vvecna
/
troll-patrol


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358
							// User behavior in simulation

use crate::{
    get_date, negative_report::NegativeReport, positive_report::PositiveReport,
    simulation::state::State, BridgeDistributor,
};
use lox_cli::{networking::*, *};
use lox_library::{
    bridge_table::BridgeLine, cred::Lox, proto::check_blockage::MIN_TRUST_LEVEL, scalar_u32,
};
use rand::Rng;
use x25519_dalek::PublicKey;

pub struct User {
    // Does this user cooperate with a censor?
    censor: bool,

    // 2-character country code
    country: String,

    // The user always has a primary credential. If this credential's bucket is
    // blocked, the user may replace it or temporarily hold two credentials
    // while waiting to migrate from the primary credential.
    primary_cred: Lox,
    secondary_cred: Option<Lox>,

    // Does the user submit reports to Troll Patrol?
    submits_reports: bool,
}

impl User {
    pub async fn new(state: &State) -> Self {
        let cred = get_lox_credential(
            &state.net,
            &get_open_invitation(&state.net).await,
            get_lox_pub(&state.la_pubkeys),
        )
        .await
        .0;

        // Probabilistically decide whether this user cooperates with a censor
        let mut rng = rand::thread_rng();
        let num: f64 = rng.gen_range(0.0..1.0);
        let censor = num < state.prob_user_is_censor;

        // Probabilistically decide whether this user submits reports
        let num: f64 = rng.gen_range(0.0..1.0);
        let submits_reports = num < state.prob_user_submits_reports;

        // Probabilistically decide user's country
        let mut num: f64 = rng.gen_range(0.0..1.0);
        let cc = {
            let mut cc = String::default();
            for (country, prob) in &state.probs_user_in_country {
                let prob = *prob;
                if prob < num {
                    cc = country.to_string();
                    break;
                } else {
                    num -= prob;
                }
            }
            cc
        };

        Self {
            censor: censor,
            country: cc,
            primary_cred: cred,
            secondary_cred: None,
            submits_reports: submits_reports,
        }
    }

    // TODO: This should probably return an actual error type
    pub async fn invite(&mut self, state: &State) -> Result<Self, String> {
        let etable = get_reachability_credential(&state.net).await;
        let (new_cred, invite) = issue_invite(
            &state.net,
            &self.primary_cred,
            &etable,
            get_lox_pub(&state.la_pubkeys),
            get_reachability_pub(&state.la_pubkeys),
            get_invitation_pub(&state.la_pubkeys),
        )
        .await;
        self.primary_cred = new_cred;
        let friend_cred = redeem_invite(
            &state.net,
            &invite,
            get_lox_pub(&state.la_pubkeys),
            get_invitation_pub(&state.la_pubkeys),
        )
        .await
        .0;

        // Probabilistically decide whether this user cooperates with a censor
        // We do not influence this by the inviting friend's status. Anyone
        // might have friends who are untrustworthy, and censors may invite
        // non-censors to maintain an illusion of trustworthiness. Also, a
        // "censor" user may not be knowingly helping a censor.
        let mut rng = rand::thread_rng();
        let num: f64 = rng.gen_range(0.0..1.0);
        let censor = num < state.prob_user_is_censor;

        // Probabilistically decide whether this user submits reports
        let num: f64 = rng.gen_range(0.0..1.0);
        let submits_reports = num < state.prob_user_submits_reports;

        // Determine user's country
        let num: f64 = rng.gen_range(0.0..1.0);
        let cc = if num < state.prob_friend_in_same_country {
            self.country.to_string()
        } else {
            // Probabilistically decide user's country
            let mut num: f64 = rng.gen_range(0.0..1.0);
            let mut cc = String::default();
            for (country, prob) in &state.probs_user_in_country {
                let prob = *prob;
                if prob < num {
                    cc = country.to_string();
                    break;
                } else {
                    num -= prob;
                }
            }
            cc
        };

        Ok(Self {
            censor: censor,
            country: cc,
            primary_cred: friend_cred,
            secondary_cred: None,
            submits_reports: submits_reports,
        })
    }

    // Attempt to "connect" to the bridge, returns true if successful
    pub fn connect(&self, bridge: &BridgeLine) -> bool {
        true
    }

    pub async fn send_negative_reports(state: &State, reports: Vec<NegativeReport>) {
        let date = get_date();
        //let pubkey = state.tp_pubkeys.get(&date).unwrap();
        let pubkey = serde_json::from_slice::<Option<PublicKey>>(
            &state
                .net_tp
                .request(
                    "/nrkey".to_string(),
                    serde_json::to_string(&date).unwrap().into(),
                )
                .await,
        )
        .unwrap()
        .unwrap();
        for report in reports {
            state
                .net_tp
                .request(
                    "/negativereport".to_string(),
                    bincode::serialize(&report.encrypt(&pubkey)).unwrap(),
                )
                .await;
        }
    }

    pub async fn send_positive_reports(state: &State, reports: Vec<PositiveReport>) {
        for report in reports {
            state
                .net_tp
                .request("/positivereport".to_string(), report.to_json().into_bytes())
                .await;
        }
    }

    // User performs daily connection attempts, etc. and returns a vector of
    // newly invited friends and a vector of fingerprints of successfully
    // contacted bridges.
    pub async fn daily_tasks(&mut self, state: &State) -> (Vec<User>, Vec<[u8; 20]>) {
        // Download bucket to see if bridge is still reachable
        // (We assume that this step can be done even if the user can't actually
        // talk to the LA.)
        let (bucket, reachcred) = get_bucket(&state.net, &self.primary_cred).await;
        let level = scalar_u32(&self.primary_cred.trust_level).unwrap();

