mirror of
https://github.com/fluencelabs/trust-graph
synced 2024-12-04 23:30:19 +00:00
add hl-api, add example with trusted computation
This commit is contained in:
parent
8214b1cc5c
commit
bf30873fcb
78
aqua/export.aqua
Normal file
78
aqua/export.aqua
Normal file
@ -0,0 +1,78 @@
|
||||
module TrustGraph declares *
|
||||
import "trust-graph.aqua"
|
||||
import "trust-graph-api.aqua"
|
||||
|
||||
func add_root_trust_wrapped(node: string, max_chain_len: u32, expires_at_sec: u64) -> ?string:
|
||||
on node:
|
||||
error <- add_root_trust(max_chain_len, expires_at_sec)
|
||||
<- error
|
||||
|
||||
func add_root_wrapped(node: string, peer_id: string, max_chain_len: u32) -> AddRootResult:
|
||||
on node:
|
||||
result <- add_root(peer_id, max_chain_len)
|
||||
<- result
|
||||
|
||||
func get_weight_wrapped(node: string, peer_id: string) -> WeightResult:
|
||||
on node:
|
||||
result <- get_weight(peer_id)
|
||||
<- result
|
||||
|
||||
func issue_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
|
||||
on node:
|
||||
result, error <- issue_trust(issued_for_peer_id, expires_at_sec)
|
||||
<- result, error
|
||||
|
||||
func add_trust_wrapped(node: string, issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
|
||||
on node:
|
||||
error <- add_trust(issued_for_peer_id, expires_at_sec)
|
||||
<- error
|
||||
|
||||
func import_trust_wrapped(node: string, trust: Trust) -> ?string:
|
||||
on node:
|
||||
error <- import_trust(trust)
|
||||
<- error
|
||||
|
||||
func verify_trust_wrapped(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
|
||||
on node:
|
||||
result <- verify_trust(trust, issuer_peer_id)
|
||||
<- result
|
||||
|
||||
func issue_revocation_wrapped(node: string, revoked_peer_id: string) -> ?Revocation, ?string:
|
||||
on node:
|
||||
result, error <- issue_revocation(revoked_peer_id)
|
||||
<- result, error
|
||||
|
||||
func revoke_wrapped(node: string, revoked_peer_id: string) -> ?string:
|
||||
on node:
|
||||
error <- revoke(revoked_peer_id)
|
||||
<- error
|
||||
|
||||
func import_revocation_wrapped(node: string, revocation: Revocation) -> ?string:
|
||||
on node:
|
||||
error <- import_revocation(revocation)
|
||||
<- error
|
||||
|
||||
func get_host_certs_from_wrapped(node: string, issuer: string) -> AllCertsResult:
|
||||
on node:
|
||||
result <- get_host_certs_from(issuer)
|
||||
<- result
|
||||
|
||||
func get_all_certs_wrapped(node: string, issued_for: string) -> AllCertsResult:
|
||||
on node:
|
||||
result <- get_all_certs(issued_for)
|
||||
<- result
|
||||
|
||||
func get_host_certs_wrapped(node: string) -> AllCertsResult:
|
||||
on node:
|
||||
result <- get_host_certs()
|
||||
<- result
|
||||
|
||||
func insert_cert_wrapped(node: string, certificate: Certificate) -> InsertResult:
|
||||
on node:
|
||||
result <- insert_cert(certificate)
|
||||
<- result
|
||||
|
||||
func isFluencePeer_wrapped(node: string) -> ?bool, ?string:
|
||||
on node:
|
||||
result, error <- isFluencePeer()
|
||||
<- result, error
|
5539
aqua/package-lock.json
generated
5539
aqua/package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@ -6,7 +6,7 @@
|
||||
"*.aqua"
|
||||
],
|
||||
"dependencies": {
|
||||
"@fluencelabs/aqua-lib": "0.2.0"
|
||||
"@fluencelabs/aqua-lib": "^0.3.1"
|
||||
},
|
||||
"scripts": {
|
||||
"generate-aqua": "../service/build.sh",
|
||||
@ -31,6 +31,6 @@
|
||||
},
|
||||
"homepage": "https://github.com/fluencelabs/trust-graph#readme",
|
||||
"devDependencies": {
|
||||
"@fluencelabs/aqua": "0.4.1-240"
|
||||
"@fluencelabs/aqua": "file:../../aqua/npm"
|
||||
}
|
||||
}
|
||||
|
@ -1,100 +1,169 @@
|
||||
import "trust-graph.aqua"
|
||||
import "@fluencelabs/aqua-lib/builtin.aqua"
|
||||
|
||||
func get_trust_bytes(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult:
|
||||
on node:
|
||||
result <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
