-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcolink.proto
326 lines (283 loc) · 12.3 KB
/
colink.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
syntax = "proto3";
package colink;
service CoLink {
// Given a valid JWT or valid signature and an expiration timestamp, generates a new JWT with the expiration time set to the input timestamp.
// Requires user jwt or user consent with signature.
// You cannot refresh a host JWT.
rpc GenerateToken (GenerateTokenRequest) returns (Jwt);
// Generates a JWT from a user with a public/secret key pair.
// The generated JWT specifies the user's privilege as a user, contains their user_id, which is a base64 encoding of the provided public key.
// Requires host JWT.
rpc ImportUser (UserConsent) returns (Jwt);
// Creates an entry in CoLink storage.
// In the entry passed in to the call, the `key_name` field must be nonempty. Every other field is is ignored.
// Requires user or host JWT.
// Returns a key_path with current timestamp included.
rpc CreateEntry (StorageEntry) returns (StorageEntry);
// Retrieves entries from CoLink storage.
// One and only one field among `key_name` and `key_path` is nonempty. If both are nonempty, an error is returned.
// If key_name is nonempty, returns the latest version of the entry with that key name.
// This is done by first obtaining the timestamp representing the latest version of the entry,
// and then retrieving the entry with that timestamp by including the timestamp in key_path.
// If key_path is nonempty, returns the entry with the corresponding key path.
// If you're looking for a specific version of an entry, use specify the timestamp inside the `key_path` field.
// In both cases, the key_name field is empty in the returned StorageEntry. key_path and payload are nonempty.
// If an entry is not found. An error is returned.
// Note that the returned order of the entries is NOT guaranteed to be the same as the order of the input.
// Requires user or host JWT.
rpc ReadEntries (StorageEntries) returns (StorageEntries);
// Updates an entry in CoLink storage.
// In the entry passed in to the call, the `key_name` field must be nonempty. Every other field is is ignored.
// Creates a new entry with the current timestamp in the key_path field.
// Sets the latest entry to current timestamp.
// Requires user or host JWT.
// Returns a key_path with current timestamp included.
rpc UpdateEntry (StorageEntry) returns (StorageEntry);
// Deletes an entry from CoLink storage.
// Sets the latest entry to current timestamp, but unlike UpdateEntry, we do not create a new entry with the current
// timestamp in the key_path field. Therefore the current timestamp points to nothing.
// Requires user or host JWT.
// Returns a key_path with current timestamp included.
rpc DeleteEntry (StorageEntry) returns (StorageEntry);
// Returns list of entries in CoLink storage whose key_path starts with input prefix.
// Requires user or host JWT.
rpc ReadKeys (ReadKeysRequest) returns (StorageEntries);
// An initiator creates a task.
// Generate a task_id for this task.
// Represent user(initiator) to sign a decision for this task.
// Sync this task with other participants.
// Update task status in storage.
// In request, protocol_name, protocol_param, participants are required. parent_task is optional.
// In response, only task_id is included.
// Require user JWT.
rpc CreateTask (Task) returns (Task);
// A participant confirms a task.
// Represent user to sign a decision for this task.
// Sync the decision to the initiator.
// Update task status in storage.
// The task is ignored if is_approved and is_rejected are both false in the decision.
// In request, task_id is required.
// Require user JWT.
rpc ConfirmTask (ConfirmTaskRequest) returns (Empty);
// A participant finishes a task.
// Update task status in storage.
// In request, task_id is required.
// Require user JWT.
rpc FinishTask (Task) returns (Empty);
// Request the information of the core, including the URI of MQ, and the public key of the core.
// Return MQ Information optionally and core public key for this user.
// Also return the IP address of the requestor.
// JWT is optional: when the request includes jwt, the uri of mq is returned.
rpc RequestInfo (Empty) returns (RequestInfoResponse);
// Subscribe to changes in the storage.
// It lets you subscribe to all changes of key_name in storage since start_timestamp.
// The subscription message is formatted in SubscriptionMessage.
// Require user JWT.
rpc Subscribe (SubscribeRequest) returns (MQQueueName);
// Unsubscribe the changes in the storage.
// Require user JWT.
rpc Unsubscribe (MQQueueName) returns (Empty);
// Start a protocol operator.
// It returns a unique instance_id for the newly started operator.
// In request, protocol_name and user_id are required.
// In response, instance_id is included.
// Require user or host JWT.
rpc StartProtocolOperator (StartProtocolOperatorRequest) returns (ProtocolOperatorInstanceId);
// Stop a protocol operator.
// In request, instance_id is required.
// Require user or host JWT.
rpc StopProtocolOperator (ProtocolOperatorInstanceId) returns (Empty);
// InterCore RPC.
// Sync a task.
// If it receives a task with unknown task_id, then create this task in storage and send task status to MQ.
// Otherwise, update decisions in storage.
// If all participants' decisions are received and it is the initiator, sync the decisions to other participants.
// If all participants' decisions are received, send task status to MQ.
// The task status in the request should be ignored even if it exists.
// Require guest or user JWT.
rpc InterCoreSyncTask (Task) returns (Empty);
// InterCore RPC.
// Same as InterCoreSyncTask and create a reverse connection.
// When A uses this RPC to sync a task with B, it creates a reverse connection from B to A.
// When B uses that reverse connection to sync tasks with A, B would not need to use a JWT, and A automatically assumes that B has guest privilege.
