vecna
/
troll-patrol
mirror of https://git-crysp.uwaterloo.ca/vvecna/troll-patrol.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: vecna:d9aa616d77cdac62df06ecfe47933e2e3dd1d860
Branches Tags
vecna:main
vecna:analysis
...
compare: vecna:659b8fa16c8439b0f6dca68057db664d948807b8
Branches Tags
vecna:main
vecna:analysis

2 Commits
d9aa616d77 ... 659b8fa16c

Author SHA1 Message Date
Vecna 659b8fa16c Refactor analysis for efficiency 2024-05-22 16:04:52 -04:00
Vecna 6b6836dbae Simulation: Give user chance to use bridges each day 2024-05-21 22:35:42 -04:00
2 changed files with 239 additions and 198 deletions
Show Stats Expand all files Collapse all files

109
src/analysis.rs
View File

@ -309,35 +309,44 @@ impl Analyzer for NormalAnalyzer {
let alpha = 1.0 - confidence;
let (bridge_ips_mean, bridge_ips_sd) = Self::mean_and_std_dev(bridge_ips);
// Evaluate based on negative reports
let (negative_reports_mean, negative_reports_sd) = Self::mean_and_std_dev(negative_reports);
// Model negative reports separately
let bip_normal = Normal::new(bridge_ips_mean, bridge_ips_sd);
let nr_normal = Normal::new(negative_reports_mean, negative_reports_sd);
// If we have 0 standard deviation, we need another way to
// evaluate each variable
let bip_test = if bridge_ips_sd > 0.0 {
bip_normal.unwrap().cdf(bridge_ips_today as f64) < alpha
} else {
// Consider the bridge blocked if its usage dropped by more
// than 1 bin. (Note that the mean is the exact value
// because we had no deviation.)
(bridge_ips_today as f64) < bridge_ips_mean - 8.0
};
let nr_test = if negative_reports_sd > 0.0 {
if negative_reports_sd > 0.0 {
// We use CCDF because more negative reports is worse.
(1.0 - nr_normal.unwrap().cdf(negative_reports_today as f64)) < alpha
if (1.0 - nr_normal.unwrap().cdf(negative_reports_today as f64)) < alpha {
return true;
}
} else {
// If the standard deviation is 0, we need another option.
// Consider the bridge blocked negative reports increase by
// more than 1 after a long static period. (Note that the
// mean is the exact value because we had no deviation.)
(negative_reports_today as f64) > negative_reports_mean + 1.0
};
if (negative_reports_today as f64) > negative_reports_mean + 1.0 {
return true;
}
}
// Return true if any test concluded the bridge is blocked
bip_test || nr_test
// Evaluate based on bridge stats
let (bridge_ips_mean, bridge_ips_sd) = Self::mean_and_std_dev(bridge_ips);
let bip_normal = Normal::new(bridge_ips_mean, bridge_ips_sd);
if bridge_ips_sd > 0.0 {
if bip_normal.unwrap().cdf(bridge_ips_today as f64) < alpha {
return true;
}
} else {
// If the standard deviation is 0, we need another option.
// Consider the bridge blocked if its usage dropped by more
// than 1 bin. (Note that the mean is the exact value
// because we had no deviation.)
if (bridge_ips_today as f64) < bridge_ips_mean - 8.0 {
return true;
}
}
// If none of the tests concluded that the bridge is blocked,
// return false
false
}
/// Evaluate invite-only bridge with lv3+ users submitting positive reports
@ -357,19 +366,29 @@ impl Analyzer for NormalAnalyzer {
let alpha = 1.0 - confidence;
// Model bridge IPs and positive reports with multivariate
// normal distribution
let (mean_vec, cov_mat) = Self::stats(&[bridge_ips, positive_reports]);
let mvn = MultivariateNormal::new(mean_vec, cov_mat);
// Model negative reports separately
// Evaluate based on negative reports. It is better to compute
// negative reports test first because the positive test may be
// expensive.
let (negative_reports_mean, negative_reports_sd) = Self::mean_and_std_dev(negative_reports);
let nr_normal = Normal::new(negative_reports_mean, negative_reports_sd);
if negative_reports_sd > 0.0 {
// We use CCDF because more negative reports is worse.
if (1.0 - nr_normal.unwrap().cdf(negative_reports_today as f64)) < alpha {
return true;
}
} else {
// Consider the bridge blocked negative reports increase by
// more than 1 after a long static period. (Note that the
// mean is the exact value because we had no deviation.)
