commit c6cf283d8f368cf9e33ecd15b935abc41c3e69d5 · edouard.paris/vnd-atproto

.gitignore

···

       1
       1
        
       target/

     

       2
       2
        
       cli/history.txt

     

       3
       3
        
       cli/operation.json

     

       4
       4
       +
       cli/previous_operation.json

+4 -2

Cargo.lock

···

       254
       254
        
       [[package]]

     

       255
       255
        
       name = "cid"

     

       256
       256
        
       version = "0.11.1"

     

       257
       257
       -
       source = "git+https://github.com/edouardparis/rust-cid?branch=fix-dep-serde_bytes-features#d8aeda78e2dd4784dbea3086a6ca85fa88782d2d"

     

       257
       257
       +
       source = "git+https://github.com/multiformats/rust-cid?branch=master#6a13cb931d3237e5e1f5635a943edfd166e2e78c"

     

       258
       258
        
       dependencies = [

     

       259
       259
        
        "core2",

     

       260
       260
        
        "multibase",

     
···

       1265
       1265
        
       [[package]]

     

       1266
       1266
        
       name = "serde_ipld_dagcbor"

     

       1267
       1267
        
       version = "0.6.3"

     

       1268
       1268
       -
       source = "git+http://github.com/edouardparis/serde_ipld_dagcbor?branch=scopeguard-no-default-features#82eca93ee126750ad80feedbfe9cee0bf162c587"

     

       1268
       1268
       +
       source = "git+http://github.com/ipld/serde_ipld_dagcbor?branch=master#d7f93d06ce6a19867abeea78d02d6ded6c476b81"

     

       1269
       1269
        
       dependencies = [

     

       1270
       1270
        
        "cbor4ii",

     

       1271
       1271
        
        "ipld-core",

     
···

       1612
       1612
        
       version = "0.0.1"

     

       1613
       1613
        
       dependencies = [

     

       1614
       1614
        
        "base58",

     

       1615
       1615
       +
        "cid",

     

       1615
       1616
        
        "hex-literal",

     

       1616
       1617
        
        "k256",

     

       1617
       1618
        
        "postcard",

     
···

       1628
       1629
        
        "base32",

     

       1629
       1630
        
        "base58",

     

       1630
       1631
        
        "base64",

     

       1632
       1632
       +
        "cid",

     

       1631
       1633
        
        "clap",

     

       1632
       1634
        
        "hidapi",

     

       1633
       1635
        
        "ledger-transport-hid",

+3 -2

Cargo.toml

···

       11
       11
        
       

     

       12
       12
        
       [dependencies]

     

       13
       13
        
       k256 = { version = "0.13.4", default-features = false, features = ["alloc", "ecdsa-core"] }

     

       14
       14
       +
       cid = { version = "0.11.1", default-features = false, features = ['alloc'] }

     

       14
       15
        
       postcard = { version = "1.1.1", features = ["alloc"] }

     

       15
       15
       -
       serde_ipld_dagcbor = { git = "http://github.com/edouardparis/serde_ipld_dagcbor", branch = "scopeguard-no-default-features", default-features = false }

     

       16
       16
       +
       serde_ipld_dagcbor = { git = "http://github.com/ipld/serde_ipld_dagcbor", branch = "master", default-features = false }

     

       16
       17
        
       sdk = { package = "vanadium-app-sdk", git = "https://github.com/LedgerHQ/vanadium"}

     

       17
       18
        
       common = { package = "vnd-atproto-common", path = "common" }

     

       18
       19
        
       base58 = "0.2.0"

     

       19
       20
        
       serde = { version = "1.0", default-features = false, features = ["alloc"] }

     

       20
       21
        
       

     

       21
       22
        
       [patch.crates-io]

     

       22
       22
       -
       cid = { git = "https://github.com/edouardparis/rust-cid", branch = "fix-dep-serde_bytes-features" }

     

       23
       23
       +
       cid = { git = "https://github.com/multiformats/rust-cid", branch = "master" }

     

       23
       24
        
       

     

       24
       25
        
       [dev-dependencies]

     

       25
       26
        
       hex-literal = "0.4.1"

+2 -1

cli/Cargo.toml

···

       14
       14
        
       shellwords = "1.1.0"

