fluencelabs/trust-graph
1
0
Fork 0
mirror of https://github.com/fluencelabs/trust-graph synced 2024-12-04 15:20:19 +00:00
Code Issues Projects Releases Wiki Activity

Update READMEs, example, fix bug in aqua api (#32)

Browse Source
This commit is contained in:
Aleksey Proshutisnkiy 2021-12-06 20:17:45 +03:00 committed by GitHub
parent 7528256e78
commit 24dbadaa7c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 216 additions and 281 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
README.md
View File

@ -1,13 +1,37 @@
### Trust Graph
# Trust Graph
The network-wide peer relationship layer is used to manage connectivity and permissions. Peers keep the distributed graph of relationships, basically a Web of Trust. That graph is used is used to prioritize connections from known peers and avoid Sybil attacks. Also, TrustGraph may be used at the application level in various ways such as prioritization of service execution on authorized peers or a tighter connection of a single companys peers.
Trust Graph is network-wide peer relationship layer. It's designed to be used to prioritize resources and control permissions in open networks. Being a decentralized graph of relationships, basically a Web of Trust, Trust Graph is distributed among all network peers.
### Project structure
Specifically, Trust Graph is used is used to prioritize connections from known peers to counteract Sybil attacks while still keeping network open by reserving resources for unknown peers.
`/.` is the main project with all trust graph logic and in-memory storage as a default
At the same time, Trust Graph can be used at the application level in various ways such as prioritization of service execution on authorized peers or to define an interconnected subnetwork among peers of a single protocol.
`keypair` directory is an abstracted cryptographical layer (key pairs, public keys, signatures, etc.)
## How to Use it in TypeScript
`service` is a package that provides `marine` API and could be compiled to a Wasm file. It is uses `SQLite` as storage.
See [example](./example):
- How to call [`trust-graph`](./example/index.ts) functions in TS/JS
- Step-by-step description [`README`](./example/README.md)
`example` is a `js` script that shows how to issue, sign trusts/revokes, get certificates
## API
Low-level API is defined in the [trust-graph-api.aqua](./aqua/trust-graph-api.aqua) module.
## Directory structure
- [`src`](./src) is the main project with all trust graph logic
- [`keypair`](./keypair) directory is an abstracted cryptographical layer (key pairs, public keys, signatures, etc.)
- [`service`](./service) is a package that provides `marine` API and could be compiled to a Wasm file. It is uses `SQLite` as storage.
- [`example`](./example) is a `js` script that shows how to issue, sign trusts/revocations, export certificates and distinguish Fluence nodes
- [`builtin-package`](./builtin-package) contains blueprint, configs and scripts for generation builtin package locally or via CI
- [`admin`](./admin) is a `js` script used to generate `builtin-package/on_start.json` which contains certificates for Fluence Labs nodes
## Learn Aqua
* [Aqua Book](https://fluence.dev/aqua-book/)
* [Aqua Playground](https://github.com/fluencelabs/aqua-playground)
* [Aqua repo](https://github.com/fluencelabs/aqua)

16
admin/README.md
View File

@ -1,6 +1,12 @@
# How to generate export certificates
1. Go to `local-network`
2. Run `docker compose up -d` to start Fluence node
3. Go back to `../admin`
4. Put `root_secret_key.ed25519` and `issuer_secret_key.ed25519` to folder
5. Run `npm run start`
1. Go to `local-network` if you want to use local node
- Run `docker compose up -d` to start Fluence node
- Go back to `../admin`
2. Put `root_secret_key.ed25519` and `issuer_secret_key.ed25519` to folder
3. Run `npm i`
4. Run `npm run start {env}` where `{env}` should be `testnet`/`krasnodar`/`stage` or `local`
`root_secret_key.ed25519` and `issuer_secret_key.ed25519` are secret and owned by Fluence Labs team. Root key is for
all Fluence Labs relations. Trust from issuer key to any peer id means that this peer is official Fluence Labs peer.
isFluencePeer method from [trust-graph-api.aqua](./aqua/trust-graph-api.aqua) module checks these relations. You can build your own
structure of peers similarly.

