diff --git a/arvo/eyre.hoon b/arvo/eyre.hoon index 77dcab7ab..61f021644 100644 --- a/arvo/eyre.hoon +++ b/arvo/eyre.hoon @@ -298,9 +298,17 @@ ?: =(~ mog) luv ?+ -.luv luv %mid - =+ str=(trip q.q.luv) - =+ scr=|-(^-(tape ?~(mog ~ (xmlt & i.mog $(mog t.mog))))) - =+ rep=(need (repg "" str (weld "" scr))) + ?. =('')) + ;~(plug prn (knee *tape ..$)) + (easy ~) + == + =+ hop=(need q:(hed *hair (trip q.q.luv))) + ?~ q.q.hop luv + =+ rep=:(welp p.hop scr q.q.hop) [%mid p.luv (tact rep)] == ++ lofe :: variables in head diff --git a/arvo/ford.hoon b/arvo/ford.hoon index 8b6836efd..247eb7284 100644 --- a/arvo/ford.hoon +++ b/arvo/ford.hoon @@ -209,9 +209,13 @@ |= kus=(unit silk) ^+ +> ?~ kus + =+ nym=(~(get by dym.bay) hen) + ?~ nym :: XX should never + ~& [%ford-mystery hen] + +>.$ =+ num=(need (~(get by dym.bay) hen)) - =+ tas=(need (~(get by q.tad.bay) num)) - amok:~(camo zo [num tas]) + =+ tas=(need (~(get by q.tad.bay) u.nym)) + amok:~(camo zo [u.nym tas]) =+ num=p.tad.bay ?> !(~(has by dym.bay) hen) =: p.tad.bay +(p.tad.bay) @@ -488,19 +492,19 @@ ;~ pfix fas ;~ pose (stag %toy ;~(sfix sym fas)) - (stag %ape ;~(pfix ape:sign ape:read)) - (stag %arg ;~(pfix arg:sign ape:read)) - (stag %day ;~(pfix day:sign day:read)) - (stag %dub ;~(pfix dub:sign dub:read)) - (stag %fan ;~(pfix fan:sign fan:read)) - (stag %for ;~(pfix for:sign for:read)) - (stag %hub ;~(pfix hub:sign day:read)) - (stag %man ;~(pfix man:sign man:read)) - (stag %nap ;~(pfix nap:sign day:read)) - (stag %now ;~(pfix now:sign day:read)) - (stag %saw ;~(pfix saw:sign saw:read)) - (stag %see ;~(pfix see:sign see:read)) - (stag %sic ;~(pfix sic:sign sic:read)) + (stag %ape ;~(pfix sig ape:read)) + (stag %arg ;~(pfix buc ape:read)) + (stag %day ;~(pfix bar day:read)) + (stag %dub ;~(pfix tis dub:read)) + (stag %fan ;~(pfix dot fan:read)) + (stag %for ;~(pfix com for:read)) + (stag %hub ;~(pfix pat day:read)) + (stag %man ;~(pfix tar man:read)) + (stag %nap ;~(pfix cen day:read)) + (stag %now ;~(pfix fas day:read)) + (stag %saw ;~(pfix sem saw:read)) + (stag %see ;~(pfix col see:read)) + (stag %sic ;~(pfix ket sic:read)) == == :: @@ -561,21 +565,6 @@ ;~(pfix gap ;~(plug howl:vez ;~(pfix gap apex))) -- :: - ++ sign - |% ++ ape ;~(pose sig (jest %ape)) - ++ arg ;~(pose buc (jest %arg)) - ++ day ;~(pose bar (jest %day)) - ++ dub ;~(pose tis (jest %dub)) - ++ fan ;~(pose dot (jest %fan)) - ++ for ;~(pose com (jest %for)) - ++ hub ;~(pose pat (jest %hub)) - ++ man ;~(pose tar (jest %man)) - ++ nap ;~(pose cen (jest %nap)) - ++ now ;~(pose fas (jest %now)) - ++ saw ;~(pose sem (jest %saw)) - ++ see ;~(pose col (jest %see)) - ++ sic ;~(pose ket (jest %sic)) - -- -- -- :: diff --git a/arvo/hoon.hoon b/arvo/hoon.hoon index 601fd61e9..6235d573e 100644 --- a/arvo/hoon.hoon +++ b/arvo/hoon.hoon @@ -9889,7 +9889,7 @@ %pass ~? &(!lac !=(%$ p.gum)) :^ %pass [p.gum p.q.r.gum] - [(,@tas -.q.gum) p.r.gum] + [(,@tas +>-.q.q.r.gum) p.r.gum] q.gum [p.q.r.gum ~ [[p.gum p.r.gum] q.gum] q.q.r.gum] :: diff --git a/main/app/demo/core.hook b/main/app/demo/core.hook index 365deea39..38f8d38a4 100644 --- a/main/app/demo/core.hook +++ b/main/app/demo/core.hook @@ -14,21 +14,22 @@ ^- manx ;html ;head - ;title: Appbug! - ;script: appl = '{(trip app.hid)}' + ;title: Demo! + ;script: urb.appl = '{(trip app.hid)}' == ;body - ;p: Dude, a better answer is {}. + ;p: