profile
viewpoint
Jeff R. Allen jeffallen @dedis Mont-la-ville, Switzerland http://blog.nella.org Software Engineer at @dedis at EPFL.

felixge/godrone 192

GoDrone is a free software alternative firmware for the Parrot AR Drone 2.0.

foobaz/go-zopfli 22

Go port of zopfli, a zlib-compatible compression library

c4dt/omniledger 3

Frontend for the dedis/cothority blockchain with an accent on identity and consent-management

jeffallen/1pw 1

A command-line reader for 1Password.opvault files

dedis/student_19_groupmgmt 0

Summer student project to add group management to Personhood

gnarula/osma 0

An open source mobile agent for achieving SSI

jeffallen/aries-framework-dotnet 0

Aries Framework .NET for building multiplatfrom SSI services

jeffallen/autocert 0

A fork of Golang.org/x/crypto/acme/autocert to take CSRs

jeffallen/bbolt 0

An embedded key/value database for Go.

jeffallen/build 0

[mirror] Continuous build and release infrastructure

delete branch dedis/cothority

delete branch : calypso_ephem

delete time in 4 days

pull request commentdedis/cothority

Add the possibility to rencrypt to a different key from the signing key.

No need for this for the moment.

jeffallen

comment created time in 4 days

push eventdedis/cothority

Noémien Kocher

commit sha eeb1aebba9eeb08670605d57863a966fb85a1292

Adds a --export to "csadmin contract write get"

view details

Noémien Kocher

commit sha bf416fc89e48582500960913a39042c5109c5c12

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 9fe50d1986ebe9ef63790b02c260c9ff3c7b1e20

Imports my custom project contract

view details

Noémien Kocher

commit sha 6edb189e93ded31a99ec0589c4cc87dcb27dd9b1

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 55b5f29fa364ffe6532141cb251e2aeaeffb3d66

Adds special Darc attributes on read contract

view details

Noémien Kocher

commit sha d8c2ae91b0636820f64381949e58e6b91474594d

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 560b9e115f85b5f2d6b30b79280539f2cccc2c87

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 464d52054dcb3b3e898e5a1b92936a537dedd103

Merge branch 'csadmin-update' into odyssey-needs

view details

Noémien Kocher

commit sha 6879c4ca91f6fb98e470c55aa2c076f4ea1b2f7c

Fixes merge

view details

Noémien Kocher

commit sha d19eceb9133d476ad82eb1c4c10b7e0521ab865f

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha beb808be9e1a9ffe24f0e22526c4cf112b9234c1

Go mod tidy

view details

Noémien Kocher

commit sha 696f3ab612d8a68d9cc03d93811e9af9658ee037

Removes print logs

view details

Noémien Kocher

commit sha fe9e299553db71098b69efa06b8ef881514d5cb4

Adds our new catalog smart contract

view details

Noémien Kocher

commit sha 1cd2779461d597a741216848be90cd2aac4dbba1

Updates the validation to ignore the old purposes and uses attributes

view details

Noémien Kocher

commit sha 28372de019c7bbef5b488f7e63554a8a01fc7a3a

Updates the attribute interpreter to use the new metadata

view details

Noémien Kocher

commit sha c2aaaa0d775e380e942295233ea4e1f4d80ab4ca

Updates the DARC() function to print attr:allowed and attr:must_have types

view details

Noémien Kocher

commit sha 622e3dc480db2f40598c011594a799a8ee00f266

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 1a54ec041b859d65099b8caac02083b27f3d9e10

Uses xerrors in calypso contratc

view details

Noémien Kocher

commit sha d2bb755666cd3051a64a82b166123cb05ae30af3

Adds debugging log to evalAttr

view details

Noémien Kocher

commit sha f92089fee56d41db262e1e83b8a107bce3327d27

Fixes the "attr:allowed" mechanism

view details

push time in 4 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha d9bcb2b3a1024d61d31f3662a91ba293309723bf

Add logging of election id.

view details

push time in 4 days

push eventdedis/cothority

Noémien Kocher

commit sha eeb1aebba9eeb08670605d57863a966fb85a1292

Adds a --export to "csadmin contract write get"

view details

Noémien Kocher

commit sha bf416fc89e48582500960913a39042c5109c5c12

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 9fe50d1986ebe9ef63790b02c260c9ff3c7b1e20

Imports my custom project contract

view details

Noémien Kocher

commit sha 6edb189e93ded31a99ec0589c4cc87dcb27dd9b1

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 55b5f29fa364ffe6532141cb251e2aeaeffb3d66

Adds special Darc attributes on read contract

view details

Noémien Kocher

commit sha d8c2ae91b0636820f64381949e58e6b91474594d

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 560b9e115f85b5f2d6b30b79280539f2cccc2c87

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 464d52054dcb3b3e898e5a1b92936a537dedd103

Merge branch 'csadmin-update' into odyssey-needs

view details

Noémien Kocher

commit sha 6879c4ca91f6fb98e470c55aa2c076f4ea1b2f7c

Fixes merge

view details

Noémien Kocher

commit sha d19eceb9133d476ad82eb1c4c10b7e0521ab865f

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha beb808be9e1a9ffe24f0e22526c4cf112b9234c1

Go mod tidy

view details

Noémien Kocher

commit sha 696f3ab612d8a68d9cc03d93811e9af9658ee037

Removes print logs

view details

Noémien Kocher

commit sha fe9e299553db71098b69efa06b8ef881514d5cb4

Adds our new catalog smart contract

view details

Noémien Kocher

commit sha 1cd2779461d597a741216848be90cd2aac4dbba1

Updates the validation to ignore the old purposes and uses attributes

view details

Noémien Kocher

commit sha 28372de019c7bbef5b488f7e63554a8a01fc7a3a

Updates the attribute interpreter to use the new metadata

view details

Noémien Kocher

commit sha c2aaaa0d775e380e942295233ea4e1f4d80ab4ca

Updates the DARC() function to print attr:allowed and attr:must_have types

view details

Noémien Kocher

commit sha 622e3dc480db2f40598c011594a799a8ee00f266

Merge branch 'master' into odyssey-needs

view details

Noémien Kocher

commit sha 1a54ec041b859d65099b8caac02083b27f3d9e10

Uses xerrors in calypso contratc

view details

Noémien Kocher

commit sha d2bb755666cd3051a64a82b166123cb05ae30af3

Adds debugging log to evalAttr

view details

Noémien Kocher

commit sha f92089fee56d41db262e1e83b8a107bce3327d27

Fixes the "attr:allowed" mechanism

view details

push time in 4 days

delete branch dedis/cothority

delete branch : odyssey-needs

delete time in 4 days

PR merged dedis/cothority

Merges Odyssey needs Calypso feature

What this PR does

In order for Odyssey to use Cothority, we need to be able to register custom Darc attribute parsers on a read request. This PR mainly adds a way to call an AddReadAttrInterpreter in the Calypso service that will fill a global list of attribute interpreters. Those interpreters are then applied when it comes to check a read request.

It also updates csadmin to offer the ability to provide a "projectInstanceID" for a read request that can be optionally used in the context of running a custom attribute interpreter.


