Change the invites_issued attribute of the Lox credential to just count blockages instead
This commit is contained in:
Ian Goldberg
parent
86cd2f54d7
commit
088071571a
|
|
@ -35,7 +35,7 @@ pub struct Lox {
|
|||
pub trust_level: Scalar,
|
||||
pub level_since: Scalar,
|
||||
pub invites_remaining: Scalar,
|
||||
pub invites_issued: Scalar,
|
||||
pub blockages: Scalar,
|
||||
}
|
||||
|
||||
/// The migration key credential.
|
||||
|
|
|
|||
|
|
@ -293,7 +293,7 @@ impl BridgeAuth {
|
|||
+ cred.trust_level * self.lox_priv.x[3]
|
||||
+ cred.level_since * self.lox_priv.x[4]
|
||||
+ cred.invites_remaining * self.lox_priv.x[5]
|
||||
+ cred.invites_issued * self.lox_priv.x[6])
|
||||
+ cred.blockages * self.lox_priv.x[6])
|
||||
* cred.P;
|
||||
|
||||
Q == cred.Q
|
||||
|
|
|
|||
|
|
@ -15,7 +15,8 @@ The user presents their current Lox credential:
|
|||
- level_since: blinded, but proved in ZK that it's at least the
|
||||
appropriate number of days ago
|
||||
- invites_remaining: blinded
|
||||
- invites_issued: blinded
|
||||
- blockages: blinded, but proved in ZK that it's at most the appropriate
|
||||
blockage limit for the target trust level
|
||||
|
||||
and a Bucket Reachability credential:
|
||||
- date: revealed to be today
|
||||
|
|
@ -32,7 +33,7 @@ and a new Lox credential to be issued:
|
|||
- invites_remaining: revealed to be the number of invites for the new
|
||||
level (note that the invites_remaining from the previous credential
|
||||
are _not_ carried over)
|
||||
- invites_issued: blinded, but proved in ZK that it's the same as in the
|
||||
- blockages: blinded, but proved in ZK that it's the same as in the
|
||||
Lox credential above
|
||||
|
||||
*/
|
||||
|
|
@ -79,7 +80,7 @@ pub struct Request {
|
|||
level: Scalar,
|
||||
CSince: RistrettoPoint,
|
||||
CInvRemain: RistrettoPoint,
|
||||
CInvIssued: RistrettoPoint,
|
||||
CBlockages: RistrettoPoint,
|
||||
CQ: RistrettoPoint,
|
||||
|
||||
// Fields for blind showing the Bucket Reachability credential
|
||||
|
|
@ -111,7 +112,7 @@ pub struct Request {
|
|||
D: RistrettoPoint,
|
||||
EncIdClient: (RistrettoPoint, RistrettoPoint),
|
||||
EncBucket: (RistrettoPoint, RistrettoPoint),
|
||||
EncInvIssued: (RistrettoPoint, RistrettoPoint),
|
||||
EncBlockages: (RistrettoPoint, RistrettoPoint),
|
||||
|
||||
// The combined ZKP
|
||||
piUser: CompactProof,
|
||||
|
|
@ -123,12 +124,12 @@ pub struct State {
|
|||
D: RistrettoPoint,
|
||||
EncIdClient: (RistrettoPoint, RistrettoPoint),
|
||||
EncBucket: (RistrettoPoint, RistrettoPoint),
|
||||
EncInvIssued: (RistrettoPoint, RistrettoPoint),
|
||||
EncBlockages: (RistrettoPoint, RistrettoPoint),
|
||||
id_client: Scalar,
|
||||
bucket: Scalar,
|
||||
level: Scalar,
|
||||
invremain: Scalar,
|
||||
invissued: Scalar,
|
||||
blockages: Scalar,
|
||||
}
|
||||
|
||||
pub struct Response {
|
||||
|
|
@ -141,7 +142,7 @@ pub struct Response {
|
|||
level_since: Scalar,
