Changeset View
Changeset View
Standalone View
Standalone View
shared/protos/identity_client.proto
Show All 33 Lines | service IdentityClientService { | ||||
// Called by clients to get a nonce for a Sign-In with Ethereum message | // Called by clients to get a nonce for a Sign-In with Ethereum message | ||||
rpc GenerateNonce(Empty) returns (GenerateNonceResponse) {} | rpc GenerateNonce(Empty) returns (GenerateNonceResponse) {} | ||||
// X3DH actions | // X3DH actions | ||||
// Called by clients to get all device keys associated with a user in order | // Called by clients to get all device keys associated with a user in order | ||||
// to open a new channel of communication on any of their devices. | // to open a new channel of communication on any of their devices. | ||||
// Specially, this will return the following per device: | // Specially, this will return the following per device: | ||||
// - Identity keys | // - Content keys | ||||
// - PreKey (including preKey signature) | // - PreKey (including preKey signature) | ||||
// - One-time PreKey | // - One-time PreKey | ||||
rpc GetOutboundKeysForUser(OutboundKeysForUserRequest) returns | rpc GetOutboundKeysForUser(OutboundKeysForUserRequest) returns | ||||
(OutboundKeysForUserResponse) {} | (OutboundKeysForUserResponse) {} | ||||
// Called by receivers of a communication request. The reponse will only | // Called by receivers of a communication request. The reponse will only | ||||
// return identity and prekeys per device, but will not contain one-time keys. | // return content and prekeys per device, but will not contain one-time keys. | ||||
rpc GetInboundKeysForUser(InboundKeysForUserRequest) returns | rpc GetInboundKeysForUser(InboundKeysForUserRequest) returns | ||||
(InboundKeysForUserResponse) {} | (InboundKeysForUserResponse) {} | ||||
// Called by clients to get required keys for opening a connection | // Called by clients to get required keys for opening a connection | ||||
// to a keyserver | // to a keyserver | ||||
rpc GetKeyserverKeys(KeyserverKeysRequest) returns | rpc GetKeyserverKeys(KeyserverKeysRequest) returns | ||||
(KeyserverKeysResponse) {} | (KeyserverKeysResponse) {} | ||||
// Replenish one-time preKeys | // Replenish one-time preKeys | ||||
rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {} | rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {} | ||||
Show All 14 Lines | |||||
message PreKey { | message PreKey { | ||||
string preKey = 1; | string preKey = 1; | ||||
string preKeySignature = 2; | string preKeySignature = 2; | ||||
} | } | ||||
// Key information needed for starting a X3DH session | // Key information needed for starting a X3DH session | ||||
message IdentityKeyInfo { | message IdentityKeyInfo { | ||||
// JSON payload containing Olm Identity keys | // JSON payload containing Olm keys | ||||
// Sessions for users will contain both IdentityKeys and NotifKeys | // Sessions for users will contain both ContentKeys and NotifKeys | ||||
// For keyservers, this will only contain IdentityKeys | // For keyservers, this will only contain ContentKeys | ||||
string payload = 1; | string payload = 1; | ||||
// Payload signed with the signing ed25519 key | // Payload signed with the signing ed25519 key | ||||
string payloadSignature = 2; | string payloadSignature = 2; | ||||
// Signed message used for SIWE | // Signed message used for SIWE | ||||
// This correlates a given wallet with the identity of a device | // This correlates a given wallet with the content of a device | ||||
ashoat: What does it mean to correlate a wallet with the "content" of a device? | |||||
jonAuthorUnsubmitted Done Inline Actionsrephrased this, as it was ambiguous what "identity of a device" meant originally jon: rephrased this, as it was ambiguous what "identity of a device" meant originally | |||||
optional string socialProof = 3; | optional string socialProof = 3; | ||||
} | } | ||||
// RegisterUser | // RegisterUser | ||||
// Ephemeral information provided so others can create initial message | // Ephemeral information provided so others can create initial message | ||||
// to this device | // to this device | ||||
// | // | ||||
// Prekeys are generally rotated periodically | // Prekeys are generally rotated periodically | ||||
// One-time Prekeys are "consumed" after first use, so many need to | // One-time Prekeys are "consumed" after first use, so many need to | ||||
// be provide to avoid exhausting them. | // be provide to avoid exhausting them. | ||||
// Bundle of information needed for creating an initial message using X3DH | // Bundle of information needed for creating an initial message using X3DH | ||||
