diff --git a/shared/protos/identity_client.proto b/shared/protos/identity_client.proto --- a/shared/protos/identity_client.proto +++ b/shared/protos/identity_client.proto @@ -33,6 +33,22 @@ // Called by clients to get a nonce for a Sign-In with Ethereum message rpc GenerateNonce(Empty) returns (GenerateNonceResponse) {} + + // X3DH actions + + // Called by clients to get all device keys associated with a user in order + // to open a new channel of communication on any of their devices + rpc GetDeviceKeysForUser(DeviceKeysForUserRequest) returns + (DeviceKeysForUserResponse) {} + // Called by clients to get required keys for opening a connection + // to a keyserver + rpc GetKeyserverKeys(KeyserverKeysRequest) returns + (KeyserverKeysResponse) {} + // Replenish one-time preKeys + rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {} + // Rotate a devices preKey and preKey signature + // Rotated for deniability of older messages + rpc RefreshUserPreKeys(RefreshUserPreKeysRequest) returns (Empty) {} } // Helper types @@ -225,3 +241,55 @@ message GenerateNonceResponse{ string nonce = 1; } + +// GetDeviceKeysForUser + +message DeviceKeysForUserRequest { + oneof identifier { + string username = 1; + string walletAddress = 2; + } +} + +message DeviceKeysForUserResponse { + // Map is keyed on devices' public ed25519 key used for signing + map devices = 1; +} + +// GetKeyserverKeys + +// All keyserver must be registered with an existing user. +// Conversely, one or zero keyservers can registered to a user. +message KeyserverKeysRequest { + oneof identifier { + string username = 1; + string walletAddress = 2; + } +} + +message KeyserverKeysResponse { + KeyserverSessionInfo keyserverInfo = 1; +} + +// UploadOneTimeKeys + +// As OPKs get exhausted, they need to be refreshed +message UploadOneTimeKeysRequest { + // Use device associated with token to insert OPKs + string accessToken = 1; + repeated string oneTimePreKeys = 2; +} + +// RefreshUserPreKeys + +message PreKeyUpload { + // Rotating preKey, validated to be associatd with IdentityKeys + // through signature + string preKey = 1; + string preKeySignature = 2; +} + +message RefreshUserPreKeysRequest { + string accessToken = 1; + PreKeyUpload newPreKeys = 2; +}