = "wireguard")]
async fn get_all_wireguard_peers(&self) -> Result<Vec<WireguardPeer>, StorageError>;
/// Remove a wireguard peer from the storage.
@@ -244,7 +240,6 @@ pub trait Storage: Send + Sync {
/// # Arguments
///
/// * `peer_public_key`: wireguard public key of the peer to be removed.
#[cfg(feature = "wireguard")]
async fn remove_wireguard_peer(&self, peer_public_key: &str) -> Result<(), StorageError>;
}
@@ -255,7 +250,6 @@ pub struct PersistentStorage {
inbox_manager: InboxManager,
bandwidth_manager: BandwidthManager,
ticket_manager: TicketStorageManager,
#[cfg(feature = "wireguard")]
wireguard_peer_manager: wireguard_peers::WgPeerManager,
}
@@ -300,7 +294,6 @@ impl PersistentStorage {
// the cloning here are cheap as connection pool is stored behind an Arc
Ok(PersistentStorage {
#[cfg(feature = "wireguard")]
wireguard_peer_manager: wireguard_peers::WgPeerManager::new(connection_pool.clone()),
shared_key_manager: SharedKeysManager::new(connection_pool.clone()),
inbox_manager: InboxManager::new(connection_pool.clone(), message_retrieval_limit),
@@ -620,7 +613,6 @@ impl Storage for PersistentStorage {
Ok(self.ticket_manager.get_epoch_signers(epoch_id).await?)
}
#[cfg(feature = "wireguard")]
async fn insert_wireguard_peer(
&self,
peer: &defguard_wireguard_rs::host::Peer,
@@ -632,7 +624,6 @@ impl Storage for PersistentStorage {
Ok(())
}
#[cfg(feature = "wireguard")]
async fn get_wireguard_peer(
&self,
peer_public_key: &str,
@@ -644,13 +635,11 @@ impl Storage for PersistentStorage {
Ok(peer)
}
#[cfg(feature = "wireguard")]
async fn get_all_wireguard_peers(&self) -> Result<Vec<WireguardPeer>, StorageError> {
let ret = self.wireguard_peer_manager.retrieve_all_peers().await?;
Ok(ret)
}
#[cfg(feature = "wireguard")]
async fn remove_wireguard_peer(&self, peer_public_key: &str) -> Result<(), StorageError> {
self.wireguard_peer_manager
.remove_peer(peer_public_key)
-3
View File
@@ -72,7 +72,6 @@ impl TryFrom<UnverifiedTicketData> for ClientTicket {
}
}
#[cfg(feature = "wireguard")]
#[derive(Debug, Clone, FromRow)]
pub struct WireguardPeer {
pub public_key: String,
@@ -87,7 +86,6 @@ pub struct WireguardPeer {
pub suspended: bool,
}
#[cfg(feature = "wireguard")]
impl From<defguard_wireguard_rs::host::Peer> for WireguardPeer {
fn from(value: defguard_wireguard_rs::host::Peer) -> Self {
WireguardPeer {
@@ -120,7 +118,6 @@ impl From<defguard_wireguard_rs::host::Peer> for WireguardPeer {
}
}
#[cfg(feature = "wireguard")]
impl TryFrom<WireguardPeer> for defguard_wireguard_rs::host::Peer {
type Error = crate::error::StorageError;
+9 -1
View File
@@ -40,9 +40,17 @@ impl SharedKeysManager {
client_address_bs58: String,
derived_aes128_ctr_blake3_hmac_keys_bs58: String,
) -> Result<i64, sqlx::Error> {
sqlx::query!("INSERT OR REPLACE INTO shared_keys(client_address_bs58, derived_aes128_ctr_blake3_hmac_keys_bs58) VALUES (?, ?)",
// https://stackoverflow.com/a/20310838
// we don't want to be using `INSERT OR REPLACE INTO` due to the foreign key on `available_bandwidth` if the entry already exists
sqlx::query!(
r#"
INSERT OR IGNORE INTO shared_keys(client_address_bs58, derived_aes128_ctr_blake3_hmac_keys_bs58) VALUES (?, ?);
UPDATE shared_keys SET derived_aes128_ctr_blake3_hmac_keys_bs58 = ? WHERE client_address_bs58 = ?