message DeviceKeyUpload { | message DeviceKeyUpload { | ||||
IdentityKeyInfo deviceKeyInfo = 1; | IdentityKeyInfo deviceKeyInfo = 1; | ||||
PreKey identityUpload = 2; | PreKey contentUpload = 2; | ||||
PreKey notifUpload = 3; | PreKey notifUpload = 3; | ||||
repeated string onetimeIdentityPrekeys = 4; | repeated string onetimeContentPrekeys = 4; | ||||
repeated string onetimeNotifPrekeys = 5; | repeated string onetimeNotifPrekeys = 5; | ||||
} | } | ||||
// Request for registering a new user | // Request for registering a new user | ||||
message RegistrationStartRequest { | message RegistrationStartRequest { | ||||
// Message sent to initiate PAKE registration (step 1) | // Message sent to initiate PAKE registration (step 1) | ||||
bytes opaqueRegistrationRequest = 1; | bytes opaqueRegistrationRequest = 1; | ||||
string username = 2; | string username = 2; | ||||
▲ Show 20 Lines • Show All 117 Lines • ▼ Show 20 Lines | message GenerateNonceResponse{ | ||||
string nonce = 1; | string nonce = 1; | ||||
} | } | ||||
// GetOutboundKeysForUser | // GetOutboundKeysForUser | ||||
// Information needed when establishing communication to someone else's device | // Information needed when establishing communication to someone else's device | ||||
message OutboundKeyInfo { | message OutboundKeyInfo { | ||||
IdentityKeyInfo identityInfo = 1; | IdentityKeyInfo identityInfo = 1; | ||||
PreKey identityPrekey = 2; | PreKey contentPrekey = 2; | ||||
PreKey notifPrekey = 3; | PreKey notifPrekey = 3; | ||||
optional string onetimeIdentityPrekey = 4; | optional string onetimeContentPrekey = 4; | ||||
optional string onetimeNotifPrekey = 5; | optional string onetimeNotifPrekey = 5; | ||||
} | } | ||||
// Information needed by a device to establish communcation when responding | // Information needed by a device to establish communcation when responding | ||||
// to a request. | // to a request. | ||||
// The device receiving a request only needs the identity and prekeys. | // The device receiving a request only needs the content and prekeys. | ||||
message OutboundKeysForUserRequest { | message OutboundKeysForUserRequest { | ||||
oneof identifier { | oneof identifier { | ||||
string username = 1; | string username = 1; | ||||
string walletAddress = 2; | string walletAddress = 2; | ||||
} | } | ||||
} | } | ||||
message OutboundKeysForUserResponse { | message OutboundKeysForUserResponse { | ||||
// Map is keyed on devices' public ed25519 key used for signing | // Map is keyed on devices' public ed25519 key used for signing | ||||
map<string, OutboundKeyInfo> devices = 1; | map<string, OutboundKeyInfo> devices = 1; | ||||
} | } | ||||
// GetInboundKeysForUser | // GetInboundKeysForUser | ||||
message InboundKeyInfo { | message InboundKeyInfo { | ||||
IdentityKeyInfo identityInfo = 1; | IdentityKeyInfo identityInfo = 1; | ||||
PreKey identityPrekey = 2; | PreKey contentPrekey = 2; | ||||
PreKey notifPrekey = 3; | PreKey notifPrekey = 3; | ||||
} | } | ||||
message InboundKeysForUserRequest { | message InboundKeysForUserRequest { | ||||
oneof identifier { | oneof identifier { | ||||
string username = 1; | string username = 1; | ||||
string walletAddress = 2; | string walletAddress = 2; | ||||
} | } | ||||
} | } | ||||
message InboundKeysForUserResponse { | message InboundKeysForUserResponse { | ||||
// Map is keyed on devices' public ed25519 key used for signing | // Map is keyed on devices' public ed25519 key used for signing | ||||
map<string, InboundKeyInfo> devices = 1; | map<string, InboundKeyInfo> devices = 1; | ||||
} | } | ||||
// GetKeyserverKeys | // GetKeyserverKeys | ||||
// Information needed when establishing communication to a keyserver | // Information needed when establishing communication to a keyserver | ||||
message KeyserverSessionInfo { | message KeyserverSessionInfo { | ||||
IdentityKeyInfo identityInfo = 1; | IdentityKeyInfo identityInfo = 1; | ||||
PreKey identityPrekeys = 2; | PreKey contentPrekeys = 2; | ||||
optional string onetimeIdentityPrekey = 3; | optional string onetimeContentPrekey = 3; | ||||
} | } | ||||
// All keyserver must be registered with an existing user. | // All keyserver must be registered with an existing user. | ||||
// Conversely, one or zero keyservers can registered to a user. | // Conversely, one or zero keyservers can registered to a user. | ||||
message KeyserverKeysRequest { | message KeyserverKeysRequest { | ||||
oneof identifier { | oneof identifier { | ||||
string username = 1; | string username = 1; | ||||
string walletAddress = 2; | string walletAddress = 2; | ||||
Show All 35 Lines |
What does it mean to correlate a wallet with the "content" of a device?