draft taco api

nucypher · Aug 14, 2023 · 60af38b · 60af38b · github-actions · Aug 14, 2023
1 parent e4f824d
commit 60af38b
Show file tree

Hide file tree

Showing 9 changed files with 216 additions and 84 deletions.
diff --git a/src/characters/cbd-recipient.ts b/src/characters/cbd-recipient.ts
@@ -1,7 +1,7 @@
 import {
   Ciphertext,
+  combineDecryptionSharesSimple,
   Context,
-  DecryptionSharePrecomputed,
   DecryptionShareSimple,
   decryptWithSharedSecret,
   EncryptedThresholdDecryptionRequest,
@@ -15,11 +15,6 @@ import { ethers } from 'ethers';
 
 import { DkgCoordinatorAgent, DkgParticipant } from '../agents/coordinator';
 import { ConditionExpression } from '../conditions';
-import {
-  DkgRitual,
-  getCombineDecryptionSharesFunction,
-  getVariantClass,
-} from '../dkg';
 import { PorterClient } from '../porter';
 import { fromJSON, toJSON } from '../utils';
 
@@ -38,31 +33,27 @@ export class ThresholdDecrypter {
     private readonly threshold: number
   ) {}
 
-  public static create(porterUri: string, dkgRitual: DkgRitual) {
+  public static create(porterUri: string, ritualId: number, threshold: number) {
     return new ThresholdDecrypter(
       new PorterClient(porterUri),
-      dkgRitual.id,
-      dkgRitual.dkgParams.threshold
+      ritualId,
+      threshold
     );
   }
 
   // Retrieve and decrypt ciphertext using provider and condition expression
   public async retrieveAndDecrypt(
-    provider: ethers.providers.Web3Provider,
+    web3Provider: ethers.providers.Web3Provider,
     conditionExpr: ConditionExpression,
-    variant: FerveoVariant,
     ciphertext: Ciphertext
   ): Promise<Uint8Array> {
     const decryptionShares = await this.retrieve(
-      provider,
+      web3Provider,
       conditionExpr,
-      variant,
       ciphertext
     );
 
-    const combineDecryptionSharesFn =
-      getCombineDecryptionSharesFunction(variant);
-    const sharedSecret = combineDecryptionSharesFn(decryptionShares);
+    const sharedSecret = combineDecryptionSharesSimple(decryptionShares);
     return decryptWithSharedSecret(
       ciphertext,
       conditionExpr.asAad(),
@@ -72,19 +63,17 @@ export class ThresholdDecrypter {
 
   // Retrieve decryption shares
   public async retrieve(
-    provider: ethers.providers.Web3Provider,
+    web3Provider: ethers.providers.Web3Provider,
     conditionExpr: ConditionExpression,
-    variant: FerveoVariant,
     ciphertext: Ciphertext
-  ): Promise<DecryptionSharePrecomputed[] | DecryptionShareSimple[]> {
+  ): Promise<DecryptionShareSimple[]> {
     const dkgParticipants = await DkgCoordinatorAgent.getParticipants(
-      provider,
+      web3Provider,
       this.ritualId
     );
-    const contextStr = await conditionExpr.buildContext(provider).toJson();
+    const contextStr = await conditionExpr.buildContext(web3Provider).toJson();
     const { sharedSecrets, encryptedRequests } = this.makeDecryptionRequests(
       this.ritualId,
-      variant,
       ciphertext,
       conditionExpr,
       contextStr,
@@ -106,15 +95,13 @@ export class ThresholdDecrypter {
     return this.makeDecryptionShares(
       encryptedResponses,
       sharedSecrets,
-      variant,
       this.ritualId
     );
   }
 
   private makeDecryptionShares(
     encryptedResponses: Record<string, EncryptedThresholdDecryptionResponse>,
     sessionSharedSecret: Record<string, SessionSharedSecret>,
-    variant: FerveoVariant,
     expectedRitualId: number
   ) {
     const decryptedResponses = Object.entries(encryptedResponses).map(
@@ -128,19 +115,13 @@ export class ThresholdDecrypter {
       );
     }
 