|
||||
TId: RistrettoPoint,
|
||||
TBucket: RistrettoPoint,
|
||||
TInvIssued: RistrettoPoint,
|
||||
TBlockages: RistrettoPoint,
|
||||
|
||||
// The ZKP
|
||||
piBlindIssue: CompactProof,
|
||||
|
|
@ -150,19 +151,19 @@ pub struct Response {
|
|||
define_proof! {
|
||||
requestproof,
|
||||
"Level Upgrade Request",
|
||||
(bucket, since, invremain, invissued, zbucket, zsince, zinvremain,
|
||||
zinvissued, negzQ,
|
||||
(bucket, since, invremain, blockages, zbucket, zsince, zinvremain,
|
||||
zblockages, negzQ,
|
||||
zbucket_reach, negzQ_reach,
|
||||
d, eid_client, ebucket, einvissued, id_client,
|
||||
d, eid_client, ebucket, eblockages, id_client,
|
||||
g0, g1, g2, g3, g4, g5, g6, g7, g8,
|
||||
zg0, zg1, zg2, zg3, zg4, zg5, zg6, zg7, zg8,
|
||||
wg0, wg1, wg2, wg3, wg4, wg5, wg6, wg7, wg8,
|
||||
yg0, yg1, yg2, yg3, yg4, yg5, yg6, yg7, yg8),
|
||||
(P, CBucket, CSince, CInvRemain, CInvIssued, V, Xbucket, Xsince,
|
||||
Xinvremain, Xinvissued,
|
||||
(P, CBucket, CSince, CInvRemain, CBlockages, V, Xbucket, Xsince,
|
||||
Xinvremain, Xblockages,
|
||||
P_reach, CBucket_reach, V_reach, Xbucket_reach,
|
||||
D, EncIdClient0, EncIdClient1, EncBucket0, EncBucket1,
|
||||
EncInvIssued0, EncInvIssued1,
|
||||
EncBlockages0, EncBlockages1,
|
||||
CG0, CG1, CG2, CG3, CG4, CG5, CG6, CG7, CG8,
|
||||
CG0sq, CG1sq, CG2sq, CG3sq, CG4sq, CG5sq, CG6sq, CG7sq, CG8sq),
|
||||
(A, B) :
|
||||
|
|
@ -170,7 +171,7 @@ define_proof! {
|
|||
CBucket = (bucket*P + zbucket*A),
|
||||
CSince = (since*P + zsince*A),
|
||||
CInvRemain = (invremain*P + zinvremain*A),
|
||||
CInvIssued = (invissued*P + zinvissued*A),
|
||||
CBlockages = (blockages*P + zblockages*A),
|
||||
// Blind showing of the Bucket Reachability credential; note the
|
||||
// same bucket is used in the proof
|
||||
CBucket_reach = (bucket*P_reach + zbucket_reach*A),
|
||||
|
|
@ -180,8 +181,8 @@ define_proof! {
|
|||
EncIdClient1 = (id_client*B + eid_client*D),
|
||||
EncBucket0 = (ebucket*B),
|
||||
EncBucket1 = (bucket*B + ebucket*D),
|
||||
EncInvIssued0 = (einvissued*B),
|
||||
EncInvIssued1 = (invissued*B + einvissued*D),
|
||||
EncBlockages0 = (eblockages*B),
|
||||
EncBlockages1 = (blockages*B + eblockages*D),
|
||||
// Prove CSince encodes a value at least LEVEL_INTERVAL
|
||||
// days ago (at technically at most LEVEL_INTERVAL+511 days
|
||||
// ago): first prove each of g0, ..., g8 is a bit by proving that
|
||||
|
|
@ -204,11 +205,11 @@ define_proof! {
|
|||
define_proof! {
|
||||
blindissue,
|
||||
"Level Upgrade Issuing",
|
||||
(x0, x0tilde, xid, xbucket, xlevel, xsince, xinvremain, xinvissued,
|
||||
s, b, tid, tbucket, tinvissued),
|
||||
(x0, x0tilde, xid, xbucket, xlevel, xsince, xinvremain, xblockages,
|
||||
s, b, tid, tbucket, tblockages),
|
||||
(P, EncQ0, EncQ1, X0, Xid, Xbucket, Xlevel, Xsince, Xinvremain,
|
||||
Xinvissued, Plevel, Psince, Pinvremain, TId, TBucket, TInvIssued,
|
||||