|
||||
func add_root(peer_id: string, max_chain_len: u32) -> AddRootResult:
|
||||
weight_factor <- TrustGraph.get_weight_factor(max_chain_len)
|
||||
result <- TrustGraph.add_root(peer_id, weight_factor)
|
||||
<- result
|
||||
|
||||
func issue_trust(node: string, issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64, trust_bytes: []u8) -> IssueTrustResult:
|
||||
on node:
|
||||
result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, trust_bytes)
|
||||
func get_weight(peer_id: string) -> WeightResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_weight(peer_id, timestamp_sec)
|
||||
<- result
|
||||
|
||||
func verify_trust(node: string, trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
|
||||
on node:
|
||||
func issue_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?Trust, ?string:
|
||||
issued_at_sec <- Peer.timestamp_sec()
|
||||
bytes <- TrustGraph.get_trust_bytes(issued_for_peer_id, expires_at_sec, issued_at_sec)
|
||||
|
||||
result: ?Trust
|
||||
error: ?string
|
||||
if bytes.success:
|
||||
on %init_peer_id% via HOST_PEER_ID:
|
||||
signature <- Sig.sign(bytes.result)
|
||||
issue_result <- TrustGraph.issue_trust(issued_for_peer_id, expires_at_sec, issued_at_sec, signature)
|
||||
if issue_result.success:
|
||||
result <<- issue_result.trust
|
||||
else:
|
||||
error <<- issue_result.error
|
||||
else:
|
||||
error <<- bytes.error
|
||||
<- result, error
|
||||
|
||||
func add_trust(issued_for_peer_id: string, expires_at_sec: u64) -> ?string:
|
||||
trust, issue_error <- issue_trust(issued_for_peer_id, expires_at_sec)
|
||||
|
||||
error: ?string
|
||||
if trust == nil:
|
||||
error <<- issue_error!
|
||||
else:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
|
||||
add_result <- TrustGraph.add_trust(trust!, %init_peer_id%, timestamp_sec)
|
||||
if add_result.success != true:
|
||||
error <<- add_result.error
|
||||
|
||||
<- error
|
||||
|
||||
func add_root_trust(max_chain_len: u32, expires_at_sec: u64) -> ?string:
|
||||
add_root_result <- add_root(%init_peer_id%, max_chain_len)
|
||||
error: *?string
|
||||
if add_root_result.success:
|
||||
error <- add_trust(%init_peer_id%, expires_at_sec)
|
||||
else:
|
||||
-- converting string to ?string
|
||||
tmp: *string
|
||||
tmp <<- add_root_result.error
|
||||
error <<- tmp
|
||||
|
||||
<- error!
|
||||
|
||||
func import_trust(trust: Trust) -> ?string:
|
||||
error: ?string
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
add_result <- TrustGraph.add_trust(trust, %init_peer_id%, timestamp_sec)
|
||||
if add_result.success != true:
|
||||
error <<- add_result.error
|
||||
|
||||
<- error
|
||||
|
||||
func verify_trust(trust: Trust, issuer_peer_id: string) -> VerifyTrustResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.verify_trust(trust, issuer_peer_id, timestamp_sec)
|
||||
<- result
|
||||
|
||||
func add_trust(node: string, trust: Trust, issuer_peer_id: string) -> AddTrustResult:
|
||||
on node:
|
||||
func issue_revocation(revoked_peer_id: string) -> ?Revocation, ?string:
|
||||
issued_at_sec <- Peer.timestamp_sec()
|
||||
bytes <- TrustGraph.get_revocation_bytes(revoked_peer_id, issued_at_sec)
|
||||
|
||||
result: ?Revocation
|
||||
error: ?string
|
||||
if bytes.success:
|
||||
on %init_peer_id% via HOST_PEER_ID:
|
||||
signature <- Sig.sign(bytes.result)
|
||||
issue_result <- TrustGraph.issue_revocation(revoked_peer_id, %init_peer_id%, issued_at_sec, signature)
|
||||
if issue_result.success != true:
|
||||
result <<- issue_result.revocation
|
||||
else:
|
||||
error <<- issue_result.error
|
||||
else:
|
||||
error <<- bytes.error
|
||||
<- result, error
|
||||
|
||||
func revoke(revoked_peer_id: string) -> ?string:
|
||||
revocation, issue_error <- issue_revocation(revoked_peer_id)
|
||||
|
||||
error: ?string
|
||||
if revocation == nil:
|
||||
error <<- issue_error!
