mirror of
https://github.com/urbit/shrub.git
synced 2025-01-05 19:46:50 +03:00
Various fixes and improvements.
This commit is contained in:
parent
31ed10d5c4
commit
a8ecdebb0f
@ -1463,6 +1463,8 @@
|
||||
++ jug |*({a/mold b/mold} (map a (set b))) :: map of sets
|
||||
++ map |* {a/mold b/mold} :: table
|
||||
$@($~ {n/{p/a q/b} l/(map a b) r/(map a b)}) ::
|
||||
++ nap |* a/mold :: unified map
|
||||
$@($~ {n/a l/(set a) r/(set a)}) ::
|
||||
++ qeu |* a/mold :: queue
|
||||
$@($~ {n/a l/(qeu a) r/(qeu a)}) ::
|
||||
++ set |* a/mold :: set
|
||||
|
100
arvo/jael.hoon
100
arvo/jael.hoon
@ -12,49 +12,72 @@
|
||||
|%
|
||||
++ jael-state :: all crypto state
|
||||
$: ver/$0 :: %jael version
|
||||
own/jael-private :: urbit private keys
|
||||
urb/jael-public :: urbit public state
|
||||
cap/jael-bearer :: urbit symmetric keys
|
||||
for/jael-embassy :: foreign secrets
|
||||
sec/jael-vault :: actual secret data
|
||||
hut/jael-service :: waiting ducts
|
||||
nav/jael-objective :: all universal state
|
||||
nix/jael-subjective :: all derived state
|
||||
== ::
|
||||
++ jael-private (map ship doom) :: private keys
|
||||
++ jael-public :: whole pki
|
||||
$: pki/(map ship jael-urbit) ::
|
||||
net/(map ship life) :: reverse version
|
||||
++ jael-objective :: all universal state
|
||||
$: urb/jael-urbit :: all urbit state
|
||||
web/(map @ta jael-domain) :: all DNS state
|
||||
== ::
|
||||
++ jael-bearer :: bearer codes
|
||||
$: orp/(map ship hand) :: reverse index
|
||||
por/(map hand fist) :: forward index
|
||||
:: :: priority queue?
|
||||
++ jael-domain :: per foreign app
|
||||
$: sec/(map @t jael-app) :: security tokens
|
||||
== ::
|
||||
++ jael-role :: token
|
||||
$% %e
|
||||
++ jael-public (map ship gyft) :: public keys
|
||||
++ jael-embassy (map term jael-partner) ::
|
||||
++ jael-partner :: api apps
|
||||
$: api/(map term hand) :: apps by name
|
||||
tok/(map @t (map term hand)) :: shortlived tokens
|
||||
++ jael-app :: local app
|
||||
$: key/(unit (pair @da @)) :: API key
|
||||
tok/(map @t jael-web-token) :: token by username
|
||||
== ::
|
||||
++ jael-task :: secret operation
|
||||
$: {$auth p/(unit @dr) q/ship r/@uvI} :: save capability
|
||||
{$link p/
|
||||
{$meet p/gree} :: adopt will
|
||||
{$nigh p/ship q/life} :: track neighbor
|
||||
{$ring p/life q/ring} :: save private key
|
||||
{$wait p/path} :: wait on desk/spur
|
||||
{$west p/sack q/path r/@ud s/*} :: remote request
|
||||
++ jael-web-token :: per-user secrets
|
||||
$: pas/(unit @t) :: password
|
||||
== ::
|
||||
++ jael-secret :: secret by hash
|
||||
$: key/code :: secret itself
|
||||
exp/(unit @da) :: expiration date
|
||||
++ jael-urbit :: objective urbit
|
||||
$: pub/gree :: all public state
|
||||
pry/(map ship jael-ship) :: all private state
|
||||
== ::
|
||||
:: ::
|
||||
++ jael-service (map path duct) ::
|
||||
++ jael-vault :: secret store
|
||||
$: saf/(map hand jael-secret) ::
|
||||
++ jael-ship :: objective by ship
|
||||
$: ney/(map ship life) :: neighborhood
|
||||
lab/(map ship (nap jael-right)) :: commitments
|
||||
own/(map life ring) :: private keys
|
||||
== ::
|
||||
++ jael-right :: urbit commitment
|
||||
$% {$block p/pile} :: address block
|
||||
{$email p/(set @ta)} :: email addresses
|
||||