"#,
client_address_bs58,
derived_aes128_ctr_blake3_hmac_keys_bs58,
derived_aes128_ctr_blake3_hmac_keys_bs58,
client_address_bs58,
).execute(&self.connection_pool).await?;
self.client_id(&client_address_bs58).await
+11 -2
View File
@@ -26,8 +26,17 @@ impl WgPeerManager {
/// * `peer`: peer information needed by wireguard interface.
pub(crate) async fn insert_peer(&self, peer: &WireguardPeer) -> Result<(), sqlx::Error> {
sqlx::query!(
"INSERT OR REPLACE INTO wireguard_peer(public_key, preshared_key, protocol_version, endpoint, last_handshake, tx_bytes, rx_bytes, persistent_keepalive_interval, allowed_ips, suspended) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
peer.public_key, peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended
r#"
INSERT OR IGNORE INTO wireguard_peer(public_key, preshared_key, protocol_version, endpoint, last_handshake, tx_bytes, rx_bytes, persistent_keepalive_interval, allowed_ips, suspended)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
UPDATE wireguard_peer
SET preshared_key = ?, protocol_version = ?, endpoint = ?, last_handshake = ?, tx_bytes = ?, rx_bytes = ?, persistent_keepalive_interval = ?, allowed_ips = ?, suspended = ?
WHERE public_key = ?
"#,
peer.public_key, peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended,
peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended,peer.public_key,
)
.execute(&self.connection_pool)
.await?;
+3 -1
View File
@@ -415,6 +415,8 @@ pub struct HealthRequest {
#[cfg(test)]
mod tests {
use time::macros::datetime;
use super::*;
use std::net::{Ipv4Addr, Ipv6Addr};
use std::str::FromStr;
@@ -432,7 +434,7 @@ mod tests {
reply_to_hops: None,
reply_to_avg_mix_delays: None,
buffer_timeout: None,
timestamp: OffsetDateTime::now_utc(),
timestamp: datetime!(2024-01-01 12:59:59.5 UTC),
},
signature: None,
}
+1 -1
View File
@@ -57,7 +57,7 @@ impl PacketListener {
// cloning the arc as each accepted socket is handled in separate task
let connection_handler = Arc::clone(&self.connection_handler);
let mut handler_shutdown_listener = self.shutdown.clone();
handler_shutdown_listener.disarm();
handler_shutdown_listener.mark_as_success();
tokio::select! {
socket = listener.accept() => {
+1 -1
View File
@@ -245,7 +245,7 @@ impl VerlocMeasurer {
}
let mut shutdown_listener = self.shutdown_listener.clone().named("VerlocMeasurement");
shutdown_listener.disarm();
shutdown_listener.mark_as_success();
for chunk in nodes_to_test.chunks(self.config.tested_nodes_batch_size) {
let mut chunk_results = Vec::with_capacity(chunk.len());
+1 -1
View File
@@ -84,7 +84,7 @@ impl PacketSender {
tested_node: TestedNode,
) -> Result<VerlocMeasurement, RttError> {
let mut shutdown_listener = self.shutdown_listener.fork(tested_node.address.to_string());
shutdown_listener.disarm();
shutdown_listener.mark_as_success();
let mut conn = match tokio::time::timeout(
self.connection_timeout,
+2 -2
View File
@@ -17,8 +17,8 @@ pub const MIXNET_CONTRACT_ADDRESS: &str =
"n17srjznxl9dvzdkpwpw24gg668wc73val88a6m5ajg6ankwvz9wtst0cznr";
pub const VESTING_CONTRACT_ADDRESS: &str =
"n1nc5tatafv6eyq7llkr2gv50ff9e22mnf70qgjlv737ktmt4eswrq73f2nw";
pub const ECASH_CONTRACT_ADDRESS: &str = "";
pub const ECASH_CONTRACT_ADDRESS: &str =
"n1r7s6aksyc6pqardx88k3rkgfagwvj4z4zum9mmz2sfk3zm2mha0sd4dnun";
pub const GROUP_CONTRACT_ADDRESS: &str =
"n1e2zq4886zzewpvpucmlw8v9p7zv692f6yck4zjzxh699dkcmlrfqk2knsr";
pub const MULTISIG_CONTRACT_ADDRESS: &str =
+1 -2
View File
@@ -9,12 +9,11 @@ license.workspace = true
[dependencies]
futures = { workspace = true }
rand = { workspace = true }
rand_chacha = { workspace = true }
serde = { workspace = true }
serde_json = { workspace = true }
thiserror = { workspace = true }
tokio = { workspace = true, features = ["macros"] }
tokio = { workspace = true, features = ["macros"]}
nym-crypto = { path = "../crypto", features = ["asymmetric"] }
nym-task = { path = "../task" }
-4
View File
@@ -294,8 +294,4 @@ impl<R: CryptoRng + Rng> FragmentPreparer for NodeTester<R> {