|
||||
else:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.add_trust(trust, issuer_peer_id, timestamp_sec)
|
||||
<- result
|
||||
add_result <- TrustGraph.revoke(revocation!, timestamp_sec)
|
||||
if add_result.success != true:
|
||||
error <<- add_result.error
|
||||
|
||||
func add_root(node: string, peer_id: string, weight_factor: u32) -> AddRootResult:
|
||||
on node:
|
||||
result <- TrustGraph.add_root(peer_id, weight_factor)
|
||||
<- result
|
||||
<- error
|
||||
|
||||
func get_weight(node: string, peer_id: string) -> WeightResult:
|
||||
on node:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_weight(peer_id, timestamp_sec)
|
||||
<- result
|
||||
|
||||
func get_all_certs(node: string, issued_for: string) -> AllCertsResult:
|
||||
on node:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
|
||||
<- result
|
||||
func import_revocation(revocation: Revocation) -> ?string:
|
||||
error: ?string
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
add_result <- TrustGraph.revoke(revocation, timestamp_sec)
|
||||
if add_result.success != true:
|
||||
error <<- add_result.error
|
||||
|
||||
func get_host_certs(node: string, issued_for: string) -> AllCertsResult:
|
||||
on node:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_host_certs(timestamp_sec)
|
||||
<- result
|
||||
<- error
|
||||
|
||||
func get_host_certs_from(issuer: string) -> AllCertsResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_host_certs_from(issuer, timestamp_sec)
|
||||
<- result
|
||||
|
||||
func insert_cert(node: string, certificate: Certificate) -> InsertResult:
|
||||
on node:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.insert_cert(certificate, timestamp_sec)
|
||||
func get_all_certs(issued_for: string) -> AllCertsResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_all_certs(issued_for, timestamp_sec)
|
||||
<- result
|
||||
|
||||
func get_revoke_bytes(node: string, revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult:
|
||||
on node:
|
||||
result <- TrustGraph.get_revoke_bytes(revoked_peer_id, revoked_at)
|
||||
func get_host_certs() -> AllCertsResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.get_host_certs(timestamp_sec)
|
||||
<- result
|
||||
|
||||
func issue_revocation(node: string, revoked_peer_id: string, revoked_by_peer_id: string, revoked_at_sec: u64, signature_bytes: []u8) -> IssueRevocationResult:
|
||||
on node:
|
||||
result <- TrustGraph.issue_revocation(revoked_peer_id, revoked_by_peer_id, revoked_at_sec, signature_bytes)
|
||||
<- result
|
||||
|
||||
func revoke(node: string, revocation: Revocation) -> RevokeResult:
|
||||
on node:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.revoke(revocation, timestamp_sec)
|
||||
func insert_cert(certificate: Certificate) -> InsertResult:
|
||||
timestamp_sec <- Peer.timestamp_sec()
|
||||
result <- TrustGraph.insert_cert(certificate, timestamp_sec)
|
||||
<- result
|
||||
|
||||
-- helpers for isFluencePeer
|
||||
service TrustOp("op"):
|
||||
array_length(a: []Trust) -> u32
|
||||
|
||||
service BoolOp("op"):
|
||||
array_length(a: []bool) -> u32
|
||||
|
||||
func isFluencePeer(node: string) -> bool:
|
||||
on node:
|
||||
certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
|
||||
resultBox: *bool
|
||||
if certs_result.success:
|
||||
for cert <- certs_result.certificates:
|
||||
len <- TrustOp.array_length(cert.chain)
|
||||
if len == 3:
|
||||
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
|
||||
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
|
||||
resultBox <<- true
|
||||
|
||||
result_len <- BoolOp.array_length(resultBox)
|
||||
result: *bool
|
||||
if result_len == 0:
|
||||
-- returns `true` if current relay is identified as official Fluence Labs peer
|
||||
-- returns `false` otherwise
|
||||
func isFluencePeer() -> ?bool, ?string:
|
||||
certs_result <- get_host_certs_from("12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR")
|
||||
result: ?bool
|
||||
error: ?string
|
||||
if certs_result.success:
|
||||
for cert <- certs_result.certificates:
|
||||
len <- TrustOp.array_length(cert.chain)
|
||||
if len == 3:
|
||||
if cert.chain!0.issued_for == "12D3KooWNbZKaPWRZ8wgjGvrxdJFz9Fq5uVwkR6ERV1f74HhPdyB":
|
||||
if cert.chain!1.issued_for == "12D3KooWM45u7AQxsb4MuQJNYT3NWHHMLU7JTbBV66RTfF3KSzdR":
|
||||
result <<- true
|
||||
if result == nil:
|
||||
result <<- false
|
||||
else:
|
||||
result <<- true
|
||||
<- result!