🙅‍ Friendly checklist:

  • [x] 0. Code comments are added (or updated) when/where needed and explain the WHY of the code.
  • [x] 1. Design choices, user documentation and any additional doc are added (or updated) in READMEs.
  • [x] 2. Any new behaviour is tested and small units of code that can be are unit tested.
  • [x] 3. Code comments are added on tests to explain what they do.
  • [x] 4. Errors are systematically wrapped with a meaningful message using xerrors.Errorf and the %v verb.
  • [x] 5. Hard limit of 80 chars is always respected.
  • [x] 6. Changes are backward compatible.
  • [x] 7. Indentation level does not exceed 5, although 4 is already suspicious.
  • [x] 8. Functions, files, and packages are kept to a manageable size and decomposed into smaller units if needed.
  • [x] 9. There are no magic values.
+158 -29

0 comment

10 changed files

nkcr

pr closed time in 4 days

Pull request review commentdedis/cothority

Merges Odyssey needs

 require ( 	github.com/syndtr/goleveldb v1.0.0 // indirect 	github.com/urfave/cli v1.22.2 	go.dedis.ch/kyber/v3 v3.0.12+	go.dedis.ch/kyber/v4 v4.0.0-pre2

oops?

nkcr

comment created time in 4 days

Pull request review commentdedis/cothority

Merges Odyssey needs

 const calypsoReshareProto = "calypso_reshare_proto"  var allowInsecureAdmin = false +// Allows one to register custom MakeAttrInterpreters for the read request+// verify.+var readMakeAttrInterpreter = make([]makeAttrInterpreterWrapper, 0)++// makeAttrInterpreterWrapper holds the data needed to register a+// MakeAttrInterpreter.+type makeAttrInterpreterWrapper struct {+	// name is the corresponding name of the custom attribute.+	name string+	// interpreter is the fonction producing the interepreter for the given name.

function

nkcr

comment created time in 4 days

Pull request review commentdedis/cothority

Merges Odyssey needs

 var cmds = cli.Commands{ 								Name:  "export, x", 								Usage: "export the instance id to STDOUT", 							},+							cli.StringFlag{+								Name:  "projectInstID, pid",+								Usage: "The project instance ID, which contains the metadata for verification (optional). This option is not directly used in the contract, it is only usefull during the verification process in the case you registered a custom makeAttrInterpreter.",

useful

nkcr

comment created time in 4 days

PR opened dedis/cothority

Support for editing elections before they start

The Open service will edit an election if the election ID is set in the incoming Election structure and it has not received any votes yet.

GetBox has been modified to make it possible to dump the current state of an election.

Added support for this workflow in the evoting-admin tool.

What this PR does

See commit message This PR


🙅‍ Friendly checklist:

  • [ ] 0. Code comments are added (or updated) when/where needed and explain the WHY of the code.
  • [ ] 1. Design choices, user documentation and any additional doc are added (or updated) in READMEs.
  • [ ] 2. Any new behaviour is tested and small units of code that can be are unit tested.
  • [ ] 3. Code comments are added on tests to explain what they do.
  • [ ] 4. Errors are systematically wrapped with a meaningful message using xerrors.Errorf and the %v verb.
  • [ ] 5. Hard limit of 80 chars is always respected.
  • [ ] 6. Changes are backward compatible.
  • [ ] 7. Indentation level does not exceed 5, although 4 is already suspicious.
  • [ ] 8. Functions, files, and packages are kept to a manageable size and decomposed into smaller units if needed.
  • [ ] 9. There are no magic values.
+404 -63

0 comment

9 changed files

pr created time in 4 days

create barnchdedis/cothority

branch : ev-edit

created branch time in 4 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha f9c89215bb1ae9a7d09f8023a27f0ee2db6377f7

More updates to solve security probs, file upload button rendering prob.

view details

push time in 4 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha 057300914ceab4f9c14b808b08dcfa12b2d3e805

Updated the frontend Ran `npm update` and then fixed some bugs created by it.

view details

push time in 4 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha e7c57a9ef1f2690730408f3bb98bb64cac7096f1

NPM-suggested updates Not tested, hopefully this doesn't break load testing, but we'll find out when we are ready to do load testing again.

view details

push time in 5 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha 3b9add26a4fbdc7b9da4d397cc536fb659a9db47

Removed the templating engine from auth server The pug templating engine was bringing in dependencies with security problems. Instead of fixing those, I decided to remove templating entirely. Less dependencies = more better.

view details

push time in 5 days

issue closedmattrglobal/osma

Cannot accept invite from newest dotnet agent

Osma currently depends on AgentFramework.Core 4.0.0-preview.662.

When trying to accept an invite from an agent running aries-framework-dotnet commit 5d30511eb829fe the agent fails with "No valid leaving transitions are permitted from state 'Connected' for trigger 'InvitationAccept'."

Updating the dependency to AgentFramework.Core 4.3.0 creates several compile failures I am still working my way through.

More generally: what's the expected state of this project? Is it meant to work with the latest agent release?

closed time in 7 days

jeffallen

issue commentmattrglobal/osma

Cannot accept invite from newest dotnet agent

Sorry, I don't have the whole build environment for this working still. Closing.

jeffallen

comment created time in 7 days

issue openedtransmute-industries/did-wallet

wallet.lock(): weak key derivation

I was reviewing this code to see how it locks the wallet, and I noticed it calls crypto.createCipher(). Here are the docs on that API: https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options

It is deprecated, and also the docs strongly suggest that you should derive a key with crypto.scrypt().

created time in 12 days

created repositoryjeffallen/ghdid

GitHub DID

created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func (idp IdentityProxy) Verify(msg, s []byte) error { 	return eddsa.Verify(idp.Public, msg2, s) } +// Verify returns nil if the signature is correct, or an error if something+// fails+func (iddid IdentityDID) Verify(msg, s []byte) error {+	// TODO: Cache the results and set a TTL

As discussed in the comments, this code will need to be adapted to resolve a given DID at a given point in time.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func (idp IdentityProxy) Equal(i2 *IdentityProxy) bool { 	return idp.Data == i2.Data && idp.Public.Equal(i2.Public) } +// Equal returns true if both IdentityDIDs are the same.+func (iddid IdentityDID) Equal(iddid2 *IdentityDID) bool {+	return iddid.DID == iddid2.DID

Probably the part after the # should be removed before comparing them. You will be able to use Go's URL parser for this, see https://play.golang.org/p/MZpRQCWJxec

