diff --git a/crates/lox-library/src/cred.rs b/crates/lox-library/src/cred.rs index 2d32b4d..5839f13 100644 --- a/crates/lox-library/src/cred.rs +++ b/crates/lox-library/src/cred.rs @@ -25,12 +25,7 @@ pub struct Migration { /// Its id is jointly generated by the user and the BA (bridge /// authority), but known only to the user. The level_since date is the /// Julian date of when this user was changed to the current trust -/// level. (P_noopmigration, Q_noopmigration) are the MAC on the -/// implicit no-op migration credential formed by the attributes (id, -/// bucket, bucket), which authorizes the user to switch from its -/// current bucket to the same bucket (i.e., a no-op). This can be -/// useful for hiding from the BA whether or not the user is performing -/// a bucket migration. +/// level. #[derive(Debug)] pub struct Lox { pub P: RistrettoPoint, @@ -41,8 +36,6 @@ pub struct Lox { pub level_since: Scalar, pub invites_remaining: Scalar, pub invites_issued: Scalar, - pub P_noopmigration: RistrettoPoint, - pub Q_noopmigration: RistrettoPoint, } /// The migration key credential. diff --git a/crates/lox-library/src/lib.rs b/crates/lox-library/src/lib.rs index 37338a8..8b3e7d5 100644 --- a/crates/lox-library/src/lib.rs +++ b/crates/lox-library/src/lib.rs @@ -283,7 +283,7 @@ impl BridgeAuth { #[cfg(test)] /// Verify the two MACs on a Lox credential pub fn verify_lox(&self, cred: &cred::Lox) -> bool { - if cred.P.is_identity() || cred.P_noopmigration.is_identity() { + if cred.P.is_identity() { return false; } @@ -296,13 +296,7 @@ impl BridgeAuth { + cred.invites_issued * self.lox_priv.x[6]) * cred.P; - let Q_noopmigration = (self.migration_priv.x[0] - + cred.id * self.migration_priv.x[1] - + cred.bucket * self.migration_priv.x[2] - + cred.bucket * self.migration_priv.x[3]) - * cred.P_noopmigration; - - return Q == cred.Q && Q_noopmigration == cred.Q_noopmigration; + return Q == cred.Q; } #[cfg(test)] diff --git a/crates/lox-library/src/proto/level_up.rs b/crates/lox-library/src/proto/level_up.rs index faf4cdc..f260c0a 100644 --- a/crates/lox-library/src/proto/level_up.rs +++ b/crates/lox-library/src/proto/level_up.rs @@ -143,12 +143,6 @@ pub struct Response { TBucket: RistrettoPoint, TInvIssued: RistrettoPoint, - // The fields for the implicit noop migration ("nm") credential - P_nm: RistrettoPoint, - EncQ_nm: (RistrettoPoint, RistrettoPoint), - TId_nm: RistrettoPoint, - TBucket_nm: RistrettoPoint, - // The ZKP piBlindIssue: CompactProof, } @@ -211,12 +205,9 @@ define_proof! { blindissue, "Level Upgrade