     

       15
       15
        
       hidapi = "2.6.3"

     

       16
       16
        
       ledger-transport-hid = "0.11.0"

     

       17
       17
       -
       serde_ipld_dagcbor = { git = "http://github.com/edouardparis/serde_ipld_dagcbor", branch = "scopeguard-no-default-features", default-features = false }

     

       17
       17
       +
       cid = { version = "0.11.1", default-features = false }

     

       18
       18
       +
       serde_ipld_dagcbor = { git = "http://github.com/ipld/serde_ipld_dagcbor", branch = "master", default-features = false }

     

       18
       19
        
       serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] }

     

       19
       20
        
       serde_json = { version = "1.0", default-features = false, features = ["alloc"] }

     

       20
       21
        
       tokio = { version = "1.38.1", features = ["io-util", "macros", "net", "rt", "rt-multi-thread", "sync"] }

+20

cli/previous_operation.json

···

       1
       1
       +
       {

     

       2
       2
       +
         "alsoKnownAs": [

     

       3
       3
       +
           "at://test-vnd.edouard.paris"

     

       4
       4
       +
         ],

     

       5
       5
       +
         "prev": null,

     

       6
       6
       +
         "rotationKeys": [

     

       7
       7
       +
           "did:key:zQ3shiNS7Bm7F3AH5NU4uimiSpZ8ryYj365Uq1N7KMsWUaXKp"

     

       8
       8
       +
         ],

     

       9
       9
       +
         "services": {

     

       10
       10
       +
           "atproto_pds": {

     

       11
       11
       +
             "endpoint": "https://pds.edouard.paris",

     

       12
       12
       +
             "type": "AtprotoPersonalDataServer"

     

       13
       13
       +
           }

     

       14
       14
       +
         },

     

       15
       15
       +
         "sig": "kfShJ7A67jZAjZhydcnz3HRnrlE0NqocV2RmjRNlCB5hyj4Qiw51Kn_Bkqj704KYOTEiyhpiVajRc-qVc9ssWw",

     

       16
       16
       +
         "type": "plc_operation",

     

       17
       17
       +
         "verificationMethods": {

     

       18
       18
       +
           "atproto": "did:key:zQ3shiNS7Bm7F3AH5NU4uimiSpZ8ryYj365Uq1N7KMsWUaXKp"

     

       19
       19
       +
         }

     

       20
       20
       +
       }

+24 -15

cli/src/main.rs

···

       1
       1
        
       use base58::ToBase58;

     

       2
       2
        
       use base64::Engine;

     

       3
       3
       +
       use cid::multihash;

     

       3
       4
        
       use clap::{CommandFactory, Parser, Subcommand};

     

       4
       5
        
       use rustyline::completion::{Completer, Pair};

     

       5
       6
        
       use rustyline::error::ReadlineError;

     
···

       18
       19
        
           AtprotoAppClient,

     

       19
       20
        
       };

     

       20
       21
        
       

     

       21
       21
       -
       use serde::{Deserialize, Serialize};

     

       22
       22
        
       use std::borrow::Cow;

     

       23
       23
        
       use std::fs::File;

     

       24
       24
        
       use std::io::Read;

     
···

       51
       51
        
               previous: Option<String>,

     

       52
       52
        
               #[clap(long, default_missing_value = "true", num_args = 0..=1)]

     

       53
       53
        
               new_plc_did: bool,

     

       54
       54
       +
           },

     

       55
       55
       +
           GetCID {

     

       56
       56
       +
               /// Path to operation json file

     

       57
       57
       +
               #[clap(long)]

     

       58
       58
       +
               operation: String,

     

       54
       59
        
           },

     

       55
       60
        
           Exit,

     

       56
       61
        
       }

     
···

       209
       214
        
                   previous,

     

       210
       215
        
                   new_plc_did,

     

       211
       216
        
               } => {

     

       212
       212
       -
                   let operation = read_operation_file(&operation)?;

     

       213
       213
       -
                   let previous = if let Some(path) = previous {

     

       214
       214
       -
                       Some(read_operation_file(&path)?)

     

       217
       217
       +
                   let operation: client::PlcOperation = read_json_file(&operation)?;

     

       218
       218
       +
                   let previous: Option<client::SignedPlcOperation> = if let Some(path) = previous {

     

       219
       219
       +
                       Some(read_json_file(&path)?)

