/*! The various credentials used by the system.

In each case, (P,Q) forms the MAC on the credential.  This MAC is
verifiable only by the issuing party, or if the issuing party issues a
zero-knowledge proof of its correctness (as it does at issuing time). */

use curve25519_dalek::ristretto::RistrettoPoint;
use curve25519_dalek::scalar::Scalar;

/// A migration credential.
///
/// This credential authorizes the holder of the Lox credential with the
/// given id to switch from bucket from_bucket to bucket to_bucket.  The
/// migration_type attribute is 0 for trust upgrade migrations (moving
/// from a 1-bridge untrusted bucket to a 3-bridge trusted bucket) and 1
/// for blockage migrations (moving buckets because the from_bucket has
/// been blocked).
#[derive(Debug)]
pub struct Migration {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub lox_id: Scalar,
    pub from_bucket: Scalar,
    pub to_bucket: Scalar,
    pub migration_type: Scalar,
}

/// The main user credential in the Lox system.
///
/// Its id is jointly generated by the user and the BA (bridge
/// authority), but known only to the user.  The level_since date is the
/// Julian date of when this user was changed to the current trust
/// level.
#[derive(Debug)]
pub struct Lox {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub id: Scalar,
    pub bucket: Scalar,
    pub trust_level: Scalar,
    pub level_since: Scalar,
    pub invites_remaining: Scalar,
    pub blockages: Scalar,
}

/// The migration key credential.
///
/// This credential is never actually instantiated.  It is an implicit
/// credential on attributes lox_id and from_bucket.  This credential
/// type does have an associated private and public key, however.  The
/// idea is that if a user proves (in zero knowledge) that their Lox
/// credential entitles them to migrate from one bucket to another, the
/// BA will issue a (blinded, so the BA will not know the values of the
/// attributes or of Q) MAC on this implicit credential.  The Q value
/// will then be used (actually, a hash of lox_id, from_bucket, and Q)
/// to encrypt the to_bucket, P, and Q fields of a Migration credential.
/// That way, people entitled to migrate buckets can receive a Migration
/// credential with their new bucket, without the BA learning either
/// their old or new buckets.
#[derive(Debug)]
pub struct MigrationKey {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub lox_id: Scalar,
    pub from_bucket: Scalar,
}

/// The Bucket Reachability credential.
///
/// Each day, a credential of this type is put in each bucket that has
/// at least a (configurable) threshold number of bridges that have not
/// been blocked as of the given date.  Users can present this
/// credential (in zero knowledge) with today's date to prove that the
/// bridges in their bucket have not been blocked, in order to gain a
/// trust level.
#[derive(Debug)]
pub struct BucketReachability {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub date: Scalar,
    pub bucket: Scalar,
}

/// The Invitation credential.
///
/// These credentials allow a Lox user (the inviter) of sufficient trust
/// (level 2 or higher) to invite someone else (the invitee) to join the
/// system.  The invitee ends up at trust level 1, in the _same bucket_
/// as the inviter, and inherits the inviter's blockages count (so that
/// you can't clear your blockages count simply by inviting yourself).
/// Invitations expire after some amount of time.
#[derive(Debug)]
pub struct Invitation {
    pub P: RistrettoPoint,
    pub Q: RistrettoPoint,
    pub inv_id: Scalar,
    pub date: Scalar,
    pub bucket: Scalar,
    pub blockages: Scalar,
}