State is {}. ;button(onclick "bump()"): (Bump.) ;script - ; var mess = 0; - ; + ; var mess = 0 + ; ; function bump() { - ; xhr = new XMLHttpRequest(); - ; xhr.onload = function() { mess++; } - ; xhr.open("PUT", "/tim/" + [user, port, mess].join("/")); - ; xhr.setRequestHeader("content-type", "text/json"); - ; xhr.send(JSON.stringify({oryx: oryx, xyro: {ship: ship, appl: appl, data: {}}})); + ; xhr = new XMLHttpRequest() + ; xhr.onload = function() { mess++} + ; xhr.open("PUT", "/tim/" + [urb.user, urb.port, mess].join("/")) + ; xhr.setRequestHeader("content-type", "text/json") + ; xyro = {ship: urb.ship, appl: urb.appl, data: {}} + ; xhr.send(JSON.stringify({oryx: urb.oryx, xyro: xyro})) ; } == == diff --git a/main/pub/src/doc/ref/vol2.md b/main/pub/src/doc/ref/vol2.md index 316f2ce6a..5d7ce2b27 100644 --- a/main/pub/src/doc/ref/vol2.md +++ b/main/pub/src/doc/ref/vol2.md @@ -402,27 +402,39 @@ Section 2bA, units ! exit ++ need - Retrieve the value from a unit, crashing if the unit is null. - --- - Build wet %gold gate with sample unit a of any type. - If: p is null, + + Retrieve the value from a unit and crash if the unit is null. + + ####Summary + + Build wet %gold gate with sample unit `a` of any type. + If: p is null, Then: fail, - Else: u.a, the value of the unit. - --- - ~divreg-misdef/try=> =a ((unit ,[@t @t]) [~ [`a` ' b']]) - ~divreg-misdef/try=> (need a) - [`a` ' b'] - ~divreg-misdef/try=> =a ((unit ,@) [~]) - ~divreg-misdef/try=> (need a) + Else: Produce u.a, the value of the unit. + + ####Examples + + ~zod/try=> =a ((unit ,[@t @t]) [~ ['a' 'b']]) + ~zod/try=> (need a) + ['a' 'b'] + ~zod/try=> =a ((unit ,@ud) [~ 17]) + ~zod/try=> (need a) + 17 + ~zod/try=> =a ((unit ,@) [~]) + ~zod/try=> (need a) ! exit -++ some - lift - Description: - Casts any noun a to its unit, [~ a]. - --- - Creates a wet %gold gate with a sample which accepts any noun. - Produces the tuple [~ u=a], the unit of value a. - Examples: + + ++ some + + Casts any noun a to its unit, [~ a]. + + ####Summary + + Build wet %gold gate with sample noun `a`. + Produce the tuple [~ u=a], the unit of value `a`. + + ####Examples + ~divreg-misdef/try=> (some [`a` `b`]) [~ u=[`a` `b`]] --- @@ -432,29 +444,31 @@ Section 2bA, units Section 2bB, lists ++ flop - reverse - Description: - Produces the list 'a' with the elements reversed. - --- + +Produces the list 'a' with the elements reversed. + + ####Summary + Activate jet. - Creates a wet %gold gate with a sample which accepts a single list. - 'a' is then replaced with (homo a) and used as the subject for the code below (=>). - The type of the result must be the same as a, our argument list. - Let b be a list of the type of the icon of a, as it is bunted. - Create and kick a dry %gold trap - Builds an if-then-else statement on "a is an atom." - If so, produce b. - Else, recursively call flop with a replaced by it's tail and b replaced by [i.a b], where - i.a is the head of a. - Examples: + Build wet %gold gate with sample list `a`. + Use `a` replaced by the slam of `a` to homo, the homogenized list, as subject. + Cast the following to the type of `a`. + Push `b` is the + Kick dry %gold gate trap. + If: `a` is null, + Then: Produce `b`, + Else: Produce the toss of `a` for the tail of `a`, `b` for the cell [i.a b]. + + ####Examples + ~palryp-hocsyt/try=> =lyst (limo [1 2 3 4 ~]) ~palryp-hocsyt/try=> lyst [i=1 t=[i=2 t=[i=3 t=[i=4 t=~]]]] ~palryp-hocsyt/try=> (flop lyst) ~[4 3 2 1] - --- ~palryp-hocsyt/try=> (flop (limo [1 'a' 2 'b' (some 10) ~])) ~[[~ u=10] 98 2 97 1] + ++ homo homogenize Description: diff --git a/main/pub/src/doc/ref/vol4a.md b/main/pub/src/doc/ref/vol4a.md index 1aaccb7cd..9ebd9398b 100644 --- a/main/pub/src/doc/ref/vol4a.md +++ b/main/pub/src/doc/ref/vol4a.md @@ -18,7 +18,7 @@ data models == :: ``` -`++fort` is the state of our vane. Anything that must be remembered between +This is the state of our vane. Anything that must be remembered between calls to ames must be stored in this state. `%0` is the version of the ames state model itself. If the data model `++fort` @@ -51,7 +51,7 @@ keys to this map are the ships on the current pier. == :: ``` -`++town` is the security state of our pier. +This is the security state of our pier. `lit` is unused. @@ -80,7 +80,7 @@ To use, run vere with the `-F` option (and the `-I ~zod` option for a fake == :: ``` -`++sufi` is the security state of a domestic server. +This is the security state of a domestic server. `hoy` is a list of the ships directly above us in the hierarchy of ships. For example, for `~hoclur-bicrel`, this would be `~tasruc` and `~tug`. See @@ -88,7 +88,7 @@ example, for `~hoclur-bicrel`, this would be `~tasruc` and `~tug`. See `val` is a list of our private keys. -`law` +`law` is our certificate, which is a list of the XXX `seh` @@ -96,17 +96,373 @@ example, for `~hoclur-bicrel`, this would be `~tasruc` and `~tug`. See about foreign ships. The keys to this map are the neighbors (ships we have been in contact with) of this domestic server. +###`++wund`, private keys + +``` +++ wund (list ,[p=life q=ring r=acru]) :: mace in action +``` + +This is a list of our own private keys, indexed by life. The key itself is +the `++ring`, and the `++acru` is the encryption engine. We generate the +`++acru` from the private key by calling `++weur`. Thus, we can at any time +regenerate our `++wund` from a `++mace`. The current crypto is at the head of +the list and can be accessed with +`++sen:as:go`. + +###`++ring`, private key + +``` +++ ring ,@ :: private key +``` + +This is a private key. The first byte is reserved to identify the type of +cryptography. Lower-case means public key, upper-case means public key, and +the letter identifies which `++acru` to use. + +###`++pass`, public key + +``` +++ pass ,@ :: public key +``` + +This is a public key. The first byte is reserved to identify the type of +cryptography. Lower-case means public key, upper-case means public key, and +the letter identifies which `++acru` to use. + +###`++mace`, private secrets + +``` +++ mace (list ,[p=life q=ring]) :: private secrets +``` + +This is a list of the our private keys, indexed by life. From this we can +generate a `++wund` for actual use. + +###`++skin`, encoding stem + +``` +++ skin ?