huskies: merge 794

crates/bft-json-crdt/src/json_crdt/signed_op.rs

@@ -0,0 +1,147 @@
+//! [`SignedOp`], [`OpState`], and the causal queue capacity constant.
+
+use fastcrypto::traits::VerifyingKey;
+use fastcrypto::{
+    ed25519::{Ed25519KeyPair, Ed25519PublicKey, Ed25519Signature},
+    traits::{KeyPair, ToFromBytes},
+};
+use serde::{Deserialize, Serialize};
+use serde_with::{serde_as, Bytes};
+
+use crate::keypair::{sha256, sign, AuthorId, SignedDigest};
+use crate::op::{print_hex, print_path, Op, OpId};
+
+use super::{CrdtNode, JsonValue};
+
+/// Enum representing possible outcomes of applying an operation to a CRDT
+#[derive(Debug, PartialEq)]
+pub enum OpState {
+    /// Operation applied successfully
+    Ok,
+    /// Tried to apply an operation to a non-CRDT primitive (i.e. f64, bool, etc.)
+    /// If you would like a mutable primitive, wrap it in a [`LWWRegisterCRDT`]
+    ErrApplyOnPrimitive,
+    /// Tried to apply an operation to a static struct CRDT
+    /// If you would like a mutable object, use a [`Value`]
+    ErrApplyOnStruct,
+    /// Tried to apply an operation that contains content of the wrong type.
+    /// In other words, the content cannot be coerced to the CRDT at the path specified.
+    ErrMismatchedType,
+    /// The signed digest of the message did not match the claimed author of the message.
+    /// This can happen if the message was tampered with during delivery
+    ErrDigestMismatch,
+    /// The hash of the message did not match the contents of the message.
+    /// This can happen if the author tried to perform an equivocation attack by creating an
+    /// operation and modifying it has already been created
+    ErrHashMismatch,
+    /// Tried to apply an operation to a non-existent path. The author may have forgotten to attach
+    /// a causal dependency
+    ErrPathMismatch,
+    /// Trying to modify/delete the sentinel (zero-th) node element that is used for book-keeping
+    ErrListApplyToEmpty,
+    /// We have not received all of the causal dependencies of this operation. It has been queued
+    /// up and will be executed when its causal dependencies have been delivered
+    MissingCausalDependencies,
+    /// This op has already been applied (identified by its `signed_digest`).
+    /// The CRDT state is unchanged — this is a no-op (idempotent self-loop guard).
+    AlreadySeen,
+}
+
+/// Maximum total number of ops that may sit in the causal-order hold queue at any
+/// one time, summed across all pending dependency buckets.
+///
+/// **Overflow policy: drop oldest.**
+/// When the limit is reached, the oldest pending op in the largest dependency bucket
+/// is silently evicted before the new op is queued.  Rationale: a misbehaving or
+/// heavily-partitioned peer can send ops whose causal ancestors never arrive, causing
+/// unbounded memory growth.  Dropping the oldest entry preserves the most recent
+/// information and caps memory use.  The peer can reconnect and receive a fresh bulk
+/// state dump to recover any dropped ops.
+pub const CAUSAL_QUEUE_MAX: usize = 256;
+
+/// An [`Op<Value>`] with a few bits of extra metadata
+#[serde_as]
+#[derive(Clone, Serialize, Deserialize, Debug, PartialEq)]
+pub struct SignedOp {
+    // Note that this can be different from the author of the inner op as the inner op could have been created
+    // by a different person
+    author: AuthorId,
+    /// Signed hash using priv key of author. Effectively [`OpID`] Use this as the ID to figure out what has been delivered already
+    #[serde_as(as = "Bytes")]
+    pub signed_digest: SignedDigest,
+    pub inner: Op<JsonValue>,
+    /// List of causal dependencies
+    #[serde_as(as = "Vec<Bytes>")]
+    pub depends_on: Vec<SignedDigest>,
+}
+
+impl SignedOp {
+    pub fn id(&self) -> OpId {
+        self.inner.id
+    }
+
+    pub fn author(&self) -> AuthorId {
+        self.author
+    }
+
+    /// Creates a digest of the following fields. Any changes in the fields will change the signed digest
+    ///  - id (hash of the following)
+    ///    - origin
+    ///    - author
+    ///    - seq
+    ///    - is_deleted
+    ///  - path
+    ///  - dependencies
+    fn digest(&self) -> [u8; 32] {
+        let path_string = print_path(self.inner.path.clone());
+        let dependency_string = self
+            .depends_on
+            .iter()
+            .map(print_hex)
+            .collect::<Vec<_>>()
+            .join("");
+        let fmt_str = format!("{:?},{path_string},{dependency_string}", self.id());
+        sha256(fmt_str)
+    }
+
+    /// Sign this digest with the given keypair. Shouldn't need to be called manually,
+    /// just use [`SignedOp::from_op`] instead
+    fn sign_digest(&mut self, keypair: &Ed25519KeyPair) {
+        self.signed_digest = sign(keypair, &self.digest()).sig.to_bytes()
+    }
+
+    /// Ensure digest was actually signed by the author it claims to be signed by
+    pub fn is_valid_digest(&self) -> bool {
+        let digest = Ed25519Signature::from_bytes(&self.signed_digest);
+        let pubkey = Ed25519PublicKey::from_bytes(&self.author());
+        match (digest, pubkey) {
+            (Ok(digest), Ok(pubkey)) => pubkey.verify(&self.digest(), &digest).is_ok(),
+            (_, _) => false,
+        }
+    }
+
+    /// Sign a normal op and add all the needed metadata
+    pub fn from_op<T: CrdtNode>(
+        value: Op<T>,
+        keypair: &Ed25519KeyPair,
+        depends_on: Vec<SignedDigest>,
+    ) -> Self {
+        let author = keypair.public().0.to_bytes();
+        let mut new = Self {
+            inner: Op {
+                content: value.content.map(|c| c.view()),
+                origin: value.origin,
+                author: value.author,
+                seq: value.seq,
+                path: value.path,
+                is_deleted: value.is_deleted,
+                id: value.id,
+            },
+            author,
+            signed_digest: [0u8; 64],
+            depends_on,
+        };
+        new.sign_digest(keypair);
+        new
+    }
+}