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func TestParseIdentity(t *testing.T) { 	require.NoError(t, err) 	require.NotNil(t, i.Proxy) 	require.Equal(t, in, i.String())++	in = "did:method:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.Error(t, err)++	in = "did:sov:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.NoError(t, err)+	require.NotNil(t, i.DID)+	require.Equal(t, strings.Split(in, ":")[2], i.DID.DID)+	require.Equal(t, "sov", i.DID.Method)+}++func TestDarc_EvolveToDIDDarc(t *testing.T) {+	dataPublisher := createDarc(1, "Patient Data Publisher Darc")++	patientIdentity := NewIdentityDID("WRfXPg8dantKVubE3HX8pw", "sov")+	patientRules := InitRules([]Identity{patientIdentity}, []Identity{patientIdentity})+	patientDarc := NewDarc(patientRules, []byte("Patient Darc"))+	err := patientDarc.EvolveFrom(dataPublisher.darc)+	require.NoError(t, err)++	r, patientDarcBuf, err := patientDarc.MakeEvolveRequest(dataPublisher.owners[0])+	require.NoError(t, err)++	err = r.Verify(dataPublisher.darc)+	require.NoError(t, err)+	patientDarcEvolved, err := r.MsgToDarc(patientDarcBuf)+	require.NoError(t, err)+	require.Equal(t, patientDarc.GetID(), patientDarcEvolved.GetID())++	err = patientDarcEvolved.VerifyWithCB(func(s string, latest bool) *Darc {+		if s == dataPublisher.darc.GetIdentityString() {+			return dataPublisher.darc+		}+		return nil+	}, true)+	require.NoError(t, err)+}++func TestDarc_VerifyWithDIDDarc(t *testing.T) {+	patientIdentity := NewIdentityDID("CvjH5UcquEEqsz5LrZcfvM", "sov")++	patientRules := InitRules([]Identity{patientIdentity}, []Identity{patientIdentity})+	patientRules.AddRule("Read", expression.InitOrExpr(patientIdentity.String()))++	patientDarc := NewDarc(patientRules, []byte("Patient Darc"))++	signature := "4b61e1e81fb17145d9a560724f16902673a5b9c86cb5bd330d51722fcd66b9311b1821e319e9160062f88eab476a9e3bdc5e770f85b194eec91585fea24d400e"+	sigBuf := make([]byte, hex.DecodedLen(len([]byte(signature))))+	hex.Decode(sigBuf, []byte(signature))++	// overriding the global in the test+	didResolver = &IndyCLIDIDResolver{+		Path:            "./mock_resolver_outputs/test_resolver",

Instead of running a test_resolver from the unit test, teach IndyCLIDIDResolver that if it has an io.Reader set, then it should read from that instead of spawning indy-cli. Then you can have the canned results right here in the unit test.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func TestParseIdentity(t *testing.T) { 	require.NoError(t, err) 	require.NotNil(t, i.Proxy) 	require.Equal(t, in, i.String())++	in = "did:method:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.Error(t, err)++	in = "did:sov:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.NoError(t, err)+	require.NotNil(t, i.DID)+	require.Equal(t, strings.Split(in, ":")[2], i.DID.DID)

You're just testing the same code (stings.Split) from two different code paths. I would put require.Equal(t, i.DID.DID, "WRfXPg8dantKVubE3HX8pw") here.

Also, you are not testing parsing errors.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

+package darc++import (+	"bytes"+	"errors"+	"fmt"+	"math/rand"+	"os/exec"+	"strings"+	"time"++	"github.com/hyperledger/aries-framework-go/pkg/doc/did"+	"github.com/mr-tron/base58"+)++// DIDResolver resolves a given DID to a DID Document+type DIDResolver interface {+	Resolve(string) (*did.Doc, error)+}++// IndyCLIDIDResolver resolves a DID using `indy-cli`+// https://github.com/hyperledger/indy-sdk/tree/master/cli+type IndyCLIDIDResolver struct {+	Path            string+	GenesisFilePath string+}++// DIDVerificationKeyTypes represents the valid key types+// that may be stored in a DID document+// Refer to https://w3c-ccg.github.io/ld-cryptosuite-registry/+type DIDVerificationKeyTypes int++const (+	// Ed25519VerificationKey2018 represents key type for Ed25519 keys+	Ed25519VerificationKey2018 DIDVerificationKeyTypes = iota+	// RsaVerificationKey2018 represents key type for RSA Keys+	RsaVerificationKey2018+	// EcdsaSecp256k1VerificationKey2019 represents key type for Secp256k1 keys+	EcdsaSecp256k1VerificationKey2019+)++func (t DIDVerificationKeyTypes) String() string {+	return [...]string{+		"Ed25519VerificationKey2018",+		"RsaVerificationKey2018",+		"EcdsaSecp256k1VerificationKey2019",+	}[t]+}++func (r *IndyCLIDIDResolver) generatePoolName(n int) string {+	alphabet := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"+	b := make([]byte, n)+	for i := range b {+		b[i] = alphabet[rand.Intn(len(alphabet))]+	}+	return string(b)+}++// This would initiate a connection to the pool for every request we receive.+// An optimal way would be to reuse existing connections but that can be+// done by another resolver+func (r *IndyCLIDIDResolver) executeCli(id string) (string, error) {+	poolName := r.generatePoolName(6)+	commands := fmt.Sprintf(`+pool create %s gen_txn_file="%s"+pool connect %s+ledger get-nym did=%s+ledger get-attrib did=%s raw=endpoint+pool disconnect+pool delete %s`, poolName, r.GenesisFilePath, poolName, id, id, poolName)++	cmd := exec.Command(r.Path)+	cmd.Stdin = strings.NewReader(commands)+	var out bytes.Buffer+	cmd.Stdout = &out+	err := cmd.Run()+	if err != nil {+		return "", fmt.Errorf("error executing indy-cli: %s", err)+	}+	return out.String(), nil+}++// parseOutput parses the output from indy-cli. It assumes only one verkey and service+// in the output for now+func (r *IndyCLIDIDResolver) parseOutput(id, output string) (time.Time, []did.PublicKey, []did.Service, error) {+	verkey := ""+	endpoint := ""+	createdAt := ""+	lines := strings.Split(output, "\n")++	for i, line := range lines {+		if createdAt == "" && strings.Contains(line, "| Transaction time") && len(lines) > i+2 {+			components := strings.Split(lines[i+2], "|")+			createdAt = strings.TrimSpace(components[len(components)-2])+		}+		if strings.Contains(line, "| Verkey") && len(lines) > i+2 {+			components := strings.Split(lines[i+2], "|")+			verkey = strings.TrimSpace(components[len(components)-3])+		} else if strings.Contains(line, "| Data") && len(lines) > i+2 {+			components := strings.Split(lines[i+2], "|")+			endpoint = strings.TrimSpace(components[1])+			break+		}+	}++	//_createdAt, err := time.Parse("2006-01-02 22:04:05", createdAt)+	_createdAt, err := time.Parse("2006-01-02 15:04:05", createdAt)+	if err != nil {+		return time.Time{}, nil, nil, fmt.Errorf("error parsing time: %s", err)+	}++	idBuf, err := base58.Decode(id)+	if err != nil {+		return time.Time{}, nil, nil, fmt.Errorf("error base58 decoding did: %s", err)+	}++	// Some txns have verykey beginning with a ~ sign+	if verkey[0] == '~' {+		verkey = verkey[1:]+	}+	verkeyBuf, err := base58.Decode(verkey)+	if err != nil {+		return time.Time{}, nil, nil, fmt.Errorf("error base58 decoding did: %s", err)+	}+	pkBuf := append(idBuf, verkeyBuf...)+	pk := did.PublicKey{+		ID:         fmt.Sprintf("%s-keys#1", id),+		Type:       Ed25519VerificationKey2018.String(),+		Controller: id,+		Value:      pkBuf,+	}++	var svcs []did.Service+	if endpoint != "" {+		// Adopted from ACA-Py+		svcs = append(svcs, did.Service{+			ID:              "indy",+			Type:            "IndyAgent",+			Priority:        0,+			RecipientKeys:   []string{base58.Encode(pkBuf)},+			ServiceEndpoint: endpoint,+		})+	}+	return _createdAt, []did.PublicKey{pk}, svcs, nil+}++// Resolve resolves a did to a DID document using indy-cli.+func (r *IndyCLIDIDResolver) Resolve(id string) (*did.Doc, error) {+	output, err := r.executeCli(id)+	if strings.Contains(output, "NYM not found") {+		return nil, errors.New("DID not found in the ledger")

Please follow the standard for use of xerror as proposed by @nkcr .