D, EncId0, EncId1, EncBucket0, EncBucket1, EncInvIssued0, EncInvIssued1),
|
||||
Xblockages, Plevel, Psince, Pinvremain, TId, TBucket, TBlockages,
|
||||
D, EncId0, EncId1, EncBucket0, EncBucket1, EncBlockages0, EncBlockages1),
|
||||
(A, B):
|
||||
Xid = (xid*A),
|
||||
Xid = (xid*A),
|
||||
|
|
@ -216,18 +217,18 @@ define_proof! {
|
|||
Xbucket = (xbucket*A),
|
||||
Xsince = (xsince*A),
|
||||
Xinvremain = (xinvremain*A),
|
||||
Xinvissued = (xinvissued*A),
|
||||
Xblockages = (xblockages*A),
|
||||
X0 = (x0*B + x0tilde*A),
|
||||
P = (b*B),
|
||||
TId = (b*Xid),
|
||||
TId = (tid*A),
|
||||
TBucket = (b*Xbucket),
|
||||
TBucket = (tbucket*A),
|
||||
TInvIssued = (b*Xinvissued),
|
||||
TInvIssued = (tinvissued*A),
|
||||
EncQ0 = (s*B + tid*EncId0 + tbucket*EncBucket0 + tinvissued*EncInvIssued0),
|
||||
TBlockages = (b*Xblockages),
|
||||
TBlockages = (tblockages*A),
|
||||
EncQ0 = (s*B + tid*EncId0 + tbucket*EncBucket0 + tblockages*EncBlockages0),
|
||||
EncQ1 = (s*D + tid*EncId1 + tbucket*EncBucket1
|
||||
+ tinvissued*EncInvIssued1 + x0*P + xlevel*Plevel + xsince*Psince
|
||||
+ tblockages*EncBlockages1 + x0*P + xlevel*Plevel + xsince*Psince
|
||||
+ xinvremain*Pinvremain)
|
||||
}
|
||||
|
||||
|
|
@ -302,11 +303,11 @@ pub fn request(
|
|||
let zbucket = Scalar::random(&mut rng);
|
||||
let zsince = Scalar::random(&mut rng);
|
||||
let zinvremain = Scalar::random(&mut rng);
|
||||
let zinvissued = Scalar::random(&mut rng);
|
||||
let zblockages = Scalar::random(&mut rng);
|
||||
let CBucket = lox_cred.bucket * P + &zbucket * Atable;
|
||||
let CSince = lox_cred.level_since * P + &zsince * Atable;
|
||||
let CInvRemain = lox_cred.invites_remaining * P + &zinvremain * Atable;
|
||||
let CInvIssued = lox_cred.invites_issued * P + &zinvissued * Atable;
|
||||
let CBlockages = lox_cred.blockages * P + &zblockages * Atable;
|
||||
|
||||
// Form a Pedersen commitment to the MAC Q
|
||||
// We flip the sign of zQ from that of the Hyphae paper so that
|
||||
|
|
@ -319,7 +320,7 @@ pub fn request(
|
|||
let V = zbucket * lox_pub.X[2]
|
||||
+ zsince * lox_pub.X[4]
|
||||
+ zinvremain * lox_pub.X[5]
|
||||
+ zinvissued * lox_pub.X[6]
|
||||
+ zblockages * lox_pub.X[6]
|
||||
+ &negzQ * Atable;
|
||||
|
||||
// Blind showing the Bucket Reachability credential
|
||||
|
|
@ -361,10 +362,10 @@ pub fn request(
|
|||
let ebucket = Scalar::random(&mut rng);
|
||||
let EncBucket = (&ebucket * Btable, &lox_cred.bucket * Btable + ebucket * D);
|
||||
let newinvites: Scalar = LEVEL_INVITATIONS[new_level as usize].into();
|
||||
let einvissued = Scalar::random(&mut rng);
|
||||
let EncInvIssued = (
|
||||
&einvissued * Btable,
|
||||
&lox_cred.invites_issued * Btable + einvissued * D,
|
||||
let eblockages = Scalar::random(&mut rng);
|
||||
let EncBlockages = (
|
||||
&eblockages * Btable,
|
||||
&lox_cred.blockages * Btable + eblockages * D,
|
||||
);
|
||||
|
||||
// The range proof that 0 <= diffdays <= 511
|
||||
|