126
admin/package-lock.json generated
View File

@ -9,9 +9,9 @@
"version": "1.0.0",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua": "0.4.1-240",
"@fluencelabs/aqua-lib": "0.2.0",
"@fluencelabs/fluence": "0.14.3",
"@fluencelabs/aqua": "0.5.0-246",
"@fluencelabs/aqua-lib": "0.2.1",
"@fluencelabs/fluence": "0.15.0",
"@fluencelabs/fluence-network-environment": "^1.0.10",
"@fluencelabs/trust-graph": "file:../aqua",
"bs58": "^4.0.1"
@ -79,11 +79,11 @@
"license": "MIT"
},
"node_modules/@fluencelabs/aqua": {
"version": "0.4.1-240",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.4.1-240.tgz",
"integrity": "sha512-UaeljcyIuAXWL8CpF2p+jnD0YSVyp3lZYaOfTZoqL5XeFdhf0D8C6VhioUwyT0kU0JOziaPe3m9JxzL3atfpfg==",
"version": "0.5.0-246",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.5.0-246.tgz",
"integrity": "sha512-ab2i7eiPsTaCbo97VGcrshQ3EMJMNMr+1qasf7ryShXMGWu1S9wPB7i7lRToGGOgACnO2D5ScuIAMVYe4D9BMQ==",
"dependencies": {
"@fluencelabs/fluence": "0.12.1"
"@fluencelabs/fluence": "0.15.0"
},
"bin": {
"aqua": "index.js",
@ -91,56 +91,25 @@
}
},
"node_modules/@fluencelabs/aqua-lib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.0.tgz",
"integrity": "sha512-5eJYQQM/6yzNsrBnATYkhpzK5AA0XBSv19eNOkKoyKZpVbh0WK2jjegzWQY2+X+fSk5fh6fcqy7G9xh2a7Lcbg=="
},
"node_modules/@fluencelabs/aqua/node_modules/@fluencelabs/avm": {
"version": "0.14.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.14.4.tgz",
"integrity": "sha512-XyR+1H5k0CAc+mDHOkl81viX8XeW1Yqbw793xbsfUfju5bUb/hqk+gHv3q8lAFdbrCG5P45gdOT08a5RNODZaQ==",
"dependencies": {
"base64-js": "1.5.1"
}
},
"node_modules/@fluencelabs/aqua/node_modules/@fluencelabs/fluence": {
"version": "0.12.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.12.1.tgz",
"integrity": "sha512-JrMKMHjYILAHQsLLd5H0fLt/UMZv+/PQYxJYe6h9HFyJlZrN1bUV+EcZnUw1u3DZE5k/RXBx0udfmkahggwrqA==",
"dependencies": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.14.4",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
"cids": "0.8.1",
"it-length-prefixed": "3.0.1",
"it-pipe": "1.1.0",
"libp2p": "0.32.3",
"libp2p-crypto": "0.19.7",
"libp2p-mplex": "0.10.4",
"libp2p-websockets": "0.16.1",
"loglevel": "1.7.0",
"multiaddr": "10.0.0",
"peer-id": "0.15.3",
"uuid": "8.3.0"
}
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.1.tgz",
"integrity": "sha512-uLP9mbgFHR1Q1FYhehasNxNBlTclBsjNI9MvIPF8oXtVJtnvPi+R4rGGTOHtRJukunxhpAV/svWQU9a2BRyDmQ=="
},
"node_modules/@fluencelabs/avm": {
"version": "0.16.7",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.7.tgz",
"integrity": "sha512-tSbEBRdHTz6PCxLuzEWe3ayZQeDiuJu/Dw0qJmdpYe6eJf0jSwUnAnRaEOv2d0ILnzT1b4us9tCKOhac41YlLg==",
"version": "0.16.0-restriction-operator.9",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.0-restriction-operator.9.tgz",
"integrity": "sha512-34vJqo8TIho5H2+WhEAJOa6WxAPiS+c7Z3WKmRZVi+GAsZN3Hv2NiuiCFNFBmPRoD+juzHe4Dmv5cF7HZc6O6w==",
"dependencies": {
"base64-js": "1.5.1"
}
},
"node_modules/@fluencelabs/fluence": {
"version": "0.14.3",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.14.3.tgz",
"integrity": "sha512-JlF/B9Wtz0VMBJIfA+hZYZt44nX5AIJzgkhfbT1fKfwzb1CvS6IYaaH6PE8vLcBm556sJic94yYL++FpQrJUmQ==",
"version": "0.15.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.15.0.tgz",