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func parseIDProxy(in string) (Identity, error) { 	}}, nil } +func parseIDDID(in string) (Identity, error) {+	fields := strings.SplitN(in, ":", 2)

Use url.Parse here. I suspect that did:sov:xxx:key:1 is legitimate, and this code would refuse that.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

+package darc++import (+	"bytes"+	"errors"+	"fmt"+	"math/rand"+	"os/exec"+	"strings"+	"time"++	"github.com/hyperledger/aries-framework-go/pkg/doc/did"+	"github.com/mr-tron/base58"

please use the same base58 already used by aries-framework-go, so as to reduce the dependencies: github.com/btcsuite/btcutil/base58

See also: https://github.com/hyperledger/aries-framework-go/issues/1192

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func (id Identity) GetPublicBytes() []byte { 			return nil 		} 		return buf+	case 4:+		doc, err := didResolver.Resolve(id.DID.DID)+		if err != nil {+			return nil+		}+		for _, pk := range doc.PublicKey {

This is a rather strange way of saying if len(doc.PublicKey) > 0 return doc.PublicKey[0] else return nil;

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func TestParseIdentity(t *testing.T) { 	require.NoError(t, err) 	require.NotNil(t, i.Proxy) 	require.Equal(t, in, i.String())++	in = "did:method:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.Error(t, err)++	in = "did:sov:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.NoError(t, err)+	require.NotNil(t, i.DID)+	require.Equal(t, strings.Split(in, ":")[2], i.DID.DID)+	require.Equal(t, "sov", i.DID.Method)+}++func TestDarc_EvolveToDIDDarc(t *testing.T) {+	dataPublisher := createDarc(1, "Patient Data Publisher Darc")++	patientIdentity := NewIdentityDID("WRfXPg8dantKVubE3HX8pw", "sov")

Flipping these two arguments would make morse sense, I think.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func (idp IdentityProxy) Verify(msg, s []byte) error { 	return eddsa.Verify(idp.Public, msg2, s) } +// Verify returns nil if the signature is correct, or an error if something+// fails+func (iddid IdentityDID) Verify(msg, s []byte) error {+	// TODO: Cache the results and set a TTL+	doc, err := didResolver.Resolve(iddid.DID)+	if err != nil {+		return err+	}++	iddid.DIDDoc = doc+	for _, publicKey := range iddid.DIDDoc.PublicKey {+		// As of now, libindy only supports ed25519 keys and signatures+		// Please refer to `CryptoService.crypto_types` in+		// `libindy/src/services/crypto/mod.rs`+		if publicKey.Type != Ed25519VerificationKey2018.String() {+			continue+		}+		key := cothority.Suite.Point()+		err := key.UnmarshalBinary(publicKey.Value)+		if err != nil {+			return fmt.Errorf("error unmarshalling key: %v", err)+		}+		err = schnorr.Verify(cothority.Suite, key, msg, s)+		if err == nil {+			return nil

Put a comment here so that old dumb guys like me recognise this is the happy path return point. Or re-write this so that the only return point is at the bottom of the function...

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func TestParseIdentity(t *testing.T) { 	require.NoError(t, err) 	require.NotNil(t, i.Proxy) 	require.Equal(t, in, i.String())++	in = "did:method:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.Error(t, err)++	in = "did:sov:WRfXPg8dantKVubE3HX8pw"+	i, err = ParseIdentity(in)+	require.NoError(t, err)+	require.NotNil(t, i.DID)+	require.Equal(t, strings.Split(in, ":")[2], i.DID.DID)+	require.Equal(t, "sov", i.DID.Method)+}++func TestDarc_EvolveToDIDDarc(t *testing.T) {+	dataPublisher := createDarc(1, "Patient Data Publisher Darc")++	patientIdentity := NewIdentityDID("WRfXPg8dantKVubE3HX8pw", "sov")+	patientRules := InitRules([]Identity{patientIdentity}, []Identity{patientIdentity})+	patientDarc := NewDarc(patientRules, []byte("Patient Darc"))+	err := patientDarc.EvolveFrom(dataPublisher.darc)+	require.NoError(t, err)++	r, patientDarcBuf, err := patientDarc.MakeEvolveRequest(dataPublisher.owners[0])+	require.NoError(t, err)++	err = r.Verify(dataPublisher.darc)+	require.NoError(t, err)+	patientDarcEvolved, err := r.MsgToDarc(patientDarcBuf)+	require.NoError(t, err)+	require.Equal(t, patientDarc.GetID(), patientDarcEvolved.GetID())++	err = patientDarcEvolved.VerifyWithCB(func(s string, latest bool) *Darc {+		if s == dataPublisher.darc.GetIdentityString() {+			return dataPublisher.darc+		}+		return nil+	}, true)+	require.NoError(t, err)+}++func TestDarc_VerifyWithDIDDarc(t *testing.T) {+	patientIdentity := NewIdentityDID("CvjH5UcquEEqsz5LrZcfvM", "sov")++	patientRules := InitRules([]Identity{patientIdentity}, []Identity{patientIdentity})+	patientRules.AddRule("Read", expression.InitOrExpr(patientIdentity.String()))++	patientDarc := NewDarc(patientRules, []byte("Patient Darc"))++	signature := "4b61e1e81fb17145d9a560724f16902673a5b9c86cb5bd330d51722fcd66b9311b1821e319e9160062f88eab476a9e3bdc5e770f85b194eec91585fea24d400e"

Include instructions to the next poor sucker how to generate this, if needed.

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

+#!/bin/bash

These files will go away, the content can be inside of the unit tests directly. (less files = more good, within reason)

gnarula

comment created time in 12 days

Pull request review commentdedis/cothority

DARC: Add support for Sovrin DID Verification

 func (idp IdentityProxy) Verify(msg, s []byte) error { 	return eddsa.Verify(idp.Public, msg2, s) } +// Verify returns nil if the signature is correct, or an error if something+// fails+func (iddid IdentityDID) Verify(msg, s []byte) error {+	// TODO: Cache the results and set a TTL+	doc, err := didResolver.Resolve(iddid.DID)+	if err != nil {+		return err+	}++	iddid.DIDDoc = doc+	for _, publicKey := range iddid.DIDDoc.PublicKey {+		// As of now, libindy only supports ed25519 keys and signatures+		// Please refer to `CryptoService.crypto_types` in+		// `libindy/src/services/crypto/mod.rs`+		if publicKey.Type != Ed25519VerificationKey2018.String() {+			continue+		}+		key := cothority.Suite.Point()+		err := key.UnmarshalBinary(publicKey.Value)+		if err != nil {+			return fmt.Errorf("error unmarshalling key: %v", err)

This should be a continue, so that a malformed key earlier in a DID Doc does not stop a correct key later in the DID Doc from working.

gnarula

comment created time in 12 days

issue openedhyperledger/aries-framework-go

base58 results in lots of dependencies

It looks like the only reason your project depends on github.com/btcsuite/btcutil is because of base58 decoding.

github.com/btcsuite/btcutil itself has quite a lot of dependencies, because it includes btcd, an entire bitcoin miner.

