mirror of
https://github.com/QuilibriumNetwork/ceremonyclient.git
synced 2026-02-21 10:27:26 +08:00
dbd95bd9e9
* v2.1.0 [omit consensus and adjacent] - this commit will be amended with the full release after the file copy is complete * 2.1.0 main node rollup
176 lines
6.8 KiB
Protocol Buffer
176 lines
6.8 KiB
Protocol Buffer
syntax = "proto3";
|
||
|
||
package quilibrium.node.channel.pb;
|
||
|
||
option go_package = "source.quilibrium.com/quilibrium/monorepo/node/protobufs";
|
||
|
||
// Describes a general channel envelope for a message.
|
||
message P2PChannelEnvelope {
|
||
// A general protocol identifier as a uint32 – this is expected to rarely
|
||
// iterate, and should be uniquely identifying both protocol and version.
|
||
// Pragmatically speaking, this implies that the least significant byte
|
||
// specifies version (which should iterate most minimally), and the three most
|
||
// significant bytes should specify protocol. Recipients SHOULD ignore
|
||
// messages with incompatible protocol identifiers, but also SHOULD warn on
|
||
// identifiers with versions higher than the supported protocol. A large
|
||
// number of unsupported protocol messages may indicate spam/some other
|
||
// attack, whereas a large number of unsupported protocol versions may
|
||
// indicate an out of date client, respective to which side is the maximum of
|
||
// the version number.
|
||
uint32 protocol_identifier = 1;
|
||
|
||
// The encrypted message header. Message header encryption is mandatory –
|
||
// P2P channels in some cases pre-empt the mixnet and leaky information from
|
||
// unencrypted message headers could de-anonymize the recipient. It is thus
|
||
// also mandatory at the protocol implementation level that header sizes are
|
||
// consistent within a protocol so as to not leak metadata. An example of this
|
||
// is in Double and Triple-Ratchet, where the sequence identifiers MUST be
|
||
// encoded as fixed-length integers, as variable encoding can indicate a
|
||
// message being in the first 256, 65,536, etc. if an exchange is highly
|
||
// asymmetrical in sends/receives. This is especially critical in long
|
||
// running protocols with a need for fixed length messages (see message_body
|
||
// notes).
|
||
MessageCiphertext message_header = 2;
|
||
|
||
// The encrypted message body. Message bodies are variable length – ciphertext
|
||
// could range widely, however if this metadata is pertinent to determining
|
||
// protocol state, such as knowing what round an encapsulated protocol is in,
|
||
// or potentially what might be transferred over the protocol, protocol
|
||
// implementers SHOULD utilize chunking and send fixed length messages.
|
||
// Additionally, if rounds themselves are highly asymmetric or have
|
||
// long-standing processing times that could dangerously leak information of
|
||
// round state, implementers SHOULD defer protocol use to leverage the mixnet.
|
||
// If this is not feasible, the implementation details are left up to the
|
||
// exercise of the protocol author.
|
||
MessageCiphertext message_body = 3;
|
||
}
|
||
|
||
// Describes a general ciphertext payload.
|
||
message MessageCiphertext {
|
||
// The intialization vector used for encryption. While cipher specific,
|
||
// typically this should be a unique value for every ciphertext. If this is
|
||
// not the case for a protocol where it should be, this SHOULD be considered
|
||
// an invalid message and warned, as it could either indicate compromise,
|
||
// or a faulty cryptographic implementation – such as a faulty PKCS#11
|
||
// implementation that has a code path to handle HSM vendors which mandate
|
||
// zeroed IVs before passing into encryption methods, as they will update the
|
||
// IV within the HSM through hardware-supplied entropy.
|
||
bytes initialization_vector = 1;
|
||
|
||
// The raw ciphertext byte string. This will be cipher specific, however some
|
||
// general attributes are expected to be followed. If there is a common
|
||
// layout expected, such as AES-GCM having the GCM tag appended to the
|
||
// ciphertext, please follow the common layout.
|
||
bytes ciphertext = 2;
|
||
|
||
// The associated data byte string, if available. This will be highly protocol
|
||
// specific, but SHOULD NOT leak metadata.