|
||||
else:
|
||||
error <<- certs_result.error
|
||||
<- result, error
|
||||
|
||||
-- labels: example with 3 node trusts/revocations, execution of some conditional code
|
||||
-- weights:
|
||||
-- if registry is ready:
|
||||
-- - can't add record
|
||||
-- - after issuing trust you can
|
||||
-- if not:
|
||||
-- - price-oracle average: on local tg get weight, check tetraplets, calculate average, etc
|
||||
-- weights: demo with connectivity [later]
|
||||
-- permissions control - registry
|
@ -75,7 +75,7 @@ service TrustGraph("trust-graph"):
|
||||
get_all_certs(issued_for: string, timestamp_sec: u64) -> AllCertsResult
|
||||
get_host_certs(timestamp_sec: u64) -> AllCertsResult
|
||||
get_host_certs_from(issuer: string, timestamp_sec: u64) -> AllCertsResult
|
||||
get_revoke_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
|
||||
get_revocation_bytes(revoked_peer_id: string, revoked_at: u64) -> GetRevokeBytesResult
|
||||
get_trust_bytes(issued_for_peer_id: string, expires_at_sec: u64, issued_at_sec: u64) -> GetTrustBytesResult
|
||||
get_weight(peer_id: string, timestamp_sec: u64) -> WeightResult
|
||||
get_weight_factor(max_chain_len: u32) -> u32
|
||||
|
24
example/aqua/computation.aqua
Normal file
24
example/aqua/computation.aqua
Normal file
@ -0,0 +1,24 @@
|
||||
|
||||
import "@fluencelabs/trust-graph/trust-graph-api.aqua"
|
||||
import "@fluencelabs/trust-graph/trust-graph.aqua"
|
||||
import "@fluencelabs/aqua-lib/builtin.aqua"
|
||||
|
||||
export trusted_computation
|
||||
|
||||
service CertOp("op"):
|
||||
array_length(a: []Certificate) -> u32
|
||||
|
||||
service TrustedComputation("op"):
|
||||
identity(s: u64) -> u64
|
||||
|
||||
func trusted_computation(node: string) -> ?u64:
|
||||
result: ?u64
|
||||
on node:
|
||||
certs_result <- get_host_certs_from(%init_peer_id%)
|
||||
if certs_result.success:
|
||||
len <- CertOp.array_length(certs_result.certificates)
|
||||
|
||||
if len != 0:
|
||||
result <- TrustedComputation.identity(5)
|
||||
|
||||
<- result
|
@ -1,10 +1,13 @@
|
||||
import get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer from "../../aqua/trust-graph-api.aqua"
|
||||
import "@fluencelabs/trust-graph/export.aqua"
|
||||
|
||||
export get_trust_bytes, issue_trust, verify_trust, add_trust, add_root, get_weight, get_all_certs, insert_cert, get_revoke_bytes, issue_revocation, revoke, isFluencePeer
|
||||
export issue_trust_wrapped as issue_trust, verify_trust_wrapped as verify_trust, add_trust_wrapped as add_trust, import_trust_wrapped as import_trust
|
||||
export add_root_trust_wrapped as add_root_trust, add_root_wrapped as add_root, get_weight_wrapped as get_weight, get_all_certs_wrapped as get_all_certs, insert_cert_wrapped as insert_cert
|
||||
export issue_revocation_wrapped as issue_revocation, revoke_wrapped as revoke, isFluencePeer_wrapped as isFluencePeer
|
||||
|
||||
import "@fluencelabs/aqua-lib/builtin.aqua"
|
||||
import Peer from "@fluencelabs/aqua-lib/builtin.aqua"
|
||||
|
||||
func timestamp_sec(node: string) -> u64:
|
||||
on node:
|
||||
func timestamp_sec() -> u64:
|
||||
on HOST_PEER_ID:
|
||||
result <- Peer.timestamp_sec()
|
||||
<- result
|
||||
|
||||
|
139
example/index.ts
139
example/index.ts
@ -14,9 +14,10 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
import {trusted_computation} from "./generated/computation";
|
||||
import * as tg from "./generated/export";
|
||||
import { Fluence, KeyPair } from "@fluencelabs/fluence";
|
||||
import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
|
||||
import {Fluence, FluencePeer, KeyPair} from "@fluencelabs/fluence";
