Details

Reviewers

tomek
• max
ashoat
anunay
• jim
varun

Commits

rCOMMd05434de148a: [services] Backup - redesign proto

Summary

Based on this revision: D2950
Adding proto file as discussed in the meeting and also as an introduction to implementing a new version of backup service.
This proto should be compatible with the API described in the linked revision.

Test Plan

grpc files generated successfully.

Diff Detail

Repository

rCOMM Comm

Lint

No Lint Coverage

Unit

No Test Coverage

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

• karol added inline comments.Feb 17 2022, 12:42 AM

native/cpp/CommonCpp/grpc/protos/backup.proto

51–52 ↗

(On Diff #9642)

Yes. This proto code is correct.

I think you miss one important thing here. Just because this object(CreateNewBackupResponse) comes after the keyword return does not mean that it is returned once. If you do something like this:

rpc CreateNewBackup(stream CreateNewBackupRequest) returns (stream CreateNewBackupResponse) {}

you can do a bidi stream in which you can do something like this:

[client] => [CreateNewBackupRequest] => [server]
[server] => [CreateNewBackupResponse] => [client]

[client] => [CreateNewBackupRequest] => [server]
[server] => [CreateNewBackupResponse] => [client]

// N times...

[client] => [CreateNewBackupRequest] => [server]
[server] => [CreateNewBackupResponse] => [client]

[end connection]

remove unnecessary flag

Harbormaster completed remote builds in B6908: Diff 9760.Feb 17 2022, 12:51 AM

varun added inline comments.Feb 17 2022, 8:03 AM

native/cpp/CommonCpp/grpc/protos/backup.proto
17 ↗	(On Diff #9642)	yeah `requestBytes` and `responseBytes` is fine, I forgot that we wanted these gRPC messages to be generic. also these names match what the opaque-ke library uses so no need to reveal the cryptographic internals IMO.

Turned request bytes and response bytes into oneof definitions.

pakeRegistrationRequest: blinded password info (step 1 of PAKE registration)
pakeRegistrationResponse: server's public key and output of a cryptographic function (step 2 of PAKE registration)
pakeRegistrationUpload: envelope containing sealed cryptographic identifiers and the client’s public key (step 3 of PAKE registration)
pakeRegistrationSuccess: lets client know if registration was successful or not
pakeCredentialRequest: blinded password info (step 1 of PAKE login)
pakeCredentialResponse: sealed envelope only client can open (step 2 of PAKE login)
pakeCredentialFinalization: client answer to the server upon reception of stored envelope (step 3 of PAKE login)
pakeServerMAC: server sends MAC of a static string to client using the shared secret key
pakeClientMAC: client sends MAC of a static string to server using the shared secret key

Harbormaster completed remote builds in B6915: Diff 9769.Feb 17 2022, 9:55 PM

change challenge-response auth to MAC

Harbormaster completed remote builds in B6916: Diff 9770.Feb 17 2022, 10:15 PM

ashoat requested changes to this revision.Feb 17 2022, 10:33 PM

ashoat added inline comments.

native/cpp/CommonCpp/grpc/protos/backup.proto
23 ↗	(On Diff #9770)	This is just a wallet address?
54–55 ↗	(On Diff #9770)	What's the point of keeping these two separate? They are always served together, and if you combined them you might be able to reduce the number of individual messages that need to be sent. I suspect that `nonce` can be sent up at the same time as something else

This revision now requires changes to proceed.Feb 17 2022, 10:33 PM

I still don't understand why we cannot proceed here, implement the service leaving the places where the auth is supposed to be as TODOs and follow up with this in following diffs. What is the reason for this?

