fc2eedfc66
add offline ecash library minor changes in coconut benchmarks add ecash smart contract change contract traits from coconut to ecash first wave of andrew's suggestion first wave of andrew's suggestion second wave of andrew's suggestion for ecash lib andrew's suggestion for ecash contract licensing commit safety comments for most unwraps more unwrap handling change chrono crate for time latest cargo lock error revamp small visibility fix small fix remove indexedmap from contract + some tweaks add cw2 version in ecash contract remove envryption key from contract change types from coconut to ecash types adapt api model for credential issuance adapt issued credential storage on API add signatures cache on API change API routes for new blind signing modify issued_credential table add issuance logic client-side credential and signature storage client side utils for credential issuance first wave of fix some of andrew's suggestions remove encryption key from deposit freepass issuance client side freepass issuance API side andrew's suggested fixes other suggested fix adapt change from PR below allow offline verification flag credential spending models credential spending models for client credential preperation for the client credential preperation for the client credential storage for spending on client bloom filter for API spent credential storage on validators API route for spending online and offline ecash API routes in the client lib credential storage on gateway ecash verifier to replace coconut verifier accept credentials on gateway bandwidth expiration for gateways client ask for more bandwidth if it runs out credential import adapt nym validator rewarder and sdk fix tests api tests and add constants cargo fmt and lock and small test fix cargo fmt and lock and small test fix cargo lock move stuff where they belong in ecash and static parameters move some constants, error handling and phase out time crate error revamp part 2 secret key by ref instead of clone change l in wallet and v visibility rework payinfo rework monster tuples fix expiration date signature cloning minor fixes final bits and bobs fixes final bits and bobs fixes rename l accessor to tickets_spent wave of fixes second wave of fixes change hash domain value removed benchmark flag remove useless stringification in storage nuke Bandwidth voucher change timestamps to offsetdatetime key name change post-rebase fixes update nym-connect 'time' dep due to broken semver upload ecash contract to the build server make wasm zknym-lib compile but it won't work properly just yet make wasm zknym-lib compile but it won't work properly just yet fix typo in ecash contract deps make sure to use 0.1.0 sphinx packet optimise pairings in 'check_vk_pairing' derive serde for ecash types simplified g1 tuple byte conversion further optimise the pairing unified signature type + renamed nym-api coconut module to ecash using bincode serialiser for more complex binary types using multimiller loop instead of rayon for verifying coin indices signatures batching signature verification wherever possible feature-locked rayon clippy refactor ecash contract a bit + introduce deposit storage reworked find_proposal_id various minor fixed add offline_zk_nyms to nym-node everywhere add missing #query change test value to fit new serialization optimised deposits storage removed duplicate decompression code using deposit_id instead of transaction hash removed freepasses split up ecash handling unified shared state fixed deposit_id parsing log recovered deposit id removed online verification add detailed build info to ecash contract fixed deserialisation of deposit amount received from nyxd queries changed deposit to only persist attached pubkey first iteration of split of verification and redemption basic tool for setting up new network expanded the tool with the option to bypass DKG rename + init network without DKG setting up locally running apis ecash key migration more local functionalities wip fixing sql schemas gateway immediately submitting redemption proposal and getting it passed if valid most of the gateway logic for split redemption with error recovery fixed gateway