|
||||
import {krasnodar, Node, testNet, stage} from "@fluencelabs/fluence-network-environment";
|
||||
import assert from "assert";
|
||||
const bs58 = require('bs58');
|
||||
|
||||
@ -31,42 +32,65 @@ let local: Node[] = [
|
||||
multiaddr:
|
||||
"/ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv",
|
||||
},
|
||||
{
|
||||
peerId: "12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
|
||||
multiaddr:
|
||||
"/ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5",
|
||||
},
|
||||
];
|
||||
|
||||
async function is_fluence_peer(relay: string) {
|
||||
let result = await tg.isFluencePeer(relay);
|
||||
|
||||
if (result) {
|
||||
console.log("Current relay %s identified as Fluence Labs' peer", relay)
|
||||
} else {
|
||||
console.log("Current relay %s is not Fluence Labs' peer", relay)
|
||||
async function add_roots() {
|
||||
let current_time = await tg.timestamp_sec();
|
||||
let far_future = current_time + 9999999;
|
||||
for (var node of local) {
|
||||
let error = await tg.add_root_trust(node.peerId, 2, far_future);
|
||||
console.log("Added root trust for %s", node.peerId)
|
||||
assert(error == null);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
async function add_trust_helper(relay: string, issuer_kp: KeyPair, issuer_peer_id: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number) {
|
||||
let trust_metadata = await tg.get_trust_bytes(relay, issued_for_peer_id, expires_at_sec, issued_at_sec);
|
||||
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
|
||||
async function is_fluence_peer(node: string) {
|
||||
let [result, error] = await tg.isFluencePeer(node);
|
||||
|
||||
let trust = await tg.issue_trust(relay, issued_for_peer_id, expires_at_sec, issued_at_sec, Array.from(signed_metadata));
|
||||
assert(trust.success)
|
||||
|
||||
let result = await tg.verify_trust(relay, trust.trust, issuer_peer_id);
|
||||
assert(result.success)
|
||||
|
||||
let result_add = await tg.add_trust(relay, trust.trust, issuer_peer_id);
|
||||
assert(result_add.success)
|
||||
console.log("%s %s", result, error);
|
||||
if (error !== null) {
|
||||
console.error("Something went wrong: %s", error);
|
||||
} else {
|
||||
assert(result !== null);
|
||||
if (result) {
|
||||
console.log("Current relay %s identified as Fluence Labs' peer", Fluence.getStatus().relayPeerId)
|
||||
} else {
|
||||
console.log("Current relay %s is not Fluence Labs' peer", Fluence.getStatus().relayPeerId)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
async function revoke_helper(node: string, issuer_kp: KeyPair, revoked_by_peer_id: string, revoked_peer_id: string, revoked_at_sec: number) {
|
||||
let trust_metadata = await tg.get_revoke_bytes(node, revoked_peer_id, revoked_at_sec);
|
||||
const signed_metadata = await issuer_kp.Libp2pPeerId.privKey.sign(Uint8Array.from(trust_metadata.result));
|
||||
async function add_new_trust_checked(node: string, issued_for_peer_id: string, expires_at_sec: number) {
|
||||
let error = await tg.add_trust(node, issued_for_peer_id, expires_at_sec);
|
||||
if (error !== null) {
|
||||
console.error("%s", error);
|
||||
} else {
|
||||
console.log("Trust to node %s successfully added", node)
|
||||
}
|
||||
}
|
||||
|
||||
let revocation = await tg.issue_revocation(node, revoked_peer_id, revoked_by_peer_id, revoked_at_sec, Array.from(signed_metadata));
|
||||
assert(revocation.success)
|
||||
async function revoke_checked(node: string, revoked_peer_id: string) {
|
||||
let error = await tg.revoke(node, revoked_peer_id);
|
||||
if (error !== null) {
|
||||
console.error("%s", error);