if (negative_reports_today as f64) > negative_reports_mean + 1.0 {
return true;
}
}
// If we have 0 standard deviation or a covariance matrix that
// is not positive definite, we need another way to evaluate
// each variable
let positive_test = if mvn.is_ok() {
// Evaluate based on bridge stats and positive reports.
let (mean_vec, cov_mat) = Self::stats(&[bridge_ips, positive_reports]);
let mvn = MultivariateNormal::new(mean_vec, cov_mat);
if mvn.is_ok() {
let mvn = mvn.unwrap();
// Estimate the CDF by integrating the PDF by hand with step
@ -380,27 +399,27 @@ impl Analyzer for NormalAnalyzer {
cdf += mvn.pdf(&DVector::from_vec(vec![bip as f64, pr as f64]));
}
}
cdf < alpha
if cdf < alpha {
return true;
}
} else {
// Ignore positive reports and compute as in stage 2
self.stage_two(
// If we have 0 standard deviation or a covariance matrix
// that is not positive definite, we need another way to
// evaluate each variable. Ignore positive reports and
// compute as in stage 2
if self.stage_two(
confidence,
bridge_ips,
bridge_ips_today,
negative_reports,
negative_reports_today,
)
};
let nr_test = if negative_reports_sd > 0.0 {
// We use CCDF because more negative reports is worse.
(1.0 - nr_normal.unwrap().cdf(negative_reports_today as f64)) < alpha
} else {
// Consider the bridge blocked negative reports increase by
// more than 1 after a long static period. (Note that the
// mean is the exact value because we had no deviation.)
(negative_reports_today as f64) > negative_reports_mean + 1.0
) {
return true;
}
};
positive_test || nr_test
// If none of the tests concluded that the bridge is blocked,
// return false
false
}
}

328
src/simulation/user.rs
View File

@ -26,6 +26,9 @@ pub struct User {
// Does the user submit reports to Troll Patrol?
submits_reports: bool,
// How likely is this user to use bridges on a given day?
prob_use_bridges: f64,
}
impl User {
@ -63,12 +66,17 @@ impl User {
cc
};
// Randomly determine how likely this user is to use bridges on
// a given day
let prob_use_bridges = rng.gen_range(0.0..=1.0);
Self {
censor: censor,
country: cc,
primary_cred: cred,
secondary_cred: None,
submits_reports: submits_reports,
prob_use_bridges: prob_use_bridges,
}
}
@ -127,12 +135,17 @@ impl User {
cc
};
// Randomly determine how likely this user is to use bridges on
// a given day
let prob_use_bridges = rng.gen_range(0.0..=1.0);
Ok(Self {
censor: censor,
country: cc,
primary_cred: friend_cred,
secondary_cred: None,
submits_reports: submits_reports,
prob_use_bridges: prob_use_bridges,
})
}
@ -179,180 +192,189 @@ impl User {
// newly invited friends and a vector of fingerprints of successfully
// contacted bridges.
pub async fn daily_tasks(&mut self, state: &State) -> (Vec<User>, Vec<[u8; 20]>) {
// Download bucket to see if bridge is still reachable
// (We assume that this step can be done even if the user can't actually
// talk to the LA.)
let (bucket, reachcred) = get_bucket(&state.net, &self.primary_cred).await;
let level = scalar_u32(&self.primary_cred.trust_level).unwrap();
// Probabilistically decide if the user should use bridges today
let mut rng = rand::thread_rng();
let num: f64 = rng.gen_range(0.0..1.0);
if num < self.prob_use_bridges {
// Download bucket to see if bridge is still reachable
// (We assume that this step can be done even if the user can't actually
// talk to the LA.)
let (bucket, reachcred) = get_bucket(&state.net, &self.primary_cred).await;
let level = scalar_u32(&self.primary_cred.trust_level).unwrap();
// Can we level up the main credential?
let can_level_up = reachcred.is_some()
&& (level == 0 && eligible_for_trust_promotion(&state.net, &self.primary_cred).await
|| level > 0 && eligible_for_level_up(&state.net, &self.primary_cred).await);
// Can we level up the main credential?
let can_level_up = reachcred.is_some()
&& (level == 0
&& eligible_for_trust_promotion(&state.net, &self.primary_cred).await
|| level > 0 && eligible_for_level_up(&state.net, &self.primary_cred).await);
// Can we migrate the main credential?
let can_migrate = reachcred.is_none() && level >= MIN_TRUST_LEVEL;
// Can we migrate the main credential?