I propose to add a tiny, minimal base58 decoder with no dependencies in pkg/base58. Would you be open to a PR that did that?

created time in 12 days

pull request commentdedis/cothority

DARC: Add support for Sovrin DID Verification

Other comments for reviewers to be aware of:

How to talk to Sovrin blockchain

calling out to indy-cli is a short-term hack to get us up and running, the focus of this PR needs to be on the flow of tx authorisation data from clients through darc authorisation, and into the ByzCoin ledger.

Why we are not using authprox

Authprox is for a situation where the transaction signer has a credential but is not able/willing to hold/protect a private key. So instead, the key is stored in a key escrow service for them, and is then used to sign messages on their behalf. In the case of authprox the key escrow is not centralised, but a collective authority that holds shares of a secret and then use their share to contribute a partial signature onto a statement like, "this user proved to me that IdP X recognises them".

In the sovereign identity use case, a ByzCoin transaction originator is holding on to their secret key, and ready to use it to sign. But they want to get the benefits of the existing key management infrastructure provided by other parts of the sovereign identity world.

gnarula

comment created time in 12 days

pull request commentdedis/cothority

DARC: Add support for Sovrin DID Verification

Thanks for the feedback @ineiti . It is true that as I was helping Gaurav set his direction and plan this work I didn't take into consideration that ByzCoin needs to be self contained.

This work is fundamentally about adding a level of indirection between the Identity that signs a certain ByzCoin instruction and the public key that does the signing. The DID is the long-term name of a given identity, and DID resolution is the point where the DID is changed into the currently active public key. This code is currently structured close to right, in that it uses the DID as the signer's identity, and then does the resolution into a public key at the last possible moment before verifying.

The DID resolution step, in the case of Sovrin DID's, is handled by a permissioned blockchain. So what we are talking about is making a connection between two blockchains. The logical way to do that is for ByzCointo refer to a point in time (the block number) in the Sovrin chain.

So what I propose is to:

  • add an indication of which block number a certain DID should be resolved at to the Signer identity
  • in this PR or one coming soon to offer a second implementation of interface DIDResolver that can operate entirely in an offline manner, taking as input a genesis transaction (the trust root in the Sovrin world) and a set of blocks stored in a big file.

In this way, online nodes can resolve against the online Sovrin blockchain, and offline verifiers can still check that previous authentication decisions respected the DID holder's policy for which public key to use at the time when they sent in the tx.

gnarula

comment created time in 12 days

issue openeddedis/cothority

License not detected correct

pkg.go.dev will not show docs for modules which it cannot guess the license. Our license cannot be guessed. Find out why and fix it. (Preferably, we'll do this by fixing Google's license check to not be stupid, because our license is crystal clear.)

See: https://groups.google.com/forum/#!msg/golang-dev/mfiPCtJ1BGU/qtCrqlrEEwAJ

created time in 12 days

push eventdedis/epfl-evoting

Jeff R. Allen

commit sha 86eca1077c305b49cb5cbabf726472bace8e6ac7

Updates for 2020 Set the year automatically in all of the UI. Update cothority and kyber. Cothority might have a problem with a one node roster, but we should have been always talking only to the leader anyway. Make the skipchain explorer configurable.

view details

push time in 18 days

Pull request review commentdedis/cothority

Adds a PaginateBlocks service to byzcoin

 type StreamingResponse struct { 	Block *skipchain.SkipBlock } +// PaginateRequest is a request to get NumPages times the consecutive list of+// PageSize blocks.+type PaginateRequest struct {+	// The first block to fetch+	StartID skipchain.SkipBlockID+	// Determines the length of the Blocks attribute in the  PaginateResponse.+	// The list contains PageSize consecutive blocks+	PageSize uint64+	// The number of (asynchrounous) requests the service will return to the+	// client. Requests are send in a consecutive order wrt their list of blocks+	NumPages uint64+	// If true then blocks are consecutive in the reverse order, ie. following+	// backward links.+	Backward bool+	// Identifies the service's channel of a previously established connection.+	StreamID []byte+}++// PaginateResponse is a reponse from a PaginateRequest. It returns the streamID+// so that a new PaginateRequest can use an already created channel.+type PaginateResponse struct {+	// A list of consecutive blocks+	Blocks []*skipchain.SkipBlock+	// The page number index: relevant if the clients asked for more than one+	// asynchrounous reply from the service.+	PageNumber uint64+	// Identifies the channel the service uses to send back messages. The client+	// must provide it if he wants to send additional requests using the same+	// channel.+	StreamID []byte+	// Tells if the result contains consecutive blocks in a reversed order.+	Backward bool+	// Used to tell the client if an error occured. Any error code not equal to+	// 0 means that something special happened.+	ErrorCode uint64

The only two that are used are 0 and 1. Can't the caller know this from len(ErrorText)?

nkcr

comment created time in 18 days

Pull request review commentdedis/cothority

Adds a PaginateBlocks service to byzcoin

 type StreamingResponse struct { 	Block *skipchain.SkipBlock } +// PaginateRequest is a request to get NumPages times the consecutive list of+// PageSize blocks.+type PaginateRequest struct {+	// The first block to fetch+	StartID skipchain.SkipBlockID+	// Determines the length of the Blocks attribute in the  PaginateResponse.+	// The list contains PageSize consecutive blocks+	PageSize uint64+	// The number of (asynchrounous) requests the service will return to the+	// client. Requests are send in a consecutive order wrt their list of blocks+	NumPages uint64+	// If true then blocks are consecutive in the reverse order, ie. following+	// backward links.+	Backward bool+	// Identifies the service's channel of a previously established connection.+	StreamID []byte+}++// PaginateResponse is a reponse from a PaginateRequest. It returns the streamID+// so that a new PaginateRequest can use an already created channel.+type PaginateResponse struct {+	// A list of consecutive blocks+	Blocks []*skipchain.SkipBlock+	// The page number index: relevant if the clients asked for more than one+	// asynchrounous reply from the service.+	PageNumber uint64+	// Identifies the channel the service uses to send back messages. The client+	// must provide it if he wants to send additional requests using the same+	// channel.+	StreamID []byte+	// Tells if the result contains consecutive blocks in a reversed order.+	Backward bool+	// Used to tell the client if an error occured. Any error code not equal to+	// 0 means that something special happened.+	ErrorCode uint64+	// A list of error messages in case something special happended.

s/happended/happened/

"Something special" is kind of strange. Anyway, I don't see a place where more than one is returned. What is this for? What am I missing here?

nkcr

comment created time in 18 days

Pull request review commentdedis/cothority

Adds a PaginateBlocks service to byzcoin

 require ( 	github.com/ethereum/go-ethereum v1.8.27 	github.com/go-ldap/ldap/v3 v3.1.5 	github.com/hashicorp/golang-lru v0.5.3 // indirect+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect

Why?

nkcr

comment created time in 18 days

issue commentsignalapp/Signal-Android

Signal crashes at startup due to Keystore failure.

I had this problem with Signal side-loaded into an emulator, and what fixed it was uninstall and re-install.

TraceGroot

comment created time in 18 days

Pull request review commentdedis/onet

Updates the ServerHTTP function to handle streaming from the client

 func TestWebSocketTLS_Error(t *testing.T) { 	require.NotEqual(t, "", log.GetStdErr()) } -// TestWebSocket_Streaming performs 3 test cases.+// TestWebSocket_Streaming_normal performs 3 test cases.