|
||||
} else {
|
||||
console.log("Trust to node %s revoked", node)
|
||||
}
|
||||
}
|
||||
|
||||
let result_add = await tg.revoke(node, revocation.revocation);
|
||||
assert(result_add.success)
|
||||
async function exec_trusted_computation(node: string) {
|
||||
let result = await trusted_computation(node)
|
||||
|
||||
if (result !== null) {
|
||||
console.log("Trusted computation on node %s successful, result is %s", node, result)
|
||||
} else {
|
||||
console.log("Trusted computation on node %s failed", node)
|
||||
}
|
||||
}
|
||||
|
||||
async function main() {
|
||||
@ -81,55 +105,30 @@ async function main() {
|
||||
Fluence.getStatus().peerId,
|
||||
Fluence.getStatus().relayPeerId
|
||||
);
|
||||
let relay = local[0].peerId
|
||||
|
||||
await add_roots();
|
||||
let nodeA = local[0].peerId
|
||||
let nodeB = local[1].peerId
|
||||
let nodeC = local[2].peerId
|
||||
await revoke_checked(nodeB, nodeB);
|
||||
await exec_trusted_computation(nodeA);
|
||||
await exec_trusted_computation(nodeB);
|
||||
await exec_trusted_computation(nodeC);
|
||||
|
||||
// keypair if nodeA specified in local-network/docker-compose.yml
|
||||
const issuer_kp = await KeyPair.fromEd25519SK(bs58.decode("29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww"));
|
||||
let current_time = await tg.timestamp_sec();
|
||||
let far_future = current_time + 9999999;
|
||||
|
||||
// set nodeA as a root
|
||||
let add_root_result = await tg.add_root(relay, nodeA, 2);
|
||||
assert(add_root_result.success)
|
||||
await add_new_trust_checked(nodeB, nodeB, far_future);
|
||||
|
||||
// add self-signed root trust
|
||||
const issued_timestamp_sec = await tg.timestamp_sec(relay);
|
||||
const expires_at_sec = issued_timestamp_sec + 999999999;
|
||||
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
|
||||
await exec_trusted_computation(nodeA);
|
||||
await exec_trusted_computation(nodeB);
|
||||
await exec_trusted_computation(nodeC);
|
||||
|
||||
let root_weight_result = await tg.get_weight(relay, nodeA);
|
||||
assert(root_weight_result.success)
|
||||
console.log("Root weight (nodeA) is: %s", root_weight_result.weight);
|
||||
|
||||
// issue trust by nodeA to nodeB and add to tg
|
||||
await add_trust_helper(relay, issuer_kp, nodeA, nodeB, expires_at_sec, issued_timestamp_sec);
|
||||
let weight_result = await tg.get_weight(relay, nodeB);
|
||||
console.log("Weight of nodeB: is %s", weight_result.weight);
|
||||
|
||||
assert(root_weight_result.weight / 2 === weight_result.weight);
|
||||
|
||||
let certs = await tg.get_all_certs(relay, nodeB);
|
||||
assert(certs.certificates.length === 1);
|
||||
console.log("There is one cert for nodeB with chain len %s", certs.certificates[0].chain.length);
|
||||
console.log("It contains self-signed nodeA root trust and nodeA->nodeB trust");
|
||||
|
||||
// wait to create revoke after trust (because timestamp in secs)
|
||||
await new Promise(f => setTimeout(f, 1000));
|
||||
|
||||
console.log("Now we will revoke trust for nodeB")
|
||||
// revoke nodeB by nodeA
|
||||
await revoke_helper(relay, issuer_kp, nodeA, nodeB, await tg.timestamp_sec(relay));
|
||||
|
||||
let empty_certs = await tg.get_all_certs(relay, nodeB);
|
||||
assert(empty_certs.certificates.length === 0);
|
||||
console.log("Now there is no certs for nodeB");
|
||||
|
||||
console.log("Let's check if our node is Fluence Labs peer");
|
||||
await is_fluence_peer(relay);
|
||||
|
||||
console.log("Now let's check some krasnodar's node");
|
||||
await is_fluence_peer(krasnodar[0].peerId);
|
||||
await revoke_checked(nodeB, nodeB);