not persisting ecash signers simplify creation of compatible client create properly serialised ecash key from the beginning rebuild missing tickets and proposals on startup stop ticket issuance during DKG transition fixing build issues split out ecash storage on nym-api side master-verification-key route caching all the signatures and keys implemented aggregated routes for nym-apis swagger UI for ecash endpoints added explicit annotation for index and expiration signatures revamped client ticketbook storage save all recovery information in the same underlying storage wrapper for bloomfilter being more aggressive with marking tickets as used ensure client has correct signatures before making deposit fix deserialisation of AggregatedExpirationDateSignatureResponse + add ticketbook table split nym-api ecash routes handlers into multiple files fixed deserialisation of encoded expiration date add tt_gamma1 to challenge and change naming for paper consistency rotating double spending bloomfilter nym-api test fixes + make sure to insert initial BF params fixed ecash benchmark code updated contract schema updated CI to not upload gateway/mixnode binaries ticket bandwidth revocation added default deserialisation for zk nym config post-rebase fixes
454 lines
14 KiB
Rust
454 lines
14 KiB
Rust
// Copyright 2021-2023 - Nym Technologies SA <contact@nymtech.net>
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
use crate::nyxd::{self, NyxdClient};
|
|
use crate::signing::direct_wallet::DirectSecp256k1HdWallet;
|
|
use crate::signing::signer::{NoSigner, OfflineSigner};
|
|
use crate::{
|
|
nym_api, DirectSigningReqwestRpcValidatorClient, QueryReqwestRpcValidatorClient,
|
|
ReqwestRpcClient, ValidatorClientError,
|
|
};
|
|
use nym_api_requests::ecash::models::{
|
|
AggregatedCoinIndicesSignatureResponse, AggregatedExpirationDateSignatureResponse,
|
|
BatchRedeemTicketsBody, EcashBatchTicketRedemptionResponse, EcashTicketVerificationResponse,
|
|
SpentCredentialsResponse, VerifyEcashTicketBody,
|
|
};
|
|
use nym_api_requests::ecash::{
|
|
BlindSignRequestBody, BlindedSignatureResponse, PartialCoinIndicesSignatureResponse,
|
|
PartialExpirationDateSignatureResponse, VerificationKeyResponse,
|
|
};
|
|
use nym_api_requests::models::{DescribedGateway, MixNodeBondAnnotated};
|
|
use nym_api_requests::models::{
|
|
GatewayCoreStatusResponse, MixnodeCoreStatusResponse, MixnodeStatusResponse,
|
|
RewardEstimationResponse, StakeSaturationResponse,
|
|
};
|
|
use nym_api_requests::nym_nodes::SkimmedNode;
|
|
use nym_coconut_dkg_common::types::EpochId;
|
|
use nym_http_api_client::UserAgent;
|
|
use nym_network_defaults::NymNetworkDetails;
|
|
use time::Date;
|
|
use url::Url;
|
|
|
|
pub use crate::nym_api::NymApiClientExt;
|
|
pub use nym_mixnet_contract_common::{
|
|
mixnode::MixNodeDetails, GatewayBond, IdentityKey, IdentityKeyRef, MixId,
|
|
};
|
|
|
|
// re-export the type to not break existing imports
|
|
pub use crate::coconut::EcashApiClient;
|
|
|
|
#[cfg(feature = "http-client")]
|
|
use crate::rpc::http_client;
|
|
#[cfg(feature = "http-client")]
|
|
use crate::{DirectSigningHttpRpcValidatorClient, HttpRpcClient, QueryHttpRpcValidatorClient};
|
|
|
|
#[must_use]
|
|
#[derive(Debug, Clone)]
|
|
pub struct Config {
|
|
api_url: Url,
|
|
nyxd_url: Url,
|
|
|
|
// TODO: until refactored, this is a dead field under some features
|
|
nyxd_config: nyxd::Config,
|
|
}
|
|
|
|
impl TryFrom<NymNetworkDetails> for Config {
|
|
type Error = ValidatorClientError;
|
|
|
|
fn try_from(value: NymNetworkDetails) -> Result<Self, Self::Error> {
|
|
Config::try_from_nym_network_details(&value)
|
|
}
|
|
}
|
|
|
|
impl Config {
|
|
pub fn try_from_nym_network_details(
|
|
details: &NymNetworkDetails,
|
|
) -> Result<Self, ValidatorClientError> {
|
|
let mut api_url = details
|
|
.endpoints
|
|
.iter()
|
|
.filter_map(|d| d.api_url.as_ref())
|
|
.map(|url| Url::parse(url))
|
|
.collect::<Result<Vec<_>, _>>()?;
|
|
|
|
if api_url.is_empty() {
|
|
return Err(ValidatorClientError::NoAPIUrlAvailable);
|
|
}
|
|
|
|
Ok(Config {
|
|
api_url: api_url.pop().unwrap(),
|
|
nyxd_url: details.endpoints[0]
|
|
.nyxd_url
|
|
.parse()
|
|