|
@ -455,12 +456,12 @@ pub fn request(
|
|||
CBucket: &CBucket,
|
||||
CSince: &CSince,
|
||||
CInvRemain: &CInvRemain,
|
||||
CInvIssued: &CInvIssued,
|
||||
CBlockages: &CBlockages,
|
||||
V: &V,
|
||||
Xbucket: &lox_pub.X[2],
|
||||
Xsince: &lox_pub.X[4],
|
||||
Xinvremain: &lox_pub.X[5],
|
||||
Xinvissued: &lox_pub.X[6],
|
||||
Xblockages: &lox_pub.X[6],
|
||||
P_reach: &P_reach,
|
||||
CBucket_reach: &CBucket_reach,
|
||||
V_reach: &V_reach,
|
||||
|
|
@ -470,8 +471,8 @@ pub fn request(
|
|||
EncIdClient1: &EncIdClient.1,
|
||||
EncBucket0: &EncBucket.0,
|
||||
EncBucket1: &EncBucket.1,
|
||||
EncInvIssued0: &EncInvIssued.0,
|
||||
EncInvIssued1: &EncInvIssued.1,
|
||||
EncBlockages0: &EncBlockages.0,
|
||||
EncBlockages1: &EncBlockages.1,
|
||||
CG0: &CG0,
|
||||
CG1: &CG1,
|
||||
CG2: &CG2,
|
||||
|
|
@ -493,18 +494,18 @@ pub fn request(
|
|||
bucket: &lox_cred.bucket,
|
||||
since: &lox_cred.level_since,
|
||||
invremain: &lox_cred.invites_remaining,
|
||||
invissued: &lox_cred.invites_issued,
|
||||
blockages: &lox_cred.blockages,
|
||||
zbucket: &zbucket,
|
||||
zsince: &zsince,
|
||||
zinvremain: &zinvremain,
|
||||
zinvissued: &zinvissued,
|
||||
zblockages: &zblockages,
|
||||
negzQ: &negzQ,
|
||||
zbucket_reach: &zbucket_reach,
|
||||
negzQ_reach: &negzQ_reach,
|
||||
d: &d,
|
||||
eid_client: &eid_client,
|
||||
ebucket: &ebucket,
|
||||
einvissued: &einvissued,
|
||||
eblockages: &eblockages,
|
||||
id_client: &id_client,
|
||||
g0: &g0,
|
||||
g1: &g1,
|
||||
|
|
@ -554,7 +555,7 @@ pub fn request(
|
|||
level: lox_cred.trust_level,
|
||||
CSince,
|
||||
CInvRemain,
|
||||
CInvIssued,
|
||||
CBlockages,
|
||||
CQ,
|
||||
P_reach,
|
||||
CBucket_reach,
|
||||
|
|
@ -562,7 +563,7 @@ pub fn request(
|
|||
D,
|
||||
EncIdClient,
|
||||
EncBucket,
|
||||
EncInvIssued,
|
||||
EncBlockages,
|
||||
CG1,
|
||||
CG2,
|
||||
CG3,
|
||||
|
|
@ -587,12 +588,12 @@ pub fn request(
|
|||
D,
|
||||
EncIdClient,
|
||||
EncBucket,
|
||||
EncInvIssued,
|
||||
EncBlockages,
|
||||
id_client,
|
||||
bucket: lox_cred.bucket,
|
||||
level: new_level.into(),
|
||||
invremain: newinvites,
|
||||
invissued: lox_cred.invites_issued,
|
||||
blockages: lox_cred.blockages,
|
||||
},
|
||||
))
|
||||
}
|
||||
|
|
@ -626,7 +627,7 @@ impl BridgeAuth {
|
|||
+ self.lox_priv.x[2] * req.CBucket
|
||||
+ self.lox_priv.x[4] * req.CSince
|
||||
+ self.lox_priv.x[5] * req.CInvRemain
|
||||
+ self.lox_priv.x[6] * req.CInvIssued
|
||||
+ self.lox_priv.x[6] * req.CBlockages
|
||||
- req.CQ;
|
||||
|
||||
let Vprime_reach = (self.reachability_priv.x[0] + self.reachability_priv.x[1] * today)
|
||||
|
|
@ -663,12 +664,12 @@ impl BridgeAuth {
|
|||
CBucket: &req.CBucket.compress(),
|
||||
CSince: &req.CSince.compress(),
|
||||
CInvRemain: &req.CInvRemain.compress(),
|
||||
CInvIssued: &req.CInvIssued.compress(),
|
||||
CBlockages: &req.CBlockages.compress(),
|
||||
V: &Vprime.compress(),
|
||||