fn average_ack_delay(&self) -> Duration {
self.average_ack_delay
}
fn nonce(&self) -> i32 {
1
}
}
+3 -15
View File
@@ -11,7 +11,6 @@ repository = { workspace = true }
log = { workspace = true }
rand = { workspace = true }
rand_distr = { workspace = true }
rand_chacha = { workspace = true }
thiserror = { workspace = true }
nym-sphinx-acknowledgements = { path = "acknowledgements" }
@@ -28,13 +27,10 @@ nym-sphinx-types = { path = "types" }
# to separate crate?
nym-crypto = { path = "../crypto", version = "0.4.0" }
nym-topology = { path = "../topology" }
nym-metrics = { path = "../nym-metrics" }
[dev-dependencies]
nym-mixnet-contract-common = { path = "../cosmwasm-smart-contracts/mixnet-contract" }
nym-crypto = { path = "../crypto", version = "0.4.0", features = [
"asymmetric",
] }
nym-crypto = { path = "../crypto", version = "0.4.0", features = ["asymmetric"] }
# do not include this when compiling into wasm as it somehow when combined together with reqwest, it will require
# net2 via tokio-util -> tokio -> mio -> net2
@@ -47,13 +43,5 @@ features = ["sync"]
[features]
default = ["sphinx"]
sphinx = [
"nym-crypto/sphinx",
"nym-sphinx-params/sphinx",
"nym-sphinx-types/sphinx",
]
outfox = [
"nym-crypto/outfox",
"nym-sphinx-params/outfox",
"nym-sphinx-types/outfox",
]
sphinx = ["nym-crypto/sphinx", "nym-sphinx-params/sphinx", "nym-sphinx-types/sphinx"]
outfox = ["nym-crypto/outfox", "nym-sphinx-params/outfox", "nym-sphinx-types/outfox"]
-7
View File
@@ -13,14 +13,7 @@ repository = { workspace = true }
log = { workspace = true }
rand = { workspace = true }
thiserror = { workspace = true }
dashmap = { workspace = true, features = ["serde"] }
serde = { workspace = true, features = ["derive"] }
utoipa = { workspace = true }
nym-sphinx-addressing = { path = "../addressing" }
nym-sphinx-params = { path = "../params" }
nym-sphinx-types = { path = "../types" }
nym-metrics = { path = "../../nym-metrics" }
nym-crypto = { path = "../../crypto", version = "0.4.0", features = [
"asymmetric",
] }
+3 -31
View File
@@ -3,8 +3,6 @@
use crate::ChunkingError;
use nym_sphinx_params::{SerializedFragmentIdentifier, FRAG_ID_LEN};
use serde::Serialize;
use utoipa::ToSchema;
use std::fmt::{self, Debug, Formatter};
@@ -60,7 +58,7 @@ pub const COVER_FRAG_ID: FragmentIdentifier = FragmentIdentifier {
/// and u8 position of the `Fragment` in the set.
// TODO: this should really be redesigned, especially how cover and reply messages are really
// "abusing" this. They should work with it natively instead.
#[derive(Debug, Clone, Copy, Hash, Eq, PartialEq, Ord, PartialOrd, Serialize)]
#[derive(Debug, Clone, Copy, Hash, Eq, PartialEq, Ord, PartialOrd)]
pub struct FragmentIdentifier {
set_id: i32,
fragment_position: u8,
@@ -77,10 +75,6 @@ impl fmt::Display for FragmentIdentifier {
}
impl FragmentIdentifier {
pub fn set_id(&self) -> i32 {
self.set_id
}
pub fn to_bytes(self) -> SerializedFragmentIdentifier {
debug_assert_eq!(FRAG_ID_LEN, 5);
@@ -131,10 +125,6 @@ impl Debug for Fragment {
}
impl Fragment {
pub fn header(&self) -> FragmentHeader {
self.header.clone()
}
/// Tries to encapsulate provided payload slice and metadata into a `Fragment`.
/// It can fail if payload would not fully fit in a single `Fragment` or some of the metadata
/// is malformed or self-contradictory, for example if current_fragment > total_fragments.
@@ -226,10 +216,6 @@ impl Fragment {
}
}
pub fn seed(&self) -> i32 {
self.header().seed()
}
/// Gets the size of payload contained in this `Fragment`.
pub fn payload_size(&self) -> usize {
self.payload.len()
@@ -311,8 +297,8 @@ impl Fragment {
/// there is 7 bytes of overhead inside each sphinx packet sent
/// and for the longest messages, without upper bound, there is usually also only 7 bytes
/// of overhead apart from first and last fragments in each set that instead have 10 bytes of overhead.
#[derive(PartialEq, Clone, Debug, Serialize, ToSchema)]
pub struct FragmentHeader {
#[derive(PartialEq, Clone, Debug)]
pub(crate) struct FragmentHeader {
/// ID associated with `FragmentSet` to which this particular `Fragment` belongs.
/// Its value is restricted to (0, i32::MAX].
/// Note that it *excludes* 0, but *includes* i32::MAX.
