Kerl verifier (#165)

* kerl-verifier * add StereotomyVerifier, add KERL.getKeyState(Identifier, ULong) api to leverage JohnHancock.sequenceNumber for verification * kerl based verifier, not integrated into main member processing * fix memkerl, kerl based verification used for sterotomy identifier verifiers
salesforce · Nov 23, 2023 · 9e6cead · 9e6cead
1 parent be1e7d9
commit 9e6cead
Show file tree

Hide file tree

Showing 27 changed files with 895 additions and 558 deletions.
diff --git a/cryptography/src/main/java/com/salesforce/apollo/crypto/HexBloom.java b/cryptography/src/main/java/com/salesforce/apollo/crypto/HexBloom.java
@@ -29,11 +29,11 @@ public class HexBloom {
     public static final  double                   DEFAULT_FPR      = 0.0001;
     public static final  long                     DEFAULT_SEED     = Primes.PRIMES[666];
     private static final Function<Digest, Digest> IDENTITY         = d -> d;
-    private static       int                      MINIMUM_BFF_CARD = 100;
+    private static final int                      MINIMUM_BFF_CARD = 100;
 
     private final int                 cardinality;
     private final Digest[]            crowns;
-    private       BloomFilter<Digest> membership;
+    private final BloomFilter<Digest> membership;
 
     public HexBloom(Digest initial, int count) {
         assert count > 0;
@@ -567,10 +567,6 @@ public void add(Digest digest) {
         public List<Digest> crowns() {
             return accumulators.stream().map(ar -> ar.get()).toList();
         }
-
-        public List<Digest> wrapped() {
-            return accumulators.stream().map(ar -> ar.get()).toList();
-        }
     }
 
     public static class HexAccumulator extends Accumulator {

diff --git a/cryptography/src/main/java/com/salesforce/apollo/crypto/JohnHancock.java b/cryptography/src/main/java/com/salesforce/apollo/crypto/JohnHancock.java
@@ -139,7 +139,7 @@ public Sig toSig() {
     @Override
     public String toString() {
         return "Sig[" + Arrays.asList(bytes).stream().map(b -> Hex.hexSubString(b, 12)).toList() + ":"
-        + algorithm.signatureCode() + "]";
+        + algorithm.signatureCode() + " #" + sequenceNumber + "]";
     }
 
     public boolean verify(SigningThreshold threshold, Map<Integer, PublicKey> keys, InputStream input) {
@@ -167,4 +167,8 @@ public boolean verify(SigningThreshold threshold, Map<Integer, PublicKey> keys,
         int[] arrIndexes = verifiedSignatures.stream().mapToInt(i -> i.intValue()).toArray();
         return SigningThreshold.thresholdMet(threshold, arrIndexes);
     }
+
+    public ULong getSequenceNumber() {
+        return sequenceNumber;
+    }
 }
diff --git a/grpc/src/main/proto/stereotomy-services.proto b/grpc/src/main/proto/stereotomy-services.proto
@@ -9,76 +9,77 @@ import "google/protobuf/empty.proto";
 import "crypto.proto";
 import "stereotomy.proto";
 
-package stereotomy.services; 
+package stereotomy.services;
 
 message KeyStates {
-    repeated KeyState_ keyStates = 1;
+  repeated KeyState_ keyStates = 1;
 }
 
 message AttachmentsContext {
-    repeated AttachmentEvent attachments = 1;
+  repeated AttachmentEvent attachments = 1;
 }
 
 message KERLContext {
-    stereotomy.KERL_ kerl = 1;
-    repeated stereotomy.Validations validations = 2;
+  stereotomy.KERL_ kerl = 1;
+  repeated stereotomy.Validations validations = 2;
 }
 
 message KeyEventContext {
-    KeyEvent_ keyEvent = 1;
-    Validations validations = 2;
+  KeyEvent_ keyEvent = 1;
+  Validations validations = 2;
 }
 
 message KeyEventsContext {
-    repeated KeyEvent_ keyEvent = 1;
-    repeated stereotomy.Validations validations = 2;
+  repeated KeyEvent_ keyEvent = 1;
+  repeated stereotomy.Validations validations = 2;
 }
 
 message KeyEventWithAttachmentsContext {
-    repeated KeyEvent_ events = 1;
-    repeated AttachmentEvent attachments = 2;
+  repeated KeyEvent_ events = 1;
+  repeated AttachmentEvent attachments = 2;
 }
 
