Update protocols with session id arg, contains

Cargo.lock

@@ -125,9 +125,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
 
 [[package]]
 name = "cc"
-version = "1.2.27"
+version = "1.2.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d487aa071b5f64da6f19a3e848e3578944b726ee5a4854b82172f02aa876bfdc"
+checksum = "5c1599538de2394445747c8cf7935946e3cc27e9625f889d979bfb2aaf569362"
 dependencies = [
  "shlex",
 ]
@@ -204,12 +204,6 @@ dependencies = [
  "libc",
 ]
 
-[[package]]
-name = "crunchy"
-version = "0.2.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5"
-
 [[package]]
 name = "crypto-common"
 version = "0.1.6"
@@ -232,9 +226,9 @@ dependencies = [
 
 [[package]]
 name = "curve25519-dalek"
-version = "4.1.3"
+version = "4.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be"
+checksum = "373b7c5dbd637569a2cca66e8d66b8c446a1e7bf064ea321d265d7b3dfe7c97e"
 dependencies = [
  "cfg-if",
  "cpufeatures",
@@ -332,9 +326,9 @@ dependencies = [
 
 [[package]]
 name = "ed25519-dalek"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
+checksum = "70e796c081cee67dc755e1a36a0a172b897fab85fc3f6bc48307991f64e4eca9"
 dependencies = [
  "curve25519-dalek",
  "ed25519",
@@ -380,9 +374,9 @@ dependencies = [
 
 [[package]]
 name = "fiat-crypto"
-version = "0.2.9"
+version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d"
+checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24"
 
 [[package]]
 name = "fnv"
@@ -794,6 +788,18 @@ dependencies = [
  "serde_json",
 ]
 
+[[package]]
+name = "schemars"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "82d20c4491bc164fa2f6c5d44565947a52ad80b9505d8e36f8d54c27c739fcd0"
+dependencies = [
+ "dyn-clone",
+ "ref-cast",
+ "serde",
+ "serde_json",
+]
+
 [[package]]
 name = "semver"
 version = "1.0.26"
@@ -843,16 +849,17 @@ dependencies = [
 
 [[package]]
 name = "serde_with"
-version = "3.13.0"
+version = "3.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf65a400f8f66fb7b0552869ad70157166676db75ed8181f8104ea91cf9d0b42"
+checksum = "f2c45cd61fefa9db6f254525d46e392b852e0e61d9a1fd36e5bd183450a556d5"
 dependencies = [
  "base64 0.22.1",
  "chrono",
  "hex",
  "indexmap 1.9.3",
  "indexmap 2.10.0",
- "schemars",
+ "schemars 0.9.0",
+ "schemars 1.0.4",
  "serde",
  "serde_derive",
  "serde_json",
@@ -862,9 +869,9 @@ dependencies = [
 
 [[package]]
 name = "serde_with_macros"
-version = "3.13.0"
+version = "3.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81679d9ed988d5e9a5e6531dc3f2c28efbd639cbd1dfb628df08edea6004da77"
+checksum = "de90945e6565ce0d9a25098082ed4ee4002e047cb59892c318d66821e14bb30f"
 dependencies = [
  "darling",
  "proc-macro2",
@@ -916,12 +923,14 @@ version = "0.1.0"
 dependencies = [
  "ff",
  "group",
+ "keccak",
  "num-bigint 0.4.6",
  "num-traits",
  "rand",
  "sha3",
  "thiserror 1.0.69",
- "tiny-keccak",
+ "zerocopy",
+ "zeroize",
 ]
 
 [[package]]
@@ -932,6 +941,7 @@ dependencies = [
  "rand",
  "sigma-rs",
  "sigma_compiler_derive",
+ "subtle",
 ]
 
 [[package]]
@@ -1068,15 +1078,6 @@ dependencies = [
  "time-core",
 ]
 
-[[package]]
-name = "tiny-keccak"
-version = "2.0.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237"
-dependencies = [
- "crunchy",
-]
-
 [[package]]
 name = "typenum"
 version = "1.18.0"
@@ -1256,3 +1257,9 @@ dependencies = [
  "quote",
  "syn 2.0.104",
 ]
+
+[[package]]
+name = "zeroize"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"

src/proto/blockage_migration.rs

@@ -47,6 +47,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"blockage_migration";
+
 muCMZProtocol! { blockage_migration<min_trust_level>,
     [ L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: H, blockages: H },
     M: Migration { lox_id: R, from_bucket: H, to_bucket: H } ],
@@ -104,7 +106,7 @@ pub fn request(
         min_trust_level: (MIN_TRUST_LEVEL - 1).into(),
     };
 
