Changeset View
Standalone View
shared/protos/identity_client.proto
Show All 18 Lines | service IdentityClientService { | ||||
rpc LoginWalletUser(WalletLoginRequest) returns (WalletLoginResponse) {} | rpc LoginWalletUser(WalletLoginRequest) returns (WalletLoginResponse) {} | ||||
// Called by a user to delete their own account | // Called by a user to delete their own account | ||||
rpc DeleteUser(DeleteUserRequest) returns (Empty) {} | rpc DeleteUser(DeleteUserRequest) returns (Empty) {} | ||||
// Sign-In with Ethereum actions | // Sign-In with Ethereum actions | ||||
// Called by clients to get a nonce for a Sign-In with Ethereum message | // Called by clients to get a nonce for a Sign-In with Ethereum message | ||||
rpc GenerateNonce(Empty) returns (GenerateNonceResponse) {} | rpc GenerateNonce(Empty) returns (GenerateNonceResponse) {} | ||||
// X3DH actions | |||||
// Called by clients to get all device keys associated with a user in order | |||||
// to open a new channel of communication on any of their devices | |||||
rpc GetDeviceKeysForUser(DeviceKeysForUserRequest) returns | |||||
(DeviceKeysForUserResponse) {} | |||||
// Called by clients to get required keys for opening a connection | |||||
// to a keyserver | |||||
rpc GetKeyserverKeys(KeyserverKeysRequest) returns | |||||
(KeyserverKeysResponse) {} | |||||
// Replenish one-time preKeys | |||||
rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {} | |||||
// Rotate a devices preKey and preKey signature | |||||
// Rotated for deniability of older messages | |||||
rpc RefreshUserPreKeys(RefreshUserPreKeysRequest) returns (Empty) {} | |||||
} | } | ||||
// Helper types | // Helper types | ||||
message Empty {} | message Empty {} | ||||
// Key information needed for starting a X3DH session | // Key information needed for starting a X3DH session | ||||
message IdentityKeyInfo { | message IdentityKeyInfo { | ||||
▲ Show 20 Lines • Show All 170 Lines • ▼ Show 20 Lines | message DeleteUserRequest { | ||||
string accessToken = 1; | string accessToken = 1; | ||||
} | } | ||||
// GenerateNonce | // GenerateNonce | ||||
message GenerateNonceResponse{ | message GenerateNonceResponse{ | ||||
string nonce = 1; | string nonce = 1; | ||||
} | } | ||||
// GetDeviceKeysForUser | |||||
message DeviceKeysForUserRequest { | |||||
oneof identifier { | |||||
string username = 1; | |||||
string walletAddress = 2; | |||||
} | |||||
} | |||||
message DeviceKeysForUserResponse { | |||||
// Map is keyed on devices' public ed25519 key used for signing | |||||
map<string, RemoteDeviceInfo> devices = 1; | |||||
} | |||||
// GetKeyserverKeys | |||||
message KeyserverKeysRequest { | |||||
string keyserverID = 1; | |||||
ashoat: We don't have a concept of a "keyserver ID". Instead, each user may have a keyserver, and that… | |||||
jonAuthorUnsubmitted Done Inline ActionsFrom the whitepaper:
This makes it sound like:
But your feedback, makes some additional assumptions:
This brings up a few questions for me for the many-keyserver world:
jon: From the whitepaper:
> Keyserver. A keyserver is a primary device that can also host… | |||||
} | |||||
message KeyserverKeysResponse { | |||||
KeyserverSessionInfo keyserverInfo = 1; | |||||
ashoatUnsubmitted Done Inline ActionsUsers are not required to have a keyserver. What's our behavior if the requested keyserver does not exist? I'm guessing we send an error of some sort? ashoat: Users are not required to have a keyserver. What's our behavior if the requested keyserver does… | |||||
jonAuthorUnsubmitted Done Inline Actionscorrect, there would be a grpc::not_found error issued. jon: correct, there would be a `grpc::not_found` error issued. | |||||
} | |||||
// UploadOneTimeKeys | |||||
// As OPKs get exhausted, they need to be refreshed | |||||
message UploadOneTimeKeysRequest { | |||||
// Use device associated with token to insert OPKs | |||||
string accessToken = 1; | |||||
repeated string oneTimePreKeys = 2; | |||||
} | |||||
// RefreshUserPreKeys | |||||
message RefreshUserPreKeysRequest { | |||||
string accessToken = 1; | |||||
PreKeyResponse newPreKeys = 2; | |||||
ashoatUnsubmitted Done Inline ActionsA little weird that this contains optional string onetimePrekey. Should we consider introducing a new type that is like PreKeyResponse, but only contains preKey and preKeySignature? ashoat: A little weird that this contains `optional string onetimePrekey`. Should we consider… | |||||
jonAuthorUnsubmitted Done Inline ActionsThis should have been upload, thanks. jon: This should have been upload, thanks. | |||||
} |
We don't have a concept of a "keyserver ID". Instead, each user may have a keyserver, and that keyserver is generally addressable via the user's ID.
Can we update this to use the same identifier we've defined on line 233?