native/cpp/CommonCpp/grpc/protos/backup.proto
54–55 ↗	(On Diff #9770)	They are always served together I don't think so: here, you have `FullAuthenticationRequestData`(`FRQ`) and `AuthenticationInformationData`(`AD`) servers together in `RecoverBackupKeyRequest` you have `FullAuthenticationRequestData`(`FRQ`) in `RecoverBackupKeyResponse` you have `FullAuthenticationResponseData`(`FRS`) and `AuthenticationInformationData`(`AD`) Ok, we can merge `AuthenticationInformationData` into `FullAuthenticationRequestData` and `FullAuthenticationResponseData`, but: it's going to be the same in both places, so we'll still need a separate type to follow the DRY rule we'll have to have `AuthenticationInformationData` in `RecoverBackupKeyRequest` even though we don't need it there(we can assume what is the auth typer based on the `recoveryData` from the database, right?). On the other hand it feels like raw message/nonce is a part of the auth process, so you can change it if you want.

• karol added inline comments.Feb 18 2022, 1:58 AM

native/cpp/CommonCpp/grpc/protos/backup.proto
23 ↗	(On Diff #9770)	So I assume we'll need yet a couple more cycles since here there are going to be changes as well with the explicit types for the wallet, is this correct(IIRC wallet auth has more steps than just one for the full auth, right?)?

After reading up on Sign-in with Ethereum (SIWE), I now understand that the only communication between client and server for wallet auth is:

Client sends rawMessage to server, containing wallet address, timestamp, etc.
Server validates the message per the EIP spec, and sends back a bool indicating the success/failure of said validation (if we were generating the message on the server we could omit this step, but we want to generate it on the client)

The rest of the auth process is with the user's wallet. Once the user is authenticated the server can send the desired data back to the client via gRPC.

native/cpp/CommonCpp/grpc/protos/backup.proto
23 ↗	(On Diff #9770)	We can actually remove `walletAuthenticationRequest` entirely. The client only needs to send the `rawMessage` for full auth with wallet.
34 ↗	(On Diff #9770)	this should be `bool walletRawMessageValid = 5;`
54–55 ↗	(On Diff #9770)	I'm leaning towards keeping this as is, but can update if you feel strongly about it @ashoat

varun planned changes to this revision.Feb 18 2022, 9:32 AM

remove walletAuthenticationRequest, change walletAuthenticationResponse to walletRawMessageValid

Harbormaster completed remote builds in B6926: Diff 9780.Feb 18 2022, 9:43 AM

• karol commandeered this revision.Feb 21 2022, 2:10 AM

• karol edited reviewers, added: varun; removed: • karol.

• karol added inline comments.

native/cpp/CommonCpp/grpc/protos/backup.proto
53 ↗	(On Diff #9780)	So we can go ahead and name narrow this name to be pake specific as wallet does not use this field at all, right?

refactor types

I change these types a bit, please let me know if it's ok!

native/cpp/CommonCpp/grpc/protos/backup.proto
18–23 ↗	(On Diff #9792)	not sure if `nonce` is supposed to be sent at the beginning or at the end?

Harbormaster completed remote builds in B6938: Diff 9792.Feb 21 2022, 2:18 AM

Assuming we are still trying to get the auth right here, there are some changes we still need. Hopefully @varun can help with some of this stuff once he's feeling recovered. I think the pattern of commandeering the diff is a good one, and should make this a bit easier for @karol-bisztyga

native/cpp/CommonCpp/grpc/protos/backup.proto
18–23 ↗	(On Diff #9792)	There are 6 request fields here but only 4 response fields. That doesn't add up... given that this is an interactive protocol, the the difference should be no more than 1. I don't understand Protobufs well, but what we want to do is to represent each step of the interactive protocol. Eg. "first clients send A and B, then server returns C, then client sends D, then server returns E and F, etc." If two fields are sent together (like A and B or E and F), ideally we can make this explicit in the API by combining them into some sort of struct The `oneof` blocks inside `PakeAuthenticationRequestData` and `PakeAuthenticationResponseData` (and other comparable `message` declarations) should have one line for each step
25 ↗	(On Diff #9792)	Why are we sending this up every time we send up any one of the six fields above? We should only need to send up the `userID` once
29–30 ↗	(On Diff #9792)	You're not even including the wallet address?
41 ↗	(On Diff #9792)	We obviously need more here
97–99 ↗	(On Diff #9792)	These three get sent back together, so they should be combined