-message AttachmentEvents { 
-    repeated AttachmentEvent attachments = 1;
+message AttachmentEvents {
+  repeated AttachmentEvent attachments = 1;
 }
 
 service KERLService {
-    rpc append (KeyEventsContext) returns(KeyStates) {}
-    rpc appendKERL (KERLContext) returns(KeyStates) {}
-    rpc appendWithAttachments (KeyEventWithAttachmentsContext) returns(KeyStates) {}
-    rpc appendAttachments (AttachmentsContext) returns(google.protobuf.Empty) {}
-    rpc appendValidations (stereotomy.Validations ) returns (google.protobuf.Empty) {}
+  rpc append (KeyEventsContext) returns(KeyStates) {}
+  rpc appendKERL (KERLContext) returns(KeyStates) {}
+  rpc appendWithAttachments (KeyEventWithAttachmentsContext) returns(KeyStates) {}
+  rpc appendAttachments (AttachmentsContext) returns(google.protobuf.Empty) {}
+  rpc appendValidations (stereotomy.Validations) returns (google.protobuf.Empty) {}
 
-    rpc getAttachment (stereotomy.EventCoords) returns(Attachment) {}
-    rpc getKeyEvent (crypto.Digeste ) returns(KeyEvent_) {}
-    rpc getKeyEventCoords (stereotomy.EventCoords) returns(KeyEvent_) {}
-    rpc getKeyState (stereotomy.Ident) returns (stereotomy.KeyState_) {}
-    rpc getKeyStateCoords (stereotomy.EventCoords) returns (stereotomy.KeyState_) {}
-    rpc getKeyStateWithAttachments (stereotomy.EventCoords) returns (stereotomy.KeyStateWithAttachments_) {}
-    rpc getKeyStateWithEndorsementsAndValidations (stereotomy.EventCoords) returns (stereotomy.KeyStateWithEndorsementsAndValidations_) {}
-    rpc getKERL (stereotomy.Ident) returns (stereotomy.KERL_) {}
-    rpc getValidations (stereotomy.EventCoords) returns (stereotomy.Validations) {}
+  rpc getAttachment (stereotomy.EventCoords) returns(Attachment) {}
+  rpc getKeyEvent (crypto.Digeste) returns(KeyEvent_) {}
+  rpc getKeyEventCoords (stereotomy.EventCoords) returns(KeyEvent_) {}
+  rpc getKeyState (stereotomy.Ident) returns (stereotomy.KeyState_) {}
+  rpc getKeyStateSeqNum (stereotomy.IdentAndSeq) returns (stereotomy.KeyState_) {}
+  rpc getKeyStateCoords (stereotomy.EventCoords) returns (stereotomy.KeyState_) {}
+  rpc getKeyStateWithAttachments (stereotomy.EventCoords) returns (stereotomy.KeyStateWithAttachments_) {}
+  rpc getKeyStateWithEndorsementsAndValidations (stereotomy.EventCoords) returns (stereotomy.KeyStateWithEndorsementsAndValidations_) {}
+  rpc getKERL (stereotomy.Ident) returns (stereotomy.KERL_) {}
+  rpc getValidations (stereotomy.EventCoords) returns (stereotomy.Validations) {}
 }
 
-service EventObserver { 
-    rpc publish(KERLContext) returns(google.protobuf.Empty) {}
-    rpc publishEvents (KeyEventsContext) returns(google.protobuf.Empty) {}
-    rpc publishAttachments (AttachmentsContext) returns(google.protobuf.Empty) {}
+service EventObserver {
+  rpc publish(KERLContext) returns(google.protobuf.Empty) {}
+  rpc publishEvents (KeyEventsContext) returns(google.protobuf.Empty) {}
+  rpc publishAttachments (AttachmentsContext) returns(google.protobuf.Empty) {}
 }
 
 // Binding API for Resolver
 service Binder {
-    rpc bind(stereotomy.Binding ) returns(google.protobuf.Empty) {}
-    rpc unbind(stereotomy.Ident) returns(google.protobuf.Empty) {}
+  rpc bind(stereotomy.Binding) returns(google.protobuf.Empty) {}
+  rpc unbind(stereotomy.Ident) returns(google.protobuf.Empty) {}
 }
 
 // Resolver API
 service Resolver {
-    rpc lookup (stereotomy.Ident) returns (stereotomy.Binding) {}
+  rpc lookup (stereotomy.Ident) returns (stereotomy.Binding) {}
 }
 
 // Validator API
 service Validator {
-    rpc validate(KeyEventContext) returns (google.protobuf.BoolValue) {}
+  rpc validate(KeyEventContext) returns (google.protobuf.BoolValue) {}
 }