"integrity": "sha512-rZwRpS7gaHdTbNecs/W9fokifh3skzZLHiyezSfZNY8jYnjub1HerFOrN6G8dLe2xIOeNuZWirdQ8V5LSZGOHg==",
"dependencies": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.16.7",
"@fluencelabs/avm": "0.16.0-restriction-operator.9",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
@ -2482,66 +2451,33 @@
}
},
"@fluencelabs/aqua": {
"version": "0.4.1-240",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.4.1-240.tgz",
"integrity": "sha512-UaeljcyIuAXWL8CpF2p+jnD0YSVyp3lZYaOfTZoqL5XeFdhf0D8C6VhioUwyT0kU0JOziaPe3m9JxzL3atfpfg==",
"version": "0.5.0-246",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.5.0-246.tgz",
"integrity": "sha512-ab2i7eiPsTaCbo97VGcrshQ3EMJMNMr+1qasf7ryShXMGWu1S9wPB7i7lRToGGOgACnO2D5ScuIAMVYe4D9BMQ==",
"requires": {
"@fluencelabs/fluence": "0.12.1"
},
"dependencies": {
"@fluencelabs/avm": {
"version": "0.14.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.14.4.tgz",
"integrity": "sha512-XyR+1H5k0CAc+mDHOkl81viX8XeW1Yqbw793xbsfUfju5bUb/hqk+gHv3q8lAFdbrCG5P45gdOT08a5RNODZaQ==",
"requires": {
"base64-js": "1.5.1"
}
},
"@fluencelabs/fluence": {
"version": "0.12.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.12.1.tgz",
"integrity": "sha512-JrMKMHjYILAHQsLLd5H0fLt/UMZv+/PQYxJYe6h9HFyJlZrN1bUV+EcZnUw1u3DZE5k/RXBx0udfmkahggwrqA==",
"requires": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.14.4",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
"cids": "0.8.1",
"it-length-prefixed": "3.0.1",
"it-pipe": "1.1.0",
"libp2p": "0.32.3",
"libp2p-crypto": "0.19.7",
"libp2p-mplex": "0.10.4",
"libp2p-websockets": "0.16.1",
"loglevel": "1.7.0",
"multiaddr": "10.0.0",
"peer-id": "0.15.3",
"uuid": "8.3.0"
}
}
"@fluencelabs/fluence": "0.15.0"
}
},
"@fluencelabs/aqua-lib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.0.tgz",
"integrity": "sha512-5eJYQQM/6yzNsrBnATYkhpzK5AA0XBSv19eNOkKoyKZpVbh0WK2jjegzWQY2+X+fSk5fh6fcqy7G9xh2a7Lcbg=="
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.1.tgz",
"integrity": "sha512-uLP9mbgFHR1Q1FYhehasNxNBlTclBsjNI9MvIPF8oXtVJtnvPi+R4rGGTOHtRJukunxhpAV/svWQU9a2BRyDmQ=="
},
"@fluencelabs/avm": {
"version": "0.16.7",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.7.tgz",
"integrity": "sha512-tSbEBRdHTz6PCxLuzEWe3ayZQeDiuJu/Dw0qJmdpYe6eJf0jSwUnAnRaEOv2d0ILnzT1b4us9tCKOhac41YlLg==",
"version": "0.16.0-restriction-operator.9",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.0-restriction-operator.9.tgz",
"integrity": "sha512-34vJqo8TIho5H2+WhEAJOa6WxAPiS+c7Z3WKmRZVi+GAsZN3Hv2NiuiCFNFBmPRoD+juzHe4Dmv5cF7HZc6O6w==",
"requires": {
"base64-js": "1.5.1"
}
},
"@fluencelabs/fluence": {
"version": "0.14.3",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.14.3.tgz",
"integrity": "sha512-JlF/B9Wtz0VMBJIfA+hZYZt44nX5AIJzgkhfbT1fKfwzb1CvS6IYaaH6PE8vLcBm556sJic94yYL++FpQrJUmQ==",
"version": "0.15.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.15.0.tgz",
"integrity": "sha512-rZwRpS7gaHdTbNecs/W9fokifh3skzZLHiyezSfZNY8jYnjub1HerFOrN6G8dLe2xIOeNuZWirdQ8V5LSZGOHg==",
"requires": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.16.7",
"@fluencelabs/avm": "0.16.0-restriction-operator.9",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",

