fluencelabs/trust-graph
1
0
Fork 0
mirror of https://github.com/fluencelabs/trust-graph synced 2024-12-04 15:20:19 +00:00
Code Issues Projects Releases Wiki Activity

add hl-api, add example with trusted computation

Browse Source
This commit is contained in:
Alexey Proshutinskiy 2021-12-30 03:52:16 +03:00
parent 8214b1cc5c
commit bf30873fcb
14 changed files with 2444 additions and 6441 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
aqua/export.aqua Normal file
View File

@ -0,0 +1,78 @@
module TrustGraph declares *
import "trust-graph.aqua"
import "trust-graph-api.aqua"
func add_root_trust_wrapped(node: string, max_chain_len: u32, expires_at_sec: u64) -> ?string:
on node:
error <- add_root_trust(max_chain_len, expires_at_sec)
<- error
func add_root_wrapped(node: string, peer_id: string, max_chain_len: u32) -> AddRootResult:
on node:
result <- add_root(peer_id, max_chain_len)
<- result
func get_weight_wrapped(node: string, peer_id: string) -> WeightResult:
on node:
result <- get_weight(peer_id)
<- result
func issue_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
on node:
result, error <- issue_trust(issued_for_peer_id, expires_at_sec)
<- result, error
func add_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
on node:
error <- add_trust(issued_for_peer_id, expires_at_sec)
<- error
func import_trust_wrapped(node: string, trust: Trust) -> ?string:
on node:
error <- import_trust(trust)
<- error
func verify_trust_wrapped(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
on node:
result <- verify_trust(trust, issuer_peer_id)
<- result
func issue_revocation_wrapped(node: string, revoked_peer_id: string) -> ?Revocation, ?string:
on node:
result, error <- issue_revocation(revoked_peer_id)
<- result, error
func revoke_wrapped(node: string, revoked_peer_id: string) -> ?string:
on node:
error <- revoke(revoked_peer_id)
<- error
func import_revocation_wrapped(node: string, revocation: Revocation) -> ?string:
on node:
error <- import_revocation(revocation)
<- error
func get_host_certs_from_wrapped(node: string, issuer: string) -> AllCertsResult:
on node:
result <- get_host_certs_from(issuer)
<- result
func get_all_certs_wrapped(node: string, issued_for: string) -> AllCertsResult:
on node:
result <- get_all_certs(issued_for)
<- result
func get_host_certs_wrapped(node: string) -> AllCertsResult:
on node:
result <- get_host_certs()
<- result
func insert_cert_wrapped(node: string, certificate: Certificate) -> InsertResult:
on node:
result <- insert_cert(certificate)
<- result
func isFluencePeer_wrapped(node: string) -> ?bool, ?string:
on node:
result, error <- isFluencePeer()
<- result, error

5539
aqua/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

4
aqua/package.json
View File

@ -6,7 +6,7 @@
"*.aqua"
],
"dependencies": {
"@fluencelabs/aqua-lib": "0.2.0"
"@fluencelabs/aqua-lib": "^0.3.1"
},
"scripts": {
"generate-aqua": "../service/build.sh",
@ -31,6 +31,6 @@
},
"homepage": "https://github.com/fluencelabs/trust-graph#readme",
"devDependencies": {
"@fluencelabs/aqua": "0.4.1-240"
"@fluencelabs/aqua": "file:../../aqua/npm"
}
}

