kitsune2_api 0.5.0-dev.2

p2p / dht communication framework api
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401

use crate::*;
use std::sync::Arc;

/// Defines a type capable of cryptographic signatures.
pub trait Signer {
    /// Sign the encoded data, returning the resulting detached signature bytes.
    fn sign<'a, 'b: 'a, 'c: 'a>(
        &'a self,
        agent_info: &'b AgentInfo,
        message: &'c [u8],
    ) -> BoxFut<'a, K2Result<bytes::Bytes>>;
}

/// Defines a type capable of cryptographic verification.
pub trait Verifier: std::fmt::Debug {
    /// Verify the provided detached signature over the provided message.
    /// Returns `true` if the signature is valid.
    fn verify(
        &self,
        agent_info: &AgentInfo,
        message: &[u8],
        signature: &[u8],
    ) -> bool;
}

/// Trait-object [Verifier].
pub type DynVerifier = Arc<dyn Verifier + 'static + Send + Sync>;

impl Verifier for DynVerifier {
    fn verify(
        &self,
        agent_info: &AgentInfo,
        message: &[u8],
        signature: &[u8],
    ) -> bool {
        (**self).verify(agent_info, message, signature)
    }
}

/// A "Local" agent is an agent that is connected to the local Kitsune2 node,
/// and is able to sign messages and agent infos.
pub trait LocalAgent: Signer + 'static + Send + Sync + std::fmt::Debug {
    /// The [AgentId] of this local agent.
    fn agent(&self) -> &AgentId;

    /// Register a callback to be invoked when [Self::invoke_cb] is called.
    /// Implementations need only track a single cb. If this is called again,
    /// use only the new one.
    fn register_cb(&self, cb: Arc<dyn Fn() + 'static + Send + Sync>);

    /// Invoke the registered cb if one has been set.
    /// This can be treated as a no-op rather than an error if [Self::register_cb] has not yet been called.
    fn invoke_cb(&self);

    /// Access the current storage arc for this local agent.
    ///
    /// This will be used by the space module to construct [AgentInfoSigned].
    fn get_cur_storage_arc(&self) -> DhtArc;

    /// Set the current storage arc for this local agent.
    /// This will be initially set to zero on space join.
    /// The gossip module will update this as data is collected.
    fn set_cur_storage_arc(&self, arc: DhtArc);

    /// This is a chance for the implementor to influence how large
    /// a storage arc should be for this agent. The gossip module will
    /// attempt to collect enough data for claiming storage authority
    /// over this range.
    fn get_tgt_storage_arc(&self) -> DhtArc;

    /// The sharding module will attempt to determine an ideal target
    /// arc for this agent. An implementation is free to use or discard
    /// this information when returning the arc in [Self::get_tgt_storage_arc].
    /// This will initially be set to zero on join, but the sharding module
    /// may later update this to FULL or a true target value.
    fn set_tgt_storage_arc_hint(&self, arc: DhtArc);
}

/// Trait-object [LocalAgent].
pub type DynLocalAgent = Arc<dyn LocalAgent>;

impl LocalAgent for DynLocalAgent {
    fn agent(&self) -> &AgentId {
        (**self).agent()
    }

    fn register_cb(&self, cb: Arc<dyn Fn() + 'static + Send + Sync>) {
        (**self).register_cb(cb);
    }

    fn invoke_cb(&self) {
        (**self).invoke_cb();
    }

    fn get_cur_storage_arc(&self) -> DhtArc {
        (**self).get_cur_storage_arc()
    }

    fn set_cur_storage_arc(&self, arc: DhtArc) {
        (**self).set_cur_storage_arc(arc);
    }

    fn get_tgt_storage_arc(&self) -> DhtArc {
        (**self).get_tgt_storage_arc()
    }

    fn set_tgt_storage_arc_hint(&self, arc: DhtArc) {
        (**self).set_tgt_storage_arc_hint(arc);
    }
}

impl Signer for DynLocalAgent {
    fn sign<'a, 'b: 'a, 'c: 'a>(
        &'a self,
        agent_info: &'b AgentInfo,
        message: &'c [u8],
    ) -> BoxFut<'a, K2Result<bytes::Bytes>> {
        (**self).sign(agent_info, message)
    }
}

mod serde_string_timestamp {
    pub fn serialize<S>(
        t: &crate::Timestamp,
        serializer: S,
    ) -> Result<S::Ok, S::Error>
    where
        S: serde::Serializer,
    {
        serializer.serialize_str(&t.as_micros().to_string())
    }

    pub fn deserialize<'de, D>(
        deserializer: D,
    ) -> Result<crate::Timestamp, D::Error>
    where
        D: serde::Deserializer<'de>,
    {
        let s: &'de str = serde::Deserialize::deserialize(deserializer)?;
        let i: i64 = s.parse().map_err(serde::de::Error::custom)?;
        Ok(crate::Timestamp::from_micros(i))
    }
}