     

       215
       220
        
                   } else {

     

       216
       221
        
                       None

     

       217
       222
        
                   };

     
···

       221
       226
        
                       .map(|s| base64::prelude::BASE64_URL_SAFE_NO_PAD.encode(s))?;

     

       222
       227
        
                   println!("sig: {}", sig);

     

       223
       228
        
                   if *new_plc_did {

     

       224
       224
       -
                       let b = serde_ipld_dagcbor::to_vec(&SignedPlcOperation { operation, sig }).unwrap();

     

       229
       229
       +
                       let b = serde_ipld_dagcbor::to_vec(&operation.signed(sig)).unwrap();

     

       225
       230
        
                       let hash = sha2::Sha256::digest(b);

     

       226
       231
        
                       let s = base32::encode(base32::Alphabet::Rfc4648Lower { padding: true }, &hash);

     

       227
       232
        
                       eprintln!("did:plc:{}", &s[..24]);

     

       228
       233
        
                   }

     

       234
       234
       +
               }

     

       235
       235
       +
               CliCommand::GetCID { operation } => {

     

       236
       236
       +
                   let operation: client::SignedPlcOperation = read_json_file(&operation)?;

     

       237
       237
       +
                   let b = serde_ipld_dagcbor::to_vec(&operation).unwrap();

     

       238
       238
       +
                   let digest = sha2::Sha256::digest(b);

     

       239
       239
       +
                   let wrap = multihash::Multihash::wrap(0x12, &digest).unwrap();

     

       240
       240
       +
                   let cid = cid::Cid::new(cid::Version::V1, 0x71, wrap).unwrap();

     

       241
       241
       +
                   eprintln!("cid: {}", cid);

     

       229
       242
        
               }

     

       230
       243
        
               CliCommand::Exit => {

     

       231
       244
        
                   app_client.exit().await?;

     
···

       235
       248
        
           Ok(())

     

       236
       249
        
       }

     

       237
       250
        
       

     

       238
       238
       -
       #[derive(Serialize)]

     

       239
       239
       -
       pub struct SignedPlcOperation {

     

       240
       240
       -
           #[serde(flatten)]

     

       241
       241
       -
           operation: client::PlcOperation,

     

       242
       242
       -
           sig: String,

     

       243
       243
       -
       }

     

       244
       244
       -
       

     

       245
       245
       -
       fn read_operation_file(path: &str) -> Result<client::PlcOperation, Box<dyn std::error::Error>> {

     

       251
       251
       +
       fn read_json_file<T>(path: &str) -> Result<T, Box<dyn std::error::Error>>

     

       252
       252
       +
       where

     

       253
       253
       +
           T: serde::de::DeserializeOwned,

     

       254
       254
       +
       {

     

       246
       255
        
           let mut file = File::open(path)?;

     

       247
       256
        
           let mut contents = String::new();

     

       248
       257
        
           file.read_to_string(&mut contents)?;

     

       249
       249
       -
           let operation: client::PlcOperation = serde_json::from_str(&contents)?;

     

       250
       250
       -
           Ok(operation)

     

       258
       258
       +
           let data: T = serde_json::from_str(&contents)?;

     

       259
       259
       +
           Ok(data)

     

       251
       260
        
       }

     

       252
       261
        
       

     

       253
       262
        
       #[tokio::main(flavor = "multi_thread")]

+1 -1

client/Cargo.toml

···

       7
       7
        
       postcard = { version = "1.1.1", features = ["alloc"] }

     

       8
       8
        
       common = { package = "vnd-atproto-common", path = "../common"}

     

       9
       9
        
       sdk = { package = "vanadium-client-sdk", git = "https://github.com/LedgerHQ/vanadium"}

     

       10
       10
       -
       serde_ipld_dagcbor = { git = "http://github.com/edouardparis/serde_ipld_dagcbor", branch = "scopeguard-no-default-features", default-features = false }

     

       10
       10
       +
       serde_ipld_dagcbor = { git = "http://github.com/ipld/serde_ipld_dagcbor", branch = "master", default-features = false }