-    match blockage_migration::prepare(&mut rng, &L, &M, N, &params) {
+    match blockage_migration::prepare(&mut rng, SESSION_ID, &L, &M, N, &params) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -123,6 +125,7 @@ impl BridgeAuth {
         let today = self.today();
         match blockage_migration::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, M: &mut Migration, N: &mut Lox| {
                 let level: u32 = match scalar_u32(&L.trust_level.unwrap()) {

src/proto/check_blockage.rs

@@ -51,12 +51,12 @@ use std::collections::HashMap;
 /// The minimum trust level a Lox credential must have to be allowed to
 /// perform this protocol.
 pub const MIN_TRUST_LEVEL: u32 = 3;
+const SESSION_ID: &[u8] = b"check_blockage";
 
-muCMZProtocol! { check_blockage<min_trust_level, max_trust_level>,
+muCMZProtocol! { check_blockage,
     L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: R, blockages: R },
     M: MigrationKey { lox_id: J, from_bucket: H} ,
     L.bucket = M.from_bucket,
-    [min_trust_level..max_trust_leve].contains(L.trust_level),
 }
 
 pub fn request(
@@ -84,7 +84,7 @@ pub fn request(
                 ))
             }
         };
-        if level < MIN_TRUST_LEVEL {
+        if !(MIN_TRUST_LEVEL..=MAX_LEVEL as u32).contains(&level) {
             return Err(CredentialError::InvalidField(
                 String::from("trust_level"),
                 format!("level {:?} not in range", level),
@@ -92,16 +92,11 @@ pub fn request(
         }
     }
 
-    let params = check_blockage::Params {
-        min_trust_level: MIN_TRUST_LEVEL.into(),
-        max_trust_level: (MAX_LEVEL as u32).into(),
-    };
-
     match check_blockage::prepare(
         &mut rng,
+        SESSION_ID,
         &L,
         MigrationKey::using_pubkey(&mig_pubkeys),
-        &params,
     ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
@@ -126,16 +121,33 @@ impl BridgeAuth {
 
         match check_blockage::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, M: &mut MigrationKey| {
+                // Ensure the credential can be correctly shown: it must be the case
+                // that trust_level >= MIN_TRUST_LEVEL
+                if let Some(tl) = L.trust_level {
+                    let level: u32 = match scalar_u32(&tl) {
+                        Some(v) => v,
+                        None => {
+                            return Err(CMZError::RevealAttrMissing(
+                                "trust_level",
+                                "could not be converted to u32",
+                            ))
+                        }
+                    };
+                    if !(MIN_TRUST_LEVEL..=MAX_LEVEL as u32).contains(&level) {
+                        return Err(CMZError::RevealAttrMissing(
+                            "trust_level",
+                            "level not in range",
+                        ));
+                    }
+                };
                 L.set_privkey(&self.lox_priv);
                 M.set_privkey(&self.migrationkey_priv);
                 M.lox_id = L.id;
                 M.from_bucket = L.bucket;
-                Ok(check_blockage::Params {
-                    min_trust_level: MIN_TRUST_LEVEL.into(),
-                    max_trust_level: (MAX_LEVEL as u32).into(),
-                })
+                Ok(())
             },
             |L: &Lox, _M: &MigrationKey| {
                 if self.id_filter.filter(&L.id.unwrap()) == SeenType::Seen {

src/proto/issue_invite.rs

@@ -51,26 +51,29 @@ use super::super::dup_filter::SeenType;
 use super::super::BridgeAuth;
 use super::super::{scalar_u32, Scalar, G};
 use super::errors::CredentialError;
+use super::level_up::{LEVEL_INVITATIONS, MAX_LEVEL};
 use crate::lox_creds::{BucketReachability, Invitation, Lox};
 use cmz::*;
 use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"issue_invite";
+
 /// Invitations must be used within this many days of being issued.
 /// Note that if you change this number to be larger than 15, you must
 /// also add bits to the zero knowledge proof.
 pub const INVITATION_EXPIRY: u32 = 15;
 