@@ -338,20 +324,6 @@ pub struct FragmentHeader {
}
impl FragmentHeader {
pub fn seed(&self) -> i32 {
let mut seed = self.id;
seed = seed.wrapping_mul(self.total_fragments as i32);
seed = seed.wrapping_mul(self.current_fragment as i32);
seed
}
pub fn total_fragments(&self) -> u8 {
self.total_fragments
}
pub fn current_fragment(&self) -> u8 {
self.current_fragment
}
/// Tries to create a new `FragmentHeader` using provided metadata. Bunch of logical
/// checks are performed to see if the data is not self-contradictory,
/// for example if current_fragment > total_fragments.
-119
View File
@@ -1,16 +1,9 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use std::sync::LazyLock;
use crate::fragment::{linked_fragment_payload_max_len, unlinked_fragment_payload_max_len};
use dashmap::DashMap;
use fragment::{Fragment, FragmentHeader};
use nym_crypto::asymmetric::ed25519::PublicKey;
use serde::Serialize;
pub use set::split_into_sets;
use thiserror::Error;
use utoipa::ToSchema;
pub const MIN_PADDING_OVERHEAD: usize = 1;
@@ -29,118 +22,6 @@ pub mod fragment;
pub mod reconstruction;
pub mod set;
#[derive(Debug, Clone)]
pub struct FragmentMixParams {
destination: PublicKey,
hops: u8,
}
impl FragmentMixParams {
pub fn destination(&self) -> &PublicKey {
&self.destination
}
pub fn hops(&self) -> u8 {
self.hops
}
}
#[derive(Debug, Clone, Serialize, ToSchema)]
pub struct SentFragment {
header: FragmentHeader,
at: u64,
client_nonce: i32,
#[serde(skip)]
mixnet_params: FragmentMixParams,
}
impl SentFragment {
fn new(
header: FragmentHeader,
at: u64,
client_nonce: i32,
destination: PublicKey,
hops: u8,
) -> Self {
let mixnet_params = FragmentMixParams { destination, hops };
SentFragment {
header,
at,
client_nonce,
mixnet_params,
}
}
pub fn header(&self) -> FragmentHeader {
self.header.clone()
}
pub fn at(&self) -> u64 {
self.at
}
pub fn client_nonce(&self) -> i32 {
self.client_nonce
}
pub fn seed(&self) -> i32 {
self.header().seed().wrapping_mul(self.client_nonce())
}
pub fn mixnet_params(&self) -> FragmentMixParams {
self.mixnet_params.clone()
}
}
#[derive(Debug, Clone, Serialize, ToSchema)]
pub struct ReceivedFragment {
header: FragmentHeader,
at: u64,
}
impl ReceivedFragment {
fn new(header: FragmentHeader, at: u64) -> Self {
ReceivedFragment { header, at }
}
pub fn header(&self) -> FragmentHeader {
self.header.clone()
}
pub fn at(&self) -> u64 {
self.at
}
}
pub static FRAGMENTS_RECEIVED: LazyLock<DashMap<i32, Vec<ReceivedFragment>>> =
LazyLock::new(DashMap::new);
pub static FRAGMENTS_SENT: LazyLock<DashMap<i32, Vec<SentFragment>>> = LazyLock::new(DashMap::new);
#[macro_export]
macro_rules! now {
() => {
match std::time::SystemTime::now().duration_since(std::time::SystemTime::UNIX_EPOCH) {
Ok(n) => n.as_secs(),
Err(_) => 0,
}
};
}
pub fn fragment_received(fragment: &Fragment) {
let id = fragment.fragment_identifier().set_id();
let mut entry = FRAGMENTS_RECEIVED.entry(id).or_default();
let r = ReceivedFragment::new(fragment.header(), now!());
entry.push(r);
}
pub fn fragment_sent(fragment: &Fragment, client_nonce: i32, destination: PublicKey, hops: u8) {
let id = fragment.fragment_identifier().set_id();
let mut entry = FRAGMENTS_SENT.entry(id).or_default();
let s = SentFragment::new(fragment.header(), now!(), client_nonce, destination, hops);
entry.push(s);
}
/// The idea behind the process of chunking is to incur as little data overhead as possible due
/// to very computationally costly sphinx encapsulation procedure.
///
@@ -1,7 +1,7 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::fragment::Fragment;
use crate::{fragment_received, ChunkingError};
use crate::ChunkingError;
use log::*;
use std::collections::HashMap;
@@ -66,12 +66,6 @@ impl ReconstructionBuffer {
// if the set is complete.
debug_assert!(self.is_complete);
debug!(
"Got {} fragments for set id {}",
self.fragments.len(),
self.fragments[0].as_ref().unwrap().id()
);
self.fragments
.into_iter()
.map(|fragment| fragment.unwrap().extract_payload())
@@ -110,8 +104,6 @@ impl ReconstructionBuffer {
}
});
fragment_received(&fragment);
let fragment_index = fragment.current_fragment() as usize - 1;
if self.fragments[fragment_index].is_some() {
// TODO: what to do in that case? give up on the message? overwrite it? panic?