+4 -3

client/src/lib.rs

···

       1
       1
       -
       pub use common::message::PlcOperation;

     

       1
       1
       +
       pub use common::message::{PlcOperation, SignedPlcOperation};

     

       2
       2
        
       use common::message::{Request, Response};

     

       3
       3
        
       use sdk::vanadium_client::{VAppClient, VAppExecutionError};

     

       4
       4
        
       

     
···

       94
       94
        
               &mut self,

     

       95
       95
        
               key_index: u32,

     

       96
       96
        
               operation: PlcOperation,

     

       97
       97
       -
               previous: Option<PlcOperation>,

     

       97
       97
       +
               previous: Option<SignedPlcOperation>,

     

       98
       98
        
           ) -> Result<Vec<u8>, AtprotoAppClientError> {

     

       99
       99
        
               let msg = postcard::to_allocvec(&Request::SignPlcOperation {

     

       100
       100
        
                   key_index,

     

       101
       101
        
                   previous,

     

       102
       102
        
                   operation,

     

       103
       103
        
               })

     

       104
       104
       -
               .map_err(|_| {

     

       104
       104
       +
               .map_err(|e| {

     

       105
       105
       +
                   eprintln!("{:?}", e);

     

       105
       106
        
                   AtprotoAppClientError::GenericError("Failed to serialize SignPlcOperation request")

     

       106
       107
        
               })?;

     

       107
       108

+27 -1

common/src/message.rs

···

       11
       11
        
           },

     

       12
       12
        
           SignPlcOperation {

     

       13
       13
        
               key_index: u32,

     

       14
       14
       -
               previous: Option<PlcOperation>,

     

       15
       14
        
               operation: PlcOperation,

     

       15
       15
       +
               previous: Option<SignedPlcOperation>,

     

       16
       16
        
           },

     

       17
       17
        
       }

     

       18
       18
        
       

     
···

       25
       25
        
           pub also_known_as: Vec<String>,

     

       26
       26
        
           pub services: Services,

     

       27
       27
        
           pub prev: Option<String>,

     

       28
       28
       +
       }

     

       29
       29
       +
       

     

       30
       30
       +
       impl PlcOperation {

     

       31
       31
       +
           pub fn signed(self, sig: String) -> SignedPlcOperation {

     

       32
       32
       +
               SignedPlcOperation {

     

       33
       33
       +
                   r#type: self.r#type,

     

       34
       34
       +
                   rotation_keys: self.rotation_keys,

     

       35
       35
       +
                   verification_methods: self.verification_methods,

     

       36
       36
       +
                   also_known_as: self.also_known_as,

     

       37
       37
       +
                   services: self.services,

     

       38
       38
       +
                   prev: self.prev,

     

       39
       39
       +
                   sig,

     

       40
       40
       +
               }

     

       41
       41
       +
           }

     

       42
       42
       +
       }

     

       43
       43
       +
       

     

       44
       44
       +
       #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq)]

     

       45
       45
       +
       #[serde(rename_all = "camelCase")]

     

       46
       46
       +
       pub struct SignedPlcOperation {

     

       47
       47
       +
           pub r#type: String,

     

       48
       48
       +
           pub rotation_keys: Vec<String>,

     

       49
       49
       +
           pub verification_methods: VerificationMethods,

     

       50
       50
       +
           pub also_known_as: Vec<String>,

     

       51
       51
       +
           pub services: Services,

     

       52
       52
       +
           pub prev: Option<String>,

     

       53
       53
       +
           pub sig: String,

     

       28
       54
        
       }

     

       29
       55
        
       

     

       30
       56
        
       #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq)]

+95 -10

src/main.rs

···

       7
       7
        
           vec::Vec,

     

       8
       8
        
       };

     

       9
       9
        
       use base58::ToBase58;

     

       10
       10
       -
       use common::message::{PlcOperation, Request, Response};

     

       10
       10
       +
       use common::message::{PlcOperation, Request, Response, SignedPlcOperation};

     

       11
       11
        
       use sdk::{

     

       12
       12
        
           App,

     

       13
       13
        
           curve::{Curve, EcfpPrivateKey, EcfpPublicKey, Secp256k1, ToPublicKey},

     
···

       84
       84
        
       }

     

       85
       85
        
       

     

