Page MenuHomePhabricator

[identity] return user identifier in InboundKeysForUserResponse
ClosedPublic

Authored by varun on Jan 5 2024, 12:50 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Dec 22, 3:40 PM
Unknown Object (File)
Tue, Dec 17, 6:59 AM
Unknown Object (File)
Tue, Dec 17, 4:33 AM
Unknown Object (File)
Nov 12 2024, 2:39 PM
Unknown Object (File)
Nov 12 2024, 2:39 PM
Unknown Object (File)
Nov 12 2024, 12:05 PM
Unknown Object (File)
Nov 12 2024, 10:14 AM
Unknown Object (File)
Nov 12 2024, 6:18 AM

Details

Summary

Receivers will need the outbound user's username/wallet address. They should get it from the identity service, rather than rely on the outbound user to provide the correct value.

Test Plan

tested this on staging by calling the get_inbound client method from my local keyserver and successfully retrieving a username for an existing user.
tried again with a wallet user and got back a wallet address.

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

varun published this revision for review.Jan 5 2024, 12:51 PM

ESLint failures show that this diff was created in a branch with some commits that haven't been put up on Phabricator. Can you explain what's going on?

Seeing as this diff doesn't have a listed stack on Phabricator, you should be able to apply it cleanly to master and then try arc diff again to get rid of the failures

ESLint failures show that this diff was created in a branch with some commits that haven't been put up on Phabricator. Can you explain what's going on?

Seeing as this diff doesn't have a listed stack on Phabricator, you should be able to apply it cleanly to master and then try arc diff again to get rid of the failures

This diff is in the same branch as D10455, which had some ESLint/prettier issues (not sure why they were only caught when I updated D10490). I've resolved the issue now so this should pass CI when I update.

ashoat added subscribers: will, kamil, inka.

Before landing, can you:

  1. Create a follow-up task to add the same info to KeyserverKeysResponse, and set it to block ENG-6079?
  2. Create a follow-up task to add the same info to OutboundKeysForUserResponse. I had trouble finding the right task to block here, but I guess ENG-5453. (cc @kamil, @inka)
  3. Respond to my questions in the third inline comment, and consider amending this diff to include the social_proof if possible

Would also appreciate @bartek's review here.

shared/protos/identity_authenticated.proto
90

I think we need to update this too. Consider a client trying to connect to a keyserver.

Currently, that client would learn of a keyserver's userID by calling that keyserver's getVersion endpoint. Some discussion of that here.

getVersion also returns a username, which is displayed in the keyserver management UI. But while we can trust the userID (since we get the keys from identity service based on it), we can't trust the keyserver's claimed username.

Instead, we'll want the client to get the keyserver's username from the identity service.

cc @tomek, as this affects your work on the keyserver connection handlers.

PS – if the keyserver host is an Ethereum user, we'd also ideally want the client to verify the social proof before displaying their wallet address (or ENS name). See discussion below for more details on that.

97

I think we'll want to update this too. @kamil is slated to work on initiating Olm sessions between different users next month. That workflow should be based on userIDs as well, since a user may learn of another user if they are in the same community. (In another case, a user may learn of another user by searching for their username; in that case, we would have them use @will's upcoming user search API, which should return a userID as well.)

118–121

In general, when we hand out a wallet_address, we should include the accompanying social_proof. This enables the receiver to verify the root of trust.

This is documented somewhat in the whitepaper, but not well enough. I created ENG-6370 to track updating the whitepaper's description of peer-to-peer authentication.

Created ENG-6371 to track implementing the social proof stuff. Two questions for you here:

  1. How easy would it be to also provide the social proof in InboundKeysForUserResponse as part of this diff?
  2. It looks like pretty much every login/registration RPC has the social_proof as optional. In what cases does the identity service actually require a social proof currently? Does it get stored to DynamoDB?

ESLint failures show that this diff was created in a branch with some commits that haven't been put up on Phabricator. Can you explain what's going on?