-muCMZProtocol! { issue_invite,
+muCMZProtocol! { issue_invite<max_invitations>,
     [L: Lox {id: R, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H}, B: BucketReachability { date: R, bucket: H } ],
     [ I: Invitation { inv_id: J, date: S, bucket: H, blockages: H }, N: Lox {id: J, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H }],
     L.bucket = B.bucket,
-    L.invites_remaining != 0,
+    (1..=max_invitations).contains(L.invites_remaining),
     N.bucket = L.bucket,
     N.trust_level = L.trust_level,
     N.level_since = L.level_since,
-    N.invites_remaining = L.invites_remaining - 1,
+//    N.invites_remaining = L.invites_remaining - 1,
     N.blockages = L.blockages,
     I. bucket = L.bucket,
     I.blockages = L.blockages
@@ -121,12 +124,18 @@ pub fn request(
         ));
     }
 
+    let params = issue_invite::Params {
+        max_invitations: LEVEL_INVITATIONS[MAX_LEVEL].into(),
+    };
+
     match issue_invite::prepare(
         &mut rng,
+        SESSION_ID,
         &L,
         &B,
         Invitation::using_pubkey(&inv_pub),
         Lox::using_pubkey(&lox_pubkeys),
+        &params,
     ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
@@ -145,6 +154,7 @@ impl BridgeAuth {
         let today = self.today();
         match issue_invite::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, B: &mut BucketReachability, I: &mut Invitation, N: &mut Lox| {
                 L.set_privkey(&self.lox_priv);
@@ -162,7 +172,9 @@ impl BridgeAuth {
                 N.blockages = L.blockages;
                 I.bucket = N.bucket;
                 I.blockages = L.blockages;
-                Ok(())
+                Ok(issue_invite::Params {
+                    max_invitations: LEVEL_INVITATIONS[MAX_LEVEL].into(),
+                })
             },
             |_L: &Lox, _B: &BucketReachability, I: &Invitation, _N: &Lox| {
                 if self.inv_id_filter.filter(&I.inv_id.unwrap()) == SeenType::Seen {

src/proto/level_up.rs

@@ -49,6 +49,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"level_up";
+
 /// The maximum trust level in the system.  A user can run this level
 /// upgrade protocol when they're already at the max level; they will
 /// get a fresh invites_remaining batch, and reset their level_since
@@ -80,8 +82,8 @@ muCMZProtocol! { level_up<credential_expiry, eligibility_max_age, max_blockage>,
     [ L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: H, blockages: H },
     B: BucketReachability { date: R, bucket: H } ],
     N: Lox {id: J, bucket: H, trust_level: R, level_since: S, invites_remaining: I, blockages: H },
-    [credential_expiry.. eligibility_max_age].contains(L.level_since),
-    [0..max_blockage].contains(L.blockages),
+    (credential_expiry..=eligibility_max_age).contains(L.level_since),
+    (0..=max_blockage).contains(L.blockages),
     B.bucket = L.bucket,
     N.bucket = L.bucket,
     N.trust_level = L.trust_level + 1,
@@ -192,7 +194,14 @@ pub fn request(
         max_blockage: MAX_BLOCKAGES[new_level as usize].into(),
     };
 
-    match level_up::prepare(rng, &L, &B, Lox::using_pubkey(&pubkeys), &params) {
+    match level_up::prepare(
+        rng,
+        SESSION_ID,
+        &L,
+        &B,
+        Lox::using_pubkey(&pubkeys),
+        &params,
+    ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -210,6 +219,7 @@ impl BridgeAuth {
         let today = self.today();
         match level_up::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, _B: &mut BucketReachability, N: &mut Lox| {
                 let trust_level: u32 = match scalar_u32(&L.trust_level.unwrap()) {

src/proto/migration.rs

@@ -45,6 +45,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"migration";
+
 muCMZProtocol! { migration,
     [ L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: R, blockages: R },
     M: Migration { lox_id: R, from_bucket: H, to_bucket: H } ],
@@ -85,7 +87,7 @@ pub fn request(
     let mut N = Lox::using_pubkey(&pubkeys);
     N.trust_level = Some(Scalar::ONE);
 