Issuing", (x0, x0tilde, xid, xbucket, xlevel, xsince, xinvremain, xinvissued, - s, b, tid, tbucket, tinvissued, - x0_nm, x0tilde_nm, xid_nm, xfrom_nm, xto_nm, s_nm, b_nm, tid_nm, tbucket_nm), + s, b, tid, tbucket, tinvissued), (P, EncQ0, EncQ1, X0, Xid, Xbucket, Xlevel, Xsince, Xinvremain, Xinvissued, Plevel, Psince, Pinvremain, TId, TBucket, TInvIssued, - P_nm, EncQ0_nm, EncQ1_nm, X0_nm, Xid_nm, Xfrom_nm, Xto_nm, - TId_nm, TBucket_nm, D, EncId0, EncId1, EncBucket0, EncBucket1, EncInvIssued0, EncInvIssued1), (A, B): Xid = (xid*A), @@ -237,18 +228,7 @@ define_proof! { EncQ0 = (s*B + tid*EncId0 + tbucket*EncBucket0 + tinvissued*EncInvIssued0), EncQ1 = (s*D + tid*EncId1 + tbucket*EncBucket1 + tinvissued*EncInvIssued1 + x0*P + xlevel*Plevel + xsince*Psince - + xinvremain*Pinvremain), - Xid_nm = (xid_nm*A), - Xfrom_nm = (xfrom_nm*A), - Xto_nm = (xto_nm*A), - X0_nm = (x0_nm*B + x0tilde_nm*A), - P_nm = (b_nm*B), - TId_nm = (b_nm*Xid_nm), - TId_nm = (tid_nm*A), - TBucket_nm = (b_nm*Xfrom_nm + b_nm*Xto_nm), - TBucket_nm = (tbucket_nm*A), - EncQ0_nm = (s_nm*B + tid_nm*EncId0 + tbucket_nm*EncBucket0), - EncQ1_nm = (s_nm*D + tid_nm*EncId1 + tbucket_nm*EncBucket1 + x0_nm*P_nm) + + xinvremain*Pinvremain) } pub fn request( @@ -782,30 +762,6 @@ impl BridgeAuth { EncQHc.1 + EncQId.1 + EncQBucket.1 + EncQInvIssued.1, ); - // Now the no-op migration credential - // Compute the MAC on the visible attributes (none here) - let b_nm = Scalar::random(&mut rng); - let P_nm = &b_nm * Btable; - let QHc_nm = (self.migration_priv.x[0]) * P_nm; - - // El Gamal encrypt it to the public key req.D - let s_nm = Scalar::random(&mut rng); - let EncQHc_nm = (&s_nm * Btable, QHc_nm + s_nm * req.D); - - // Homomorphically compute the part of the MAC corresponding to - // the blinded attributes - let tid_nm = self.migration_priv.x[1] * b_nm; - let TId_nm = &tid_nm * Atable; - let EncQId_nm = (tid_nm * EncId.0, tid_nm * EncId.1); - let tbucket_nm = (self.migration_priv.x[2] + self.migration_priv.x[3]) * b_nm; - let TBucket_nm = &tbucket_nm * Atable; - let EncQBucket_nm = (tbucket_nm * req.EncBucket.0, tbucket_nm * req.EncBucket.1); - - let EncQ_nm = ( - EncQHc_nm.0 + EncQId_nm.0 + EncQBucket_nm.0, - EncQHc_nm.1 + EncQId_nm.1 + EncQBucket_nm.1, - ); - let mut transcript = Transcript::new(b"level upgrade issuing"); let piBlindIssue = blindissue::prove_compact( &mut transcript, @@ -828,15 +784,6 @@ impl BridgeAuth { TId: &TId, TBucket: &TBucket, TInvIssued: &TInvIssued, - P_nm: &P_nm, - EncQ0_nm: &EncQ_nm.0, - EncQ1_nm: &EncQ_nm.1, - X0_nm: &self.migration_pub.X[0], - Xid_nm: &self.migration_pub.X[1], - Xfrom_nm: &self.migration_pub.X[2], - Xto_nm: &self.migration_pub.X[3], - TId_nm: &TId_nm, - TBucket_nm: &TBucket_nm, D: &req.D, EncId0: &EncId.0, EncId1: &EncId.1, @@ -857,15 +804,6 @@ impl BridgeAuth { tid: &tid, tbucket: &tbucket, tinvissued: &tinvissued, - x0_nm: &self.migration_priv.x[0], - x0tilde_nm: &self.migration_priv.x0tilde, - xid_nm: &self.migration_priv.x[1], - xfrom_nm: &self.migration_priv.x[2], - xto_nm: &self.migration_priv.x[3], - s_nm: &s_nm, - b_nm: &b_nm, - tid_nm: &tid_nm, - tbucket_nm: &tbucket_nm, }, ) .0; @@ -878,10 +816,6 @@ impl BridgeAuth { TId, TBucket, TInvIssued, - P_nm, - EncQ_nm, - TId_nm, - TBucket_nm, piBlindIssue, }) } @@ -893,13 +827,12 @@ pub fn handle_response( state: State, resp: Response, lox_pub: &IssuerPubKey, - migration_pub: &IssuerPubKey, ) -> Result { let A: &RistrettoPoint = &CMZ_A; let B: &RistrettoPoint = &CMZ_B; let Btable: &RistrettoBasepointTable = &CMZ_B_TABLE; - if resp.P.is_identity() || resp.P_nm.is_identity() { + if resp.P.is_identity() { return Err(ProofError::VerificationFailure); } @@ -935,15 +868,6 @@ pub fn handle_response( TId: &resp.TId.compress(), TBucket: &resp.TBucket.compress(), TInvIssued: &resp.TInvIssued.compress(), - P_nm: &resp.P_nm.compress(), - EncQ0_nm: &resp.EncQ_nm.0.compress(), - EncQ1_nm: &resp.EncQ_nm.1.compress(), - X0_nm: &migration_pub.X[0].compress(), - Xid_nm: &migration_pub.X[1].compress(), - Xfrom_nm: &migration_pub.X[2].compress(), - Xto_nm: &migration_pub.X[3].compress(), - TId_nm: &resp.TId_nm.compress(), - TBucket_nm: &resp.TBucket_nm.compress(), D: &state.D.compress(), EncId0: &EncId.0.compress(), EncId1: &EncId.1.compress(), @@ -957,9 +881,6 @@ pub fn handle_response( // Decrypt EncQ let Q = resp.EncQ.1 - (state.d * resp.EncQ.0); - // Decrypt EncQ_nm - let Q_nm = resp.EncQ_nm.1 - (state.d * resp.EncQ_nm.0); - Ok(cred::Lox { P: resp.P, Q, @@ -969,7 +890,5 @@ pub fn handle_response( level_since: resp.level_since, invites_remaining: state.invremain, invites_issued: state.invissued, - P_noopmigration: resp.P_nm, - Q_noopmigration: Q_nm, }) } diff --git a/crates/lox-library/src/proto/migration.rs b/crates/lox-library/src/proto/migration.rs index 6d5a2bc..b20badb 100644 --- a/crates/lox-library/src/proto/migration.rs +++ b/crates/lox-library/src/proto/migration.rs @@ -92,12 +92,6 @@ pub struct Response { TId: RistrettoPoint, TBucket: RistrettoPoint, - // The fields for the implicit noop migration ("nm") credential - P_nm: RistrettoPoint, - EncQ_nm: (RistrettoPoint, RistrettoPoint), - TId_nm: RistrettoPoint, - TBucket_nm: RistrettoPoint, - // The ZKP piBlindIssue: CompactProof, } @@ -133,11 +127,8 @@ define_proof! { define_proof! { blindissue, "Migration Blind Issuing", - (x0, x0tilde, xid, xbucket, xlevel, xsince, s, b, tid, tbucket, - x0_nm, x0tilde_nm, xid_nm, xfrom_nm, xto_nm, s_nm, b_nm, tid_nm, tbucket_nm), + (x0, x0tilde, xid, xbucket, xlevel, xsince, s, b, tid, tbucket), (P, EncQ0, EncQ1, X0, Xid, Xbucket, Xlevel, Xsince, Plevel, Psince, TId, TBucket, - P_nm, EncQ0_nm, EncQ1_nm, X0_nm, Xid_nm, Xfrom_nm, Xto_nm, - TId_nm, TBucket_nm, D, EncId0, EncId1, EncBucket0, EncBucket1), (A, B): Xid = (xid*A), @@ -151,18 +142,7 @@ define_proof! { TBucket = (b*Xbucket), TBucket = (tbucket*A), EncQ0 = (s*B + tid*EncId0 + tbucket*EncBucket0), - EncQ1 = (s*D + tid*EncId1 + tbucket*EncBucket1 + x0*P + xlevel*Plevel + xsince*Psince), - Xid_nm = (xid_nm*A), - Xfrom_nm = (xfrom_nm*A), - Xto_nm = (xto_nm*A), - X0_nm = (x0_nm*B + x0tilde_nm*A), - P_nm = (b_nm*B), - TId_nm = (b_nm*Xid_nm), - TId_nm = (tid_nm*A), - TBucket_nm = (b_nm*Xfrom_nm + b_nm*Xto_nm), - TBucket_nm = (tbucket_nm*A), - EncQ0_nm = (s_nm*B + tid_nm*EncId0 + tbucket_nm*EncBucket0), - EncQ1_nm = (s_nm*D + tid_nm*EncId1 + tbucket_nm*EncBucket1 + x0_nm*P_nm) + EncQ1 = (s*D + tid*EncId1 + tbucket*EncBucket1 + x0*P + xlevel*Plevel + xsince*Psince) } pub fn request( @@ -441,30 +421,6 @@ impl BridgeAuth { EncQHc.1 + EncQId.1 + EncQBucket.1, ); - // Now the no-op migration credential - // Compute the MAC on the visible attributes (none here) - let b_nm = Scalar::random(&mut rng); - let P_nm = &b_nm * Btable; - let QHc_nm = (self.migration_priv.x[0]) * P_nm; - - // El Gamal encrypt it to the public key req.D - let s_nm = Scalar::random(&mut rng); - let EncQHc_nm = (&s_nm * Btable, QHc_nm + s_nm * req.D); - - // Homomorphically compute the part of the MAC corresponding to - // the blinded attributes - let tid_nm = self.migration_priv.x[1] * b_nm; - let TId_nm = &tid_nm * Atable; - let EncQId_nm = (tid_nm * EncId.0, tid_nm * EncId.1); - let tbucket_nm = (self.migration_priv.x[2] + self.migration_priv.x[3]) * b_nm; - let TBucket_nm = &tbucket_nm * Atable; - let EncQBucket_nm = (tbucket_nm * req.EncBucket.0, tbucket_nm * req.EncBucket.1); - - let EncQ_nm = ( - EncQHc_nm.0 + EncQId_nm.0 + EncQBucket_nm.0, - EncQHc_nm.1 + EncQId_nm.1 + EncQBucket_nm.1, - ); - let mut transcript = Transcript::new(b"migration issuing"); let piBlindIssue = blindissue::prove_compact( &mut transcript, @@ -483,15 +439,6 @@ impl BridgeAuth { Psince: &(level_since * P), TId: &TId, TBucket: &TBucket, - P_nm: &P_nm, - EncQ0_nm: &EncQ_nm.0, - EncQ1_nm: &EncQ_nm.1, - X0_nm: &self.migration_pub.X[0], - Xid_nm: &self.migration_pub.X[1], - Xfrom_nm: &self.migration_pub.X[2], - Xto_nm: &self.migration_pub.X[3], - TId_nm: &TId_nm, - TBucket_nm: &TBucket_nm, D: &req.D, EncId0: &EncId.0, EncId1: &EncId.1, @@ -507,15 +454,6 @@ impl BridgeAuth { b: &b, tid: &tid, tbucket: &tbucket, - x0_nm: &self.migration_priv.x[0], - x0tilde_nm: &self.migration_priv.x0tilde, - xid_nm: &self.migration_priv.x[1], - xfrom_nm: &self.migration_priv.x[2], - xto_nm: &self.migration_priv.x[3], - s_nm: &s_nm, - b_nm: &b_nm, - tid_nm: &tid_nm, - tbucket_nm: &tbucket_nm, }, ) .0; @@ -527,10 +465,6 @@ impl BridgeAuth { id_server, TId, TBucket, - P_nm, - EncQ_nm, - TId_nm, - TBucket_nm, piBlindIssue, }) } @@ -542,13 +476,12 @@ pub fn handle_response( state: State, resp: Response, lox_pub: &IssuerPubKey, - migration_pub: &IssuerPubKey, ) -> Result { let A: &RistrettoPoint = &CMZ_A; let B: &RistrettoPoint = &CMZ_B; let Btable: &RistrettoBasepointTable = &CMZ_B_TABLE; - if resp.P.is_identity() || resp.P_nm.is_identity() { + if resp.P.is_identity() { return Err(ProofError::VerificationFailure); } @@ -581,15 +514,6 @@ pub fn handle_response( Psince: &(resp.level_since * resp.P).compress(), TId: &resp.TId.compress(), TBucket: &resp.TBucket.compress(), - P_nm: &resp.P_nm.compress(), - EncQ0_nm: &resp.EncQ_nm.0.compress(), - EncQ1_nm: &resp.EncQ_nm.1.compress(), - X0_nm: &migration_pub.X[0].compress(), - Xid_nm: &migration_pub.X[1].compress(), - Xfrom_nm: &migration_pub.X[2].compress(), - Xto_nm: &migration_pub.X[3].compress(), - TId_nm: &resp.TId_nm.compress(), - TBucket_nm: &resp.TBucket_nm.compress(), D: &state.D.compress(), EncId0: &EncId.0.compress(), EncId1: &EncId.1.compress(), @@ -601,9 +525,6 @@ pub fn handle_response( // Decrypt EncQ let Q = resp.EncQ.1 - (state.d * resp.EncQ.0); - // Decrypt EncQ_nm - let Q_nm = resp.EncQ_nm.1 - (state.d * resp.EncQ_nm.0); - Ok(cred::Lox { P: resp.P, Q, @@ -613,7 +534,5 @@ pub fn handle_response( level_since: resp.level_since, invites_remaining: Scalar::zero(), invites_issued: Scalar::zero(), - P_noopmigration: resp.P_nm, - Q_noopmigration: Q_nm, }) } diff --git a/crates/lox-library/src/proto/open_invite.rs b/crates/lox-library/src/proto/open_invite.rs index b88f66e..7754541 100644 --- a/crates/lox-library/src/proto/open_invite.rs +++ b/crates/lox-library/src/proto/open_invite.rs @@ -54,9 +54,6 @@ pub struct Response { TId: RistrettoPoint, bucket: Scalar, level_since: Scalar, - P_noopmigration: RistrettoPoint, - EncQ_noopmigration: (RistrettoPoint, RistrettoPoint), - TId_noopmigration: RistrettoPoint, piBlindIssue: CompactProof, } @@ -76,11 +73,8 @@ define_proof! { define_proof! { blindissue, "Open Invitation Blind Issuing", - (x0, x0tilde, xid, xbucket, xsince, s, b, tid, - x0_nm, x0tilde_nm, xid_nm, xfrom_nm, xto_nm, s_nm, b_nm, tid_nm), + (x0, x0tilde, xid, xbucket, xsince, s, b, tid), (P, EncQ0, EncQ1, X0, Xid, Xbucket, Xsince, Pbucket, Psince, TId, - P_nm, EncQ0_nm, EncQ1_nm, X0_nm, Xid_nm, Xfrom_nm, Xto_nm, - Pbucket_nm, TId_nm, D, EncId0, EncId1), (A, B) : Xid = (xid*A), @@ -91,16 +85,7 @@ define_proof! { TId = (b*Xid), TId = (tid*A), EncQ0 = (s*B + tid*EncId0), - EncQ1 = (s*D + tid*EncId1 + x0*P + xbucket*Pbucket + xsince*Psince), - Xid_nm = (xid_nm*A), - Xfrom_nm = (xfrom_nm*A), - Xto_nm = (xto_nm*A), - X0_nm = (x0_nm*B + x0tilde_nm*A), - P_nm = (b_nm*B), - TId_nm = (b_nm*Xid_nm), - TId_nm = (tid_nm*A), - EncQ0_nm = (s_nm*B + tid_nm*EncId0), - EncQ1_nm = (s_nm*D + tid_nm*EncId1 + x0_nm*P_nm + xfrom_nm*Pbucket_nm + xto_nm*Pbucket_nm) + EncQ1 = (s*D + tid*EncId1 + x0*P + xbucket*Pbucket + xsince*Psince) } /// Submit an open invitation issued by the BridgeDb to receive your @@ -229,33 +214,6 @@ impl BridgeAuth { let EncQ = (EncQHc.0 + EncQId.0, EncQHc.1 + EncQId.1); - // Now the no-op migration credential - // Compute the MAC on the visible attributes - let b_noopmigration = Scalar::random(&mut rng); - let P_noopmigration = &b_noopmigration * Btable; - let QHc_noopmigration = (self.migration_priv.x[0] - + self.migration_priv.x[2] * bucket - + self.migration_priv.x[3] * bucket) - * P_noopmigration; - - // El Gamal encrypt it to the public key req.D - let s_noopmigration = Scalar::random(&mut rng); - let EncQHc_noopmigration = ( - &s_noopmigration * Btable, - QHc_noopmigration + s_noopmigration * req.D, - ); - - // Homomorphically compute the part of the MAC corresponding to - // the blinded id attribute - let tid_noopmigration = self.migration_priv.x[1] * b_noopmigration; - let TId_noopmigration = &tid_noopmigration * Atable; - let EncQId_noopmigration = (tid_noopmigration * EncId.0, tid_noopmigration * EncId.1); - - let EncQ_noopmigration = ( - EncQHc_noopmigration.0 + EncQId_noopmigration.0, - EncQHc_noopmigration.1 + EncQId_noopmigration.1, - ); - let mut transcript = Transcript::new(b"open invite issuing"); let piBlindIssue = blindissue::prove_compact( &mut transcript, @@ -272,15 +230,6 @@ impl BridgeAuth { Pbucket: &(bucket * P), Psince: &(level_since * P), TId: &TId, - P_nm: &P_noopmigration, - EncQ0_nm: &EncQ_noopmigration.0, - EncQ1_nm: &EncQ_noopmigration.1, - X0_nm: &self.migration_pub.X[0], - Xid_nm: &self.migration_pub.X[1], - Xfrom_nm: &self.migration_pub.X[2], - Xto_nm: &self.migration_pub.X[3], - Pbucket_nm: &(bucket * P_noopmigration), - TId_nm: &TId_noopmigration, D: &req.D, EncId0: &EncId.0, EncId1: &EncId.1, @@ -292,14 +241,6 @@ impl BridgeAuth { s: &s, b: &b, tid: &tid, - x0_nm: &self.migration_priv.x[0], - x0tilde_nm: &self.migration_priv.x0tilde, - xid_nm: &self.migration_priv.x[1], - xfrom_nm: &self.migration_priv.x[2], - xto_nm: &self.migration_priv.x[3], - s_nm: &s_noopmigration, - b_nm: &b_noopmigration, - tid_nm: &tid_noopmigration, }, ) .0; @@ -311,9 +252,6 @@ impl BridgeAuth { TId, bucket, level_since, - P_noopmigration, - EncQ_noopmigration, - TId_noopmigration, piBlindIssue, }) } @@ -325,13 +263,12 @@ pub fn handle_response( state: State, resp: Response, lox_pub: &IssuerPubKey, - migration_pub: &IssuerPubKey, ) -> Result { let A: &RistrettoPoint = &CMZ_A; let B: &RistrettoPoint = &CMZ_B; let Btable: &RistrettoBasepointTable = &CMZ_B_TABLE; - if resp.P.is_identity() || resp.P_noopmigration.is_identity() { + if resp.P.is_identity() { return Err(ProofError::VerificationFailure); } @@ -361,15 +298,6 @@ pub fn handle_response( Pbucket: &(resp.bucket * resp.P).compress(), Psince: &(resp.level_since * resp.P).compress(), TId: &resp.TId.compress(), - P_nm: &resp.P_noopmigration.compress(), - EncQ0_nm: &resp.EncQ_noopmigration.0.compress(), - EncQ1_nm: &resp.EncQ_noopmigration.1.compress(), - X0_nm: &migration_pub.X[0].compress(), - Xid_nm: &migration_pub.X[1].compress(), - Xfrom_nm: &migration_pub.X[2].compress(), - Xto_nm: &migration_pub.X[3].compress(), - Pbucket_nm: &(resp.bucket * resp.P_noopmigration).compress(), - TId_nm: &resp.TId_noopmigration.compress(), D: &state.D.compress(), EncId0: &EncId.0.compress(), EncId1: &EncId.1.compress(), @@ -379,9 +307,6 @@ pub fn handle_response( // Decrypt EncQ let Q = resp.EncQ.1 - (state.d * resp.EncQ.0); - // Decrypt EncQ_noopmigration - let Q_noopmigration = resp.EncQ_noopmigration.1 - (state.d * resp.EncQ_noopmigration.0); - Ok(cred::Lox { P: resp.P, Q, @@ -391,7 +316,5 @@ pub fn handle_response( level_since: resp.level_since, invites_remaining: Scalar::zero(), invites_issued: Scalar::zero(), - P_noopmigration: resp.P_noopmigration, - Q_noopmigration, }) } diff --git a/crates/lox-library/src/tests.rs b/crates/lox-library/src/tests.rs index b544560..d8ef0fc 100644 --- a/crates/lox-library/src/tests.rs +++ b/crates/lox-library/src/tests.rs @@ -36,7 +36,7 @@ fn test_open_invite() { // Use it to get a Lox credential let (req, state) = open_invite::request(&inv); let resp = ba.handle_open_invite(req).unwrap(); - let cred = open_invite::handle_response(state, resp, &ba.lox_pub, &ba.migration_pub).unwrap(); + let cred = open_invite::handle_response(state, resp, &ba.lox_pub).unwrap(); // Check that we can use the credential to read a bucket let (id, key) = bridge_table::from_scalar(cred.bucket).unwrap(); @@ -89,7 +89,7 @@ fn trust_promotion(bdb: &BridgeDb, ba: &mut BridgeAuth) -> (cred::Lox, cred::Mig // Use it to get a Lox credential let (req, state) = open_invite::request(&inv); let resp = ba.handle_open_invite(req).unwrap(); - let cred = open_invite::handle_response(state, resp, &ba.lox_pub, &ba.migration_pub).unwrap(); + let cred = open_invite::handle_response(state, resp, &ba.lox_pub).unwrap(); assert!(ba.verify_lox(&cred)); // Time passes @@ -125,8 +125,7 @@ fn level0_migration(bdb: &BridgeDb, ba: &mut BridgeAuth) -> cred::Lox { let (migreq, migstate) = migration::request(&loxcred, &migcred, &ba.lox_pub, &ba.migration_pub).unwrap(); let migresp = ba.handle_migration(migreq).unwrap(); - let newloxcred = - migration::handle_response(migstate, migresp, &ba.lox_pub, &ba.migration_pub).unwrap(); + let newloxcred = migration::handle_response(migstate, migresp, &ba.lox_pub).unwrap(); newloxcred } @@ -167,7 +166,7 @@ fn level_up(ba: &mut BridgeAuth, cred: &cred::Lox) -> cred::Lox { ) .unwrap(); let resp = ba.handle_level_up(req).unwrap(); - let cred = level_up::handle_response(state, resp, &ba.lox_pub, &ba.migration_pub).unwrap(); + let cred = level_up::handle_response(state, resp, &ba.lox_pub).unwrap(); cred }