{$entry p/(map hand (pair @da code))} :: symmetric keys
|
||||
{$final p/(map ship @uvG)} :: tickets
|
||||
{$fungi p/(map term @ud)} :: fungibles
|
||||
{$hello p/(set term)} :: usernames
|
||||
{$vague p/(map term *)} :: extended
|
||||
== ::
|
||||
++ jael-task :: operations on
|
||||
$% {$give p/ship q/(nap jael-right)} :: issue rights to
|
||||
{$line p/ship q/@da r/code} :: outbound symkey
|
||||
{$link p/ship q/@da r/code} :: inbound symkey
|
||||
{$meet p/gree} :: integrate truth
|
||||
{$over p/ship q/jael-task} :: mirror operation
|
||||
{$ring p/ring} :: update private key
|
||||
{$take p/ship q/(nap jael-right)} :: revoke rights to
|
||||
{$view p/ship} :: watch urbit
|
||||
{$west p/ship q/path r/*} :: remote request
|
||||
{$wkey p/@ta q/@t r/(unit (pair @da @))} :: set API key
|
||||
{$wtok p/@ta q/@t r/@t s/(unit (pair @da @))} :: set API token
|
||||
{$wvue p/@ta} :: watch website
|
||||
== ::
|
||||
++ jael-gift :: output
|
||||
$% {$clue p/pipe} :: secure channel
|
||||
{$wclu p/jael-domain} :: secure channel
|
||||
== ::
|
||||
++ jael-message :: p2p message
|
||||
$% {$wake (each (pair rank @ud) (list @p))} :: activate
|
||||
{$hail p/(nap jael-right)} :: update rights
|
||||
{$germ p/gree} :: propagate
|
||||
{$ping $~} :: ping
|
||||
== ::
|
||||
++ jael-subjective :: derived state
|
||||
$: lam/(map ship duct) :: urbit observers
|
||||
haz/(map ship (nap jael-right)) :: commmitments to us
|
||||
nem/(map term ship) :: usernames issued
|
||||
red/(map @ta ship) :: emails issued
|
||||
== ::
|
||||
++ move {p/duct q/{$gift jael-gift}} :: local move
|
||||
-- ::
|
||||
. == ::
|
||||
=| lex/jael-state :: kernel state
|
||||
@ -62,9 +85,9 @@
|
||||
=< |% :: vane interface
|
||||
++ call :: request
|
||||
|= $: hen/duct
|
||||
hic/(hypo (hobo kiss-jael))
|
||||
hic/(hypo (hobo jael-task))
|
||||
==
|
||||
=> .(q.hic ?.(?=($soft -.q.hic) q.hic ((hard kiss-jael) p.q.hic)))
|
||||
=> .(q.hic ?.(?=($soft -.q.hic) q.hic ((hard jael-task) p.q.hic)))
|
||||
^- {p/(list move) q/_..^$}
|
||||
!!
|
||||
::
|
||||
@ -82,7 +105,6 @@
|
||||
++ scry
|
||||
|= {fur/(unit (set monk)) ren/@tas who/ship syd/desk lot/coin tyl/path}
|
||||
^- (unit (unit cage))
|
||||
?. ?=($$ ren) [~ ~]
|
||||
!!
|
||||
::
|
||||
++ stay lex
|
||||
|
@ -101,11 +101,12 @@
|
||||
++ gift :: output
|
||||
$% {$east p/duct q/ship r/chan s/*} :: network response
|
||||
{$home p/lane q/@} :: resend to self
|
||||
{$mine p/ship} :: cache channel
|
||||
{$link p/ship q/code} :: add symmetric key
|
||||
{$meet p/gyft} :: add public key(s)
|
||||
{$line p/ship q/@da r/code} :: add outbound key
|
||||
{$link p/ship q/@da r/code} :: add inbound key
|
||||
{$meet p/gree} :: add public key(s)
|
||||
{$rest p/duct q/coop} :: message result
|
||||
{$send p/lane q/@} :: transmit packet
|
||||
{$view p/ship} :: cache channel
|
||||
{$west p/ship q/bole r/chan s/*} :: outbound message
|
||||
== ::
|
||||
++ task :: input
|
||||
@ -172,7 +173,7 @@
|
||||
:: old neighbor; channel already registered
|
||||
[~(. et who u.buh) +>.$]
|
||||
:: new neighbor; register secure channel view
|
||||
:_ +>.$(fex [[%know who] fex])
|
||||
:_ +>.$(fex [[%view who] fex])
|
||||
~(. et who `bath`[(see who) (seek our who) ~ [2 ~ ~] ~ ~])
|
||||
:: ::
|
||||
++ etre :: old neighbor
|
||||
@ -232,7 +233,7 @@
|
||||