(%none %open %fast %full) :: encoding stem +``` + +This defines the type of encryption used for each message. `%none` refers +to messages sent in the clear, `%open` refers to signed messages, `%full` +refers to sealed messages, and `%fast` refers to symmetrically encrypted +messages. See `++acru` for details. + +###`++acru`, asymmetric cryptosuite + +``` +++ acru :: asym cryptosuite + $_ ^? |% :: opaque object + ++ as ^? :: asym ops + |% ++ seal |=([a=pass b=@ c=@] _@) :: encrypt to a + ++ sign |=([a=@ b=@] _@) :: certify as us + ++ sure |=([a=@ b=@] *(unit ,@)) :: authenticate from us + ++ tear |= [a=pass b=@] :: accept from a + *(unit ,[p=@ q=@]) :: + -- :: + ++ de |+([a=@ b=@] *(unit ,@)) :: symmetric de, soft + ++ dy |+([a=@ b=@] _@) :: symmetric de, hard + ++ en |+([a=@ b=@] _@) :: symmetric en + ++ ex ^? :: export + |% ++ fig _@uvH :: fingerprint + ++ pac _@uvG :: default passcode + ++ pub *pass :: public key + ++ sec *ring :: private key + -- + ++ nu ^? :: reconstructors + |% ++ pit |=([a=@ b=@] ^?(..nu)) :: from [width seed] + ++ nol |=(a=@ ^?(..nu)) :: from naked ring + ++ com |=(a=@ ^?(..nu)) :: from naked pass + -- + -- +``` + +This is an opaque interface for a general asymmetric cryptosuite. Any form +of asymmetric cryptography can be dropped in to be used instead of the default. +Right now, there are two cryptosuites, `++crua`, which is your standard RSA, +and `++crub`, which is elliptic curve crypto but is mostly stubbed out at the +moment. + +####`++as:acru`, asymmetric operations + +``` + ++ as ^? :: asym ops + |% ++ seal |=([a=pass b=@ c=@] _@) :: encrypt to a + ++ sign |=([a=@ b=@] _@) :: certify as us + ++ sure |=([a=@ b=@] *(unit ,@)) :: authenticate from us + ++ tear |= [a=pass b=@] :: accept from a + *(unit ,[p=@ q=@]) :: + -- :: +``` + +This is the core that defines the standard asymmetric cryptography +operations. + +`++seal:as:acru` allows us to send a message encrypted with someone's public +key so that only they may read it. If Alice seals a message with Bob's public +key, then she can be sure that Bob is the only one who can read it. This is +associated with the `++skin` `%full`. + +`++sign:as:acru` allows us to sign a message with our private key so that +others can verify that we sent the message. If Alice signs a message with her +private key, then Bob can verify with her public key that it was indeed Alice +who sent it. This is associated with the `++skin` `%open`. + +`++sure:as:acru` is the dual to `++sign:as:acru`. It allows us to verify that +a message we have received is indeed from the claimed sender. If Alice sends a +message with her private key, then Bob can use this arm to verify that it was +indeed Alice who sent it. This is associated with the `++skin` `%open`. + +`++tear:as:acru` is the dual to `++seal:as:acru`. It allows us to read a +message that we can be sure is only read by us. If Alice seals a message with +Bob's public key, then Bob can use this arm to read it. This is associated +with the `++skin` `%full`. + +####`++de:acru`, `++dy:acru`, and `++en:acru`, symmetric encryption/decryption + +``` + ++ de |+([a=@ b=@] *(unit ,@)) :: symmetric de, soft + ++ dy |+([a=@ b=@] _@) :: symmetric de, hard + ++ en |+([a=@ b=@] _@) :: symmetric en +``` + +Symmetric encryption is associated with the `++skin` `%fast`. + +`++de:acru` decrypts a message with a symmetric key, returning `~` on failure +and `[~ u=data]` on success. + +`++dy:acru` decrypts a message with a symmetric key, crashing on failure. This +should almost always be defined as, and should always be semantically +equivalent to, `(need (de a b))`. + +`++en:acru` encrypts a message with a symmetric key. + +####`++ex:acru`, exporting data + +``` + ++ ex ^? :: export + |% ++ fig _@uvH :: fingerprint + ++ pac _@uvG :: default passcode + ++ pub *pass :: public key + ++ sec *ring :: private key + -- +``` + +`++fig:ex:acru` is our fingerprint, usually a hash of our public key. This is +used, for example, in `++zeno`, where every carrier owner's fingerprint is +stored so that we can ensure that carriers are indeed owned by their owners + +`++pac:ex:acru` is our default passcode, which is unused at present. + +`++pub:ex:acru` is the `++pass` form of our public key. + +`++sec:ex:acru` is the `++ring` form of our private key. + +####`++nu:acru`, reconstructors + +``` + ++ nu ^? :: reconstructors + |% ++ pit |=([a=@ b=@] ^?(..nu)) :: from [width seed] + ++ nol |=(a=@ ^?(..nu)) :: from naked ring + ++ com |=(a=@ ^?(..nu)) :: from naked pass + -- +``` + +These arms allow us to reconstruct a `++acru` from basic data. + +`++pit:nu:acru` constructs a `++acru` from the width of our intended key and +seed entropy. This is usually used in the initial construction of the +`++acru`. + +`++nol:nu:acru` constructs a `++acru` from a "naked ring", meaning a `++ring` +without the initial byte identifying the type of crypto. There is often a +helper arm that that wraps this; see `++weur` for `++crua` and `++wear` for +`++crub`. + +`++com:nu:acru` constructs a `++acru` from a "naked pass", meaning a `++ring` +without the initial byte identifying the type of crypto. There is often a +helper arm that that wraps this; see `++haul` for `++crua` and `++hail` for +`++crub`. + +###`++will`, certificate + +``` +++ will (list deed) :: certificate +``` + +This is a list of deeds associated with the current ship. There should be +an item in this list for every ship from this point up in the hierarchy times +the number of lives that each ship has had. For example, ~hoclur-bicrel may +have a will with three items: one for itself, one for ~tasruc (who issued +~hoclur-bicrel's deed) and one for ~tug (who issued ~tasruc's deed). + +###`++deed`, identity + +``` +++ deed ,[p=@ q=step r=?] :: sig, stage, fake? +``` + +`p` is the signature of a particular deed, which is a signed copy of `q`. + +`q` is the stage in the identity. + +`r` is true if we're working on a fake network, where we don't check that the +carrier fingerprints are correct. This allows us to create fake networks for +development without interfering with the real network. + +###`++step`, identity stage + +``` +++ step ,[p=bray q=gens r=pass] :: identity stage +``` + +This is a single stage in our identity. Thus, this is specific to a single +life in a single ship. Everything in here may change between lives. + +`p` + +`q` + +`r` is the public key for this stage in the identity. + +###`++bray` + +``` +++ bray ,[p=life q=(unit life) r=ship s=@da] :: our parent us now +``` + +XXX + +###`++gens`, general identity + +``` +++ gens ,[p=lang q=gcos] :: general identity +``` + +`p` is the IETF language code for the preferred language of this identity. +This is unused at the moment, but in the future text should be localized based +on this. + +`q` is the description of the ship. + +###`++gcos`, identity description + +``` +++ gcos :: id description + $% [%czar ~] :: 8-bit ship + [%duke p=what] :: 32-bit ship + [%earl p=@t] :: 64-bit ship + [%king p=@t] :: 16-bit ship + [%pawn p=(unit ,@t)] :: 128-bit ship + == :: +``` + +This is the description of the identity of a ship. Most