lox/crates/lox-library/src/trust_promotion.rs

/*! A module for the protocol for the user to get promoted from
untrusted (trust level 0) to trusted (trust level 1).

They are allowed to do this as long as UNTRUSTED_INTERVAL days have
passed since they obtained their level 0 Lox credential, and their
bridge (level 0 users get put in a one-bridge bucket) has not been
blocked.  (Blocked bridges in one-bridge buckets will have their entries
removed from the bridge authority's migration table.)

The user presents their current Lox credential:
- id: revealed
- bucket: blinded
- trust_level: revealed to be 0
- level_since: blinded, but proved in ZK that it's at least
  UNTRUSTED_INTERVAL days ago
- invites_remaining: revealed to be 0
- invites_issued: revealed to be 0

They will receive in return the encrypted MAC (Pk, EncQk) for their
implicit Migration Key credential with attributes id and bucket,
along with a HashMap of encrypted Migration credentials.  For each
(from_i, to_i) in the BA's migration list, there will be an entry in
the HashMap with key H1(id, from_attr_i, Qk_i) and value
Enc_{H2(id, from_attr_i, Qk_i)}(to_attr_i, P_i, Q_i).  Here H1 and H2
are the first 16 bytes and the second 16 bytes respectively of the
SHA256 hash of the input, P_i and Q_i are a MAC on the Migration
credential with attributes id, from_attr_i, and to_attr_i. Qk_i is the
value EncQk would decrypt to if bucket were equal to from_attr_i. */

use curve25519_dalek::ristretto::RistrettoBasepointTable;
use curve25519_dalek::ristretto::RistrettoPoint;
use curve25519_dalek::scalar::Scalar;
use curve25519_dalek::traits::IsIdentity;

use zkp::CompactProof;
use zkp::ProofError;
use zkp::Transcript;

/// The minimum number of days a user has to be at trust level 0
/// (untrusted) with their (single) bridge unblocked before they can
/// move to level 1.
///
/// The implementation also puts an upper bound of UNTRUSTED_INTERVAL +
/// 511 days, which is not unreasonable; we want users to be engaging
/// with the system in order to move up trust levels.
pub const UNTRUSTED_INTERVAL: u64 = 30;

pub struct Request {
    id: Scalar,
}
Start on trust promotion This is the protocol for the user to get promoted from untrusted (trust level 0) to trusted (trust level 1). 2021-04-29 15:18:54 -04:00			`/*! A module for the protocol for the user to get promoted from`
			`untrusted (trust level 0) to trusted (trust level 1).`

			`They are allowed to do this as long as UNTRUSTED_INTERVAL days have`
			`passed since they obtained their level 0 Lox credential, and their`
			`bridge (level 0 users get put in a one-bridge bucket) has not been`
			`blocked. (Blocked bridges in one-bridge buckets will have their entries`
			`removed from the bridge authority's migration table.)`

			`The user presents their current Lox credential:`
			`- id: revealed`
			`- bucket: blinded`
			`- trust_level: revealed to be 0`
			`- level_since: blinded, but proved in ZK that it's at least`
			`UNTRUSTED_INTERVAL days ago`
			`- invites_remaining: revealed to be 0`
			`- invites_issued: revealed to be 0`

			`They will receive in return the encrypted MAC (Pk, EncQk) for their`
			`implicit Migration Key credential with attributes id and bucket,`
			`along with a HashMap of encrypted Migration credentials. For each`
			`(from_i, to_i) in the BA's migration list, there will be an entry in`
			`the HashMap with key H1(id, from_attr_i, Qk_i) and value`
			`Enc_{H2(id, from_attr_i, Qk_i)}(to_attr_i, P_i, Q_i). Here H1 and H2`
			`are the first 16 bytes and the second 16 bytes respectively of the`
			`SHA256 hash of the input, P_i and Q_i are a MAC on the Migration`
			`credential with attributes id, from_attr_i, and to_attr_i. Qk_i is the`
			`value EncQk would decrypt to if bucket were equal to from_attr_i. */`

			`use curve25519_dalek::ristretto::RistrettoBasepointTable;`
			`use curve25519_dalek::ristretto::RistrettoPoint;`
			`use curve25519_dalek::scalar::Scalar;`
			`use curve25519_dalek::traits::IsIdentity;`

			`use zkp::CompactProof;`
			`use zkp::ProofError;`
			`use zkp::Transcript;`

			`/// The minimum number of days a user has to be at trust level 0`
			`/// (untrusted) with their (single) bridge unblocked before they can`
			`/// move to level 1.`
			`///`
			`/// The implementation also puts an upper bound of UNTRUSTED_INTERVAL +`
			`/// 511 days, which is not unreasonable; we want users to be engaging`
			`/// with the system in order to move up trust levels.`
			`pub const UNTRUSTED_INTERVAL: u64 = 30;`

			`pub struct Request {`
			`id: Scalar,`
			`}`