let can_migrate = reachcred.is_none() && level >= MIN_TRUST_LEVEL;
// Can we level up the secondary credential?
let mut second_level_up = false;
// Can we level up the secondary credential?
let mut second_level_up = false;
let mut failed = Vec::<BridgeLine>::new();
let mut succeeded = Vec::<BridgeLine>::new();
for i in 0..bucket.len() {
// At level 0, we only have 1 bridge
if level > 0 || i == 0 {
if self.connect(&bucket[i]) {
succeeded.push(bucket[i]);
let mut failed = Vec::<BridgeLine>::new();
let mut succeeded = Vec::<BridgeLine>::new();
for i in 0..bucket.len() {
// At level 0, we only have 1 bridge
if level > 0 || i == 0 {
if self.connect(&bucket[i]) {
succeeded.push(bucket[i]);
} else {
failed.push(bucket[i]);
}
}
}
let second_cred = if succeeded.len() < 1 {
if self.secondary_cred.is_some() {
std::mem::replace(&mut self.secondary_cred, None)
} else {
failed.push(bucket[i]);
}
}
}
let second_cred = if succeeded.len() < 1 {
if self.secondary_cred.is_some() {
std::mem::replace(&mut self.secondary_cred, None)
} else {
// Get new credential
let cred = get_lox_credential(
&state.net,
&get_open_invitation(&state.net).await,
get_lox_pub(&state.la_pubkeys),
)
.await
.0;
Some(cred)
}
} else {
// If we're able to connect with the primary credential, don't
// keep a secondary one.
None
};
if second_cred.is_some() {
let second_cred = second_cred.as_ref().unwrap();
let (second_bucket, second_reachcred) = get_bucket(&state.net, &second_cred).await;
if self.connect(&second_bucket[0]) {
succeeded.push(second_bucket[0]);
if second_reachcred.is_some()
&& eligible_for_trust_promotion(&state.net, &second_cred).await
{
second_level_up = true;
// Get new credential
let cred = get_lox_credential(
&state.net,
&get_open_invitation(&state.net).await,
get_lox_pub(&state.la_pubkeys),
)
.await
.0;
Some(cred)
}
} else {
failed.push(second_bucket[0]);
}
}
let mut negative_reports = Vec::<NegativeReport>::new();
let mut positive_reports = Vec::<PositiveReport>::new();
if self.submits_reports {
for bridge in &failed {
negative_reports.push(NegativeReport::from_bridgeline(
*bridge,
self.country.to_string(),
BridgeDistributor::Lox,
));
}
if level >= 3 {
for bridge in &succeeded {
positive_reports.push(
PositiveReport::from_lox_credential(
bridge.fingerprint,
None,
&self.primary_cred,
get_lox_pub(&state.la_pubkeys),
self.country.to_string(),
)
.unwrap(),
);
// If we're able to connect with the primary credential, don't
// keep a secondary one.
None
};
if second_cred.is_some() {
let second_cred = second_cred.as_ref().unwrap();
let (second_bucket, second_reachcred) = get_bucket(&state.net, &second_cred).await;
if self.connect(&second_bucket[0]) {
succeeded.push(second_bucket[0]);
if second_reachcred.is_some()
&& eligible_for_trust_promotion(&state.net, &second_cred).await
{
second_level_up = true;
}
} else {
failed.push(second_bucket[0]);
}
}
}
// We might restrict these steps to succeeded.len() > 0, but we do
// assume the user can contact the LA somehow, so let's just allow it.
if can_level_up {
let cred = level_up(
&state.net,
&self.primary_cred,
&reachcred.unwrap(),
get_lox_pub(&state.la_pubkeys),
get_reachability_pub(&state.la_pubkeys),
)
.await;
self.primary_cred = cred;
self.secondary_cred = None;
}
// We favor starting over at level 1 to migrating
else if second_level_up {
let second_cred = second_cred.as_ref().unwrap();
let cred = trust_migration(
&state.net,
&second_cred,
&trust_promotion(&state.net, &second_cred, get_lox_pub(&state.la_pubkeys)).await,
get_lox_pub(&state.la_pubkeys),
get_migration_pub(&state.la_pubkeys),
)
.await;
self.primary_cred = cred;
self.secondary_cred = None;
} else if can_migrate {
let cred = blockage_migration(
&state.net,
&self.primary_cred,
&check_blockage(
let mut negative_reports = Vec::<NegativeReport>::new();
let mut positive_reports = Vec::<PositiveReport>::new();
if self.submits_reports {
for bridge in &failed {
negative_reports.push(NegativeReport::from_bridgeline(
*bridge,
self.country.to_string(),
BridgeDistributor::Lox,
));
}
if level >= 3 {
for bridge in &succeeded {
positive_reports.push(
PositiveReport::from_lox_credential(
bridge.fingerprint,
None,
&self.primary_cred,
get_lox_pub(&state.la_pubkeys),
self.country.to_string(),
)
.unwrap(),
);
}
}
}
// We might restrict these steps to succeeded.len() > 0, but we do
// assume the user can contact the LA somehow, so let's just allow it.