Xbucket: &self.lox_pub.X[2].compress(),
|
||||
Xsince: &self.lox_pub.X[4].compress(),
|
||||
Xinvremain: &self.lox_pub.X[5].compress(),
|
||||
Xinvissued: &self.lox_pub.X[6].compress(),
|
||||
Xblockages: &self.lox_pub.X[6].compress(),
|
||||
P_reach: &req.P_reach.compress(),
|
||||
CBucket_reach: &req.CBucket_reach.compress(),
|
||||
V_reach: &Vprime_reach.compress(),
|
||||
|
|
@ -678,8 +679,8 @@ impl BridgeAuth {
|
|||
EncIdClient1: &req.EncIdClient.1.compress(),
|
||||
EncBucket0: &req.EncBucket.0.compress(),
|
||||
EncBucket1: &req.EncBucket.1.compress(),
|
||||
EncInvIssued0: &req.EncInvIssued.0.compress(),
|
||||
EncInvIssued1: &req.EncInvIssued.1.compress(),
|
||||
EncBlockages0: &req.EncBlockages.0.compress(),
|
||||
EncBlockages1: &req.EncBlockages.1.compress(),
|
||||
CG0: &CG0prime.compress(),
|
||||
CG1: &req.CG1.compress(),
|
||||
CG2: &req.CG2.compress(),
|
||||
|
|
@ -750,16 +751,16 @@ impl BridgeAuth {
|
|||
let tbucket = self.lox_priv.x[2] * b;
|
||||
let TBucket = &tbucket * Atable;
|
||||
let EncQBucket = (tbucket * req.EncBucket.0, tbucket * req.EncBucket.1);
|
||||
let tinvissued = self.lox_priv.x[6] * b;
|
||||
let TInvIssued = &tinvissued * Atable;
|
||||
let EncQInvIssued = (
|
||||
tinvissued * req.EncInvIssued.0,
|
||||
tinvissued * req.EncInvIssued.1,
|
||||
let tblockages = self.lox_priv.x[6] * b;
|
||||
let TBlockages = &tblockages * Atable;
|
||||
let EncQBlockages = (
|
||||
tblockages * req.EncBlockages.0,
|
||||
tblockages * req.EncBlockages.1,
|
||||
);
|
||||
|
||||
let EncQ = (
|
||||
EncQHc.0 + EncQId.0 + EncQBucket.0 + EncQInvIssued.0,
|
||||
EncQHc.1 + EncQId.1 + EncQBucket.1 + EncQInvIssued.1,
|
||||
EncQHc.0 + EncQId.0 + EncQBucket.0 + EncQBlockages.0,
|
||||
EncQHc.1 + EncQId.1 + EncQBucket.1 + EncQBlockages.1,
|
||||
);
|
||||
|
||||
let mut transcript = Transcript::new(b"level upgrade issuing");
|
||||
|
|
@ -777,20 +778,20 @@ impl BridgeAuth {
|
|||
Xlevel: &self.lox_pub.X[3],
|
||||
Xsince: &self.lox_pub.X[4],
|
||||
Xinvremain: &self.lox_pub.X[5],
|
||||
Xinvissued: &self.lox_pub.X[6],
|
||||
Xblockages: &self.lox_pub.X[6],
|
||||
Plevel: &(trust_level * P),
|
||||
Psince: &(level_since * P),
|
||||
Pinvremain: &(invitations_remaining * P),
|
||||
TId: &TId,
|
||||
TBucket: &TBucket,
|
||||
TInvIssued: &TInvIssued,
|
||||
TBlockages: &TBlockages,
|
||||
D: &req.D,
|
||||
EncId0: &EncId.0,
|
||||
EncId1: &EncId.1,
|
||||
EncBucket0: &req.EncBucket.0,
|
||||
EncBucket1: &req.EncBucket.1,
|
||||
EncInvIssued0: &req.EncInvIssued.0,
|
||||
EncInvIssued1: &req.EncInvIssued.1,
|
||||
EncBlockages0: &req.EncBlockages.0,
|
||||
EncBlockages1: &req.EncBlockages.1,
|
||||
x0: &self.lox_priv.x[0],
|
||||
x0tilde: &self.lox_priv.x0tilde,
|
||||
xid: &self.lox_priv.x[1],
|
||||
|
|
@ -798,12 +799,12 @@ impl BridgeAuth {
|
|||
xlevel: &self.lox_priv.x[3],
|
||||
xsince: &self.lox_priv.x[4],
|
||||
xinvremain: &self.lox_priv.x[5],
|
||||
xinvissued: &self.lox_priv.x[6],