++ sack :: send acknowledgment
|
||||
|= {kos/bole dam/flap cop/coop}
|
||||
=+ yex=((knit who det.bah) now eny [%back (mix kos 1) dam cop ~s0])
|
||||
=. +>.$ (in-gifs p.yex)
|
||||
=. +>.$ (to-gifs p.yex)
|
||||
|- ^+ +>.^$
|
||||
?~ q.yex +>.^$
|
||||
$(q.yex t.q.yex, +>.^$ (send ~ i.q.yex))
|
||||
@ -283,7 +284,7 @@
|
||||
(send(who her.hox) [~ org.hox] pac.hox)
|
||||
::
|
||||
$have (have +.hox)
|
||||
$link (acme %link who key.hox)
|
||||
$link (acme %link who exp.hox key.hox)
|
||||
$meet (acme hox)
|
||||
$rack (to-task kos.hox %back dam.hox cop.hox ~s0)
|
||||
$rout +>(lun.bah `lyn.hox)
|
||||
@ -298,7 +299,7 @@
|
||||
++ to-gift
|
||||
|= rax/gift:rail
|
||||
?- -.rax
|
||||
$link (acme %link who p.rax)
|
||||
$line (acme %line who ~2018.1.1 q.rax)
|
||||
$mack (acme %rest (~(got by r.zam.bah) p.rax) q.rax)
|
||||
$send (send ~ q.rax)
|
||||
==
|
||||
@ -414,8 +415,8 @@
|
||||
++ nose !:
|
||||
=> |%
|
||||
++ gift :: side effect
|
||||
$% {$link key/code} :: learn symmetric key
|
||||
{$meet doy/gyft} :: learn public key(s)
|
||||
$% {$link exp/@da key/code} :: learn symmetric key
|
||||
{$meet doy/gree} :: learn public key(s)
|
||||
== ::
|
||||
--
|
||||
|= {him/@p det/pipe}
|
||||
@ -430,24 +431,24 @@
|
||||
[~ & (maul clr)]
|
||||
::
|
||||
$full
|
||||
=+ mex=((hard {p/{p/life q/life} q/gyft r/@}) (cue msg))
|
||||
=+ mex=((hard {p/{p/life q/life} q/gree r/@}) (cue msg))
|
||||
=+ rig=(~(got by war.det) p.p.mex)
|
||||
=+ pas=(whom q.p.mex q.mex)
|
||||
=+ [key out]=(need (tear:as:(nol:nu:crub rig) pas r.mex))
|
||||
:- :~ [%link key]
|
||||
:- :~ [%link ~2018.1.1 key]
|
||||
[%meet q.mex]
|
||||
==
|
||||
[& (maul out)]
|
||||
::
|
||||
$open
|
||||
=+ mex=((hard {p/{$~ q/life} q/gyft r/@}) (cue msg))
|
||||
=+ mex=((hard {p/{$~ q/life} q/gree r/@}) (cue msg))
|
||||
=+ pas=(whom q.p.mex q.mex)
|
||||
=+ out=(need (sure:as:(com:nu:crub pas) *code r.mex))
|
||||
[[%meet q.mex]~ & (maul r.mex)]
|
||||
==
|
||||
++ maul |=(@ `meal`((hard meal) (cue +<))) :: unpack message
|
||||
++ whom :: select public key
|
||||
|= {lyf/life gyt/gyft}
|
||||
|= {lyf/life gyr/gree}
|
||||
^- pass
|
||||
::
|
||||
:: if we have the public key for this life, use it.
|
||||
@ -455,7 +456,7 @@
|
||||
:: without checking its validity. invalid public-key
|
||||
:: data will crash the packet when we install it.
|
||||
::
|
||||
%- (bond |.(pub.dat:(~(got by (~(got by gyt) lyf)) him)))
|
||||
%- (bond |.(pub.dat:(~(got by q:(~(got by gyr) lyf)) him)))
|
||||
(~(get by pub.det) lyf)
|
||||
--
|
||||
:: ::
|
||||
@ -466,8 +467,8 @@
|
||||
++ gift :: action
|
||||
$% {$fore her/ship org/lane pac/rock} :: send forward
|
||||
{$have kos/bole cha/chan val/*} :: report message
|
||||
{$link key/code} :: learn symmetric key
|
||||
{$meet doy/gyft} :: learn public key
|
||||
{$link exp/@da key/code} :: learn symmetric key
|
||||
{$meet doy/gree} :: learn public key
|
||||
{$rack kos/bole dam/flap cop/coop} :: report ack
|
||||
{$rout lyn/lane} :: learn route
|
||||
{$sack kos/bole dam/flap cop/coop} :: send ack
|
||||
@ -881,7 +882,7 @@
|
||||
++ knit
|
||||
=> |%
|
||||
++ gift :: side effect
|
||||
$% {$link key/code} :: set symmetric key
|
||||
$% {$line exp/@da key/code} :: set symmetric key
|
||||
== ::
|
||||
--
|
||||
|= {her/@p det/pipe}
|
||||