6
admin/package.json
View File

@ -13,9 +13,9 @@
"author": "Fluence Labs",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua": "0.4.1-240",
"@fluencelabs/aqua-lib": "0.2.0",
"@fluencelabs/fluence": "0.14.3",
"@fluencelabs/aqua": "0.5.0-246",
"@fluencelabs/aqua-lib": "0.2.1",
"@fluencelabs/fluence": "0.15.0",
"@fluencelabs/fluence-network-environment": "^1.0.10",
"@fluencelabs/trust-graph": "file:../aqua",
"bs58": "^4.0.1"

45
aqua/trust-graph-api.aqua
View File

@ -46,10 +46,9 @@ func get_host_certs(node: string, issued_for: string) -> AllCertsResult:
result <- TrustGraph.get_host_certs(timestamp_sec)
<- result
func get_host_certs_from(node: string, issuer: string) -> AllCertsResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_host_certs_from(issuer, timestamp_sec)
func get_host_certs_from(issuer: string) -> AllCertsResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_host_certs_from(issuer, timestamp_sec)
<- result
func insert_cert(node: string, certificate: Certificate) -> InsertResult:
@ -75,27 +74,27 @@ func revoke(node: string, revoke: Revoke) -> RevokeResult:
<- result
service TrustOp("op"):
array_length(a: []Trust) -> u64
array_length(a: []Trust) -> u32
service BoolOp("op"):
array_length(a: []bool) -> u64
array_length(a: []bool) -> u32
-- https://github.com/fluencelabs/trust-graph/issues/26
func isFluencePeer() -> bool:
certs_result <- get_host_certs_from(HOST_PEER_ID, "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
resultBox: *bool
if certs_result.success:
for cert <- certs_result.certificates:
len <- TrustOp.array_length(cert.chain)
if len == 3:
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
resultBox <<- true
func isFluencePeer(node: string) -> bool:
on node:
certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
resultBox: *bool
if certs_result.success:
for cert <- certs_result.certificates:
len <- TrustOp.array_length(cert.chain)
if len == 3:
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
resultBox <<- true
result_len <- BoolOp.array_length(resultBox)
result: *bool
if result_len == 0:
result <<- false
else:
result <<- true
result_len <- BoolOp.array_length(resultBox)
result: *bool
if result_len == 0:
result <<- false
else:
result <<- true
<- result!

20
example/README.md
View File

@ -2,4 +2,22 @@
1. Go to `local-network`
2. Run `docker compose up -d` to start Fluence node
3. Go back to `../example`
4. Run `npm run start`
4. Run `npm i`
5. Run `npm run start`
## How to use
1. Add the following to your dependencies
- `@fluencelabs/trust-graph`
- `@fluencelabs/aqua`
- `@fluencelabs/aqua-lib`
- `@fluencelabs/fluence`
- `@fluencelabs/fluence-network-environment`
2. Import dependencies
```typescript
import * as tg from "./generated/export";
import { Fluence, KeyPair } from "@fluencelabs/fluence";
import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
```
3. Add root and issue self-signed root trust.
4. For now, you can sign trusts/revocations only on js side with KeyPair.