This revision now requires changes to proceed.Feb 22 2022, 8:06 PM

• karol requested review of this revision.Feb 23 2022, 12:41 AM

• karol added inline comments.

native/cpp/CommonCpp/grpc/protos/backup.proto
18–23 ↗	(On Diff #9792)	These types have been added by @varun, Varun could you answer this, please?
25 ↗	(On Diff #9792)	I think so.
29–30 ↗	(On Diff #9792)	It is basen on the Varun's comment: After reading up on Sign-in with Ethereum (SIWE), I now understand that the only communication between client and server for wallet auth is: Client sends `rawMessage` to server, containing wallet address, timestamp, etc. Server validates the message per the EIP spec, and sends back a bool indicating the success/failure of said validation (if we were generating the message on the server we could omit this step, but we want to generate it on the client) The rest of the auth process is with the user's wallet. Once the user is authenticated the server can send the desired data back to the client via gRPC. @varun can you clarify?
41 ↗	(On Diff #9792)	as above

• karol added inline comments.Feb 23 2022, 1:10 AM

native/cpp/CommonCpp/grpc/protos/backup.proto
97–99 ↗	(On Diff #9792)	Do they? I thought we are supposed to send either `nonce` or `rawMessage` depending on whether we use pake or wallet. So it could look more like this: oneof { { nonce backupID } { rawMessage backupID } } But this is a more complicated structure.

Sounds like @varun will need to take a pass on this and he is a bit sick right now, plus @jimpo is out. Sorry for continuing to block you here @karol-bisztyga

native/cpp/CommonCpp/grpc/protos/backup.proto
97–99 ↗	(On Diff #9792)	Good call, you're right

ashoat added 1 blocking reviewer(s): varun.Feb 23 2022, 11:46 AM

varun commandeered this revision.Feb 25 2022, 11:34 AM

varun edited reviewers, added: • karol; removed: varun.

ashoat added inline comments.Feb 25 2022, 2:08 PM

native/cpp/CommonCpp/grpc/protos/backup.proto
29–30 ↗	(On Diff #9792)	userID rawMessage walletAddress signedMessage

To your queue

This revision now requires changes to proceed.Feb 27 2022, 8:54 PM

addressing feedback. fixed wallet auth structures, removed redundant messages, moved entropy values to separate message

native/cpp/CommonCpp/grpc/protos/backup.proto
18–23 ↗	(On Diff #9792)	`nonce` should probably be sent after password auth is complete, and since it's only part of `CreateNewBackup` and not part of `RecoverBackupKey` (which also uses the `FullAuthenticationRequestData` message), it should be moved out to `CreateNewBackupRequest`.
25 ↗	(On Diff #9792)	fixed in latest revision
29–30 ↗	(On Diff #9792)	after discussing this with ashoat, we're moving `rawMessage` to `CreateNewBackupRequest` too, since it's specific to that RPC
41 ↗	(On Diff #9792)	discussed with ashoat, don't think we need anything else here

Harbormaster completed remote builds in B7063: Diff 9952.Feb 28 2022, 7:52 AM

This looks pretty much ready to go to me. @karol-bisztyga should definitely take a look before we land, and would be great to get @geekbrother and maybe @jimpo's eyes on it as well.

native/cpp/CommonCpp/grpc/protos/backup.proto
18 ↗	(On Diff #9952)	For consistency with the rest of the codebase (and the identifier name here), please capitalize `ID` at the end of `PakeRegistrationRequestAndUserId`
89 ↗	(On Diff #9952)	What's this `entropyValid` message communicate, and in what cases would the entry be invalid?
110–111 ↗	(On Diff #9952)	Instead of listing these two individually here, can/should we just have them combined by `NewBackupKeyEntropy`?