201
aqua/trust-graph-api.aqua
View File

@ -1,100 +1,169 @@
import "trust-graph.aqua"
import "@fluencelabs/aqua-lib/builtin.aqua"
func get_trust_bytes(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult:
on node:
result <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
func add_root(peer_id: string, max_chain_len: u32) -> AddRootResult:
weight_factor <- TrustGraph.get_weight_factor(max_chain_len)
result <- TrustGraph.add_root(peer_id, weight_factor)
<- result
func issue_trust(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64, trust_bytes: []u8) -> IssueTrustResult:
on node:
result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, trust_bytes)
func get_weight(peer_id: string) -> WeightResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_weight(peer_id, timestamp_sec)
<- result
func verify_trust(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
on node:
func issue_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
issued_at_sec <- Peer.timestamp_sec()
bytes <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
result: ?Trust
error: ?string
if bytes.success:
on %init_peer_id% via HOST_PEER_ID:
signature <- Sig.sign(bytes.result)
issue_result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, signature)
if issue_result.success:
result <<- issue_result.trust
else:
error <<- issue_result.error
else:
error <<- bytes.error
<- result, error
func add_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
trust, issue_error <- issue_trust(issued_for_peer_id, expires_at_sec)
error: ?string
if trust == nil:
error <<- issue_error!
else:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
add_result <- TrustGraph.add_trust(trust!, %init_peer_id%, timestamp_sec)
if add_result.success != true:
error <<- add_result.error
<- error
func add_root_trust(max_chain_len: u32, expires_at_sec: u64) -> ?string:
add_root_result <- add_root(%init_peer_id%, max_chain_len)
error: *?string
if add_root_result.success:
error <- add_trust(%init_peer_id%, expires_at_sec)
else:
-- converting string to ?string
tmp: *string
tmp <<- add_root_result.error
error <<- tmp
<- error!
func import_trust(trust: Trust) -> ?string:
error: ?string
timestamp_sec <- Peer.timestamp_sec()
add_result <- TrustGraph.add_trust(trust, %init_peer_id%, timestamp_sec)
if add_result.success != true:
error <<- add_result.error
<- error
func verify_trust(trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
<- result
func add_trust(node: string, trust: Trust, issuer_peer_id: string) -> AddTrustResult:
on node:
func issue_revocation(revoked_peer_id: string) -> ?Revocation, ?string:
issued_at_sec <- Peer.timestamp_sec()
bytes <- TrustGraph.get_revocation_bytes(revoked_peer_id, issued_at_sec)
result: ?Revocation
error: ?string
if bytes.success:
on %init_peer_id% via HOST_PEER_ID:
signature <- Sig.sign(bytes.result)
issue_result <- TrustGraph.issue_revocation(revoked_peer_id, %init_peer_id%, issued_at_sec, signature)
if issue_result.success != true:
result <<- issue_result.revocation
else:
error <<- issue_result.error
else:
error <<- bytes.error
<- result, error
func revoke(revoked_peer_id: string) -> ?string:
revocation, issue_error <- issue_revocation(revoked_peer_id)
error: ?string
if revocation == nil:
error <<- issue_error!
else:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.add_trust(trust, issuer_peer_id, timestamp_sec)
<- result
add_result <- TrustGraph.revoke(revocation!, timestamp_sec)
if add_result.success != true:
error <<- add_result.error
func add_root(node: string, peer_id: string, weight_factor: u32) -> AddRootResult:
on node:
result <- TrustGraph.add_root(peer_id, weight_factor)
<- result
<- error
func get_weight(node: string, peer_id: string) -> WeightResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_weight(peer_id, timestamp_sec)
<- result
func get_all_certs(node: string, issued_for: string) -> AllCertsResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
<- result
func import_revocation(revocation: Revocation) -> ?string:
error: ?string
timestamp_sec <- Peer.timestamp_sec()
add_result <- TrustGraph.revoke(revocation, timestamp_sec)
if add_result.success != true:
error <<- add_result.error
func get_host_certs(node: string, issued_for: string) -> AllCertsResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_host_certs(timestamp_sec)
<- result
<- error
func get_host_certs_from(issuer: string) -> AllCertsResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_host_certs_from(issuer, timestamp_sec)
<- result
func insert_cert(node: string, certificate: Certificate) -> InsertResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.insert_cert(certificate, timestamp_sec)
func get_all_certs(issued_for: string) -> AllCertsResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
<- result
func get_revoke_bytes(node: string, revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult:
on node:
result <- TrustGraph.get_revoke_bytes(revoked_peer_id, revoked_at)
func get_host_certs() -> AllCertsResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.get_host_certs(timestamp_sec)
<- result
func issue_revocation(node: string, revoked_peer_id: string, revoked_by_peer_id: string, revoked_at_sec: u64, signature_bytes: []u8) -> IssueRevocationResult:
on node:
result <- TrustGraph.issue_revocation(revoked_peer_id, revoked_by_peer_id, revoked_at_sec, signature_bytes)
<- result
func revoke(node: string, revocation: Revocation) -> RevokeResult:
on node:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.revoke(revocation, timestamp_sec)
func insert_cert(certificate: Certificate) -> InsertResult:
timestamp_sec <- Peer.timestamp_sec()
result <- TrustGraph.insert_cert(certificate, timestamp_sec)
<- result
-- helpers for isFluencePeer
service TrustOp("op"):
array_length(a: []Trust) -> u32
service BoolOp("op"):
array_length(a: []bool) -> u32
func isFluencePeer(node: string) -> bool:
on node:
certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
resultBox: *bool
if certs_result.success:
for cert <- certs_result.certificates:
len <- TrustOp.array_length(cert.chain)
if len == 3:
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
resultBox <<- true
result_len <- BoolOp.array_length(resultBox)
result: *bool
if result_len == 0:
-- returns `true` if current relay is identified as official Fluence Labs peer
-- returns `false` otherwise
func isFluencePeer() -> ?bool, ?string:
certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
result: ?bool
error: ?string
if certs_result.success:
for cert <- certs_result.certificates:
len <- TrustOp.array_length(cert.chain)
if len == 3:
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
result <<- true
if result == nil:
result <<- false
else:
result <<- true
<- result!
else:
error <<- certs_result.error
<- result, error
-- labels: example with 3 node trusts/revocations, execution of some conditional code
-- weights:
-- if registry is ready:
-- - can't add record
-- - after issuing trust you can
-- if not:
-- - price-oracle average: on local tg get weight, check tetraplets, calculate average, etc
-- weights: demo with connectivity [later]
-- permissions control - registry