/// AgentInfo stores metadata related to agents.
#[derive(
    Debug, Clone, serde::Serialize, serde::Deserialize, PartialEq, Eq, Hash,
)]
#[serde(rename_all = "camelCase")]
pub struct AgentInfo {
    /// The agent id.
    pub agent: AgentId,

    /// The space id.
    pub space: SpaceId,

    /// When this metadata was created.
    #[serde(with = "serde_string_timestamp")]
    pub created_at: Timestamp,

    /// When this metadata will expire.
    #[serde(with = "serde_string_timestamp")]
    pub expires_at: Timestamp,

    /// If `true`, this metadata is a tombstone, indicating
    /// the agent has gone offline, and is no longer reachable.
    pub is_tombstone: bool,

    /// If set, this indicates the primary url at which this agent may
    /// be reached. This should largely only be UNSET if this is a tombstone.
    pub url: Option<Url>,

    /// The arc over which this agent claims authority.
    #[serde(default = "DhtArc::default")]
    pub storage_arc: DhtArc,
}

/// Signed agent information.
#[derive(PartialEq, Eq, Hash)]
pub struct AgentInfoSigned {
    /// The decoded information associated with this agent.
    agent_info: AgentInfo,

    /// The encoded information that was signed.
    encoded: String,

    /// The signature.
    signature: bytes::Bytes,
}

impl std::fmt::Debug for AgentInfoSigned {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        f.write_str("AgentInfoSigned(")?;
        f.write_str(&self.encoded)?;
        f.write_str(")")
    }
}

impl AgentInfoSigned {
    /// Generate a signed agent info by signing an agent info.
    pub async fn sign<S: Signer>(
        signer: &S,
        agent_info: AgentInfo,
    ) -> K2Result<std::sync::Arc<Self>> {
        let encoded = serde_json::to_string(&agent_info)
            .map_err(|e| K2Error::other_src("encoding agent_info", e))?;
        let signature = signer
            .sign(&agent_info, encoded.as_bytes())
            .await
            .map_err(|e| K2Error::other_src("signing agent_info", e))?;
        Ok(std::sync::Arc::new(Self {
            agent_info,
            encoded,
            signature,
        }))
    }

    /// Decode a canonical json encoding of a signed agent info.
    pub fn decode<V: Verifier>(
        verifier: &V,
        encoded: &[u8],
    ) -> K2Result<std::sync::Arc<Self>> {
        #[derive(serde::Deserialize)]
        #[serde(rename_all = "camelCase")]
        struct Ref {
            agent_info: String,
            #[serde(with = "crate::serde_bytes_base64")]
            signature: bytes::Bytes,
        }
        let v: Ref = serde_json::from_slice(encoded)
            .map_err(|e| K2Error::other_src("decoding agent_info", e))?;
        Self::inner_decode_one(verifier, v.agent_info, v.signature)
    }

    /// Decode a canonical json encoding of a list of signed agent infos.
    pub fn decode_list<V: Verifier>(
        verifier: &V,
        encoded: &[u8],
    ) -> K2Result<Vec<K2Result<std::sync::Arc<Self>>>> {
        #[derive(serde::Deserialize)]
        #[serde(rename_all = "camelCase")]
        struct Ref {
            agent_info: String,
            #[serde(with = "crate::serde_bytes_base64")]
            signature: bytes::Bytes,
        }
        let v: Vec<Ref> = serde_json::from_slice(encoded)
            .map_err(|e| K2Error::other_src("decoding agent_info", e))?;
        Ok(v.into_iter()
            .map(|v| {
                Self::inner_decode_one(verifier, v.agent_info, v.signature)
            })
            .collect())
    }

    fn inner_decode_one<V: Verifier>(
        verifier: &V,
        agent_info: String,
        signature: bytes::Bytes,
    ) -> K2Result<std::sync::Arc<Self>> {
        let info: AgentInfo = serde_json::from_str(&agent_info)
            .map_err(|e| K2Error::other_src("decoding inner agent_info", e))?;
        if !verifier.verify(&info, agent_info.as_bytes(), &signature) {
            return Err(K2Error::other("InvalidSignature"));
        }
        Ok(std::sync::Arc::new(Self {
            agent_info: info,
            encoded: agent_info,
            signature,
        }))
    }

    /// Get the canonical json encoding of this signed agent info.
    pub fn encode(&self) -> K2Result<String> {
        #[derive(serde::Serialize)]
        #[serde(rename_all = "camelCase")]
        struct Ref<'a> {
            agent_info: &'a String,
            #[serde(with = "crate::serde_bytes_base64")]
            signature: &'a bytes::Bytes,
        }
        serde_json::to_string(&Ref {
            agent_info: &self.encoded,
            signature: &self.signature,
        })
        .map_err(|e| K2Error::other_src("encoding agent_info", e))
    }

    /// Access the inner [AgentInfo] data. Note, you can instead just deref.
    pub fn get_agent_info(&self) -> &AgentInfo {
        self
    }