+4 -24
View File
@@ -3,7 +3,6 @@
use crate::message::{NymMessage, ACK_OVERHEAD, OUTFOX_ACK_OVERHEAD};
use crate::NymPayloadBuilder;
use log::debug;
use nym_crypto::asymmetric::encryption;
use nym_crypto::Digest;
use nym_sphinx_acknowledgements::surb_ack::SurbAck;
@@ -12,14 +11,12 @@ use nym_sphinx_addressing::clients::Recipient;
use nym_sphinx_addressing::nodes::NymNodeRoutingAddress;
use nym_sphinx_anonymous_replies::reply_surb::ReplySurb;
use nym_sphinx_chunking::fragment::{Fragment, FragmentIdentifier};
use nym_sphinx_chunking::fragment_sent;
use nym_sphinx_forwarding::packet::MixPacket;
use nym_sphinx_params::packet_sizes::PacketSize;
use nym_sphinx_params::{PacketType, ReplySurbKeyDigestAlgorithm, DEFAULT_NUM_MIX_HOPS};
use nym_sphinx_types::{Delay, NymPacket};
use nym_topology::{NymTopology, NymTopologyError};
use rand::{CryptoRng, Rng, SeedableRng};
use rand_chacha::ChaCha20Rng;
use rand::{CryptoRng, Rng};
use std::time::Duration;
@@ -52,7 +49,6 @@ pub trait FragmentPreparer {
type Rng: CryptoRng + Rng;
fn rng(&mut self) -> &mut Self::Rng;
fn nonce(&self) -> i32;
fn num_mix_hops(&self) -> u8;
fn average_packet_delay(&self) -> Duration;
fn average_ack_delay(&self) -> Duration;
@@ -196,18 +192,9 @@ pub trait FragmentPreparer {
packet_type: PacketType,
mix_hops: Option<u8>,
) -> Result<PreparedFragment, NymTopologyError> {
debug!("Preparing chunk for sending");
// each plain or repliable packet (i.e. not a reply) attaches an ephemeral public key so that the recipient
// could perform diffie-hellman with its own keys followed by a kdf to re-derive
// the packet encryption key
let seed = fragment.seed().wrapping_mul(self.nonce());
let mut rng = ChaCha20Rng::seed_from_u64(seed as u64);
let destination = packet_recipient.gateway();
let hops = mix_hops.unwrap_or(self.num_mix_hops());
fragment_sent(&fragment, self.nonce(), *destination, hops);
let non_reply_overhead = encryption::PUBLIC_KEY_SIZE;
let expected_plaintext = match packet_type {
PacketType::Outfox => {
@@ -241,8 +228,10 @@ pub trait FragmentPreparer {
};
// generate pseudorandom route for the packet
let hops = mix_hops.unwrap_or(self.num_mix_hops());
log::trace!("Preparing chunk for sending with {} mix hops", hops);
let route = topology.random_route_to_gateway(&mut rng, hops, destination)?;
let route =
topology.random_route_to_gateway(self.rng(), hops, packet_recipient.gateway())?;
let destination = packet_recipient.as_sphinx_destination();
// including set of delays
@@ -324,8 +313,6 @@ pub struct MessagePreparer<R> {
/// Number of mix hops each packet ('real' message, ack, reply) is expected to take.
/// Note that it does not include gateway hops.