104
example/index.ts
View File

@ -14,21 +14,9 @@
* limitations under the License.
*/
import {
get_trust_bytes,
issue_trust,
verify_trust,
add_trust,
add_root,
get_weight,
timestamp_sec,
get_all_certs,
get_revoke_bytes,
issue_revocation,
revoke
} from "./generated/export";
import * as tg from "./generated/export";
import { Fluence, KeyPair } from "@fluencelabs/fluence";
import { Node } from "@fluencelabs/fluence-network-environment";
import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
import assert from "assert";
const bs58 = require('bs58');
@ -45,29 +33,40 @@ let local: Node[] = [
},
];
async function add_trust_helper(node: string, issuer_kp: KeyPair, issuer_peer_id: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number) {
let trust_metadata = await get_trust_bytes(node, issued_for_peer_id, expires_at_sec, issued_at_sec);
async function is_fluence_peer(relay: string) {
let result = await tg.isFluencePeer(relay);
if (result) {
console.log("Current relay %s identified as Fluence Labs' peer", relay)
} else {
console.log("Current relay %s is not Fluence Labs' peer", relay)
}
}
async function add_trust_helper(relay: string, issuer_kp: KeyPair, issuer_peer_id: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number) {
let trust_metadata = await tg.get_trust_bytes(relay, issued_for_peer_id, expires_at_sec, issued_at_sec);
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
let trust = await issue_trust(node, issued_for_peer_id, expires_at_sec, issued_at_sec, Array.from(signed_metadata));
console.log("Issued trust %s", trust.trust);
let trust = await tg.issue_trust(relay, issued_for_peer_id, expires_at_sec, issued_at_sec, Array.from(signed_metadata));
assert(trust.success)
let result = await verify_trust(node, trust.trust, issuer_peer_id);
console.log("Verify trust result: %s", result);
let result = await tg.verify_trust(relay, trust.trust, issuer_peer_id);
assert(result.success)
let result_add = await add_trust(node, trust.trust, issuer_peer_id);
console.log("Add trust result: %s", result_add);
let result_add = await tg.add_trust(relay, trust.trust, issuer_peer_id);
assert(result_add.success)
}
async function revoke_helper(node: string, issuer_kp: KeyPair, revoked_by_peer_id: string, revoked_peer_id: string, revoked_at_sec: number) {
let trust_metadata = await get_revoke_bytes(node, revoked_peer_id, revoked_at_sec);
let trust_metadata = await tg.get_revoke_bytes(node, revoked_peer_id, revoked_at_sec);
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
let revocation = await issue_revocation(node, revoked_peer_id, revoked_by_peer_id, revoked_at_sec, Array.from(signed_metadata));
console.log("Issued revocation %s", revocation.revoke);
let revocation = await tg.issue_revocation(node, revoked_peer_id, revoked_by_peer_id, revoked_at_sec, Array.from(signed_metadata));
assert(revocation.success)
let result_add = await revoke(node, revocation.revoke);
console.log("Revoke result: %s", result_add);
let result_add = await tg.revoke(node, revocation.revoke);
assert(result_add.success)
}
async function main() {
@ -75,44 +74,61 @@ async function main() {
// key from local-network/builtins_secret_key.ed25519 to connect as builtins owner
let sk = bs58.decode("5FwE32bDcphFzuMca7Y2qW1gdR64fTBYoRNvD4MLE1hecDGhCMQGKn8aseMr5wRo4Xo2CRFdrEAawUNLYkgQD78K").slice(0, 32); // first 32 bytes - secret key, second - public key