// Require guest or user JWT.
rpc InterCoreSyncTaskWithReverseConnection (Task) returns (stream Task);
}
message Empty {}
message ListOfString {
repeated string list = 1;
}
message ListOfBytes {
repeated bytes list = 1;
}
message ListOfInt64 {
repeated int64 list = 1;
}
message ListOfFloat {
repeated float list = 1;
}
message ListOfBool {
repeated bool list = 1;
}
/**
* JSON Web Token (JWT) that is used to authenticate a user. The JWT encodes the user's privilege, user_id - which is the base64 encoding of the public key - and the expiration time.
*/
message Jwt {
string jwt = 1;
}
/**
* An entry in the CoLink storage.
*/
message StorageEntry {
// The key name of the entry.
string key_name = 1;
// The path of this entry. May contain information about the user_id, application_id, key name, and the timestamp of the entry.
// Note that, unlike other timestamps used in the protocol, the timestamp in the key_path is the number of
// *non-leap-nanoseconds* since January 1, 1970 UT, which is different from the unix timestamp.
string key_path = 2;
// The payload (value) of the entry.
bytes payload = 3;
}
/**
* A list of entries.
*/
message StorageEntries {
repeated StorageEntry entries = 1;
}
/**
* Contains the new expiration time to be set for the generated token.
*
* The old token is contained in the header of this request, under the 'authorization' field.
*/
message GenerateTokenRequest {
// The new expiration time for the token, in unix timestamp format.
int64 expiration_time = 1;
// The privilege of the generated jwt.
string privilege = 2;
// Allows users to generate a new JWT using user consent with a signature without an old JWT.
UserConsent user_consent = 3;
}
/**
* Import a user from an existing public/secret key pair.
*
* A signature by the user is required to verify the user's consent to let the core represent the user.
*
* The signature message is the concatenation of user public key, timestamp at the time of signing, expiration timestamp, and core public key.
* The signature will be saved in user's storage and get passed in inter-core communication, so other cores can ensure the core is representing the user by checking both public keys.
*/
message UserConsent {
// The public key of the user, serialized in compact (default) form.
bytes public_key = 1;
// Unix timestamp of time of signature, in unix timestamp format.
// The signature should be generated within 10 minutes of the time of signature verification
int64 signature_timestamp = 2;
// The expiration timestamp for the token to be generated, and for the user consent, in unix timestamp format.
// We assume the JWT will have the same expiration time as the user consent.
int64 expiration_timestamp = 4;
// The ECDSA compact signature composed of user public key, timestamp at the time of signing, expiration timestamp, and core public key.
// The signature represents the user's consent to let the core represent the user by including the trusted core's public key.
bytes signature = 3;
}
message ReadKeysRequest {
// The prefix of the key_path of the entries to be retrieved.
string prefix = 1;
bool include_history = 2;
}
message Participant {
// The user id of this participant.
string user_id = 1;
// Role of this participant in the protocol.
string role = 2;
}
message Decision {
// Approved / Rejected
bool is_approved = 1;
bool is_rejected = 2;
// Reason
string reason = 3;
// Signature
bytes signature = 4;
// Core's public key
bytes core_public_key = 5;
// User consent
UserConsent user_consent = 6;
}
message Task {
// The id of this task.
string task_id = 1;
// The protocol of this task.
string protocol_name = 2;
// The protocol parameters (after serialization).
bytes protocol_param = 3;
// The list of participants (initiator should be placed first).
repeated Participant participants = 4;
// The task id of the parent task.
string parent_task = 5;
// Whether the task requires the signed decisions from all participants to start. If require_agreement=False, the task starts without confirming replies from others.
bool require_agreement = 9;
// The list of decisions (align with participants).
repeated Decision decisions = 6;
// The status of this task.
string status = 7;
// The expiration time for waiting for others' decisions, in unix timestamp format.
int64 expiration_time = 8;
}
message ConfirmTaskRequest{
// The id of this task.
string task_id = 1;
// The decision of this task.
Decision decision = 2;
}
message RequestInfoResponse {
// The URI of MQ.
string mq_uri = 1;
// The public key of the core, serialized in compact (default) form.
bytes core_public_key = 2;
// The IP address of the requestor.
string requestor_ip = 3;
// The version of the core.
string version = 4;
}
message SubscribeRequest {
// The key_name of the entry to be subscribed.
string key_name = 1;
// start_timestamp, in the same format as the timestamp in the storage. Not in unix timestamp format.
int64 start_timestamp = 2;
}
message SubscriptionMessage {
// The type of change of the storage entry. valid values: create/update/delete/in-storage.
string change_type = 1;
// The key_path of the storage entry.
string key_path = 2;
// The payload (value) of the storage entry.
bytes payload = 3;
}
message MQQueueName {
// The name of the generated queue for this subscription.
string queue_name = 1;
}
message CoLinkInternalTaskIDWithKeyPath {
string key_path = 1;
string task_id = 2;
}
message CoLinkInternalTaskIDList {
repeated CoLinkInternalTaskIDWithKeyPath task_ids_with_key_paths = 1;
}
enum StartProtocolOperatorSourceType{
NONE = 0;
TGZ = 1;
GIT = 2;
DOCKER = 3;
}
message StartProtocolOperatorRequest {
string protocol_name = 1;
string user_id = 2;
bool upgrade = 3;
StartProtocolOperatorSourceType source_type = 4;
string deploy_mode = 5;
string source = 6;
string vt_public_addr = 7;
}
message ProtocolOperatorInstanceId {
string instance_id = 1;
}