types of identity have +a `@t` field, which is their human-readable name. The identity of a `%duke` is +more involved. + +A `%czar`, a carrier, is a ship with an 8-bit address. Thus, there are only +256 carriers. These are at the top of the namespace hierarchy, and the +fingerprint of each carrier is stored in `++zeno`. These are the "senators" of +Urbit. + +A `%king`, a cruiser, is a ship with a 16-bit address. Thus, there are 65,536 +cruisers. Each carrier may issue 256 cruisers. These are the infrastructure +of Urbit. + +A `%duke`, a destroyer, is a ship with a 32-bit address. Thus, there are +4,294,967,296 destroyers. Each cruiser may issue 65,536 cruisers. These are +the individuals of Urbit. + +A `%earl`, a yacht, is a ship with a 64-bit address. Thus, there are +18,446,744,073,709,551,616 yachts. Each destroyer may issue 4,294,967,296 +yachts. These are the devices of Urbit. + +A `%pawn`, a submarine, is a ship with a 128-bit address. Thus, there are a +lot of submarines. The chance of random name collision is negligible, so +submarines are not issued by any ship. They must simply assert their presence, +and they are all considered children of ~zod. This is the underworld of Urbit, +where anonymity reigns supreme. + +###`++what`, logical destroyer identity + +``` +++ what :: logical identity + $% [%anon ~] :: anonymous + [%lady p=whom] :: female person () + [%lord p=whom] :: male person [] + [%punk p=sect q=@t] :: opaque handle "" + == :: +``` + +This is the logical identity of a destroyer. + +A `%anon` is a completely anonymous destroyer. The difference between this and +a submarine is that a submarine is ephemeral while a `%anon` destroyer is not. +Thus, we may not know who ~hoclur-bicrel is, but we do know that it's always +the same person. + +A `%lady` is a female person. The name used here should be a real name. + +A `%lord` is a male person. The name used here should be a real name. + +A `%punk` is a person who is identified only by a handle. + +###`++whom`, real person + +``` +++ whom ,[p=@ud q=govt r=sect s=name] :: year/govt/id +``` + +Ths is the information associated with a real person. It is mostly information +that could be observed with the briefest of interactions. + +`p` is the birth year. + +`q` is the location of a user, usually of the form "country/zip". + +`r` is the sect of the user. + +`s` is the real name of the person. + + +###`++govt` + +``` +++ govt path :: country/postcode +``` + +This is the location of the user, usually of the form "country/zip". + +###`++sect` + +``` +++ sect ?(%black %blue %red %orange %white) :: banner +``` + +XXX + +###`++name` + +``` +++ name ,[p=@t q=(unit ,@t) r=(unit ,@t) s=@t] :: first mid/nick last +``` + +This is the given name, possible middle name/initial, possible nickname, and +surname of a user. + packet format ------------- `++go`, PKI engine ------------------ -### `++as`, per server +###`++as`, per server -#### `++born`, register user +####`++born`, register user -##### `++lax`, per client +#####`++lax`, per client `++pu`, packet pump ------------------- @@ -114,11 +470,11 @@ packet format `++am`, protocol engine ----------------------- -### `++um`, per server +###`++um`, per server -#### `++ho`, per friend +####`++ho`, per friend -##### `++la`, per packet +#####`++la`, per packet protocol vane -------------