2
aqua/trust-graph.aqua
View File

@ -75,7 +75,7 @@ service TrustGraph("trust-graph"):
get_all_certs(issued_for: string, timestamp_sec: u64) -> AllCertsResult
get_host_certs(timestamp_sec: u64) -> AllCertsResult
get_host_certs_from(issuer: string, timestamp_sec: u64) -> AllCertsResult
get_revoke_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
get_revocation_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
get_trust_bytes(issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult
get_weight(peer_id: string, timestamp_sec: u64) -> WeightResult
get_weight_factor(max_chain_len: u32) -> u32

24
example/aqua/computation.aqua Normal file
View File

@ -0,0 +1,24 @@
import "@fluencelabs/trust-graph/trust-graph-api.aqua"
import "@fluencelabs/trust-graph/trust-graph.aqua"
import "@fluencelabs/aqua-lib/builtin.aqua"
export trusted_computation
service CertOp("op"):
array_length(a: []Certificate) -> u32
service TrustedComputation("op"):
identity(s: u64) -> u64
func trusted_computation(node: string) -> ?u64:
result: ?u64
on node:
certs_result <- get_host_certs_from(%init_peer_id%)
if certs_result.success:
len <- CertOp.array_length(certs_result.certificates)
if len != 0:
result <- TrustedComputation.identity(5)
<- result