let builtins_keypair = await KeyPair.fromEd25519SK(sk);
await Fluence.start({ connectTo: local[0], KeyPair: builtins_keypair});
console.log(
"📗 created a fluence peer %s with relay %s",
Fluence.getStatus().peerId,
Fluence.getStatus().relayPeerId
);
const issued_timestamp_sec = await timestamp_sec(local[0].peerId);
const expires_at_sec = issued_timestamp_sec + 999999999;
let relay = local[0].peerId
let nodeA = local[0].peerId
let nodeB = local[1].peerId
// keypair if nodeA specified in local-network/docker-compose.yml
const issuer_kp = await KeyPair.fromEd25519SK(bs58.decode("29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww"));
let add_root_result = await add_root(local[0].peerId, local[0].peerId, 2);
console.log("Add root weight result: %s", add_root_result);
// set nodeA as a root
let add_root_result = await tg.add_root(relay, nodeA, 2);
assert(add_root_result.success)
// add root trust
await add_trust_helper(local[0].peerId, issuer_kp, local[0].peerId, local[0].peerId, expires_at_sec, issued_timestamp_sec);
// add self-signed root trust
const issued_timestamp_sec = await tg.timestamp_sec(relay);
const expires_at_sec = issued_timestamp_sec + 999999999;
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
let root_weight_result = await get_weight(local[0].peerId, local[0].peerId);
console.log("Root weight: %s", root_weight_result);
let root_weight_result = await tg.get_weight(relay, nodeA);
assert(root_weight_result.success)
console.log("Root weight (nodeA) is: %s", root_weight_result.weight);
// issue trust by local[0].peerId for local[1].peerId and add to tg
await add_trust_helper(local[0].peerId, issuer_kp, local[0].peerId, local[1].peerId, expires_at_sec, issued_timestamp_sec);
let weight_result = await get_weight(local[0].peerId, local[1].peerId);
console.log("Trust weight: %s", weight_result);
// issue trust by nodeA to nodeB and add to tg
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
let weight_result = await tg.get_weight(relay, nodeB);
console.log("Weight of nodeB: is %s", weight_result.weight);
assert(root_weight_result.weight / 2 === weight_result.weight);
let certs = await get_all_certs(local[0].peerId, local[1].peerId);
console.log("Certs: %s", JSON.stringify(certs.certificates));
let certs = await tg.get_all_certs(relay, nodeB);
assert(certs.certificates.length === 1);
console.log("There is one cert for nodeB with chain len %s", certs.certificates[0].chain.length);
console.log("It contains self-signed nodeA root trust and nodeA->nodeB trust");
// wait to create revoke after trust (because timestamp in secs)
await new Promise(f => setTimeout(f, 1000));
// revoke local[1].peerId trust
await revoke_helper(local[0].peerId, issuer_kp, local[0].peerId, local[1].peerId, await timestamp_sec(local[0].peerId));
console.log("Now we will revoke trust for nodeB")
// revoke nodeB by nodeA
await revoke_helper(relay, issuer_kp, nodeA, nodeB, await tg.timestamp_sec(relay));
let empty_certs = await get_all_certs(local[0].peerId, local[1].peerId);
let empty_certs = await tg.get_all_certs(relay, nodeB);
assert(empty_certs.certificates.length === 0);
console.log("Now there is no certs for nodeB");
console.log("Let's check if our node is Fluence Labs peer");
await is_fluence_peer(relay);
console.log("Now let's check some krasnodar's node");
await is_fluence_peer(krasnodar[0].peerId);
return;
}

