dee 0.0.16

An cli for drand, with support for timelock encryption.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160

# dee: Rust cli for drand

[![Documentation](https://img.shields.io/badge/docs-main-blue.svg)][Documentation]
![License](https://img.shields.io/crates/l/dee.svg)
[![crates.io](https://img.shields.io/crates/v/dee.svg)][Crates.io]

[Crates.io]: https://crates.io/crates/dee
[Documentation]: https://docs.rs/dee/

Retrieve public randomness, and encrypt your files to the future. **dee** provides a drand client, and support for timelock encryption.

<p align="center"><img src="./assets/demo.gif?raw=true"/></p>

## Tables of Content

* [Features](#features)
* [What's next](#whats-next)
* [Installation](#installation)
* [Usage](#usage)
  * [Manage remote beacons](#manage-remote-beacons)
  * [Retrieve public randomness](#retrieve-public-randomness)
  * [Timelock encryption](#timelock-encryption)
  * [Common remotes](#common-remotes)
* [Security Considerations](#security-considerations)
* [FAQ](#faq)
* [License](#license)

## Features

* Retrieve drand randomness
* Manages multiple beacons locally
* Timelock encryption and decryption
* Chain and unchained randomness
* Signatures verification on G1 and G2
* Customizable output format
* Cross platform (Linux, Windows, macOS)
* Interroperability with Go and JS implementation
* wasm32 compatible library

## What's next

* P2P randomness retrieval
* Offline timelock decryption

## Installation

| Environment        | CLI Command                                                   |
|:-------------------|:--------------------------------------------------------------|
| Cargo (Rust 1.74+) | `cargo install dee --git https://github.com/thibmeu/drand-rs` |

On Linux, Windows, or macOS, you can use the [pre-built binaries](https://github.com/thibmeu/drand-rs/releases).

## Usage

You can use the `--help` option to get more details about the commands and their options.

```bash
dee [OPTIONS] <COMMAND>
```

### Manage remote beacons

Add quicknet remote beacon, and shows details about it.
```bash
dee remote add quicknet https://api.drand.sh/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971
quicknet
```

```bash
dee remote show --long quicknet
URL       : https://drand.cloudflare.com/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971
Public Key: 83cf0f2896adee7eb8b5f01fcad3912212c437e0073e911fb90022d3e760183c8c4b450b6a0a6c3ac6a5776a2d1064510d1fec758c921cc22b0e17e63aaf4bcb5ed66304de9cf809bd274ca73bab4af5a6e9c76a4bc09e76eae8991ef5ece45a
Period    : 3s
Genesis   : 2023-08-23 15:09:27.0 +00:00:00
Chain Hash: 52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971
Group Hash: f477d5c89f21a17c863a7f937c6a6d15859414d2be09cd448d4279af331c5d3e
Scheme ID : bls-unchained-g1-rfc9380
Beacon ID : quicknet
```

### Retrieve public randomness

Retrieve round 1000 from quicknet.

```bash
dee rand -u quicknet --long 1000
Round     : 1000
Relative  : 100:09:43 ago
Absolute  : 2023-08-23 15:59:24
Randomness: fe290beca10872ef2fb164d2aa4442de4566183ec51c56ff3cd603d930e54fdd
Signature : b44679b9a59af2ec876b1a6b1ad52ea9b1615fc3982b19576350f93447cb1125e342b73a8dd2bacbe47e4b6b63ed5e39
```

### Timelock encryption

Encrypt `Hello dee!` string to 30 seconds in the future, using quicknet publickey. If you wait 30 seconds before decrypting, the message is decrypted using the new quicknet signature.

```
echo 'Hello dee!' | dee crypt -u quicknet -r 30s > data.dee
dee crypt --decrypt data.dee
Hello dee!
```

### Common remotes

| ID                    | Remote                                                                                          | Timelock encryption |
| :---------------------|:------------------------------------------------------------------------------------------------|:--------------------|
| `quicknet-cloudflare` | `https://drand.cloudflare.com/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971` | Yes                 |
| `quicknet-pl`         | `https://api.drand.sh/52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971`         | Yes                 |
| `mainnet-cloudflare`  | `https://drand.cloudflare.com`                                                                  | No                  |
| `mainnet-pl`          | `https://api.drand.sh`                                                                          | No                  |

`dee` does not come with a default remote beacon. You should decide whichever suit your needs.

More beacons origin are available on [drand website](https://drand.love/developer/).

## Security Considerations

This software has not been audited. Please use at your sole discretion. With this in mind, dee security relies on the following:
* [tlock: Practical Timelock Encryption from Threshold BLS](https://eprint.iacr.org/2023/189) by Nicolas Gailly, Kelsey Melissaris, and Yolan Romailler, and its implementation in [thibmeu/tlock-rs](https://github.com/thibmeu/tlock-rs),
* [Identity-Based Encryption](https://crypto.stanford.edu/~dabo/papers/bfibe.pdf) by Dan Boneh, and Matthew Franklin, and its implementation in [thibmeu/tlock-rs](https://github.com/thibmeu/tlock-rs),
* The [League of Entropy](https://www.cloudflare.com/leagueofentropy/) to remain honest,
* [age](https://github.com/C2SP/C2SP/blob/main/age.md) encryption protocol, and its implementation in [str4d/rage](https://github.com/str4d/rage),

## FAQ

### Default configuration path

`dee` configuration file is available at the following

| OS      | Path                                                           |
|:--------|:---------------------------------------------------------------|
| Linux   | `/home/alice/.config/dee/default.toml`                         |
| Windows | `C:\Users\Alice\AppData\Roaming\dee\config\default.toml`       |
| macOS   | `/Users/Alice/Library/Application Support/rs.dee/default.toml` |

### Other implementations

drand API specification is at [drand.love/docs/specification](https://drand.love/docs/specification/). drand is based on [Scalable Bias-Resistant Distributed Randomness](https://eprint.iacr.org/2016/1067) by Ewa Syta, Philipp Jovanovic, Eleftherios Kokoris Kogias, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Michael J.  Fischer, and Bryan Ford.
The reference interroperable Go implementation is available at [drand/drand](https://github.com/drand/drand).

timelock encryption was published in [tlock: Practical Timelock Encryption from Threshold BLS](https://eprint.iacr.org/2023/189) by Nicolas Gailly, Kelsey Melissaris, and Yolan Romailler.
The reference interroperable Go implementation is available at [drand/tlock](https://github.com/drand/tlock).

### Rust libraries

dee focuses on building a cli. It relies on Rust libraries to use drand or perform timelock encryption.

If you're looking to implement your own Rust application on top of drand and/or timelock encryption, you can use the following:
* [drand_core](https://github.com/thibmeu/drand-rs/tree/main/drand_core): drand client,
* [tlock](https://github.com/thibmeu/tlock-rs): raw tlock implementation, allowing messages up to 16 bytes,
* [tlock_age](https://github.com/thibmeu/tlock-rs): hybrid encryption, age phassphrase is encrypted using tlock,

## License

This project is under the MIT license.

### Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be MIT licensed as above, without any additional terms or conditions.