.map_err(ValidatorClientError::MalformedUrlProvided)?,
|
|
nyxd_config: nyxd::Config::try_from_nym_network_details(details)?,
|
|
})
|
|
}
|
|
|
|
// TODO: this method shouldn't really exist as all information should be included immediately
|
|
// via `from_nym_network_details`, but it's here for, you guessed it, legacy compatibility
|
|
pub fn with_urls(mut self, nyxd_url: Url, api_url: Url) -> Self {
|
|
self.nyxd_url = nyxd_url;
|
|
self.api_url = api_url;
|
|
self
|
|
}
|
|
|
|
pub fn with_nyxd_url(mut self, nyxd_url: Url) -> Self {
|
|
self.nyxd_url = nyxd_url;
|
|
self
|
|
}
|
|
|
|
pub fn with_simulated_gas_multiplier(mut self, gas_multiplier: f32) -> Self {
|
|
self.nyxd_config.simulated_gas_multiplier = gas_multiplier;
|
|
self
|
|
}
|
|
}
|
|
|
|
pub struct Client<C, S = NoSigner> {
|
|
// ideally they would have been read-only, but unfortunately rust doesn't have such features
|
|
pub nym_api: nym_api::Client,
|
|
pub nyxd: NyxdClient<C, S>,
|
|
}
|
|
|
|
#[cfg(feature = "http-client")]
|
|
impl Client<HttpRpcClient, DirectSecp256k1HdWallet> {
|
|
pub fn new_signing(
|
|
config: Config,
|
|
mnemonic: bip39::Mnemonic,
|
|
) -> Result<DirectSigningHttpRpcValidatorClient, ValidatorClientError> {
|
|
let rpc_client = http_client(config.nyxd_url.as_str())?;
|
|
let prefix = &config.nyxd_config.chain_details.bech32_account_prefix;
|
|
let wallet = DirectSecp256k1HdWallet::from_mnemonic(prefix, mnemonic);
|
|
|
|
Ok(Self::new_signing_with_rpc_client(
|
|
config, rpc_client, wallet,
|
|
))
|
|
}
|
|
|
|
pub fn change_nyxd(&mut self, new_endpoint: Url) -> Result<(), ValidatorClientError> {
|
|
self.nyxd.change_endpoint(new_endpoint.as_ref())?;
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
impl Client<ReqwestRpcClient, DirectSecp256k1HdWallet> {
|
|
pub fn new_reqwest_signing(
|
|
config: Config,
|
|
mnemonic: bip39::Mnemonic,
|
|
) -> DirectSigningReqwestRpcValidatorClient {
|
|
let rpc_client = ReqwestRpcClient::new(config.nyxd_url.clone());
|
|
let prefix = &config.nyxd_config.chain_details.bech32_account_prefix;
|
|
let wallet = DirectSecp256k1HdWallet::from_mnemonic(prefix, mnemonic);
|
|
|
|
Self::new_signing_with_rpc_client(config, rpc_client, wallet)
|
|
}
|
|
}
|
|
|
|
#[cfg(feature = "http-client")]
|
|
impl Client<HttpRpcClient> {
|
|
pub fn new_query(config: Config) -> Result<QueryHttpRpcValidatorClient, ValidatorClientError> {
|
|
let rpc_client = http_client(config.nyxd_url.as_str())?;
|
|
Ok(Self::new_with_rpc_client(config, rpc_client))
|
|
}
|
|
|
|
pub fn change_nyxd(&mut self, new_endpoint: Url) -> Result<(), ValidatorClientError> {
|
|
self.nyxd = NyxdClient::connect(self.nyxd.current_config().clone(), new_endpoint.as_ref())?;
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
impl Client<ReqwestRpcClient> {
|
|
pub fn new_reqwest_query(config: Config) -> QueryReqwestRpcValidatorClient {
|
|
let rpc_client = ReqwestRpcClient::new(config.nyxd_url.clone());
|
|
Self::new_with_rpc_client(config, rpc_client)
|
|
}
|
|
}
|
|
|
|
impl<C> Client<C> {
|
|
pub fn new_with_rpc_client(config: Config, rpc_client: C) -> Self {
|
|
let nym_api_client = nym_api::Client::new(config.api_url.clone(), None);
|
|
|
|
Client {
|
|
nym_api: nym_api_client,
|
|
nyxd: NyxdClient::new(config.nyxd_config, rpc_client),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl<C, S> Client<C, S> {
|
|
pub fn new_signing_with_rpc_client(config: Config, rpc_client: C, signer: S) -> Self
|
|
where
|
|
S: OfflineSigner,
|
|
{
|
|
let nym_api_client = nym_api::Client::new(config.api_url.clone(), None);
|
|
|
|
Client {
|
|
nym_api: nym_api_client,
|
|
nyxd: NyxdClient::new_signing(config.nyxd_config, rpc_client, signer),
|
|
}
|
|
}
|
|
}
|
|
|
|
// validator-api wrappers
|
|
impl<C, S> Client<C, S> {
|
|
pub fn api_url(&self) -> &Url {
|
|
self.nym_api.current_url()
|
|
}
|
|
|
|
pub fn change_nym_api(&mut self, new_endpoint: Url) {
|
|
self.nym_api.change_base_url(new_endpoint)
|
|
}
|
|
|
|
pub async fn get_cached_mixnodes(&self) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_mixnodes_detailed(
|
|
&self,
|
|
) -> Result<Vec<MixNodeBondAnnotated>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnodes_detailed().await?)