134
example/package-lock.json generated
View File

@ -9,9 +9,9 @@
"version": "1.0.0",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua": "0.4.1-239",
"@fluencelabs/aqua-lib": "0.2.0",
"@fluencelabs/fluence": "0.14.2",
"@fluencelabs/aqua": "0.5.0-245",
"@fluencelabs/aqua-lib": "0.2.1",
"@fluencelabs/fluence": "0.15.0",
"@fluencelabs/fluence-network-environment": "^1.0.10",
"@fluencelabs/trust-graph": "file:../aqua",
"bs58": "^4.0.1"
@ -25,10 +25,10 @@
"version": "0.1.12",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua-lib": "^0.1.14"
"@fluencelabs/aqua-lib": "0.2.0"
},
"devDependencies": {
"@fluencelabs/aqua": "^0.3.1-228"
"@fluencelabs/aqua": "0.4.1-240"
}
},
"../aqua/node_modules/@fluencelabs/aqua": {
@ -79,11 +79,11 @@
"license": "MIT"
},
"node_modules/@fluencelabs/aqua": {
"version": "0.4.1-239",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.4.1-239.tgz",
"integrity": "sha512-VMHTriXyHVay5cgSEQOWMmZpLCw8Pt042JySEp9nybe+rsXncgNxqLwvyqycuRnr6NdJnkNbW0r2+2XXpK1nrA==",
"version": "0.5.0-245",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.5.0-245.tgz",
"integrity": "sha512-RjOa6ut40jqGKrH/NOEdp59NqU3mPlFfcKfht0geQOoyhXkdNiSlQq/MsKXGEQaGSxTy2FGKiGuVOd1T4sfSfA==",
"dependencies": {
"@fluencelabs/fluence": "0.12.1"
"@fluencelabs/fluence": "0.15.0"
},
"bin": {
"aqua": "index.js",
@ -91,56 +91,25 @@
}
},
"node_modules/@fluencelabs/aqua-lib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.0.tgz",
"integrity": "sha512-5eJYQQM/6yzNsrBnATYkhpzK5AA0XBSv19eNOkKoyKZpVbh0WK2jjegzWQY2+X+fSk5fh6fcqy7G9xh2a7Lcbg=="
},
"node_modules/@fluencelabs/aqua/node_modules/@fluencelabs/avm": {
"version": "0.14.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.14.4.tgz",
"integrity": "sha512-XyR+1H5k0CAc+mDHOkl81viX8XeW1Yqbw793xbsfUfju5bUb/hqk+gHv3q8lAFdbrCG5P45gdOT08a5RNODZaQ==",
"dependencies": {
"base64-js": "1.5.1"
}
},
"node_modules/@fluencelabs/aqua/node_modules/@fluencelabs/fluence": {
"version": "0.12.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.12.1.tgz",
"integrity": "sha512-JrMKMHjYILAHQsLLd5H0fLt/UMZv+/PQYxJYe6h9HFyJlZrN1bUV+EcZnUw1u3DZE5k/RXBx0udfmkahggwrqA==",
"dependencies": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.14.4",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
"cids": "0.8.1",
"it-length-prefixed": "3.0.1",
"it-pipe": "1.1.0",
"libp2p": "0.32.3",
"libp2p-crypto": "0.19.7",
"libp2p-mplex": "0.10.4",
"libp2p-websockets": "0.16.1",
"loglevel": "1.7.0",
"multiaddr": "10.0.0",
"peer-id": "0.15.3",
"uuid": "8.3.0"
}
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.1.tgz",
"integrity": "sha512-uLP9mbgFHR1Q1FYhehasNxNBlTclBsjNI9MvIPF8oXtVJtnvPi+R4rGGTOHtRJukunxhpAV/svWQU9a2BRyDmQ=="
},
"node_modules/@fluencelabs/avm": {
"version": "0.15.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.15.4.tgz",
"integrity": "sha512-NLZDq83ocJ1Helm0D8kPMSSkjxH0y+Tujg0px773zjIShbh3jgiJOjAW1xCYgTt9K0LqepjP0bWX4/8nUZfr7g==",
"version": "0.16.0-restriction-operator.9",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.0-restriction-operator.9.tgz",
"integrity": "sha512-34vJqo8TIho5H2+WhEAJOa6WxAPiS+c7Z3WKmRZVi+GAsZN3Hv2NiuiCFNFBmPRoD+juzHe4Dmv5cF7HZc6O6w==",
"dependencies": {
"base64-js": "1.5.1"
}
},
"node_modules/@fluencelabs/fluence": {
"version": "0.14.2",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.14.2.tgz",
"integrity": "sha512-Cf5Ii6dpVSSi839jB7H0Y9k07xncYdHiTNKp4LlPg6inXuy2OPb2E7qF5DXlMM9O1dBb/UJTa4jZlQDsgWriiQ==",
"version": "0.15.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.15.0.tgz",
"integrity": "sha512-rZwRpS7gaHdTbNecs/W9fokifh3skzZLHiyezSfZNY8jYnjub1HerFOrN6G8dLe2xIOeNuZWirdQ8V5LSZGOHg==",
"dependencies": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.15.4",
"@fluencelabs/avm": "0.16.0-restriction-operator.9",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
@ -2482,66 +2451,33 @@
}
},
"@fluencelabs/aqua": {