13
example/aqua/export.aqua
View File

@ -1,10 +1,13 @@
import get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer from "../../aqua/trust-graph-api.aqua"
import "@fluencelabs/trust-graph/export.aqua"
export get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer
export issue_trust_wrapped as issue_trust, verify_trust_wrapped as verify_trust, add_trust_wrapped as add_trust, import_trust_wrapped as import_trust
export add_root_trust_wrapped as add_root_trust, add_root_wrapped as add_root, get_weight_wrapped as get_weight, get_all_certs_wrapped as get_all_certs, insert_cert_wrapped as insert_cert
export issue_revocation_wrapped as issue_revocation, revoke_wrapped as revoke, isFluencePeer_wrapped as isFluencePeer
import "@fluencelabs/aqua-lib/builtin.aqua"
import Peer from "@fluencelabs/aqua-lib/builtin.aqua"
func timestamp_sec(node: string) -> u64:
on node:
func timestamp_sec() -> u64:
on HOST_PEER_ID:
result <- Peer.timestamp_sec()
<- result

139
example/index.ts
View File

@ -14,9 +14,10 @@
* limitations under the License.
*/
import {trusted_computation} from "./generated/computation";
import * as tg from "./generated/export";
import { Fluence, KeyPair } from "@fluencelabs/fluence";
import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
import {Fluence, FluencePeer, KeyPair} from "@fluencelabs/fluence";
import {krasnodar, Node, testNet, stage} from "@fluencelabs/fluence-network-environment";
import assert from "assert";
const bs58 = require('bs58');
@ -31,42 +32,65 @@ let local: Node[] = [
multiaddr:
"/ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv",
},
{
peerId: "12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
multiaddr:
"/ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
},
];
async function is_fluence_peer(relay: string) {
let result = await tg.isFluencePeer(relay);
if (result) {
console.log("Current relay %s identified as Fluence Labs' peer", relay)
} else {
console.log("Current relay %s is not Fluence Labs' peer", relay)
async function add_roots() {
let current_time = await tg.timestamp_sec();
let far_future = current_time + 9999999;
for (var node of local) {
let error = await tg.add_root_trust(node.peerId, 2, far_future);
console.log("Added root trust for %s", node.peerId)
assert(error == null);
}
}
async function add_trust_helper(relay: string, issuer_kp: KeyPair, issuer_peer_id: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number) {
let trust_metadata = await tg.get_trust_bytes(relay, issued_for_peer_id, expires_at_sec, issued_at_sec);
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
async function is_fluence_peer(node: string) {
let [result, error] = await tg.isFluencePeer(node);
let trust = await tg.issue_trust(relay, issued_for_peer_id, expires_at_sec, issued_at_sec, Array.from(signed_metadata));
assert(trust.success)
let result = await tg.verify_trust(relay, trust.trust, issuer_peer_id);
assert(result.success)
let result_add = await tg.add_trust(relay, trust.trust, issuer_peer_id);
assert(result_add.success)
console.log("%s %s", result, error);
if (error !== null) {
console.error("Something went wrong: %s", error);
} else {
assert(result !== null);
if (result) {
console.log("Current relay %s identified as Fluence Labs' peer", Fluence.getStatus().relayPeerId)
} else {
console.log("Current relay %s is not Fluence Labs' peer", Fluence.getStatus().relayPeerId)
}
}
}
async function revoke_helper(node: string, issuer_kp: KeyPair, revoked_by_peer_id: string, revoked_peer_id: string, revoked_at_sec: number) {
let trust_metadata = await tg.get_revoke_bytes(node, revoked_peer_id, revoked_at_sec);
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