|
||||
|
||||
await exec_trusted_computation(nodeA);
|
||||
await exec_trusted_computation(nodeB);
|
||||
await exec_trusted_computation(nodeC);
|
||||
return;
|
||||
}
|
||||
|
||||
|
2778
example/package-lock.json
generated
2778
example/package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@ -13,9 +13,9 @@
|
||||
"author": "Fluence Labs",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@fluencelabs/aqua": "0.5.0-247",
|
||||
"@fluencelabs/aqua-lib": "0.2.1",
|
||||
"@fluencelabs/fluence": "0.15.1",
|
||||
"@fluencelabs/aqua": "file:../../aqua/npm",
|
||||
"@fluencelabs/aqua-lib": "^0.3.1",
|
||||
"@fluencelabs/fluence": "0.0.1-update-avm-to-0-19-8-612.0",
|
||||
"@fluencelabs/fluence-network-environment": "^1.0.10",
|
||||
"@fluencelabs/trust-graph": "file:../aqua",
|
||||
"bs58": "^4.0.1"
|
||||
|
@ -1,7 +1,7 @@
|
||||
# management secret key is NAB5rGwT4qOEB+6nLQawkTfCOV2eiFSjgQK8bfEdZXY=
|
||||
services:
|
||||
fluence-0: # /ip4/127.0.0.1/tcp/9990/ws/p2p/12D3KooWHBG9oaVx4i3vi6c1rSBUm7MLBmyGmmbHoZ23pmjDCnvK
|
||||
command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 # --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
|
||||
command: -f ed25519 -k 29Apzfedhw2Jxh94Jj4rNSmavQ1TkNe8ALYRA7bMegobwp423aLrURxLk32WtXgXHDqoSz7GAT9fQfoMhVd1e5Ww -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7770 -w 9990 --bootstraps /dns4/fluence-1/tcp/7771 /dns4/fluence-2/tcp/7772
|
||||
container_name: fluence-0
|
||||
environment:
|
||||
RUST_BACKTRACE: full
|
||||
@ -11,7 +11,7 @@ services:
|
||||
ports:
|
||||
- 7770:7770 # tcp
|
||||
- 9990:9990 # ws
|
||||
- 5002:5001 # ipfs rpc
|
||||
- 5003:5001 # ipfs rpc
|
||||
- 4000:4001 # ipfs swarm
|
||||
- 18080:18080 # /metrics
|
||||
restart: always
|
||||
@ -22,56 +22,58 @@ services:
|
||||
networks:
|
||||
- fluence
|
||||
|
||||
# fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
|
||||
# command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
|
||||
# container_name: fluence-1
|
||||
# environment:
|
||||
# RUST_BACKTRACE: full
|
||||
# RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
|
||||
# WASM_LOG: info
|
||||
# image: fluencelabs/node:latest
|
||||
# ports:
|
||||
# - 7771:7771 # tcp
|
||||
# - 9991:9991 # ws
|
||||
# - 5001:5001 # ipfs rpc
|
||||
# - 4001:4001 # ipfs swarm
|
||||
# - 18081:18080 # /metrics
|
||||
# restart: always
|
||||
# volumes:
|
||||
# - fluence-1:/.fluence
|
||||
# - data-1:/config
|
||||
# networks:
|
||||
# - fluence
|
||||
#
|
||||
# fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
|
||||
# command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
|
||||
# container_name: fluence-2
|
||||
# environment:
|
||||
# RUST_BACKTRACE: full
|
||||
# RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
|
||||
# WASM_LOG: info
|
||||
# image: fluencelabs/node:latest
|
||||
# ports:
|
||||
# - 7772:7772 # tcp
|
||||
# - 9992:9992 # ws
|
||||
# - 5002:5001 # ipfs rpc
|
||||
# - 4002:4001 # ipfs swarm
|
||||
# - 18082:18080 # /metrics
|
||||
# restart: always
|
||||
# volumes:
|
||||
# - fluence-2:/.fluence
|
||||
# - data-2:/config
|
||||
# networks:
|
||||
# - fluence
|
||||
fluence-1: # /ip4/127.0.0.1/tcp/9991/ws/p2p/12D3KooWRABanQHUn28dxavN9ZS1zZghqoZVAYtFpoN7FdtoGTFv
|
||||
command: -f ed25519 -k 5fNENMwkUT4dW3hPs9ZwqV4qA5pdTtUChTazAx9Awe2Vpz1yaJu3VCmcEZow6YgdFBGoZoFAZUZBbF3c2Ebd2iL -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7771 -w 9991 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-2/tcp/7772 #/dns4/kras-00.fluence.dev/tcp/7770
|
||||
container_name: fluence-1
|
||||
environment:
|
||||