I wonder if this would be a good time to separate these out into 3 test cases? I'm also not clear why the rest for your new code is in processor_test.go and not here. (Not saying you should change, just want to understand your reasoning.)

nkcr

comment created time in 18 days

Pull request review commentdedis/onet

Updates the ServerHTTP function to handle streaming from the client

 func TestServiceProcessor_ProcessClientRequest_Streaming(t *testing.T) { 	} } +func TestServiceProcessor_ProcessClientStreamRequest(t *testing.T) {+	h1 := NewLocalServer(tSuite, 2000)+	defer h1.Close()++	p := NewServiceProcessor(&Context{server: h1})+	// The function need to use the same outChan and closeChan if a request is+	// coming from the same client that expects the same outChan to be used.+	outChan := make(chan network.Message, 10)+	closeChan := make(chan bool)+	h := func(m *testMsg) (chan network.Message, chan bool, error) {+		go func() {+			for i := 0; i < int(m.I); i++ {+				outChan <- m+			}+			// In the case a client make multiple call, this will end in+			// multiple go routine that want to close the chan. This is why+			// each goroutine should check if the chan is already closed, but+			// for simplicity we will do that outside.+			// <-closeChan+			// close(outChan)+		}()+		return outChan, closeChan, nil+	}+	require.Nil(t, p.RegisterStreamingHandler(h))++	// Sending a first message from the client to the service.+	n := 5+	clientInputs := make(chan []byte, 10)+	buf, err := protobuf.Encode(&testMsg{int64(n)})+	require.NoError(t, err)+	clientInputs <- buf+	rep, tun, err := p.ProcessClientStreamRequest(nil, "testMsg", clientInputs)+	require.Nil(t, rep)+	require.NoError(t, err)++	for i := 0; i < n; i++ {+		buf := <-tun.out+		val := &testMsg{}+		require.Nil(t, protobuf.Decode(buf, val))+		require.Equal(t, val.I, int64(n))+	}++	// Sending an additional message from the client to the service using the+	// same channel.+	n = 2+	buf, err = protobuf.Encode(&testMsg{int64(n)})+	require.NoError(t, err)+	clientInputs <- buf++	for i := 0; i < n; i++ {+		buf := <-tun.out+		val := &testMsg{}+		require.Nil(t, protobuf.Decode(buf, val))+		require.Equal(t, val.I, int64(n))+	}++	close(tun.close)++	// Would normall be done inside the service, but we would then need to be

s/normall/normally/

Also: I use unit tests as documentation on how to use a feature. So it would be helpful to show readers here exactly what is expected of them, should they choose to call RegisterStreamingHandler. This unit test should do it precisely the way users of Onet should do it, without taking advantage of the unit test context.

nkcr

comment created time in 18 days

Pull request review commentdedis/onet

Updates the ServerHTTP function to handle streaming from the client

 outerReadLoop: 		var tun *StreamingTunnel 		path := strings.TrimPrefix(r.URL.Path, "/"+t.serviceName+"/") 		log.Lvlf2("ws request from %s: %s/%s", r.RemoteAddr, t.serviceName, path)-		reply, tun, err = s.ProcessClientRequest(r, path, buf)-		if err == nil {-			if tun == nil {-				tx += len(reply)-				if err = ws.SetWriteDeadline(time.Now().Add(5 * time.Minute)); err != nil {-					log.Error(err)-					break++		isStreaming := false+		bidirectionalStreamer, ok := s.(BidirectionalStreamer)+		if ok {+			isStreaming, err = bidirectionalStreamer.IsStreaming(path)+			if err != nil {+				log.Errorf("failed to check if it is a streaming "++					"request %s/%s: %+v", t.serviceName, path, err)+				continue

Each of these continue/breaks could use a comment explaining the reasoning for why it has to be that. I suspect that this part of the code is pretty lightly (or not at all?) covered by unit tests. What does code coverage say?

This is an important place to be careful, because getting the outer loop into an endless loop would be very bad here: hung grouting in a spin loop, possibly. (Been there, done that, got the coredump.)

nkcr

comment created time in 18 days

release dedis/cothority

v3.4.1

released time in 18 days

created tagdedis/cothority

tagv3.4.1

Scalable collective authority

created time in 19 days

delete branch dedis/cothority

delete branch : gover

delete time in 19 days

push eventdedis/cothority

Jeff R. Allen

commit sha 32bd45a44ed8a381dcdb03ea2041d3ff03fd47b3

Update the Go version in all the places it is used.

view details

Jeff R. Allen

commit sha 2099d3fe5cb3551fb48111315d38a557fd478ca4

Bump onet and kyber.

view details

Jeff R. Allen

commit sha 32b6bd03b53c22e07de21f627695581b0aae8c17

Merge pull request #2190 from dedis/gover Update Go version and bump onet and Kyber versions

view details

push time in 19 days

PR merged dedis/cothority

Update Go version and bump onet and Kyber versions
+25 -25

0 comment

7 changed files

jeffallen

pr closed time in 19 days

issue openedFiloSottile/age

UX: age should not use a non-standard golang.org/x/crypto

What were you trying to do

Code review.

What happened

I noticed that go.mod is using a replace for golang.org/x/crypto. I went and found out why (support openssh private key files).

This is just a gentle reminder to fix this as soon as golang#18692 is fixed, thanks!

created time in 20 days

PR opened dedis/cothority

Update Go version and bump onet and Kyber versions
+25 -25

0 comment

7 changed files

pr created time in 20 days

push eventdedis/cothority

Jeff R. Allen

commit sha 2099d3fe5cb3551fb48111315d38a557fd478ca4

Bump onet and kyber.

view details

push time in 20 days

created tagdedis/onet

tagv3.0.32

Cothority network library

created time in 20 days

push eventdedis/onet

Jeff R. Allen

commit sha 7a917083664a2eab29e96f8af679de1f78517223

Bump kyber.

view details

push time in 20 days

created tagdedis/kyber

tagv3.0.12

Advanced crypto library for the Go language

created time in 20 days

push eventdedis/onet

Linus Gasser

commit sha 8a178e5d3cca2169d69f18809674ec373e508167

adding dummy creation of db

view details

Linus Gasser

commit sha f0f0d8206b852ceeda57c5d4ae153bcae511fc86

inspect, extract

view details

Linus Gasser

commit sha d4c054c6a44e3587378487547a26cb0c6643772d

Jeff's comments

view details

Linus Gasser

commit sha 73367bdd61d145c13a99c123761c70480dfc8005

Updating go.*

view details

Jeff R. Allen

commit sha 411d5172a33e6cc38506df72909ead59e1cec42c

Merge pull request #613 from c4dt/dbadmin Dbadmin

view details

push time in 20 days

PR merged dedis/onet

Reviewers
Dbadmin

Problem statement: While wanting to separate my conode to restrict it to do only byzcoin stuff, but keeping the data of the personhood-parties, I wanted to take the data from the personhood-service and put it in the new conode.