       86
       86
        
       #[cfg(not(test))]

     

       87
       87
       -
       fn operation_tags(operation: &PlcOperation) -> Vec<sdk::ux::TagValue> {

     

       87
       87
       +
       fn all_operation_tags(operation: &PlcOperation) -> Vec<sdk::ux::TagValue> {

     

       88
       88
        
           use sdk::ux::TagValue;

     

       89
       89
        
           let mut tags: Vec<TagValue> = operation

     

       90
       90
        
               .rotation_keys

     
···

       116
       116
        
       }

     

       117
       117
        
       

     

       118
       118
        
       #[cfg(not(test))]

     

       119
       119
       -
       fn display_full_operation(pubkey: &PublicDidKey, index: u32, operation: &PlcOperation) -> bool {

     

       119
       119
       +
       fn changed_operation_tags(

     

       120
       120
       +
           operation: &PlcOperation,

     

       121
       121
       +
           previous: &SignedPlcOperation,

     

       122
       122
       +
       ) -> Vec<sdk::ux::TagValue> {

     

       123
       123
       +
           use sdk::ux::TagValue;

     

       124
       124
       +
           let mut tags: Vec<TagValue> = Vec::new();

     

       125
       125
       +
       

     

       126
       126
       +
           if operation.rotation_keys != previous.rotation_keys {

     

       127
       127
       +
               tags = operation

     

       128
       128
       +
                   .rotation_keys

     

       129
       129
       +
                   .iter()

     

       130
       130
       +
                   .map(|value| TagValue {

     

       131
       131
       +
                       tag: "Rotation key:".into(),

     

       132
       132
       +
                       value: value.to_string(),

     

       133
       133
       +
                   })

     

       134
       134
       +
                   .collect();

     

       135
       135
       +
           }

     

       136
       136
       +
       

     

       137
       137
       +
           if operation.verification_methods != previous.verification_methods {

     

       138
       138
       +
               tags.push(TagValue {

     

       139
       139
       +
                   tag: "Verification method (atproto):".into(),

     

       140
       140
       +
                   value: operation.verification_methods.atproto.to_string(),

     

       141
       141
       +
               });

     

       142
       142
       +
           }

     

       143
       143
       +
       

     

       144
       144
       +
           if operation.also_known_as != previous.also_known_as {

     

       145
       145
       +
               for tag in operation.also_known_as.iter().map(|value| TagValue {

     

       146
       146
       +
                   tag: "Known as:".into(),

     

       147
       147
       +
                   value: value.to_string(),

     

       148
       148
       +
               }) {

     

       149
       149
       +
                   tags.push(tag);

     

       150
       150
       +
               }

     

       151
       151
       +
           }

     

       152
       152
       +
       

     

       153
       153
       +
           if operation.services != previous.services {

     

       154
       154
       +
               tags.push(TagValue {

     

       155
       155
       +
                   tag: "Service (atproto pds):".into(),

     

       156
       156
       +
                   value: operation.services.atproto_pds.endpoint.to_string(),

     

       157
       157
       +
               });

     

       158
       158
       +
           }

     

       159
       159
       +
       

     

       160
       160
       +
           tags

     

       161
       161
       +
       }

     

       162
       162
       +
       

     

       163
       163
       +
       #[cfg(not(test))]

     

       164
       164
       +
       fn display_partial_operation(

     

       165
       165
       +
           pubkey: &PublicDidKey,

     

       166
       166
       +
           index: u32,

     

       167
       167
       +
           operation: &PlcOperation,

     

       168
       168
       +
           previous: &SignedPlcOperation,

     

       169
       169
       +
       ) -> bool {

     

       120
       170
        
           sdk::ux::review_pairs(

     

       121
       171
        
               "Sign plc operation",

     

       122
       172
        
               "",

     

       123
       123
       -
               &operation_tags(operation),

     

       173
       173
       +
               &changed_operation_tags(operation, previous),

     

       124
       174
        
               &alloc::format!("with key #{} {} ", index, pubkey.to_string()),

     

       125
       175
        
               "Confirm",

     

       126
       176
        
               false,

     
···

       128
       178
        
       }

     

       129
       179
        
       

     

       130
       180
        
       #[cfg(test)]

     