    /// Access the canonical encoded inner agent info.
    pub fn get_encoded(&self) -> &str {
        &self.encoded
    }

    /// Access the signature over the encoded inner agent info.
    pub fn get_signature(&self) -> &bytes::Bytes {
        &self.signature
    }
}

impl std::ops::Deref for AgentInfoSigned {
    type Target = AgentInfo;

    fn deref(&self) -> &Self::Target {
        &self.agent_info
    }
}

#[cfg(test)]
mod test {
    use super::*;

    const SIG: &[u8] = b"fake-signature";

    #[derive(Debug)]
    struct TestCrypto;

    impl Signer for TestCrypto {
        fn sign<'a, 'b: 'a, 'c: 'a>(
            &'a self,
            _agent_info: &'b AgentInfo,
            _encoded: &'c [u8],
        ) -> BoxFut<'a, K2Result<bytes::Bytes>> {
            Box::pin(async move { Ok(bytes::Bytes::from_static(SIG)) })
        }
    }

    impl Verifier for TestCrypto {
        fn verify(
            &self,
            _agent_info: &AgentInfo,
            _message: &[u8],
            signature: &[u8],
        ) -> bool {
            signature == SIG
        }
    }

    #[tokio::test(flavor = "multi_thread")]
    async fn happy_encode_decode() {
        let agent: AgentId = bytes::Bytes::from_static(b"test-agent").into();
        let space_id: SpaceId = bytes::Bytes::from_static(b"test-space").into();
        let now = Timestamp::from_micros(1731690797907204);
        let later = Timestamp::from_micros(now.as_micros() + 72_000_000_000);
        let url = Some(Url::from_str("ws://test.com:80/test-url").unwrap());
        let storage_arc = DhtArc::Arc(42, u32::MAX / 13);

        let enc = AgentInfoSigned::sign(
            &TestCrypto,
            AgentInfo {
                agent: agent.clone(),
                space: space_id.clone(),
                created_at: now,
                expires_at: later,
                is_tombstone: false,
                url: url.clone(),
                storage_arc,
            },
        )
        .await
        .unwrap()
        .encode()
        .unwrap();

        assert_eq!(
            r#"{"agentInfo":"{\"agent\":\"dGVzdC1hZ2VudA\",\"space\":\"dGVzdC1zcGFjZQ\",\"createdAt\":\"1731690797907204\",\"expiresAt\":\"1731762797907204\",\"isTombstone\":false,\"url\":\"ws://test.com:80/test-url\",\"storageArc\":[42,330382099]}","signature":"ZmFrZS1zaWduYXR1cmU"}"#,
            enc
        );

        let dec = AgentInfoSigned::decode(&TestCrypto, enc.as_bytes()).unwrap();
        assert_eq!(agent, dec.agent);
        assert_eq!(space_id, dec.space);
        assert_eq!(now, dec.created_at);
        assert_eq!(later, dec.expires_at);
        assert!(!dec.is_tombstone);
        assert_eq!(url, dec.url);
        assert_eq!(storage_arc, dec.storage_arc);
    }

    #[tokio::test(flavor = "multi_thread")]
    async fn ignores_future_extension_fields() {
        AgentInfoSigned::decode(&TestCrypto, br#"{"agentInfo":"{\"agent\":\"dGVzdC1hZ2VudA\",\"space\":\"dGVzdC1zcGFjZQ\",\"createdAt\":\"1731690797907204\",\"expiresAt\":\"1731762797907204\",\"isTombstone\":false,\"url\":\"ws://test.com:80/test-url\",\"storageArc\":[42,330382099],\"fakeField\":\"bla\"}","signature":"ZmFrZS1zaWduYXR1cmU","fakeField2":"bla2"}"#).unwrap();
    }

    #[tokio::test(flavor = "multi_thread")]
    async fn fills_in_default_fields() {
        let dec = AgentInfoSigned::decode(&TestCrypto, br#"{"agentInfo":"{\"agent\":\"dGVzdC1hZ2VudA\",\"space\":\"dGVzdC1zcGFjZQ\",\"createdAt\":\"1731690797907204\",\"expiresAt\":\"1731762797907204\",\"isTombstone\":false}","signature":"ZmFrZS1zaWduYXR1cmU"}"#).unwrap();
        assert!(dec.url.is_none());
        assert_eq!(DhtArc::Empty, dec.storage_arc);
    }

    #[tokio::test(flavor = "multi_thread")]
    async fn dies_with_invalid_signature() {
        let dec = AgentInfoSigned::decode(&TestCrypto, br#"{"agentInfo":"{\"agent\":\"dGVzdC1hZ2VudA\",\"space\":\"dGVzdC1zcGFjZQ\",\"createdAt\":\"1731690797907204\",\"expiresAt\":\"1731762797907204\",\"isTombstone\":false}","signature":""}"#).unwrap_err();
        assert!(dec.to_string().contains("InvalidSignature"));
    }
}