async function add_new_trust_checked(node: string, issued_for_peer_id: string, expires_at_sec: number) {
let error = await tg.add_trust(node, issued_for_peer_id, expires_at_sec);
if (error !== null) {
console.error("%s", error);
} else {
console.log("Trust to node %s successfully added", node)
}
}
let revocation = await tg.issue_revocation(node, revoked_peer_id, revoked_by_peer_id, revoked_at_sec, Array.from(signed_metadata));
assert(revocation.success)
async function revoke_checked(node: string, revoked_peer_id: string) {
let error = await tg.revoke(node, revoked_peer_id);
if (error !== null) {
console.error("%s", error);
} else {
console.log("Trust to node %s revoked", node)
}
}
let result_add = await tg.revoke(node, revocation.revocation);
assert(result_add.success)
async function exec_trusted_computation(node: string) {
let result = await trusted_computation(node)
if (result !== null) {
console.log("Trusted computation on node %s successful, result is %s", node, result)
} else {
console.log("Trusted computation on node %s failed", node)
}
}
async function main() {
@ -81,55 +105,30 @@ async function main() {
Fluence.getStatus().peerId,
Fluence.getStatus().relayPeerId
);
let relay = local[0].peerId
await add_roots();
let nodeA = local[0].peerId
let nodeB = local[1].peerId
let nodeC = local[2].peerId
await revoke_checked(nodeB, nodeB);
await exec_trusted_computation(nodeA);
await exec_trusted_computation(nodeB);
await exec_trusted_computation(nodeC);
// keypair if nodeA specified in local-network/docker-compose.yml
const issuer_kp = await KeyPair.fromEd25519SK(bs58.decode("29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww"));
let current_time = await tg.timestamp_sec();
let far_future = current_time + 9999999;
// set nodeA as a root
let add_root_result = await tg.add_root(relay, nodeA, 2);
assert(add_root_result.success)
await add_new_trust_checked(nodeB, nodeB, far_future);
// add self-signed root trust
const issued_timestamp_sec = await tg.timestamp_sec(relay);
const expires_at_sec = issued_timestamp_sec + 999999999;
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
await exec_trusted_computation(nodeA);
await exec_trusted_computation(nodeB);
await exec_trusted_computation(nodeC);
let root_weight_result = await tg.get_weight(relay, nodeA);
assert(root_weight_result.success)
console.log("Root weight (nodeA) is: %s", root_weight_result.weight);
// issue trust by nodeA to nodeB and add to tg
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
let weight_result = await tg.get_weight(relay, nodeB);
console.log("Weight of nodeB: is %s", weight_result.weight);
assert(root_weight_result.weight / 2 === weight_result.weight);
let certs = await tg.get_all_certs(relay, nodeB);
assert(certs.certificates.length === 1);
console.log("There is one cert for nodeB with chain len %s", certs.certificates[0].chain.length);
console.log("It contains self-signed nodeA root trust and nodeA->nodeB trust");
// wait to create revoke after trust (because timestamp in secs)
await new Promise(f => setTimeout(f, 1000));
console.log("Now we will revoke trust for nodeB")
// revoke nodeB by nodeA
await revoke_helper(relay, issuer_kp, nodeA, nodeB, await tg.timestamp_sec(relay));
let empty_certs = await tg.get_all_certs(relay, nodeB);
assert(empty_certs.certificates.length === 0);
console.log("Now there is no certs for nodeB");
console.log("Let's check if our node is Fluence Labs peer");
await is_fluence_peer(relay);
console.log("Now let's check some krasnodar's node");
await is_fluence_peer(krasnodar[0].peerId);
await revoke_checked(nodeB, nodeB);
await exec_trusted_computation(nodeA);
await exec_trusted_computation(nodeB);
await exec_trusted_computation(nodeC);
return;
}