-    match migration::prepare(&mut rng, &L, &M, N) {
+    match migration::prepare(&mut rng, SESSION_ID, &L, &M, N) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -104,6 +106,7 @@ impl BridgeAuth {
         let today = self.today();
         match migration::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, M: &mut Migration, N: &mut Lox| {
                 match scalar_u32(&L.trust_level.unwrap()) {

src/proto/open_invite.rs

@@ -26,6 +26,7 @@ use cmz::*;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"open_invite";
 muCMZProtocol! { open_invitation,
     ,
     L: Lox {id: J, bucket: S, trust_level: I, level_since: S, invites_remaining: I, blockages: I },
@@ -41,13 +42,13 @@ pub fn request(
     cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
 
     let mut L = Lox::using_pubkey(&pubkeys);
-    L.id = Some(Scalar::ZERO);
+    L.id = Some(Scalar::random(rng));
     L.bucket = Some(Scalar::ZERO);
     L.trust_level = Some(Scalar::ZERO);
     L.level_since = Some(Scalar::ZERO);
     L.invites_remaining = Some(Scalar::ZERO);
     L.blockages = Some(Scalar::ZERO);
-    match open_invitation::prepare(&mut *rng, L) {
+    match open_invitation::prepare(rng, SESSION_ID, L) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -74,7 +75,6 @@ impl BridgeAuth {
                 Err(_) => None,
             };
         }
-
         // Check if verifying with the old key succeeded, if it did, check if it has been seen
         if old_token.is_some() {
             // Only proceed if the invite_id is fresh
@@ -126,11 +126,15 @@ impl BridgeAuth {
         let recvreq = open_invitation::Request::try_from(&reqbytes[..]).unwrap();
         match open_invitation::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox| {
                 L.set_privkey(&self.lox_priv);
                 L.bucket = Some(bucket);
+                L.trust_level = Some(Scalar::ZERO);
                 L.level_since = Some(self.today().into());
+                L.invites_remaining = Some(Scalar::ZERO);
+                L.blockages = Some(Scalar::ZERO);
                 Ok(())
             },
             |_L: &Lox| Ok(()),
@@ -161,8 +165,8 @@ mod tests {
     #[test]
     fn test_open_invitation() {
         let mut th = TestHarness::new();
-        let mut rng = rand::thread_rng();
-        let open_invitation_request = request(&mut rng, th.ba.lox_pub.clone());
+        let rng = &mut rand::thread_rng();
+        let open_invitation_request = request(rng, th.ba.lox_pub.clone());
         assert!(
             open_invitation_request.is_ok(),
             "Open invitation request should succeed"

src/proto/redeem_invite.rs

@@ -23,9 +23,9 @@ and a new Lox credential to be issued:
 
 #[cfg(feature = "bridgeauth")]
 use super::super::dup_filter::SeenType;
+use super::super::{scalar_u32, G};
 #[cfg(feature = "bridgeauth")]
-use super::super::BridgeAuth;
-use super::super::{scalar_u32, Scalar, G};
+use super::super::{BridgeAuth, Scalar};
 use super::errors::CredentialError;
 #[cfg(feature = "bridgeauth")]
 use super::level_up::LEVEL_INVITATIONS;
@@ -35,6 +35,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"redeem_invite";
+
 /// Invitations must be used within this many days of being issued.
 /// Note that if you change this number to be larger than 15, you must
 /// also add bits to the zero knowledge proof.
@@ -43,7 +45,7 @@ pub const INVITATION_EXPIRY: u32 = 15;
 muCMZProtocol! { redeem_invite<credential_expiry, today>,
     [ I: Invitation { inv_id: R, date: H, bucket: H, blockages: H } ],
     N: Lox {id: J, bucket: H, trust_level: I, level_since: S, invites_remaining: I, blockages: H },
-    [credential_expiry..today].contains(I.date),
+    (credential_expiry..today).contains(I.date),
     N.bucket = I.bucket,
     N.blockages = I.blockages,
 }
@@ -84,7 +86,13 @@ pub fn request(
         today: today.into(),
     };
 