-    const decryptionShares = decryptedResponses.map(
-      ({ decryptionShare }) => decryptionShare
-    );
-
-    const DecryptionShareType = getVariantClass(variant);
-    return decryptionShares.map((share) =>
-      DecryptionShareType.fromBytes(share)
+    return decryptedResponses.map(({ decryptionShare }) =>
+      DecryptionShareSimple.fromBytes(decryptionShare)
     );
   }
 
   private makeDecryptionRequests(
     ritualId: number,
-    variant: FerveoVariant,
     ciphertext: Ciphertext,
     conditionExpr: ConditionExpression,
     contextStr: string,
@@ -151,7 +132,7 @@ export class ThresholdDecrypter {
   } {
     const decryptionRequest = new ThresholdDecryptionRequest(
       ritualId,
-      variant,
+      FerveoVariant.simple,
       ciphertext,
       conditionExpr.toWASMConditions(),
       new Context(contextStr)

diff --git a/src/conditions/condition-expr.ts b/src/conditions/condition-expr.ts
@@ -2,6 +2,7 @@ import { Conditions as WASMConditions } from '@nucypher/nucypher-core';
 import { ethers } from 'ethers';
 import { SemVer } from 'semver';
 
+import { fromBytes } from '../../test/utils';
 import { objectEquals, toBytes, toJSON } from '../utils';
 
 import {
@@ -94,6 +95,10 @@ export class ConditionExpression {
     return toBytes(this.toJson());
   }
 
+  public static fromAad(aad: Uint8Array): ConditionExpression {
+    return ConditionExpression.fromJSON(fromBytes(aad));
+  }
+
   public equals(other: ConditionExpression): boolean {
     return [
       this.version === other.version,

diff --git a/src/dkg.ts b/src/dkg.ts
@@ -167,6 +167,19 @@ export class DkgClient {
     );
   }
 
+  public static async getFinalizedRitual(
+    web3Provider: ethers.providers.Web3Provider,
+    ritualId: number
+  ): Promise<DkgRitual> {
+    const ritual = await DkgClient.getExistingRitual(web3Provider, ritualId);
+    if (ritual.state !== DkgRitualState.FINALIZED) {
+      throw new Error(
+        `Ritual ${ritualId} is not finalized. State: ${ritual.state}`
+      );
+    }
+    return ritual;
+  }
+
   // TODO: Without Validator public key in Coordinator, we cannot verify the
   //    transcript. We need to add it to the Coordinator (nucypher-contracts #77).
   // public async verifyRitual(ritualId: number): Promise<boolean> {

diff --git a/src/sdk/strategy/cbd-strategy.ts b/src/sdk/strategy/cbd-strategy.ts
@@ -77,7 +77,11 @@ export class DeployedCbdStrategy {
   ) {}
 
   public static create(dkgRitual: DkgRitual, porterUri: string) {
-    const decrypter = ThresholdDecrypter.create(porterUri, dkgRitual);
+    const decrypter = ThresholdDecrypter.create(
+      porterUri,
+      dkgRitual.id,
+      dkgRitual.dkgParams.threshold
+    );
     return new DeployedCbdStrategy(decrypter, dkgRitual.dkgPublicKey);
   }
 