|
||
bytes associated_data = 3;
|
||
}
|
||
|
||
// InboxMessage represents a message stored in an inbox
|
||
message InboxMessage {
|
||
// The address of the inbox
|
||
bytes address = 1;
|
||
// Unix timestamp in milliseconds
|
||
uint64 timestamp = 2;
|
||
// The ephemeral public key used for the message
|
||
bytes ephemeral_public_key = 3;
|
||
// The actual message content (encrypted)
|
||
bytes message = 4;
|
||
}
|
||
|
||
message HubAddInboxMessage {
|
||
// The address of the hub
|
||
bytes address = 1;
|
||
// The inbox public key to associate
|
||
bytes inbox_public_key = 2;
|
||
// The hub public key to associate
|
||
bytes hub_public_key = 3;
|
||
// The signature of the hub public key over the message
|
||
// `domain("add") || inbox_public_key`
|
||
bytes hub_signature = 4;
|
||
// The signature of the inbox public key over the message
|
||
// `domain("add") || hub_public_key`
|
||
bytes inbox_signature = 5;
|
||
}
|
||
|
||
message HubDeleteInboxMessage {
|
||
// The address of the hub
|
||
bytes address = 1;
|
||
// The inbox public key to associate
|
||
bytes inbox_public_key = 2;
|
||
// The hub public key to associate
|
||
bytes hub_public_key = 3;
|
||
// The signature of the hub public key over the message
|
||
// `domain("delete") || inbox_public_key`
|
||
bytes hub_signature = 4;
|
||
// The signature of the inbox public key over the message
|
||
// `domain("delete") || hub_public_key`
|
||
bytes inbox_signature = 5;
|
||
}
|
||
|
||
// InboxMessageRequest is used to request specific messages
|
||
message InboxMessageRequest {
|
||
// The 3-byte filter for message routing
|
||
bytes filter = 1;
|
||
// Optional: specific message ID to retrieve
|
||
bytes message_id = 2;
|
||
// Optional: address to filter messages by
|
||
bytes address = 3;
|
||
// Optional: retrieve messages after this timestamp
|
||
uint64 from_timestamp = 4;
|
||
// Optional: retrieve messages before this timestamp
|
||
uint64 to_timestamp = 5;
|
||
}
|
||
|
||
// InboxMessageResponse contains requested messages
|
||
message InboxMessageResponse {
|
||
// List of messages matching the request criteria
|
||
repeated InboxMessage messages = 1;
|
||
}
|
||
|
||
// InboxMessagePut is used to store a new message
|
||
message InboxMessagePut {
|
||
// The message to store
|
||
InboxMessage message = 1;
|
||
}
|
||
|
||
// HubRequest is used to retrieve hub information
|
||
message HubRequest {
|
||
// The 3-byte filter for the hub
|
||
bytes filter = 1;
|
||
// The hub address to retrieve
|
||
bytes hub_address = 2;
|
||
}
|
||
|
||
// HubResponse is used to return hub information
|
||
message HubResponse {
|
||
// The inbox addresses associated with a hub
|
||
repeated HubAddInboxMessage adds = 1;
|
||
// The inbox addresses no longer associated with a hub
|
||
repeated HubDeleteInboxMessage deletes = 2;
|
||
}
|
||
|
||
// HubPut is used to create or update a hub
|
||
message HubPut {
|
||
// The addition of an inbox address association
|
||
HubAddInboxMessage add = 1;
|
||
// The deletion of an inbox address association
|
||
HubDeleteInboxMessage delete = 2;
|
||
}
|
||
|
||
// DispatchSyncRequest is used to request synchronization of dispatch data
|
||
message DispatchSyncRequest {
|
||
// The filters this peer is interested in (3 bytes each)
|
||
repeated bytes filters = 1;
|
||
}
|
||
|
||
// DispatchSyncResponse contains synchronized data
|
||
message DispatchSyncResponse {
|
||
// Messages matching the requested filters
|
||
repeated InboxMessage messages = 1;
|
||
// Hub information for the requested filters
|
||
repeated HubResponse hubs = 2;
|
||
}
|