graph-store: first pass at signing, hashing, and verifying nodes

2025-01-01 17:16:47 +03:00 · 2020-06-09 14:48:05 -04:00 · 2020-06-09 14:48:05 -04:00 · d44e7eb9ca
commit d44e7eb9ca
parent f8d860c0ef
3 changed files with 65 additions and 23 deletions
--- a/pkg/arvo/app/graph-store.hoon
+++ b/pkg/arvo/app/graph-store.hoon
@ -58,7 +58,7 @@
      ^-  (quip card _state)
      ?<  (~(has by graphs) resource)
      :-  (give [/all /keys ~] [%add-graph resource graph])
-      %=  state
+      %_  state
          graphs       (~(put by graphs) resource graph)
          action-logs  (~(put by action-logs) resource (gas:orm-log ~ ~))
      ==
@ -68,7 +68,7 @@
      ^-  (quip card _state)
      ?>  (~(has by graphs) resource)
      :-  (give [/all /keys ~] [%remove-graph resource])
-      %=  state
+      %_  state
          graphs       (~(del by graphs) resource)
          action-logs  (~(del by action-logs) resource)
      ==
@ -102,19 +102,47 @@
        =*  node   +.i.node-list
        %_  $
            node-list  t.node-list
-            graph  (add-node-at-index graph index node)
+            graph      (add-node-at-index graph index node ~)
        ==
      ::
      ++  add-node-at-index
-        |=  [=graph:store =index:store =node:store]
+        |=  $:  =graph:store
+                =index:store
+                =node:store
+                parent-hash=(unit hash:store)
+            ==
        ^-  graph:store
        ?~  index  graph
        =*  atom   i.index
        ::  last index in list
        ::
        ?~  t.index
-          ::  TODO: validate that hash of node matches
-          (put:orm graph atom node)
+          ::  verify hash if it exists, otherwise calculate
+          ::
+          =*  p  post.node
+          =/  =validated-portion:store
+            [parent-hash author.p index.p time-sent.p contents.p]
+          =/  calculated-hash  (mug validated-portion)
+          ?^  hash.p
+            ::  hash is present, validate it
+            ~|  "hash of post does not match calculated hash"
+            ?>  =(calculated-hash u.hash.p)
+            (put:orm graph atom node)
+          ::  no hash present
+          ::
+          %^  put:orm
+              graph
+            atom
+          %=  node
+              hash.post  `calculated-hash
+              signatures.post
+            ?.  =(our.bowl author.post.node)  ~
+            %-  ~(gas in *signatures:store)
+            :_  ~
+            :+  `@ux`(sign:as:crub:crypto calculated-hash)
+              our.bowl
+            .^(=life %j /=life/(scot %p our.bowl))
+          ==
        ::  multiple indices left in list
        ::
        =/  parent=(unit node:store)  (get:orm graph atom)
@ -124,23 +152,27 @@
        ?+  -.children.u.parent
          ::  replace empty graph with graph containing one child
          ::
+          =*  p-hash  hash.post.u.parent
          %^  put:orm
              graph
            atom
          %=  u.parent
              children
            ^-  internal-graph:store
-            [%graph $(graph (gas:orm ~ ~), index t.index)]
+            :-  %graph
+            $(graph (gas:orm ~ ~), index t.index, parent-hash p-hash)
          ==
        ::
            %graph
          :: recurse into children
          ::
+          =*  p-hash  hash.post.u.parent
          %^  put:orm
              graph
            atom
          %_  u.parent
-              p.children  $(graph p.children.u.parent, index t.index)
+              p.children
+            $(graph p.children.u.parent, index t.index, parent-hash p-hash)
          ==
        ==
      --
@ -234,14 +266,11 @@
          ::  TODO: finish this
          ?.  (are-signatures-valid:sigs signatures *hash:store now.bowl)
            ~|("signatures did not match public keys!" !!)
-          =/  new-signatures  (~(uni in signatures) p.signatures.post.u.node)
+          =/  new-signatures  (~(uni in signatures) signatures.post.u.node)
          %^  put:orm
              graph
            atom
-          %_  u.node
-              p.signatures.post  new-signatures
-              q.signatures.post  (sha256-mug:sigs new-signatures)
-          ==
+          u.node(signatures.post new-signatures)
        ::  multiple indices left in list
        ::
        ?+  -.children.u.node
--- a/pkg/arvo/lib/signatures.hoon
+++ b/pkg/arvo/lib/signatures.hoon
@ -15,15 +15,20 @@
 ++  is-signature-valid
  |=  [=signature =hash now=time]
  ^-  ?
-  =/  =pass
-    .^  pass
+  =/  deed=(unit [a=life b=pass c=(unit @ux)])
+    .^  (unit [life pass (unit @ux)])
      %j
      /=deed/(scot %da now)/(scot %p q.signature)/(scot %ud p.signature)
    ==
-  ::  verify signature against hash of post
-  ?:  %.y
-    %.n
-  %.y
+  ::  we do not have a public key from ship
+  ::
+  ?~  deed  %.y
+  ::  we do not have a public key from ship at this life
+  ::
+  ?.  =(a.u.deed r.signature)  %.y
+  ::  verify signature from ship at life
+  ::
+  ?=(^ (tear:as:crub:crypto b.u.deed p.signature))
 ::
 ++  are-signatures-valid
  |=  [=signatures =hash now=time]
--- a/pkg/arvo/sur/post.hoon
+++ b/pkg/arvo/sur/post.hoon
@ -4,18 +4,26 @@
 +$  index       (list atom)
 +$  uid         [=resource =index]
 ::
-::  must be sha256 hash
+::  mug hash of +validated-portion
 +$  hash  @ux
 ::
 +$  signature   [p=@ux q=ship r=life]
 +$  signatures  (set signature)
 +$  post
  $:  author=ship
-      =hash
      =index
-      contents=(list content)
-      signatures=[p=signatures q=hash]
      time-sent=time
+      contents=(list content)
+      hash=(unit hash)
+      =signatures
+  ==
+::
+$  validated-portion
+  $:  parent-hash=(unit hash)
+      author=ship
+      =index
+      time-sent=time
+      contents=(list content)
  ==
 ::
 +$  content