/*! The various credentials used by the system.  In each case, (P,Q)
 * forms the MAC on the credential.  This MAC is verifiable only by the
 * issuing party, or if the issuing party issues a zero-knowledge proof
 * of its correctness (as it does at issuing time). */

use curve25519_dalek::ristretto::RistrettoPoint;
use curve25519_dalek::scalar::Scalar;

/// A migration credential.  This credential authorizes the holder of
/// the Lox credential with the given id to switch from bucket
/// from_bucket to bucket to_bucket.
pub struct Migration {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub lox_id: Scalar,
    pub from_bucket: Scalar,
    pub to_bucket: Scalar,
}

/// The main user credential in the Lox system.  Its id is jointly
/// generated by the user and the BA (bridge authority), but known only
/// to the user.  The level_since date is the Julian date of when this
/// user was changed to the current trust level. (P_noopmigration,
/// Q_noopmigration) are the MAC on the implicit no-op migration
/// credential formed by the attributes (id, bucket, bucket), which
/// authorizes the user to switch from its current bucket to the same
/// bucket (i.e., a no-op).  This can be useful for hiding from the BA
/// whether or not the user is performing a bucket migration.
pub struct Lox {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub id: Scalar,
    pub bucket: Scalar,
    pub trust_level: Scalar,
    pub level_since: Scalar,
    pub invites_remaining: Scalar,
    pub invites_issued: Scalar,
    pub P_noopmigration: RistrettoPoint,
    pub Q_noopmigration: RistrettoPoint,
}