Tie SessionId to SessionParameters::Digest
#41
Conversation
Pull Request Test Coverage Report for Build 11505566321Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
manul/src/session/session.rs
Outdated
| /// Creates a session identifier deterministically from the given bytestring. | ||
| /// | ||
| /// **Warning:** make sure the bytestring you provide will not be reused within your application. | ||
| /// Session ID collisions will affect error attribution and evidence verification. | ||
| pub fn from_seed<SP: SessionParameters>(bytes: &[u8]) -> Self { | ||
| Self( | ||
| SP::Digest::new_with_prefix(b"SessionId") | ||
| .chain_update(bytes) | ||
| .finalize() | ||
| .as_ref() | ||
| .into(), | ||
| ) |
There was a problem hiding this comment.
Outside tests/benches/examples, why would we want users to create their own session identifiers? The safest way to use the API seems to not allow misuse ever, so: can we get away without this method completely?
If we cannot, is it possible to enforce some minimum length (of the seed)? Or is the Digest safe even with a single 0 as input?
There was a problem hiding this comment.
Do you propose that we create them randomly when a Session is created? I thought there may be use in making them deterministically based on e.g. current block hash and other network parameters.
There was a problem hiding this comment.
Exactly, create them without any user provided input. Upstream should treat it as an opaque token, or "shared randomness" as it were. :)
There was a problem hiding this comment.
That's the thing though, how do you share it between the nodes? I don't see any other way but generating it based on some publicly available pseudo-random data.
There was a problem hiding this comment.
Hmm, fair point. Maybe we can force users to implement the method themselves, like a "must-implement" trait? That way they can use the (hopefully) correct contextual information to ensure it never repeats. :/
There was a problem hiding this comment.
Hm, I don't really see how that would be functionally different from the existing from_seed method. Let's get this PR in, and if you have ideas on how the process can be made safer, open an issue, and we'll explore that.
|
Added more warnings to |
Fixes #9
Affects #25
SessionIdnow hashes the incoming randomness usingSessionParameters::Digestand keeps that hash.SessionId::new()renamed tofrom_seed().FirstRound::newtakes an&[u8]instead of aSessionIdto reduce the coupling between layers.This PR may possibly include making
SessionIdgeneric overSessionParametersand usingdigest::Output<SP::Digest>(which is a stack array) instead ofBox<[u8]>, but that actually affects a lot of types (messages, evidences), so I am not sure if it's worth it.