RUST_BACKTRACE: full
|
||||
RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
|
||||
WASM_LOG: info
|
||||
image: fluencelabs/node:latest
|
||||
ports:
|
||||
- 7771:7771 # tcp
|
||||
- 9991:9991 # ws
|
||||
- 5001:5001 # ipfs rpc
|
||||
- 4001:4001 # ipfs swarm
|
||||
- 18081:18080 # /metrics
|
||||
restart: always
|
||||
volumes:
|
||||
- fluence-1:/.fluence
|
||||
- data-1:/config
|
||||
- ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
|
||||
networks:
|
||||
- fluence
|
||||
|
||||
fluence-2: # /ip4/127.0.0.1/tcp/9992/ws/p2p/12D3KooWFpQ7LHxcC9FEBUh3k4nSCC12jBhijJv3gJbi7wsNYzJ5
|
||||
command: -f ed25519 -k 5DTs9LQS8Ay2dM8xBcikDRwYLMcanhsC6tynSSgpLyBZEv5Ey34LVw1fYcCuUj9A9EfvQJB2bsaGhSRoHQ7D6UE5 -m 12D3KooWFRgVmb1uWcmCbmJqLr8tBQghL6ysSpK2VyE2VZbaQ6wy -t 7772 -w 9992 --bootstraps /dns4/fluence-0/tcp/7770 /dns4/fluence-1/tcp/7771 #/dns4/kras-00.fluence.dev/tcp/7770
|
||||
container_name: fluence-2
|
||||
environment:
|
||||
RUST_BACKTRACE: full
|
||||
RUST_LOG: info,network=trace,aquamarine=info,aquamarine::actor=info,tokio_threadpool=info,tokio_reactor=info,mio=info,tokio_io=info,soketto=info,yamux=info,multistream_select=info,libp2p_secio=info,libp2p_websocket::framed=info,libp2p_ping=info,libp2p_core::upgrade::apply=info,libp2p_kad::kbucket=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,cranelift_codegen=info,wasmer_wasi=info,async_io=info,polling=info,wasmer_interface_types_fl=info,particle_server::behaviour::identify=info,libp2p_mplex=info,libp2p_identify=info,walrus=info,particle_protocol::libp2p_protocol::upgrade=info,kademlia::behaviour=info
|
||||
WASM_LOG: info
|
||||
image: fluencelabs/node:latest
|
||||
ports:
|
||||
- 7772:7772 # tcp
|
||||
- 9992:9992 # ws
|
||||
- 5002:5001 # ipfs rpc
|
||||
- 4002:4001 # ipfs swarm
|
||||
- 18082:18080 # /metrics
|
||||
restart: always
|
||||
volumes:
|
||||
- fluence-2:/.fluence
|
||||
- data-2:/config
|
||||
- ./builtins_secret_key.ed25519:/.fluence/v1/builtins_secret_key.ed25519
|
||||
networks:
|
||||
- fluence
|
||||
|
||||
version: "3.5"
|
||||
volumes:
|
||||
fluence-0:
|
||||
# fluence-1:
|
||||
# fluence-2:
|
||||
fluence-1:
|
||||
fluence-2:
|
||||
data-0:
|
||||
# data-1:
|
||||
# data-2:
|
||||
data-1:
|
||||
data-2:
|
||||
|
||||
networks:
|
||||
fluence:
|
||||
|
@ -198,7 +198,7 @@ fn add_trust(trust: Trust, issuer_peer_id: String, timestamp_sec: u64) -> AddTru
|
||||
}
|
||||
|
||||
#[marine]
|
||||
fn get_revoke_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
|
||||
fn get_revocation_bytes(revoked_peer_id: String, revoked_at: u64) -> GetRevokeBytesResult {
|
||||
wrapped_try(|| {
|
||||
let public_key = extract_public_key(revoked_peer_id)?;
|
||||
Ok(trust_graph::Revocation::signature_bytes(
|
||||
|
@ -321,7 +321,6 @@ impl Storage for SQLiteStorage {
|
||||
let mut roots = vec![];
|
||||
|
||||
while let Some(row) = cursor.next()? {
|
||||
log::info!("row: {:?}", row);
|
||||
let pk = row[0].as_string().ok_or(PublicKeyConversion)?;
|
||||
let pk: PK = PK::from_str(pk).map_err(|e| PublicKeyFromStr(e.to_string()))?;
|
||||
|
||||
|
@ -201,7 +201,7 @@ mod service_tests {
|
||||
revoked_peer_id: &PeerId,
|
||||
revoked_at_sec: u64,
|
||||
) -> Revocation {
|
||||
let result = trust_graph.get_revoke_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
|
||||
let result = trust_graph.get_revocation_bytes(revoked_peer_id.to_base58(), revoked_at_sec);
|
||||
assert!(result.success, "{}", result.error);
|
||||
|
||||
let revoke_bytes = issuer_kp.sign(&result.result).unwrap().to_vec().to_vec();
|
||||
|
Loading…
Reference in New Issue
Block a user