num_mix_hops: u8,
nonce: i32,
}
impl<R> MessagePreparer<R>
@@ -338,15 +325,12 @@ where
average_packet_delay: Duration,
average_ack_delay: Duration,
) -> Self {
let mut rng = rng;
let nonce = rng.gen();
MessagePreparer {
rng,
sender_address,
average_packet_delay,
average_ack_delay,
num_mix_hops: DEFAULT_NUM_MIX_HOPS,
nonce,
}
}
@@ -470,10 +454,6 @@ impl<R: CryptoRng + Rng> FragmentPreparer for MessagePreparer<R> {
fn average_ack_delay(&self) -> Duration {
self.average_ack_delay
}
fn nonce(&self) -> i32 {
self.nonce
}
}
/*
@@ -218,7 +218,7 @@ impl SocksClient {
packet_type: Option<PacketType>,
) -> Self {
// If this task fails and exits, we don't want to send shutdown signal
shutdown_listener.disarm();
shutdown_listener.mark_as_success();
let connection_id = Self::generate_random();
@@ -294,7 +294,7 @@ impl SocksClient {
.shutdown()
.await
.map_err(|source| SocksProxyError::SocketShutdownFailure { source })?;
self.shutdown_listener.disarm();
self.shutdown_listener.mark_as_success();
Ok(())
}
@@ -172,6 +172,6 @@ where
trace!("{} - inbound closed", connection_id);
shutdown_notify.notify_one();
shutdown_listener.disarm();
shutdown_listener.mark_as_success();
reader
}
@@ -148,7 +148,7 @@ where
}
pub fn into_inner(mut self) -> (TcpStream, ConnectionReceiver) {
self.shutdown_listener.disarm();
self.shutdown_listener.mark_as_success();
(
self.socket.take().unwrap(),
self.mix_receiver.take().unwrap(),
@@ -60,7 +60,7 @@ pub(super) async fn run_outbound(
loop {
select! {
connection_message = mix_receiver.next() => {
connection_message = &mut mix_receiver.next() => {
if let Some(connection_message) = connection_message {
if deal_with_message(connection_message, &mut writer, &local_destination_address, &remote_source_address, connection_id).await {
break;
@@ -90,6 +90,6 @@ pub(super) async fn run_outbound(
trace!("{} - outbound closed", connection_id);
shutdown_notify.notify_one();
shutdown_listener.disarm();
shutdown_listener.mark_as_success();
(writer, mix_receiver)
}
+5 -13
View File
@@ -3,7 +3,6 @@
use futures::{future::pending, FutureExt, SinkExt, StreamExt};
use log::{log, Level};
use std::future::Future;
use std::sync::atomic::{AtomicBool, Ordering};
use std::{error::Error, time::Duration};
use tokio::sync::{
@@ -368,17 +367,6 @@ impl TaskClient {
self.named(name)
}
pub async fn run_future<Fut, T>(&mut self, fut: Fut) -> Option<T>
where
Fut: Future<Output = T>,
{
tokio::select! {
biased;
_ = self.recv() => None,
res = fut => Some(res)
}
}
// Create a dummy that will never report that we should shutdown.
pub fn dummy() -> TaskClient {
let (_notify_tx, notify_rx) = watch::channel(());
@@ -470,10 +458,14 @@ impl TaskClient {
// This listener should to *not* notify the ShutdownNotifier to shutdown when dropped. For
// example when we clone the listener for a task handling connections, we often want to drop
// without signal failure.
pub fn disarm(&mut self) {
pub fn mark_as_success(&mut self) {
self.mode.set_should_not_signal_on_drop();
}
pub fn disarm(&mut self) {
self.mark_as_success();
}
pub fn send_we_stopped(&mut self, err: SentError) {
if self.mode.is_dummy() {
return;
+8 -11
View File
@@ -5,6 +5,7 @@ edition = { workspace = true }
authors = { workspace = true }
license = { workspace = true }
repository = { workspace = true }
readme = { workspace = true }
homepage = { workspace = true }
documentation = { workspace = true }
@@ -14,10 +15,9 @@ documentation = { workspace = true }
bs58 = { workspace = true }
log = { workspace = true }
rand = { workspace = true }
reqwest = { workspace = true, features = ["json"] }
thiserror = { workspace = true }
async-trait = { workspace = true, optional = true }
semver = { version = "0.11" }
semver = "0.11"
# 'serializable' feature
serde = { workspace = true, features = ["derive"], optional = true }
@@ -28,22 +28,20 @@ tsify = { workspace = true, features = ["js"], optional = true }
wasm-bindgen = { workspace = true, optional = true }
## internal
nym-bin-common = { path = "../bin-common" }
nym-config = { path = "../config" }
nym-crypto = { path = "../crypto", features = ["sphinx", "outfox"] }
nym-mixnet-contract-common = { path = "../cosmwasm-smart-contracts/mixnet-contract" }
nym-sphinx-addressing = { path = "../nymsphinx/addressing" }
nym-sphinx-types = { path = "../nymsphinx/types", features = [
"sphinx",
"outfox",
] }
nym-sphinx-types = { path = "../nymsphinx/types", features = ["sphinx", "outfox"] }