|
||||
xblockages: &self.lox_priv.x[6],
|
||||
s: &s,
|
||||
b: &b,
|
||||
tid: &tid,
|
||||
tbucket: &tbucket,
|
||||
tinvissued: &tinvissued,
|
||||
tblockages: &tblockages,
|
||||
},
|
||||
)
|
||||
.0;
|
||||
|
|
@ -815,7 +816,7 @@ impl BridgeAuth {
|
|||
level_since,
|
||||
TId,
|
||||
TBucket,
|
||||
TInvIssued,
|
||||
TBlockages,
|
||||
piBlindIssue,
|
||||
})
|
||||
}
|
||||
|
|
@ -861,20 +862,20 @@ pub fn handle_response(
|
|||
Xlevel: &lox_pub.X[3].compress(),
|
||||
Xsince: &lox_pub.X[4].compress(),
|
||||
Xinvremain: &lox_pub.X[5].compress(),
|
||||
Xinvissued: &lox_pub.X[6].compress(),
|
||||
Xblockages: &lox_pub.X[6].compress(),
|
||||
Plevel: &(state.level * resp.P).compress(),
|
||||
Psince: &(resp.level_since * resp.P).compress(),
|
||||
Pinvremain: &(state.invremain * resp.P).compress(),
|
||||
TId: &resp.TId.compress(),
|
||||
TBucket: &resp.TBucket.compress(),
|
||||
TInvIssued: &resp.TInvIssued.compress(),
|
||||
TBlockages: &resp.TBlockages.compress(),
|
||||
D: &state.D.compress(),
|
||||
EncId0: &EncId.0.compress(),
|
||||
EncId1: &EncId.1.compress(),
|
||||
EncBucket0: &state.EncBucket.0.compress(),
|
||||
EncBucket1: &state.EncBucket.1.compress(),
|
||||
EncInvIssued0: &state.EncInvIssued.0.compress(),
|
||||
EncInvIssued1: &state.EncInvIssued.1.compress(),
|
||||
EncBlockages0: &state.EncBlockages.0.compress(),
|
||||
EncBlockages1: &state.EncBlockages.1.compress(),
|
||||
},
|
||||
)?;
|
||||
|
||||
|
|
@ -889,6 +890,6 @@ pub fn handle_response(
|
|||
trust_level: state.level,
|
||||
level_since: resp.level_since,
|
||||
invites_remaining: state.invremain,
|
||||
invites_issued: state.invissued,
|
||||
blockages: state.blockages,
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ Lox credential:
|
|||
- trust_level: revealed to be 0
|
||||
- level_since: blinded
|
||||
- invites_remaining: revealed to be 0
|
||||
- invites_issued: revealed to be 0
|
||||
- blockages: revealed to be 0
|
||||
|
||||
and a Migration credential:
|
||||
|
||||
|
|
@ -27,7 +27,7 @@ and a new Lox credential to be issued:
|
|||
- trust_level: 1
|
||||
- level_since: today
|
||||
- invites_remaining: 0
|
||||
- invites_issued: 0
|
||||
- blockages: 0
|
||||
|
||||
*/
|
||||
|
||||
|
|
@ -47,7 +47,7 @@ use super::super::{CMZ_A, CMZ_A_TABLE, CMZ_B, CMZ_B_TABLE};
|
|||
|
||||
pub struct Request {
|
||||
// Fields for blind showing the Lox credential
|
||||
// We don't need to include invites_remaining or invites_issued,
|
||||
// We don't need to include invites_remaining or blockages,
|
||||
// since they must be 0
|
||||
P_lox: RistrettoPoint,
|
||||
id: Scalar,
|
||||
|
|
@ -390,14 +390,14 @@ impl BridgeAuth {
|
|||
// Julian date
|
||||
let level_since: Scalar = self.today().into();
|
||||
|
||||
// The invitations_remaining and invitations_issued attributes
|
||||
// are 0 for level 0 and level 1 Lox credentials, so we don't
|
||||
// need to explicitly create them.