My solution:

  • dbadmin inspect - to see which buckets are available
  • dbadmin extract - to copy certain buckets to a new db

So in my case, I could do:

dbadmin extract --source old_conode.db --destination new_conode.db Personhood.*
+617 -59

3 comments

8 changed files

ineiti

pr closed time in 20 days

create barnchdedis/cothority

branch : gover

created branch time in 20 days

create barnchdedis/cothority

branch : calypso_ephem

created branch time in 21 days

push eventdedis/cothority

Jeff R. Allen

commit sha f0ee51f73f6fa9ccb03ac6b7b37bab597358e641

KyberJS: bump version

view details

Jeff R. Allen

commit sha 8c7a13ff61711a146bf78c228447c50c28d470cf

CothorityJS: bump version

view details

push time in 25 days

PR closed dedis/cothority

*: bump go.{mod,sum} bug easy review fix

Since https://github.com/btcsuite/btcd/issues/1487, a clean build (without module cache) fails. This PR bumps btcd and others dependencies in go.mod.

This issue was undetected for long as travis and most devs are building with an already populated module cache.

+61 -29

2 comments

2 changed files

tharvik

pr closed time in 25 days

pull request commentdedis/cothority

*: bump go.{mod,sum}

This was already taken care of in b776c0a1f.

tharvik

comment created time in 25 days

push eventdedis/cothority

Linus Gasser

commit sha def61207e97bc2cb7a2c2dde1390b3ab9a0ea66e

GetUpdateChain: send all available updates Closes #2181

view details

Linus Gasser

commit sha bdf41f59c75f3c98dedff4d3f7b7d497d3402567

Optimize skipchain.GetUpdateChain The javascript SkipchainRPC.getUpdateChain had a possible endless loop when the fastest node returned a partially updated chain. Also, when a node has been left out for some time, but then got re-integrated in the chain, he might return a partially updated chain, which is not optimal. This PR does the following: - improves the skipchain-service so that the GetUpdateChain call returns the longest chain a node can be sure of - changes the skipchain-api-implementation to take correctly into account a possible wrong node - implements the javascript-skipchainRPC.getUpdateChain to correctly update the chain in corner cases

view details

Jeff R. Allen

commit sha 4bc9d7b9eb2b5ddd007944a0fe5a4b57162fc330

Merge pull request #2182 from dedis/issue_2181 GetUpdateChain: send all available updates

view details

push time in 25 days

PR merged dedis/cothority

GetUpdateChain: send all available updates bug

Closes #2181

+283 -66

0 comment

8 changed files

ineiti

pr closed time in 25 days

issue closeddedis/cothority

GetUpdateChain error

The following else is not optimal:

https://github.com/dedis/cothority/blob/master/skipchain/skipchain.go#L528

Example given: in the current chain, conode.c4dt.org has been removed for some blocks. So it goes through the blocks and finds that the highest link from block 2048 points to a block with a roster where conode.c4dt.org is not in anymore. So it stops searching and returns.

Instead, the node should return as many blocks as he can. At least in this case the clients would receive more blocks like that.

Also the skipchain/Client.GetUpdateChain doesn't recognize the corner case where a node returns a valid block but where the node is not in the roster. This should not happen.

Also the external/js/cothority/src/skipchain/SkipchainRPC.getUpdateChain doesn't work correctly and can fall into an endless loop.

closed time in 25 days

ineiti

Pull request review commentdedis/onet

Dbadmin

 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=

I'm wondering where these came from, perhaps a "go get" in this directory, when it should have been in $HOME?

ineiti

comment created time in 25 days

Pull request review commentdedis/onet

Dbadmin

 APPDIR=${APPDIR:-$(pwd)} APP=${APP:-$(basename $APPDIR)} # Name of conode-log COLOG=conode+# Base port when generating the configurations

Are all of these changes just from a sync with cothority/libtest.sh?

ineiti

comment created time in 25 days

push eventdedis/kyber

tharvik

commit sha c336cade8388aee8d300bda129ca628b88c9d58b

bn256: sync stringification with typescript

view details

Linus Gasser

commit sha c03142162466de58a0399ce12b94cc44872cc316

Merge branch 'master' into bn256_fix-String

view details

Jeff R. Allen

commit sha 52437c55c7e6e1785c4d74e0304dd5ed100fd6c5

Merge pull request #405 from dedis/bn256_fix-String bn256: sync stringification with typescript

view details

push time in 25 days

PR merged dedis/kyber

bn256: sync stringification with typescript bug

I propose to add that PR anyway, even if not for the reasons cited in here ;)

TLDR: this makes golang's bn256.Point.String() behave the same as javascript's bn256.point.toString().

A follow-up PR should handle #413

Previous comment

Points can be one way transformed to String, but the format is not standarized/coherent. As it turn out, Typescript's kyber and Golang's kyber are making subtle differences (adding some separator), which is quite important when generating an UUID out of it, such as in onet.NewServerIdentity.

So, currently, crossing {go,ts}land with identity using bn256 doesn't yield the same ID, which is breaking quite an important assumption.

As @dedis/kyber contains tests related to stringification, I supposed that the issue was to be found in golang kyber. You might want to run grep -A3 -rE 'func\s+.*\s+String\(' to find other issue.

Update: also the width of the string is different, such as bn256.G1(0,1) in typescript vs bn256.G1(0000000000000000000000000000000000000000000000000000000000000000,0000000000000000000000000000000000000000000000000000000000000001) in golang.

+4 -4

8 comments

2 changed files

tharvik

pr closed time in 25 days

delete branch dedis/onet

delete branch : config_error_simple

delete time in 25 days

push eventdedis/onet

Linus Gasser

commit sha dc7ae9b5bf746b33a97ab0a411ff361eb636ece0

simpler solution to the configuration problem

view details

Jeff R. Allen

commit sha f0a878c987db64018138de236d8ce20cd67db15c

Merge pull request #611 from dedis/config_error_simple simpler solution to the configuration problem

view details

push time in 25 days

PR merged dedis/onet

Reviewers
simpler solution to the configuration problem

Closes #610

This is a much simpler version than #609. Instead of sending two messages serially, which can get two different connections, it extends the signature of Router.Send to a variadic number of messages to send.

-> Backwards compatible -> passes test

+98 -46

0 comment

4 changed files

ineiti

pr closed time in 25 days

issue closeddedis/onet

Protocol-configuration is sometimes lost

In https://github.com/ldsec/medco-unlynx/pull/18 there is a heisenbug where the configuration of a protocol set in https://github.com/dedis/onet/blob/master/treenode.go#L872 is not received on the other side. There is a test where this happens in local-mode.

As far as I see, I think it has to do with two nodes starting two protocols more or less simultaneously, and the two nodes creating each one connection to the other node. During bad timing, the configuration can go through the first connection (n1 -> n2), while the first packet of the protocol goes through the second connection (created by n2 -> n1). This makes that channel ordering will not be respected and the first packet of the protocol being handled before the configuration.

Finally managed to trigger it, but only on Travis...

