|
|
@@ -14,6 +14,8 @@ The user presents their current Lox credential:
|
|
|
- level_since: hidden
|
|
|
- invites_remaining: hidden, but proved in ZK that it's not zero
|
|
|
- blockages: hidden
|
|
|
+- false_reports: hidden
|
|
|
+- pending: revealed to be 0
|
|
|
|
|
|
and a Bucket Reachability credential:
|
|
|
- date: revealed to be today
|
|
|
@@ -33,6 +35,9 @@ and a new Lox credential to be issued:
|
|
|
the number in the Lox credential above
|
|
|
- blockages: hidden, but proved in ZK that it's the same as in the
|
|
|
Lox credential above
|
|
|
+- false_reports: hidden, but proved in ZK that it's the same as in the
|
|
|
+ Lox credential above
|
|
|
+- pending: 0
|
|
|
|
|
|
and a new Invitation credential to be issued:
|
|
|
|
|
|
@@ -42,6 +47,8 @@ and a new Invitation credential to be issued:
|
|
|
credential above
|
|
|
- blockages: hidden, but proved in ZK that it's the same as in the Lox
|
|
|
credential above
|
|
|
+- false_reports: hidden, but proved in ZK that it's the same as in the
|
|
|
+ Lox credential above
|
|
|
|
|
|
*/
|
|
|
|
|
|
@@ -65,8 +72,8 @@ const SESSION_ID: &[u8] = b"issue_invite";
|
|
|
pub const INVITATION_EXPIRY: u32 = 15;
|
|
|
|
|
|
muCMZProtocol! { issue_invite,
|
|
|
- [L: Lox {id: R, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H}, B: BucketReachability { date: R, bucket: H } ],
|
|
|
- [ I: Invitation { inv_id: J, date: S, bucket: H, blockages: H }, N: Lox {id: J, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H }],
|
|
|
+ [L: Lox {id: R, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H, false_reports: H, pending: R }, B: BucketReachability { date: R, bucket: H } ],
|
|
|
+ [ I: Invitation { inv_id: J, date: S, bucket: H, blockages: H, false_reports: H }, N: Lox {id: J, bucket: H, trust_level: H, level_since: H, invites_remaining: H, blockages: H, false_reports: H, pending: I }],
|
|
|
L.bucket = B.bucket,
|
|
|
L.invites_remaining != 0,
|
|
|
N.bucket = L.bucket,
|
|
|
@@ -74,8 +81,10 @@ muCMZProtocol! { issue_invite,
|
|
|
N.level_since = L.level_since,
|
|
|
N.invites_remaining = L.invites_remaining - 1,
|
|
|
N.blockages = L.blockages,
|
|
|
+ N.false_reports = L.false_reports,
|
|
|
I.bucket = L.bucket,
|
|
|
- I.blockages = L.blockages
|
|
|
+ I.blockages = L.blockages,
|
|
|
+ I.false_reports = L.false_reports,
|
|
|
}
|
|
|
|
|
|
pub fn request(
|
|
|
@@ -121,12 +130,17 @@ pub fn request(
|
|
|
String::from("reachability credential must be generated today"),
|
|
|
));
|
|
|
}
|
|
|
+ // The credential must not have pending reports
|
|
|
+ if L.pending.is_some_and(|p| p != Scalar::ZERO) {
|
|
|
+ return Err(CredentialError::CredentialPending);
|
|
|
+ }
|
|
|
|
|
|
let mut I: Invitation = Invitation::using_pubkey(&inv_pub);
|
|
|
I.inv_id = Some(Scalar::random(rng));
|
|
|
I.date = Some(today.into());
|
|
|
I.bucket = L.bucket;
|
|
|
I.blockages = L.blockages;
|
|
|
+ I.false_reports = L.false_reports;
|
|
|
|
|
|
let mut N: Lox = Lox::using_pubkey(L.get_pubkey());
|
|
|
N.bucket = L.bucket;
|
|
|
@@ -134,6 +148,8 @@ pub fn request(
|
|
|
N.level_since = L.level_since;
|
|
|
N.invites_remaining = Some(L.invites_remaining.unwrap() - Scalar::ONE);
|
|
|
N.blockages = L.blockages;
|
|
|
+ N.false_reports = L.false_reports;
|
|
|
+ N.pending = Some(Scalar::ZERO);
|
|
|
|
|
|
match issue_invite::prepare(rng, SESSION_ID, &L, &B, I, N) {
|
|
|
Ok(req_state) => Ok(req_state),
|
|
|
@@ -156,6 +172,13 @@ impl BridgeAuth {
|
|
|
SESSION_ID,
|
|
|
recvreq,
|
|
|
|L: &mut Lox, B: &mut BucketReachability, I: &mut Invitation, N: &mut Lox| {
|
|
|
+ if L.pending.is_some_and(|p| p != Scalar::ZERO) {
|
|
|
+ // This error should be improved (InvalidAttr)
|
|
|
+ return Err(CMZError::RevealAttrMissing(
|
|
|
+ "trust_promotion",
|
|
|
+ "Credential must not be pending",
|
|
|
+ ));
|
|
|
+ }
|
|
|
L.set_privkey(&self.lox_priv);
|
|
|
B.set_privkey(&self.reachability_priv);
|
|
|
I.set_privkey(&self.invitation_priv);
|