2778
example/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

6
example/package.json
View File

@ -13,9 +13,9 @@
"author": "Fluence Labs",
"license": "MIT",
"dependencies": {
"@fluencelabs/aqua": "0.5.0-247",
"@fluencelabs/aqua-lib": "0.2.1",
"@fluencelabs/fluence": "0.15.1",
"@fluencelabs/aqua": "file:../../aqua/npm",
"@fluencelabs/aqua-lib": "^0.3.1",
"@fluencelabs/fluence": "0.0.1-update-avm-to-0-19-8-612.0",
"@fluencelabs/fluence-network-environment": "^1.0.10",
"@fluencelabs/trust-graph": "file:../aqua",
"bs58": "^4.0.1"

96
local-network/docker-compose.yml
View File

@ -1,7 +1,7 @@
# management secret key is NAB5rGwT4qOEB+6nLQawkTfCOV2eiFSjgQK8bfEdZXY=
services:
fluence-0: # /ip4/127.0.0.1/tcp/9990/ws/p2p/12D3KooWHBG9oaVx4i3vi6c1rSBUm7MLBmyGmmbHoZ23pmjDCnvK
command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 # --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
container_name: fluence-0
environment:
RUST_BACKTRACE: full
@ -11,7 +11,7 @@ services:
ports:
- 7770:7770 # tcp
- 9990:9990 # ws
- 5002:5001 # ipfs rpc
- 5003:5001 # ipfs rpc
- 4000:4001 # ipfs swarm
- 18080:18080 # /metrics
restart: always
@ -22,56 +22,58 @@ services:
networks:
- fluence
# fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
# command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
# container_name: fluence-1
# environment:
# RUST_BACKTRACE: full
# RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
# WASM_LOG: info
# image: fluencelabs/node:latest
# ports:
# - 7771:7771 # tcp
# - 9991:9991 # ws
# - 5001:5001 # ipfs rpc
# - 4001:4001 # ipfs swarm
# - 18081:18080 # /metrics
# restart: always
# volumes:
# - fluence-1:/.fluence
# - data-1:/config
# networks:
# - fluence
#
# fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
# command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
# container_name: fluence-2
# environment:
# RUST_BACKTRACE: full
# RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
# WASM_LOG: info
# image: fluencelabs/node:latest
# ports:
# - 7772:7772 # tcp
# - 9992:9992 # ws
# - 5002:5001 # ipfs rpc
# - 4002:4001 # ipfs swarm
# - 18082:18080 # /metrics
# restart: always
# volumes:
# - fluence-2:/.fluence
# - data-2:/config
# networks:
# - fluence
fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
container_name: fluence-1
environment:
RUST_BACKTRACE: full
RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
WASM_LOG: info
image: fluencelabs/node:latest
ports:
- 7771:7771 # tcp
- 9991:9991 # ws
- 5001:5001 # ipfs rpc
- 4001:4001 # ipfs swarm
- 18081:18080 # /metrics
restart: always
volumes:
- fluence-1:/.fluence
- data-1:/config
- ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
networks:
- fluence
fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
container_name: fluence-2
environment:
RUST_BACKTRACE: full
RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
WASM_LOG: info
image: fluencelabs/node:latest
ports:
- 7772:7772 # tcp
- 9992:9992 # ws
- 5002:5001 # ipfs rpc
- 4002:4001 # ipfs swarm
- 18082:18080 # /metrics
restart: always
volumes:
- fluence-2:/.fluence
- data-2:/config
- ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
networks:
- fluence
version: "3.5"
volumes:
fluence-0:
# fluence-1:
# fluence-2:
fluence-1:
fluence-2:
data-0:
# data-1:
# data-2:
data-1:
data-2:
networks:
fluence:

2
service/src/service_api.rs
View File

@ -198,7 +198,7 @@ fn add_trust(trust: Trust, issuer_peer_id: String, timestamp_sec: u64) -> AddTru
}
#[marine]
fn get_revoke_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
fn get_revocation_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
wrapped_try(|| {
let public_key = extract_public_key(revoked_peer_id)?;
Ok(trust_graph::Revocation::signature_bytes(

1
service/src/storage_impl.rs
View File

@ -321,7 +321,6 @@ impl Storage for SQLiteStorage {
let mut roots = vec![];
while let Some(row) = cursor.next()? {
log::info!("row: {:?}", row);
let pk = row[0].as_string().ok_or(PublicKeyConversion)?;
let pk: PK = PK::from_str(pk).map_err(|e| PublicKeyFromStr(e.to_string()))?;

2
service/src/tests.rs
View File

@ -201,7 +201,7 @@ mod service_tests {
revoked_peer_id: &PeerId,
revoked_at_sec: u64,
) -> Revocation {
let result = trust_graph.get_revoke_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
let result = trust_graph.get_revocation_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
assert!(result.success, "{}", result.error);
let revoke_bytes = issuer_kp.sign(&result.result).unwrap().to_vec().to_vec();