nym-sphinx-routing = { path = "../nymsphinx/routing" }
nym-bin-common = { path = "../bin-common" }
# I'm not sure how to feel about pulling in this dependency here...
nym-api-requests = { path = "../../nym-api/nym-api-requests" }
# 'serializable' feature
nym-config = { path = "../config", optional = true }
# 'wasm-serde-types' feature
wasm-utils = { path = "../wasm/utils", default-features = false, optional = true }
@@ -51,5 +49,4 @@ wasm-utils = { path = "../wasm/utils", default-features = false, optional = true
default = ["provider-trait"]
provider-trait = ["async-trait"]
wasm-serde-types = ["tsify", "wasm-bindgen", "wasm-utils"]
serializable = ["serde", "serde_json"]
outfox = []
serializable = ["serde", "nym-config", "serde_json"]
-12
View File
@@ -51,16 +51,4 @@ pub enum NymTopologyError {
#[error("{0}")]
PacketError(#[from] NymPacketError),
#[error("{0}")]
ReqwestError(#[from] reqwest::Error),
#[error("{0}")]
MixnodeConversionError(#[from] crate::mix::MixnodeConversionError),
#[error("{0}")]
GatewayConversionError(#[from] crate::gateway::GatewayConversionError),
#[error("{0}")]
VarError(#[from] std::env::VarError),
}
+4 -54
View File
@@ -6,9 +6,7 @@
use crate::filter::VersionFilterable;
pub use error::NymTopologyError;
use log::{debug, info, warn};
use mix::Node;
use nym_config::defaults::var_names::NYM_API;
use log::{debug, warn};
use nym_mixnet_contract_common::mixnode::MixNodeDetails;
use nym_mixnet_contract_common::{GatewayBond, IdentityKeyRef, MixId};
use nym_sphinx_addressing::nodes::NodeIdentity;
@@ -118,40 +116,13 @@ impl Display for NetworkAddress {
pub type MixLayer = u8;
#[derive(Debug, Clone, Default)]
#[derive(Debug, Clone)]
pub struct NymTopology {
mixes: BTreeMap<MixLayer, Vec<mix::Node>>,
gateways: Vec<gateway::Node>,
}
impl NymTopology {
pub async fn new_from_env() -> Result<Self, NymTopologyError> {
let api_url = std::env::var(NYM_API)?;
info!("Generating topology from {}", api_url);
let mixnodes = reqwest::get(&format!("{}/v1/mixnodes", api_url))
.await?
.json::<Vec<MixNodeDetails>>()
.await?
.into_iter()
.map(|details| details.bond_information)
.map(mix::Node::try_from)
.filter(Result::is_ok)
.collect::<Result<Vec<_>, _>>()?;
let gateways = reqwest::get(&format!("{}/v1/gateways", api_url))
.await?
.json::<Vec<GatewayBond>>()
.await?
.into_iter()
.map(gateway::Node::try_from)
.filter(Result::is_ok)
.collect::<Result<Vec<_>, _>>()?;
let topology = NymTopology::new_unordered(mixnodes, gateways);
Ok(topology)
}
pub fn new(mixes: BTreeMap<MixLayer, Vec<mix::Node>>, gateways: Vec<gateway::Node>) -> Self {
NymTopology { mixes, gateways }
}
@@ -299,7 +270,7 @@ impl NymTopology {
&self,
rng: &mut R,
num_mix_hops: u8,
) -> Result<Vec<Node>, NymTopologyError>
) -> Result<Vec<SphinxNode>, NymTopologyError>
where
R: Rng + CryptoRng + ?Sized,
{
@@ -324,32 +295,12 @@ impl NymTopology {
let random_mix = layer_mixes
.choose(rng)
.ok_or(NymTopologyError::EmptyMixLayer { layer })?;
route.push(random_mix.clone());
route.push(random_mix.into());
}
Ok(route)
}
pub fn random_path_to_gateway<R>(
&self,
rng: &mut R,
num_mix_hops: u8,
gateway_identity: &NodeIdentity,
) -> Result<(Vec<mix::Node>, gateway::Node), NymTopologyError>
where
R: Rng + CryptoRng + ?Sized,
{
let gateway = self.get_gateway(gateway_identity).ok_or(
NymTopologyError::NonExistentGatewayError {
identity_key: gateway_identity.to_base58_string(),
},
)?;
let path = self.random_mix_route(rng, num_mix_hops)?;
Ok((path, gateway.clone()))
}
/// Tries to create a route to the specified gateway, such that it goes through mixnode on layer 1,
/// mixnode on layer2, .... mixnode on layer n and finally the target gateway
pub fn random_route_to_gateway<R>(
@@ -370,7 +321,6 @@ impl NymTopology {
Ok(self
.random_mix_route(rng, num_mix_hops)?