|
|
}
|
|
|
|
pub async fn get_cached_mixnodes_detailed_unfiltered(
|
|
&self,
|
|
) -> Result<Vec<MixNodeBondAnnotated>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnodes_detailed_unfiltered().await?)
|
|
}
|
|
|
|
pub async fn get_cached_rewarded_mixnodes(
|
|
&self,
|
|
) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_rewarded_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_rewarded_mixnodes_detailed(
|
|
&self,
|
|
) -> Result<Vec<MixNodeBondAnnotated>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_rewarded_mixnodes_detailed().await?)
|
|
}
|
|
|
|
pub async fn get_cached_active_mixnodes(
|
|
&self,
|
|
) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_active_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_active_mixnodes_detailed(
|
|
&self,
|
|
) -> Result<Vec<MixNodeBondAnnotated>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_active_mixnodes_detailed().await?)
|
|
}
|
|
|
|
pub async fn get_cached_gateways(&self) -> Result<Vec<GatewayBond>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_gateways().await?)
|
|
}
|
|
|
|
pub async fn blind_sign(
|
|
&self,
|
|
request_body: &BlindSignRequestBody,
|
|
) -> Result<BlindedSignatureResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.blind_sign(request_body).await?)
|
|
}
|
|
}
|
|
|
|
#[derive(Clone)]
|
|
pub struct NymApiClient {
|
|
pub nym_api: nym_api::Client,
|
|
// TODO: perhaps if we really need it at some (currently I don't see any reasons for it)
|
|
// we could re-implement the communication with the REST API on port 1317
|
|
}
|
|
|
|
impl NymApiClient {
|
|
pub fn new(api_url: Url) -> Self {
|
|
let nym_api = nym_api::Client::new(api_url, None);
|
|
|
|
NymApiClient { nym_api }
|
|
}
|
|
|
|
pub fn new_with_user_agent(api_url: Url, user_agent: UserAgent) -> Self {
|
|
let nym_api = nym_api::Client::builder::<_, ValidatorClientError>(api_url)
|
|
.expect("invalid api url")
|
|
.with_user_agent(user_agent)
|
|
.build::<ValidatorClientError>()
|
|
.expect("failed to build nym api client");
|
|
|
|
NymApiClient { nym_api }
|
|
}
|
|
|
|
pub fn api_url(&self) -> &Url {
|
|
self.nym_api.current_url()
|
|
}
|
|
|
|
pub fn change_nym_api(&mut self, new_endpoint: Url) {
|
|
self.nym_api.change_base_url(new_endpoint);
|
|
}
|
|
|
|
pub async fn get_basic_mixnodes(
|
|
&self,
|
|
semver_compatibility: Option<String>,
|
|
) -> Result<Vec<SkimmedNode>, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.get_basic_mixnodes(semver_compatibility)
|
|
.await?
|
|
.nodes)
|
|
}
|
|
|
|
pub async fn get_basic_gateways(
|
|
&self,
|
|
semver_compatibility: Option<String>,
|
|
) -> Result<Vec<SkimmedNode>, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.get_basic_gateways(semver_compatibility)
|
|
.await?