       181
       181
       +
       fn display_partial_operation(

     

       182
       182
       +
           _pubkey: &PublicDidKey,

     

       183
       183
       +
           _index: u32,

     

       184
       184
       +
           _operation: &PlcOperation,

     

       185
       185
       +
           _previous: &PlcOperation,

     

       186
       186
       +
       ) -> bool {

     

       187
       187
       +
           true

     

       188
       188
       +
       }

     

       189
       189
       +
       

     

       190
       190
       +
       #[cfg(not(test))]

     

       131
       191
        
       fn display_full_operation(pubkey: &PublicDidKey, index: u32, operation: &PlcOperation) -> bool {

     

       192
       192
       +
           sdk::ux::review_pairs(

     

       193
       193
       +
               "Sign plc operation",

     

       194
       194
       +
               "",

     

       195
       195
       +
               &all_operation_tags(operation),

     

       196
       196
       +
               &alloc::format!("with key #{} {} ", index, pubkey.to_string()),

     

       197
       197
       +
               "Confirm",

     

       198
       198
       +
               false,

     

       199
       199
       +
           )

     

       200
       200
       +
       }

     

       201
       201
       +
       

     

       202
       202
       +
       #[cfg(test)]

     

       203
       203
       +
       fn display_full_operation(_pubkey: &PublicDidKey, _index: u32, _operation: &PlcOperation) -> bool {

     

       132
       204
        
           true

     

       133
       205
        
       }

     

       134
       206
        
       

     

       135
       207
        
       pub fn sign_plc_operation(

     

       136
       208
        
           key_index: u32,

     

       137
       209
        
           operation: PlcOperation,

     

       138
       138
       -
           previous: Option<PlcOperation>,

     

       210
       210
       +
           previous: Option<SignedPlcOperation>,

     

       139
       211
        
       ) -> Result<Response, &'static str> {

     

       140
       212
        
           if key_index > 256 {

     

       141
       213
        
               return Err("Index is too long");

     
···

       149
       221
        
           let privkey: EcfpPrivateKey<Secp256k1, 32> = EcfpPrivateKey::new(*hd_node.privkey);

     

       150
       222
        
           let did_key = PublicDidKey::new(&privkey.to_public_key());

     

       151
       223
        
       

     

       152
       152
       -
           if let Some(operation) = previous {

     

       153
       153
       -
               if !operation.rotation_keys.contains(&did_key.to_string()) {

     

       224
       224
       +
           if let Some(previous) = previous {

     

       225
       225
       +
               if !previous.rotation_keys.contains(&did_key.to_string()) {

     

       154
       226
        
                   return Err("Key is not part of the previous operation rotation_keys");

     

       155
       227
        
               }

     

       156
       156
       -
               // todo: check previous

     

       157
       157
       -
           }

     

       158
       228
        
       

     

       159
       159
       -
           if !display_full_operation(&did_key, key_index, &operation) {

     

       229
       229
       +
               let msg =

     

       230
       230
       +
                   serde_ipld_dagcbor::to_vec(&previous).map_err(|_| "Failed to serialize operation")?;

     

       231
       231
       +
               let mut hasher = sdk::hash::Sha256::new();

     

       232
       232
       +
               hasher.update(&msg);

     

       233
       233
       +
               let mut digest = [0u8; 32];

     

       234
       234
       +
               hasher.digest(&mut digest);

     

       235
       235
       +
               let wrap = cid::multihash::Multihash::wrap(0x12, &digest).unwrap();

     

       236
       236
       +
               let cid = cid::Cid::new(cid::Version::V1, 0x71, wrap).unwrap();

     

       237
       237
       +
               if operation.prev != Some(cid.to_string()) {

     

       238
       238
       +
                   return Err("Prev does not match the previous operation CID");

     

       239
       239
       +
               }

     

       240
       240
       +
       

     

       241
       241
       +
               if !display_partial_operation(&did_key, key_index, &operation, &previous) {

     

       242
       242
       +
                   return Err("Rejected by the user");

     

       243
       243
       +
               }

     

       244
       244
       +
           } else if !display_full_operation(&did_key, key_index, &operation) {

     

       160
       245
        
               return Err("Rejected by the user");

     

       161
       246
        
           }

     

       162
       247