.into_iter()
.map(|node| SphinxNode::from(&node))
.chain(std::iter::once(gateway.into()))
.collect())
}
+1 -1
View File
@@ -4,7 +4,7 @@ version = "1.0.0"
description = "Nym common types"
authors.workspace = true
edition = "2021"
rust-version.workspace = true
rust-version = "1.58"
license.workspace = true
[dependencies]
-1
View File
@@ -11,7 +11,6 @@ pub mod gas;
pub mod gateway;
pub mod helpers;
pub mod mixnode;
pub mod monitoring;
pub mod pending_events;
pub mod transaction;
pub mod vesting;
-131
View File
@@ -1,131 +0,0 @@
use std::{collections::HashSet, sync::LazyLock, time::SystemTime};
use nym_crypto::asymmetric::identity::{PrivateKey, PublicKey, Signature};
use nym_mixnet_contract_common::MixId;
use schemars::JsonSchema;
use serde::{Deserialize, Serialize};
static NETWORK_MONITORS: LazyLock<HashSet<String>> = LazyLock::new(|| {
let mut nm = HashSet::new();
nm.insert("5VsPyLbsBCq9PAMWmjKkToteVAKNabNqex6QwDf5fWzt".to_string());
nm
});
#[derive(Debug, Serialize, Deserialize, JsonSchema, Clone)]
pub struct NodeResult {
pub node_id: MixId,
pub identity: String,
pub reliability: u8,
}
#[derive(Debug, Serialize, Deserialize, JsonSchema, Clone)]
pub struct MixnodeResult {
pub mix_id: MixId,
pub identity: String,
pub owner: String,
pub reliability: u8,
}
impl MixnodeResult {
pub fn new(mix_id: MixId, identity: String, owner: String, reliability: u8) -> Self {
MixnodeResult {
mix_id,
identity,
owner,
reliability,
}
}
}
#[derive(Debug, Deserialize, Serialize, JsonSchema, Clone)]
pub struct GatewayResult {
pub identity: String,
pub owner: String,
pub reliability: u8,
pub mix_id: MixId,
}
impl GatewayResult {
pub fn new(identity: String, owner: String, reliability: u8) -> Self {
GatewayResult {
identity,
owner,
reliability,
mix_id: 0,
}
}
}
#[derive(Serialize, Deserialize, JsonSchema)]
#[serde(untagged)]
pub enum MonitorResults {
Mixnode(Vec<MixnodeResult>),
Gateway(Vec<GatewayResult>),
}
#[derive(Serialize, Deserialize, JsonSchema)]
pub struct MonitorMessage {
results: Vec<NodeResult>,
signature: String,
signer: String,
timestamp: i64,
}
impl MonitorMessage {
fn message_to_sign(results: &[NodeResult], timestamp: i64) -> Vec<u8> {
let mut msg = match serde_json::to_vec(results) {
Ok(msg) => msg,
Err(_) => Vec::new(),
};
msg.extend_from_slice(&timestamp.to_le_bytes());
msg
}
pub fn timely(&self) -> bool {
let now = SystemTime::now()
.duration_since(SystemTime::UNIX_EPOCH)
.expect("Time went backwards")
.as_secs() as i64;
now - self.timestamp < 5
}
pub fn new(results: Vec<NodeResult>, private_key: &PrivateKey) -> Self {
let timestamp = SystemTime::now()
.duration_since(SystemTime::UNIX_EPOCH)
.expect("Time went backwards")
.as_secs() as i64;
let msg = Self::message_to_sign(&results, timestamp);
let signature = private_key.sign(&msg);
let public_key = private_key.public_key();
MonitorMessage {
results,
signature: signature.to_base58_string(),
signer: public_key.to_base58_string(),
timestamp,
}
}
pub fn from_allowed(&self) -> bool {
NETWORK_MONITORS.contains(&self.signer)
}
pub fn results(&self) -> &[NodeResult] {
&self.results
}
pub fn verify(&self) -> bool {
let msg = Self::message_to_sign(&self.results, self.timestamp);
let signature = match Signature::from_base58_string(&self.signature) {
Ok(sig) => sig,
Err(_) => return false,
};
PublicKey::from_base58_string(&self.signer)
.map(|pk| pk.verify(msg, &signature).is_ok())
.unwrap_or(false)
}
}
+6 -2
View File
@@ -30,9 +30,13 @@ workspace = true
optional = true
[features]
default = ["sleep"]
default = ["sleep", "console_error_panic_hook"]
sleep = ["web-sys", "web-sys/Window"]
websocket = ["getrandom", "tungstenite", "gloo-net"]
websocket = [
"getrandom",
"tungstenite",
"gloo-net"
]
crypto = [
"web-sys",
"web-sys/Crypto",
+2 -1
View File
@@ -12,6 +12,7 @@ license.workspace = true
[dependencies]
base64 = { workspace = true }
dashmap = { workspace = true }
log = { workspace = true }
serde = { workspace = true, features = ["derive"] }
thiserror = { workspace = true }
@@ -34,7 +35,7 @@ x25519-dalek = { workspace = true, features = ["static_secrets"] }
[dev-dependencies]
rand = "0.8.5"
nym-crypto = { path = "../crypto", features = ["rand"] }
nym-crypto = { path = "../crypto", features = ["rand"]}
[features]

Some files were not shown because too many files have changed in this diff Show More