|
|
.nodes)
|
|
}
|
|
|
|
pub async fn get_cached_active_mixnodes(
|
|
&self,
|
|
) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_active_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_rewarded_mixnodes(
|
|
&self,
|
|
) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_rewarded_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_mixnodes(&self) -> Result<Vec<MixNodeDetails>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnodes().await?)
|
|
}
|
|
|
|
pub async fn get_cached_gateways(&self) -> Result<Vec<GatewayBond>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_gateways().await?)
|
|
}
|
|
|
|
pub async fn get_cached_described_gateways(
|
|
&self,
|
|
) -> Result<Vec<DescribedGateway>, ValidatorClientError> {
|
|
Ok(self.nym_api.get_gateways_described().await?)
|
|
}
|
|
|
|
pub async fn get_gateway_core_status_count(
|
|
&self,
|
|
identity: IdentityKeyRef<'_>,
|
|
since: Option<i64>,
|
|
) -> Result<GatewayCoreStatusResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.get_gateway_core_status_count(identity, since)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn get_mixnode_core_status_count(
|
|
&self,
|
|
mix_id: MixId,
|
|
since: Option<i64>,
|
|
) -> Result<MixnodeCoreStatusResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.get_mixnode_core_status_count(mix_id, since)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn get_mixnode_status(
|
|
&self,
|
|
mix_id: MixId,
|
|
) -> Result<MixnodeStatusResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnode_status(mix_id).await?)
|
|
}
|
|
|
|
pub async fn get_mixnode_reward_estimation(
|
|
&self,
|
|
mix_id: MixId,
|
|
) -> Result<RewardEstimationResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnode_reward_estimation(mix_id).await?)
|
|
}
|
|
|
|
pub async fn get_mixnode_stake_saturation(
|
|
&self,
|
|
mix_id: MixId,
|
|
) -> Result<StakeSaturationResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.get_mixnode_stake_saturation(mix_id).await?)
|
|
}
|
|
|
|
pub async fn blind_sign(
|
|
&self,
|
|
request_body: &BlindSignRequestBody,
|
|
) -> Result<BlindedSignatureResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.blind_sign(request_body).await?)
|
|
}
|
|
|
|
pub async fn verify_ecash_ticket(
|
|
&self,
|
|
request_body: &VerifyEcashTicketBody,
|
|
) -> Result<EcashTicketVerificationResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.verify_ecash_ticket(request_body).await?)
|
|
}
|
|
|
|
pub async fn batch_redeem_ecash_tickets(
|
|
&self,
|
|
request_body: &BatchRedeemTicketsBody,
|
|
) -> Result<EcashBatchTicketRedemptionResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.batch_redeem_ecash_tickets(request_body)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn spent_credentials_filter(
|
|
&self,
|
|
) -> Result<SpentCredentialsResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.double_spending_filter_v1().await?)
|
|
}
|
|
|
|
pub async fn partial_expiration_date_signatures(
|
|
&self,
|
|
expiration_date: Option<Date>,
|
|
) -> Result<PartialExpirationDateSignatureResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.partial_expiration_date_signatures(expiration_date)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn partial_coin_indices_signatures(
|
|
&self,
|
|
epoch_id: Option<EpochId>,
|
|
) -> Result<PartialCoinIndicesSignatureResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.partial_coin_indices_signatures(epoch_id)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn global_expiration_date_signatures(
|
|
&self,
|
|
expiration_date: Option<Date>,
|
|
) -> Result<AggregatedExpirationDateSignatureResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.global_expiration_date_signatures(expiration_date)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn global_coin_indices_signatures(
|
|
&self,
|
|
epoch_id: Option<EpochId>,
|
|
) -> Result<AggregatedCoinIndicesSignatureResponse, ValidatorClientError> {
|
|
Ok(self
|
|
.nym_api
|
|
.global_coin_indices_signatures(epoch_id)
|
|
.await?)
|
|
}
|
|
|
|
pub async fn master_verification_key(
|
|
&self,
|
|
epoch_id: Option<EpochId>,
|
|
) -> Result<VerificationKeyResponse, ValidatorClientError> {
|
|
Ok(self.nym_api.master_verification_key(epoch_id).await?)
|
|
}
|
|
}
|