if can_level_up {
let cred = level_up(
&state.net,
&self.primary_cred,
&reachcred.unwrap(),
get_lox_pub(&state.la_pubkeys),
get_reachability_pub(&state.la_pubkeys),
)
.await,
get_lox_pub(&state.la_pubkeys),
get_migration_pub(&state.la_pubkeys),
)
.await;
self.primary_cred = cred;
self.secondary_cred = None;
} else if second_cred.is_some() {
// Couldn't connect with primary credential
if succeeded.len() > 0 {
// Keep the second credential only if it's useful
self.secondary_cred = second_cred;
.await;
self.primary_cred = cred;
self.secondary_cred = None;
}
// We favor starting over at level 1 to migrating
else if second_level_up {
let second_cred = second_cred.as_ref().unwrap();
let cred = trust_migration(
&state.net,
&second_cred,
&trust_promotion(&state.net, &second_cred, get_lox_pub(&state.la_pubkeys))
.await,
get_lox_pub(&state.la_pubkeys),
get_migration_pub(&state.la_pubkeys),
)
.await;
self.primary_cred = cred;
self.secondary_cred = None;
} else if can_migrate {
let cred = blockage_migration(
&state.net,
&self.primary_cred,
&check_blockage(
&state.net,
&self.primary_cred,
get_lox_pub(&state.la_pubkeys),
)
.await,
get_lox_pub(&state.la_pubkeys),
get_migration_pub(&state.la_pubkeys),
)
.await;
self.primary_cred = cred;
self.secondary_cred = None;
} else if second_cred.is_some() {
// Couldn't connect with primary credential
if succeeded.len() > 0 {
// Keep the second credential only if it's useful
self.secondary_cred = second_cred;
}
}
}
if negative_reports.len() > 0 {
Self::send_negative_reports(&state, negative_reports).await;
}
if positive_reports.len() > 0 {
Self::send_positive_reports(&state, positive_reports).await;
}
if negative_reports.len() > 0 {
Self::send_negative_reports(&state, negative_reports).await;
}
if positive_reports.len() > 0 {
Self::send_positive_reports(&state, positive_reports).await;
}
// Invite friends if applicable
let invitations = scalar_u32(&self.primary_cred.invites_remaining).unwrap();
let mut new_friends = Vec::<User>::new();
for _i in 0..invitations {
let mut rng = rand::thread_rng();
let num: f64 = rng.gen_range(0.0..1.0);
if num < state.prob_user_invites_friend {
match self.invite(&state).await {
Ok(friend) => {
// You really shouldn't push your friends, especially
// new ones whose boundaries you might not know well.
new_friends.push(friend);
}
Err(e) => {
println!("{}", e);
// Invite friends if applicable
let invitations = scalar_u32(&self.primary_cred.invites_remaining).unwrap();
let mut new_friends = Vec::<User>::new();
for _i in 0..invitations {
let mut rng = rand::thread_rng();
let num: f64 = rng.gen_range(0.0..1.0);
if num < state.prob_user_invites_friend {
match self.invite(&state).await {
Ok(friend) => {
// You really shouldn't push your friends, especially
// new ones whose boundaries you might not know well.
new_friends.push(friend);
}
Err(e) => {
println!("{}", e);
}
}
}
}
}
// List of fingerprints we contacted. This should not actually be more
// than one.
let mut connections = Vec::<[u8; 20]>::new();
for bridge in succeeded {
connections.push(bridge.get_hashed_fingerprint());
}
// List of fingerprints we contacted. This should not actually be more
// than one.
let mut connections = Vec::<[u8; 20]>::new();
for bridge in succeeded {
connections.push(bridge.get_hashed_fingerprint());
}
(new_friends, connections)
(new_friends, connections)
} else {
(Vec::<User>::new(), Vec::<[u8; 20]>::new())
}
}
}