diff --git a/src/taco.ts b/src/taco.ts
@@ -0,0 +1,61 @@
+import { Ciphertext, ferveoEncrypt } from '@nucypher/nucypher-core';
+import { ethers } from 'ethers';
+
+import { ThresholdDecrypter } from './characters/cbd-recipient';
+import { ConditionExpression } from './conditions';
+import { DkgClient } from './dkg';
+import { toBytes } from './utils';
+
+export interface TacoMessageKit {
+  ciphertext: Ciphertext;
+  aad: Uint8Array;
+  ritualId: number;
+  threshold: number;
+}
+
+export const encrypt = async (
+  web3Provider: ethers.providers.Web3Provider,
+  message: string,
+  conditions: ConditionExpression,
+  ritualId: number
+): Promise<TacoMessageKit> => {
+  const dkgRitual = await DkgClient.getFinalizedRitual(web3Provider, ritualId);
+  const aad = conditions.asAad();
+  const ciphertext = ferveoEncrypt(
+    toBytes(message),
+    aad,
+    dkgRitual.dkgPublicKey
+  );
+  return {
+    ciphertext,
+    aad,
+    ritualId,
+    threshold: dkgRitual.dkgParams.threshold,
+  };
+};
+
+export const decrypt = async (
+  web3Provider: ethers.providers.Web3Provider,
+  messageKit: TacoMessageKit,
+  porterUri: string
+): Promise<Uint8Array> => {
+  const decrypter = ThresholdDecrypter.create(
+    porterUri,
+    messageKit.ritualId,
+    messageKit.threshold
+  );
+  const condExpr = ConditionExpression.fromAad(messageKit.aad);
+  // TODO: Need web3Provider to fetch participants from Coordinator to make decryption requests.
+  //  Should we put them into the message kit instead?
+  //  Consider case where participants are changing over time. Is that an issue we should consider now?
+  return decrypter.retrieveAndDecrypt(
+    web3Provider,
+    condExpr,
+    messageKit.ciphertext
+  );
+};
+
+export const taco = {
+  encrypt,
+  decrypt,
+};
diff --git a/test/unit/cbd-strategy.test.ts b/test/unit/cbd-strategy.test.ts
@@ -50,13 +50,13 @@ const makeCbdStrategy = async () => {
 
 async function makeDeployedCbdStrategy() {
   const strategy = await makeCbdStrategy();
-
   const mockedDkg = fakeDkgFlow(variant, 0, 4, 4);
   const mockedDkgRitual = fakeDkgRitual(mockedDkg);
   const web3Provider = fakeWeb3Provider(aliceSecretKey.toBEBytes());
   const getUrsulasSpy = mockGetUrsulas(ursulas);
   const initializeRitualSpy = mockInitializeRitual(ritualId);
   const getExistingRitualSpy = mockGetExistingRitual(mockedDkgRitual);
+
   const deployedStrategy = await strategy.deploy(web3Provider);
 
   expect(getUrsulasSpy).toHaveBeenCalled();
@@ -112,7 +112,6 @@ describe('CbdDeployedStrategy', () => {
     // Setup mocks for `retrieveAndDecrypt`
     const { decryptionShares } = fakeTDecFlow({
       ...mockedDkg,
-      variant,
       message: toBytes(message),
       aad,
       ciphertext,
@@ -136,7 +135,6 @@ describe('CbdDeployedStrategy', () => {
       await deployedStrategy.decrypter.retrieveAndDecrypt(
         aliceProvider,
         conditionExpr,
-        variant,
         ciphertext
       );
     expect(getUrsulasSpy).toHaveBeenCalled();

diff --git a/test/unit/conditions/condition-expr.test.ts b/test/unit/conditions/condition-expr.test.ts
@@ -77,7 +77,7 @@ describe('condition set', () => {
       ).toBeTruthy();
     });
 
-    it('different minor/patch version but same condition', async () => {
+    it('different minor/patch version but same condition', () => {
       const conditionExprOlderMinorVersion = new ConditionExpression(
         rpcCondition,
         '0.1.0'
@@ -97,7 +97,7 @@ describe('condition set', () => {
       ).not.toBeTruthy();
     });
 
-    it('minor/patch number greater than major; still older', async () => {
+    it('minor/patch number greater than major; still older', () => {
       const conditionExprOlderMinorVersion = new ConditionExpression(
         rpcCondition,
         '0.9.0'
@@ -140,7 +140,7 @@ describe('condition set', () => {
       contractConditionWithAbi,
       timeCondition,
       compoundCondition,
-    ])('same version but different condition', async (condition) => {
+    ])('same version but different condition', (condition) => {
       const conditionExprSameVersionDifferentCondition =
         new ConditionExpression(condition);
       expect(
@@ -150,7 +150,7 @@ describe('condition set', () => {
       ).not.toBeTruthy();
     });
 