"version": "0.4.1-239",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.4.1-239.tgz",
"integrity": "sha512-VMHTriXyHVay5cgSEQOWMmZpLCw8Pt042JySEp9nybe+rsXncgNxqLwvyqycuRnr6NdJnkNbW0r2+2XXpK1nrA==",
"version": "0.5.0-245",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua/-/aqua-0.5.0-245.tgz",
"integrity": "sha512-RjOa6ut40jqGKrH/NOEdp59NqU3mPlFfcKfht0geQOoyhXkdNiSlQq/MsKXGEQaGSxTy2FGKiGuVOd1T4sfSfA==",
"requires": {
"@fluencelabs/fluence": "0.12.1"
},
"dependencies": {
"@fluencelabs/avm": {
"version": "0.14.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.14.4.tgz",
"integrity": "sha512-XyR+1H5k0CAc+mDHOkl81viX8XeW1Yqbw793xbsfUfju5bUb/hqk+gHv3q8lAFdbrCG5P45gdOT08a5RNODZaQ==",
"requires": {
"base64-js": "1.5.1"
}
},
"@fluencelabs/fluence": {
"version": "0.12.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.12.1.tgz",
"integrity": "sha512-JrMKMHjYILAHQsLLd5H0fLt/UMZv+/PQYxJYe6h9HFyJlZrN1bUV+EcZnUw1u3DZE5k/RXBx0udfmkahggwrqA==",
"requires": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.14.4",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
"cids": "0.8.1",
"it-length-prefixed": "3.0.1",
"it-pipe": "1.1.0",
"libp2p": "0.32.3",
"libp2p-crypto": "0.19.7",
"libp2p-mplex": "0.10.4",
"libp2p-websockets": "0.16.1",
"loglevel": "1.7.0",
"multiaddr": "10.0.0",
"peer-id": "0.15.3",
"uuid": "8.3.0"
}
}
"@fluencelabs/fluence": "0.15.0"
}
},
"@fluencelabs/aqua-lib": {
"version": "0.2.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.0.tgz",
"integrity": "sha512-5eJYQQM/6yzNsrBnATYkhpzK5AA0XBSv19eNOkKoyKZpVbh0WK2jjegzWQY2+X+fSk5fh6fcqy7G9xh2a7Lcbg=="
"version": "0.2.1",
"resolved": "https://registry.npmjs.org/@fluencelabs/aqua-lib/-/aqua-lib-0.2.1.tgz",
"integrity": "sha512-uLP9mbgFHR1Q1FYhehasNxNBlTclBsjNI9MvIPF8oXtVJtnvPi+R4rGGTOHtRJukunxhpAV/svWQU9a2BRyDmQ=="
},
"@fluencelabs/avm": {
"version": "0.15.4",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.15.4.tgz",
"integrity": "sha512-NLZDq83ocJ1Helm0D8kPMSSkjxH0y+Tujg0px773zjIShbh3jgiJOjAW1xCYgTt9K0LqepjP0bWX4/8nUZfr7g==",
"version": "0.16.0-restriction-operator.9",
"resolved": "https://registry.npmjs.org/@fluencelabs/avm/-/avm-0.16.0-restriction-operator.9.tgz",
"integrity": "sha512-34vJqo8TIho5H2+WhEAJOa6WxAPiS+c7Z3WKmRZVi+GAsZN3Hv2NiuiCFNFBmPRoD+juzHe4Dmv5cF7HZc6O6w==",
"requires": {
"base64-js": "1.5.1"
}
},
"@fluencelabs/fluence": {
"version": "0.14.2",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.14.2.tgz",
"integrity": "sha512-Cf5Ii6dpVSSi839jB7H0Y9k07xncYdHiTNKp4LlPg6inXuy2OPb2E7qF5DXlMM9O1dBb/UJTa4jZlQDsgWriiQ==",
"version": "0.15.0",
"resolved": "https://registry.npmjs.org/@fluencelabs/fluence/-/fluence-0.15.0.tgz",
"integrity": "sha512-rZwRpS7gaHdTbNecs/W9fokifh3skzZLHiyezSfZNY8jYnjub1HerFOrN6G8dLe2xIOeNuZWirdQ8V5LSZGOHg==",
"requires": {
"@chainsafe/libp2p-noise": "4.0.0",
"@fluencelabs/avm": "0.15.4",
"@fluencelabs/avm": "0.16.0-restriction-operator.9",
"async": "3.2.0",
"base64-js": "1.5.1",
"bs58": "4.0.1",
@ -2566,8 +2502,8 @@
"@fluencelabs/trust-graph": {
"version": "file:../aqua",
"requires": {
"@fluencelabs/aqua": "^0.3.1-228",
"@fluencelabs/aqua-lib": "^0.1.14"
"@fluencelabs/aqua": "0.4.1-240",
"@fluencelabs/aqua-lib": "0.2.0"
},
"dependencies": {
"@fluencelabs/aqua": {

6
example/package.json
View File

@ -13,9 +13,9 @@
"author": "Fluence Labs",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua": "0.4.1-240",
"@fluencelabs/aqua-lib": "0.2.0",
"@fluencelabs/fluence": "0.14.3",
"@fluencelabs/aqua": "0.5.0-245",
"@fluencelabs/aqua-lib": "0.2.1",
"@fluencelabs/fluence": "0.15.0",
"@fluencelabs/fluence-network-environment": "^1.0.10",
"@fluencelabs/trust-graph": "file:../aqua",
"bs58": "^4.0.1"

2
local-network/docker-compose.yml
View File

@ -11,7 +11,7 @@ services:
ports:
- 7770:7770 # tcp
- 9990:9990 # ws
- 5000:5001 # ipfs rpc
- 5002:5001 # ipfs rpc
- 4000:4001 # ipfs swarm
- 18080:18080 # /metrics
restart: always