Seeing as this diff doesn't have a listed stack on Phabricator, you should be able to apply it cleanly to master and then try arc diff again to get rid of the failures

This diff is in the same branch as D10455, which had some ESLint/prettier issues (not sure why they were only caught when I updated D10490). I've resolved the issue now so this should pass CI when I update.

If it's in the same branch, that should be reflected on the diff stack. Can you add a relationship between this diff and its parent in your branch?

Rust looks good, I left some improvement ideas (more to code quality than actual logic so they're optional)

Remember to address @ashoat's feedback before landing ;)

services/identity/src/database.rs
1110–1124

Optionally this could be done as impl TryFrom<AttributeMap> for Identifier but up to you

1122

Might be worth adding

services/identity/src/grpc_services/authenticated.rs
200–209

I'd prefer implementing impl From<DBIdentifier> for proto::Identifier and use it here. Makes the code cleaner and re-usable

shared/protos/identity_authenticated.proto
118–121
  1. It looks like pretty much every login/registration RPC has the social_proof as optional. In what cases does the identity service actually require a social proof currently? Does it get stored to DynamoDB?

There's a check in Identity Service code. If we went with option 2 in ENG-6371, we'd get this enforced by schema.

This revision is now accepted and ready to land.Jan 8 2024, 4:43 AM
keyserver/addons/rust-node-addon/rust-binding-types.js
14–15

Heads-up, it looks like this type was moved in D10374. You'll need to rebase before landing

keyserver/addons/rust-node-addon/rust-binding-types.js
14–15

yeah just noticed while rebasing, thanks for the heads up

shared/protos/identity_authenticated.proto
118–121

How easy would it be to also provide the social proof in InboundKeysForUserResponse as part of this diff?

Pretty easy, I think. But do we need to handle verifying the root of trust here, too?

It looks like pretty much every login/registration RPC has the social_proof as optional. In what cases does the identity service actually require a social proof currently? Does it get stored to DynamoDB?

It's required by the wallet login RPCs. It does get stored in DDB

Before landing, can you:

  1. Create a follow-up task to add the same info to KeyserverKeysResponse, and set it to block ENG-6079?
  2. Create a follow-up task to add the same info to OutboundKeysForUserResponse. I had trouble finding the right task to block here, but I guess ENG-5453. (cc @kamil, @inka)
  3. Respond to my questions in the third inline comment, and consider amending this diff to include the social_proof if possible

Would also appreciate @bartek's review here.

@ashoat and @will created the follow up tasks here: https://linear.app/comm/issue/ENG-6408/provide-username-when-returning-keys-from-identity-service

shared/protos/identity_authenticated.proto
118–121

I see this task was created, so I think verifying the root of trust is out of scope for this diff

shared/protos/identity_authenticated.proto
118–121

Yeah but it still wouldn’t hurt to include the socialProof here now if it’s not too hard

Trying to understand if the social proof work was completed here

keyserver/addons/rust-node-addon/src/identity_client/get_inbound_keys_for_user.rs
47 ↗(On Diff #35443)

Can you clarify what "We ignore the social proof for now" means here?

keyserver/addons/rust-node-addon/src/identity_client/get_inbound_keys_for_user.rs
39–51 ↗(On Diff #35443)
47 ↗(On Diff #35443)

I just meant that we can avoid creating an unused variable with this shorthand. The EthereumIdentity struct does contain a social_proof field, though. In the future, we'll replace this line with the suggested code below

keyserver/addons/rust-node-addon/src/identity_client/get_inbound_keys_for_user.rs
39–51 ↗(On Diff #35443)

last arm in the suggested edit's match statement should actually be ...

_ => (None, None, None),
keyserver/addons/rust-node-addon/src/identity_client/get_inbound_keys_for_user.rs
47 ↗(On Diff #35443)

Got it, thanks for explaining. Sounds like this will be added in ENG-6376