        // Can we level up the main credential?
        let can_level_up = reachcred.is_some()
            && (level == 0 && eligible_for_trust_promotion(&state.net, &self.primary_cred).await
                || level > 0 && eligible_for_level_up(&state.net, &self.primary_cred).await);

        // Can we migrate the main credential?
        let can_migrate = reachcred.is_none() && level >= MIN_TRUST_LEVEL;

        // Can we level up the secondary credential?
        let mut second_level_up = false;

        let mut failed = Vec::<BridgeLine>::new();
        let mut succeeded = Vec::<BridgeLine>::new();
        for i in 0..bucket.len() {
            // At level 0, we only have 1 bridge
            if level > 0 || i == 0 {
                if self.connect(&bucket[i]) {
                    succeeded.push(bucket[i]);
                } else {
                    failed.push(bucket[i]);
                }
            }
        }
        let second_cred = if succeeded.len() < 1 {
            if self.secondary_cred.is_some() {
                std::mem::replace(&mut self.secondary_cred, None)
            } else {
                // Get new credential
                let cred = get_lox_credential(
                    &state.net,
                    &get_open_invitation(&state.net).await,
                    get_lox_pub(&state.la_pubkeys),
                )
                .await
                .0;
                Some(cred)
            }
        } else {
            // If we're able to connect with the primary credential, don't
            // keep a secondary one.
            None
        };
        if second_cred.is_some() {
            let second_cred = second_cred.as_ref().unwrap();
            let (second_bucket, second_reachcred) = get_bucket(&state.net, &second_cred).await;
            if self.connect(&second_bucket[0]) {
                succeeded.push(second_bucket[0]);
                if second_reachcred.is_some()
                    && eligible_for_trust_promotion(&state.net, &second_cred).await
                {
                    second_level_up = true;
                }
            } else {
                failed.push(second_bucket[0]);
            }
        }

        let mut negative_reports = Vec::<NegativeReport>::new();
        let mut positive_reports = Vec::<PositiveReport>::new();
        if self.submits_reports {
            for bridge in &failed {
                negative_reports.push(NegativeReport::from_bridgeline(
                    *bridge,
                    self.country.to_string(),
                    BridgeDistributor::Lox,
                ));
            }
            if level >= 3 {
                for bridge in &succeeded {
                    positive_reports.push(
                        PositiveReport::from_lox_credential(
                            bridge.fingerprint,
                            None,
                            &self.primary_cred,
                            get_lox_pub(&state.la_pubkeys),
                            self.country.to_string(),
                        )
                        .unwrap(),
                    );
                }
            }
        }

        // We might restrict these steps to succeeded.len() > 0, but we do
        // assume the user can contact the LA somehow, so let's just allow it.
        if can_level_up {
            let cred = level_up(
                &state.net,
                &self.primary_cred,
                &reachcred.unwrap(),
                get_lox_pub(&state.la_pubkeys),
                get_reachability_pub(&state.la_pubkeys),
            )
            .await;
            self.primary_cred = cred;
            self.secondary_cred = None;
        }
        // We favor starting over at level 1 to migrating
        else if second_level_up {
            let second_cred = second_cred.as_ref().unwrap();
            let cred = trust_migration(
                &state.net,
                &second_cred,
                &trust_promotion(&state.net, &second_cred, get_lox_pub(&state.la_pubkeys)).await,
                get_lox_pub(&state.la_pubkeys),
                get_migration_pub(&state.la_pubkeys),
            )
            .await;
            self.primary_cred = cred;
            self.secondary_cred = None;
        } else if can_migrate {
            let cred = blockage_migration(
                &state.net,
                &self.primary_cred,
                &check_blockage(
                    &state.net,
                    &self.primary_cred,
                    get_lox_pub(&state.la_pubkeys),
                )
                .await,
                get_lox_pub(&state.la_pubkeys),
                get_migration_pub(&state.la_pubkeys),
            )
            .await;
            self.primary_cred = cred;
            self.secondary_cred = None;
        } else if second_cred.is_some() {
            // Couldn't connect with primary credential
            if succeeded.len() > 0 {
                // Keep the second credential only if it's useful
                self.secondary_cred = second_cred;
            }
        }

        if negative_reports.len() > 0 {
            Self::send_negative_reports(&state, negative_reports).await;
        }
        if positive_reports.len() > 0 {
            Self::send_positive_reports(&state, positive_reports).await;
        }

        // Invite friends if applicable
        let invitations = scalar_u32(&self.primary_cred.invites_remaining).unwrap();
        let mut new_friends = Vec::<User>::new();
        for _i in 0..invitations {
            let mut rng = rand::thread_rng();
            let num: f64 = rng.gen_range(0.0..1.0);
            if num < state.prob_user_invites_friend {
                match self.invite(&state).await {
                    Ok(friend) => {
                        // You really shouldn't push your friends, especially
                        // new ones whose boundaries you might not know well.
                        new_friends.push(friend);
                    }
                    Err(e) => {
                        println!("{}", e);
                    }
                }
            }
        }

        // List of fingerprints we contacted. This should not actually be more
        // than one.
        let mut connections = Vec::<[u8; 20]>::new();
        for bridge in succeeded {
            connections.push(bridge.get_hashed_fingerprint());
        }

        (new_friends, connections)
    }
}