|
||||
// The invitations_remaining and blockages attributes are 0 for
|
||||
// level 0 and level 1 Lox credentials, so we don't need to
|
||||
// explicitly create them.
|
||||
|
||||
// Compute the MAC on the visible attributes
|
||||
let b = Scalar::random(&mut rng);
|
||||
let P = &b * Btable;
|
||||
// invites_remaining = invites_issued = 0
|
||||
// invites_remaining = blockages = 0
|
||||
let QHc = (self.lox_priv.x[0]
|
||||
+ self.lox_priv.x[3] * trust_level
|
||||
+ self.lox_priv.x[4] * level_since)
|
||||
|
|
@ -533,6 +533,6 @@ pub fn handle_response(
|
|||
trust_level: Scalar::one(),
|
||||
level_since: resp.level_since,
|
||||
invites_remaining: Scalar::zero(),
|
||||
invites_issued: Scalar::zero(),
|
||||
blockages: Scalar::zero(),
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ The credential will have attributes:
|
|||
- trust_level: 0
|
||||
- level_since: today
|
||||
- invites_remaining: 0
|
||||
- invites_issued: 0
|
||||
- blockages: 0
|
||||
|
||||
*/
|
||||
|
||||
|
|
@ -197,7 +197,7 @@ impl BridgeAuth {
|
|||
// Compute the MAC on the visible attributes
|
||||
let b = Scalar::random(&mut rng);
|
||||
let P = &b * Btable;
|
||||
// trust_level = invites_remaining = invites_issued = 0
|
||||
// trust_level = invites_remaining = blockages = 0
|
||||
let QHc =
|
||||
(self.lox_priv.x[0] + self.lox_priv.x[2] * bucket + self.lox_priv.x[4] * level_since)
|
||||
* P;
|
||||
|
|
@ -315,6 +315,6 @@ pub fn handle_response(
|
|||
trust_level: Scalar::zero(),
|
||||
level_since: resp.level_since,
|
||||
invites_remaining: Scalar::zero(),
|
||||
invites_issued: Scalar::zero(),
|
||||
blockages: Scalar::zero(),
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ The user presents their current Lox credential:
|
|||
- level_since: blinded, but proved in ZK that it's at least
|
||||
UNTRUSTED_INTERVAL days ago
|
||||
- invites_remaining: revealed to be 0
|
||||
- invites_issued: revealed to be 0
|
||||
- blockages: revealed to be 0
|
||||
|
||||
They will receive in return the encrypted MAC (Pk, EncQk) for their
|
||||
implicit Migration Key credential with attributes id and bucket,
|
||||
|
|
@ -57,7 +57,7 @@ pub const UNTRUSTED_INTERVAL: u32 = 30;
|
|||
pub struct Request {
|
||||
// Fields for blind showing the Lox credential
|
||||
// We don't need to include trust_level, invites_remaining, or
|
||||
// invites_issued, since they must be 0
|
||||
// blockages, since they must be 0
|
||||
P: RistrettoPoint,
|
||||
id: Scalar,
|
||||
CBucket: RistrettoPoint,
|
||||
|
|
|
|||
Loading…
Reference in New Issue