Go to file
Alexey Proshutinskiy 2f6d124de1 add missing line
2021-09-27 16:36:04 +03:00
.circleci WIP: peer_id gen, secret key, tg service with peer_id api 2021-08-26 17:27:05 +03:00
.github ci: fix typos 2021-09-17 14:37:02 +03:00
aqua add missing line 2021-09-27 16:36:04 +03:00
builtin-package minor fixes 2021-09-16 16:24:46 +03:00
example add aqua api for revocations 2021-09-27 16:35:34 +03:00
keypair minor fixes 2021-09-16 16:24:46 +03:00
local-network add demo example with sign, issue and verify trust 2021-09-20 19:34:46 +03:00
service service: expose revoke api 2021-09-27 16:04:59 +03:00
src service: expose revoke api 2021-09-27 16:04:59 +03:00
.gitignore setup ci, update repo structure 2021-09-16 16:16:20 +03:00
Cargo.lock add timestamp_sec to get_weight and get_all_certs api 2021-09-15 15:22:32 +03:00
Cargo.toml WIP: peer_id gen, secret key, tg service with peer_id api 2021-08-26 17:27:05 +03:00
README.md README: remove dead link (#9) 2021-08-13 10:11:57 +03:00

Trust Graph

The network-wide peer relationship layer is used to manage connectivity and permissions. Peers keep the distributed graph of relationships, basically a Web of Trust. That graph is used is used to prioritize connections from known peers and avoid Sybil attacks. Also, TrustGraph may be used at the application level in various ways such as prioritization of service execution on authorized peers or a tighter connection of a single companys peers.

Project structure

/. is the main project with all trust graph logic and in-memory storage as a default

identity directory is an abstracted cryptographical layer (key pairs, signature, etc.)

wasm is a package that provides fce API and could be compiled to a Wasm file. It is used SQLite as storage and could be used only with SQLite Wasm file near.

js is a npm package that allows you to create and serialize certificates

Use trust-graph as a library

// Generate a new key pair
let root_kp = KeyPair::generate();

// Generate a key for which a certificate will be issued
let issued_for = KeyPair::generate();

// A time when the certificate will be issued and whet it will be expired
let now = Duration::from_secs(SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as u64)
let expires_at = Duration::from_secs(SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as u64 + 10000)

// Create a certificate
let mut cert = Certificate::issue_root(&root_kp, issued_for.public_key(), expires_at, now);

// We can add more keys to extend created certificate
// The method requires current_time to check if the old certificate is valid
let new_key = KeyPair::generate();
let new_cert = Certificate::issue(
                &issued_for,
                new_key.public_key(),
                &cert,
                expires_at,               
                now,
                current_time(),
            )?;

// Create new trust graph instance
let st = Box::new(InMemoryStorage::new());
let mut graph = TrustGraph::new(st);

// Add root weights. Basic keys that certificates should start with
graph.add_root_weight(root_kp.public_key().into(), 1);

// Add the certificate to a trust graph
// current_time is to check if certificate is still valid
// Could throw an error if the certificate is expired or malformed
graph.add(new_cert, current_time()).unwrap();

// We can check a weight of a key based on certificates we added and root weights
// If one public key have multiple trusts, we will get the maximum
let w = graph.weight(new_key.public_key()).unwrap().unwrap();

// Every trust or chain of trusts could be revoked by owners of keys in certificates

let revoke = Revoke::create(&issued_for, new_key.public_key(), current_time());
graph.revoke(revoke).unwrap();