Test and fix in #611

closed time in 25 days

ineiti

issue openeddrand/drand

`drand stop` does not work

I wanted to use drand stop as part of working around #174, but it gives panic: not implemented yet.

created time in a month

push eventdedis/suri.epfl.ch

Jeff R. Allen

commit sha 0767e78a46ac7c3c5b2ca638a52bd8c65959a26e

Add a deploy-dedis target for testing hosting with our own server.

view details

push time in a month

pull request commentdedis/cothority

Fix LookupSciper problem

The build that Github says failed succeeded in Travis, so I don't know what's going on.

jeffallen

comment created time in a month

push eventdedis/cothority

Jeff R. Allen

commit sha b776c0a1f3db2b66c714ccd74d4ff5329b120ce4

Fix LookupSciper problem The people.epfl.ch website we were using is deprecated. Change to using LDAP instead.

view details

push time in a month

push eventdedis/cothority

tharvik

commit sha 9c12cd344c25d3d5a0974d60af15b645f4322b24

external/kyber/bn256: test for -1 via mul/neg

view details

tharvik

commit sha 2e98c4ba2a076fcd1b7d5861f63ee5c660a7c0e0

external/kyber/bn256: mod after neg

view details

Jeff R. Allen

commit sha 76d0cdb2bff3174c2e65aa04a6a54552bbf1e783

Merge pull request #2177 from c4dt/external-kyber_test-neg-one external/kyber/bn256: mod after neg

view details

push time in a month

PR merged dedis/cothority

external/kyber/bn256: mod after neg bug external / js fix testing

-1 is not encoded the same when using neg rather than mul. Adding a small test for it and a fix (yet, I'm no cryptographer, I don't know if it's correct at all).

I'm using p here, as throughout the typescript codebase, see dedis/kyber#412 if you find it weird.

+12 -1

1 comment

2 changed files

tharvik

pr closed time in a month

delete branch dedis/cothority

delete branch : bcadmin-shortPrint

delete time in a month

push eventdedis/cothority

Noémien Kocher

commit sha 7d5a1b97cf4670cb0db846fa3cfa75c76c971658

Adds --shortPrint option to "bcadmin darc add"

view details

Jeff R. Allen

commit sha dcca37ccc18c1d6ee1e9436e4e740ff58124b887

Merge pull request #2179 from dedis/bcadmin-shortPrint Adds --shortPrint option to "bcadmin darc add"

view details

push time in a month

PR merged dedis/cothority

Adds --shortPrint option to "bcadmin darc add" ByzCoin easy review feature

What this PR does

See commit message


🙅‍ Friendly checklist:

  • [x] 0. Code comments are added (or updated) when/where needed and explain the WHY of the code.
  • [x] 1. Design choices, user documentation and any additional doc are added (or updated) in READMEs.
  • [x] 2. Any new behaviour is tested and small units of code that can be are unit tested.
  • [x] 3. Code comments are added on tests to explain what they do.
  • [x] 4. Errors are systematically wrapped with a meaningful message using xerrors.Errorf and the %v verb.
  • [x] 5. Hard limit of 80 chars is always respected.
  • [x] 6. Changes are backward compatible.
  • [x] 7. Indentation level does not exceed 5, although 4 is already suspicious.
  • [x] 8. Functions, files, and packages are kept to a manageable size and decomposed into smaller units if needed.
  • [x] 9. There are no magic values.
+13 -3

0 comment

3 changed files

nkcr

pr closed time in a month

pull request commentdedis/cothority

Fix LookupSciper problem

VPSI says that lookup by SCIPER over HTTPS is going away, and that I need to change this to use LDAP. Will do.

jeffallen

comment created time in a month

pull request commentdedis/cothority

Fix LookupSciper problem

Please don't commit yet, I realised on the drive home that I meant to make the unit test not depend on external servers, which is a very bad thing to do.

jeffallen

comment created time in a month

PR opened dedis/cothority

Fix LookupSciper problem

The people.epfl.ch website we are using changed their output format so adjust to compensate.

+13 -1

0 comment

2 changed files

pr created time in a month

create barnchdedis/cothority

branch : lookup-sciper

created branch time in a month

push eventdedis/cothority

tharvik

commit sha 472483139853d916e54b02088466eec296e655da

external/kyber/bn256: simplify multiplication

view details

tharvik

commit sha 22d572ee4bacffcf5af243c5d4e1affd94454008

external/kyber/bn256: test for addition with neg

view details

tharvik

commit sha 1fa545daac122da9d0465c66c0232515b7e035a6

external/kyber/bn256: fix order for scalar

view details

Jeff R. Allen

commit sha 3f7015fd723dfa9cc11c1e748554a43ea6c986f7

Merge pull request #2175 from c4dt/external-kyber_show-bn256-add-bug external/kyber/bn256: fix order for scalar

view details

push time in a month

PR merged dedis/cothority

Reviewers
external/kyber/bn256: fix order for scalar Epic bug external / js fix testing

The modulo for bn256' scalar in typescript is wrong.

By looking at the golang implementation of bn256' scalar, we see that it uses the order (the number of element of a ring) as modulus. In the typescript, it actually uses p, not group, which gives that addition is not consistent with multiplication when using negatives.

This PR adds a test triggering the issue, and the fix. It also contain a simplification of multiplication for bn256 (which is unrelated, just easier to understand).

Kudos to @ineiti for helping me debug :)

+38 -21

1 comment

4 changed files

tharvik

pr closed time in a month

push eventdedis/kyber

tharvik

commit sha 019907a8cb4b8e5bfb33220cc73f84cf77fc7f95

pairing/bn256: test for add/mul consistency

view details

Jeff R. Allen

commit sha 406d4f502bd17963e8f3ff6982673e0bbe9e588d

Merge pull request #410 from dedis/bn256-addmul-test pairing/bn256: test for add/mul consistency

view details

Jeff R. Allen

commit sha 46662a6305be37a11199fa14a8d8c0bcbc41e11b

Merge branch 'master' into issue406

view details

push time in a month

push eventdedis/cothority

tharvik

commit sha 824d72ab5246adf94d33bd659ec62628ce9e81e5

travis: inline single-use anchors

view details

tharvik

commit sha 0051e27e328f72855a4c16146e596200583a845a

travis: add lint to external/js Closes: dedis/cothority#2166

view details

Jeff R. Allen

commit sha 7c29d6a899546cd722a847c02ca90c6a5f84b07f

Merge pull request #2168 from c4dt/external-js_add-lint travis: add lint to external/js

view details

push time in a month

issue closeddedis/cothority

Add linting to external/js

.travis.yml should have targets in the linting-stage for external/js/{cothority,kyber}

Depends on #2164

closed time in a month

ineiti

PR merged dedis/cothority

travis: add lint to external/js external / js integration
  • inline single-use anchors
    • we are only building for go 1.12, not testing, is it wanted?
  • add lint for external/js
+20 -14

1 comment

1 changed file

tharvik

pr closed time in a month

delete branch dedis/kyber

delete branch : bn256-addmul-test

delete time in a month

push eventdedis/kyber

tharvik

commit sha 019907a8cb4b8e5bfb33220cc73f84cf77fc7f95

pairing/bn256: test for add/mul consistency

view details

Jeff R. Allen

commit sha 406d4f502bd17963e8f3ff6982673e0bbe9e588d

Merge pull request #410 from dedis/bn256-addmul-test pairing/bn256: test for add/mul consistency

view details

push time in a month

PR merged dedis/kyber

pairing/bn256: test for add/mul consistency enhancement

Add a small test to ensure addition and multiplication stability for BN256 points.

+12 -0

0 comment

1 changed file

tharvik

pr closed time in a month

PR opened dedis/kyber

Correct SetBit to operate correctly

Fixes #406.

+10 -2

0 comment

3 changed files

pr created time in a month

create barnchdedis/kyber

branch : issue406

created branch time in a month

more