-    match redeem_invite::prepare(&mut rng, &I, Lox::using_pubkey(&lox_pubkeys), &params) {
+    match redeem_invite::prepare(
+        &mut rng,
+        SESSION_ID,
+        &I,
+        Lox::using_pubkey(&lox_pubkeys),
+        &params,
+    ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -102,6 +110,7 @@ impl BridgeAuth {
         let today = self.today();
         match redeem_invite::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |I: &mut Invitation, N: &mut Lox| {
                 I.set_privkey(&self.invitation_priv);

src/proto/trust_promotion.rs

@@ -46,6 +46,8 @@ use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 use std::collections::HashMap;
 
+const SESSION_ID: &[u8] = b"trust_promo";
+
 /// The minimum number of days a user has to be at trust level 0
 /// (untrusted) with their (single) bridge unblocked before they can
 /// move to level 1.
@@ -59,7 +61,7 @@ muCMZProtocol! { trust_promotion<credential_expiry, eligibility_max_age>,
     L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: R, blockages: R },
     M: MigrationKey { lox_id: J, from_bucket: H} ,
     L.bucket = M.from_bucket,
-    [credential_expiry..eligibility_max_age].contains(L.level_since),
+    (credential_expiry..eligibility_max_age).contains(L.level_since),
 }
 
 pub fn request(
@@ -106,7 +108,13 @@ pub fn request(
         eligibility_max_age: eligibility_max_age.into(),
     };
 
-    match trust_promotion::prepare(rng, &L, MigrationKey::using_pubkey(&mig_pubkeys), &params) {
+    match trust_promotion::prepare(
+        rng,
+        SESSION_ID,
+        &L,
+        MigrationKey::using_pubkey(&mig_pubkeys),
+        &params,
+    ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -130,6 +138,7 @@ impl BridgeAuth {
         let today = self.today();
         match trust_promotion::handle(
             &mut rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, M: &mut MigrationKey| {
                 L.set_privkey(&self.lox_priv);

src/proto/update_cred.rs

@@ -37,6 +37,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"update_cred";
+
 muCMZProtocol! { update_cred,
     L: Lox { id: R, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H },
     N: Lox {id: J, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H },
@@ -54,7 +56,7 @@ pub fn request(
 ) -> Result<(update_cred::Request, update_cred::ClientState), CredentialError> {
     cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
 
-    match update_cred::prepare(&mut *rng, &L, Lox::using_pubkey(&pubkeys)) {
+    match update_cred::prepare(&mut *rng, SESSION_ID, &L, Lox::using_pubkey(&pubkeys)) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -76,6 +78,7 @@ impl BridgeAuth {
         let recvreq = update_cred::Request::try_from(&reqbytes[..]).unwrap();
         match update_cred::handle(
             &mut *rng,
+            SESSION_ID,
             recvreq,
             |L: &mut Lox, N: &mut Lox| {
                 // calling this function will automatically use the most recent old private key for

src/proto/update_invite.rs

@@ -31,6 +31,8 @@ use group::Group;
 use rand::{CryptoRng, RngCore};
 use sha2::Sha512;
 
+const SESSION_ID: &[u8] = b"update_invite";
+
 muCMZProtocol! { update_invite,
     I: Invitation { inv_id: R, date: H, bucket: H, blockages: H },
     N: Invitation { inv_id: J, date: H, bucket: H, blockages: H },
@@ -46,7 +48,12 @@ pub fn request(
 ) -> Result<(update_invite::Request, update_invite::ClientState), CredentialError> {
     cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
 
-    match update_invite::prepare(&mut *rng, &I, Invitation::using_pubkey(&new_pubkeys)) {
+    match update_invite::prepare(
+        &mut *rng,
+        SESSION_ID,
+        &I,
+        Invitation::using_pubkey(&new_pubkeys),
+    ) {
         Ok(req_state) => Ok(req_state),
         Err(e) => Err(CredentialError::CMZError(e)),
     }
@@ -69,6 +76,7 @@ impl BridgeAuth {
         let recvreq = update_invite::Request::try_from(&reqbytes[..]).unwrap();
         match update_invite::handle(
             &mut *rng,
+            SESSION_ID,
             recvreq,
             |I: &mut Invitation, N: &mut Invitation| {
                 // calling this function will automatically use the most recent old private key for