@ -931,14 +932,14 @@
|
||||
:- %open
|
||||
%^ jam
|
||||
[~ p.cur.det]
|
||||
gyt.det
|
||||
gyr.det
|
||||
(sign:as:cry *code hom)
|
||||
=+ key=(shaz :(mix (mug ham) now eny))
|
||||
:- [%link key]~
|
||||
:- [%line ~2018.1.1 key]~
|
||||
:- %full
|
||||
%^ jam
|
||||
[u.q.cur.det p.cur.det]
|
||||
gyt.det
|
||||
gyr.det
|
||||
(seal:as:cry (~(got by pub.det) u.q.cur.det) key hom)
|
||||
--
|
||||
:: ::
|
||||
@ -947,7 +948,7 @@
|
||||
++ rail ::
|
||||
=> |% ::
|
||||
++ gift ::
|
||||
$% {$link p/code} :: sent key
|
||||
$% {$line p/@da q/code} :: sent key
|
||||
{$mack p/bole q/coop} :: message ack
|
||||
{$send p/flap q/rock} :: release packet
|
||||
== ::
|
||||
@ -1154,10 +1155,11 @@
|
||||
$east [p.gax %give [%east s.gax]]
|
||||
$home [~ %give gax]
|
||||
$link [~ %pass /sec %j gax]
|
||||
$line [~ %pass /sec %j gax]
|
||||
$meet [~ %pass /sec %j gax]
|
||||
$mine [~ %pass /sec %j gax]
|
||||
$rest [p.gax %give %rest q.gax]
|
||||
$send [~ %give gax]
|
||||
$view [~ %pass /sec %j gax]
|
||||
$west
|
||||
=+ pax=/msg/(scot %p p.gax)/(scot %ud q.gax)
|
||||
=+ cad=[%west p.gax +.r.gax s.gax]
|
||||
|
@ -3362,11 +3362,12 @@
|
||||
++ oryx @t :: CSRF secret
|
||||
++ page (cask *) :: untyped cage
|
||||
++ pail ?($none $warm $cold) :: connection status
|
||||
++ pile (tree (pair ship ship)) :: efficient ship set
|
||||
++ pipe :: secure channel
|
||||
$: out/(unit (pair hand code)) :: outbound key
|
||||
inn/(map hand code) :: inbound keys
|
||||
cur/(pair life (unit life)) :: versions: our their
|
||||
gyt/gree :: our unshared cert
|
||||
gyr/gree :: pedigree to share
|
||||
pub/(map life pass) :: their public keys
|
||||
war/(map life ring) :: our private keys
|
||||
== ::
|
||||
@ -3574,9 +3575,11 @@
|
||||
{$e $west p/ship q/path r/*} :: to %eyre
|
||||
{$g $west p/ship q/path r/*} :: to %gall
|
||||
$: $j :: to %jael
|
||||
$% {$know p/ship} ::
|
||||
{$link p/ship q/code} ::
|
||||
$% {$line p/ship q/@da r/code} ::
|
||||
{$link p/ship q/@da r/code} ::
|
||||
{$meet p/gree} ::
|
||||
{$view p/ship} ::
|
||||
{$west p/ship q/path r/*} :: to %gall
|
||||
== == == ::
|
||||
::
|
||||
:::: %behn
|
||||
@ -3632,20 +3635,31 @@
|
||||
++ lama ::
|
||||
$: dob/? :: & clean, | dirty
|
||||
exp/@da :: expiration date
|
||||
own/(nap chip) :: identities
|
||||
pub/pass :: public key
|
||||
== ::
|
||||
++ chip :: identity
|
||||
$% {$sur asc/@ta uni/@t} :: surname
|
||||
{$giv asc/@ta uni/@t} :: given name
|
||||
{$mid asc/@ta uni/@t} :: middle name
|
||||
{$nic asc/@ta uni/@t} :: email address
|
||||
:: btc identity
|
||||
:: keybase identity
|
||||
:: ipfs identity
|
||||
:: fb/twitter/G+ identity
|
||||
==
|
||||
++ fist :: capability record
|
||||
$: who/@p :: identity
|
||||
exp/(unit @da) :: expiration date
|
||||
== ::
|
||||
++ gree (map ship (map life (tale lama))) :: pki dump set
|
||||
++ gree (map ship grue) :: pki dump set
|
||||
++ grue (pair life (map life (tale lama))) ::
|
||||
++ mind {lyf/@ud who/@p} :: key identifier
|
||||
++ tale :: urbit-signed atom
|
||||
|* typ/mold ::
|
||||
$: dat/typ :: data
|
||||
syg/(set deod) :: signatures
|
||||
== ::
|
||||
++ doom (map @ud ring) :: secret keys
|
||||
++ wyll :: linear will
|
||||
$: len/@ud ::
|
||||
log/(list (tale lama)) ::
|
||||
|
Loading…
Reference in New Issue
Block a user