-    it('same contract condition although using erc721 helper', async () => {
+    it('same contract condition although using erc721 helper', () => {
       const erc721ConditionExpr = new ConditionExpression(
         erc721BalanceCondition
       );
@@ -171,7 +171,7 @@ describe('condition set', () => {
       rpcCondition,
       timeCondition,
       compoundCondition,
-    ])('serializes to and from json', async (condition) => {
+    ])('serializes to and from json', (condition) => {
       const conditionExpr = new ConditionExpression(condition);
       const conditionExprJson = conditionExpr.toJson();
       expect(conditionExprJson).toBeDefined();
@@ -186,7 +186,16 @@ describe('condition set', () => {
       expect(conditionExprFromJson.equals(conditionExprFromJson)).toBeTruthy();
     });
 
-    it('incompatible version', async () => {
+    it('serializes to and from aad', () => {
+      const conditionExpr = new ConditionExpression(rpcCondition);
+      const conditionExprAad = conditionExpr.asAad();
+      const conditionExprFromAad =
+        ConditionExpression.fromAad(conditionExprAad);
+      expect(conditionExprFromAad).toBeDefined();
+      expect(conditionExprFromAad.equals(conditionExpr)).toBeTruthy();
+    });
+
+    it('incompatible version', () => {
       const currentVersion = new SemVer(ConditionExpression.VERSION);
       const invalidVersion = currentVersion.inc('major');
       expect(() => {
@@ -249,13 +258,13 @@ describe('condition set', () => {
           method: 'isPolicyActive',
         },
       },
-    ])("can't determine condition type", async (invalidCondition) => {
+    ])("can't determine condition type", (invalidCondition) => {
       expect(() => {
         ConditionExpression.fromObj(invalidCondition);
       }).toThrow('unrecognized condition data');
     });
 
-    it('erc721 condition serialization', async () => {
+    it('erc721 condition serialization', () => {
       const conditionExpr = new ConditionExpression(erc721BalanceCondition);
 
       const erc721BalanceConditionObj = erc721BalanceCondition.toObj();
@@ -283,7 +292,7 @@ describe('condition set', () => {
       expect(conditionExprFromJson.condition).toBeInstanceOf(ContractCondition);
     });
 
-    it('contract condition no abi serialization', async () => {
+    it('contract condition no abi serialization', () => {
       const conditionExpr = new ConditionExpression(contractConditionNoAbi);
 
       const conditionExprJson = conditionExpr.toJson();
@@ -315,7 +324,7 @@ describe('condition set', () => {
       expect(conditionExprFromJson.condition).toBeInstanceOf(ContractCondition);
     });
 
-    it('contract condition with abi serialization', async () => {
+    it('contract condition with abi serialization', () => {
       const conditionExpr = new ConditionExpression(contractConditionWithAbi);
 
       const conditionExprJson = conditionExpr.toJson();
@@ -348,7 +357,7 @@ describe('condition set', () => {
       expect(conditionExprFromJson.condition).toBeInstanceOf(ContractCondition);
     });
 
-    it('time condition serialization', async () => {
+    it('time condition serialization', () => {
       const conditionExpr = new ConditionExpression(timeCondition);
 
       const conditionExprJson = conditionExpr.toJson();
@@ -371,7 +380,7 @@ describe('condition set', () => {
       expect(conditionExprFromJson.condition).toBeInstanceOf(TimeCondition);
     });
 
-    it('rpc condition serialization', async () => {
+    it('rpc condition serialization', () => {
       const conditionExpr = new ConditionExpression(rpcCondition);
 
       const conditionExprJson = conditionExpr.toJson();