| Commit message (Collapse) | Author | Age |
|
|
|
| |
Avoids breaking backwards compat and should avoid future foot-shooting.
|
| |
|
|
|
|
|
|
| |
He pointed out that Just () and Nothing would hash the same.
Luckily Maybe Hash is the only Maybe type that needs to be hashed,
so specialize the instance.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is distinct from the wire protocol version used in the websocket
framing of messages. Versioning the high level protocol will let later
features be added.
The user controls the protocol version, since they send the first
several messages. Developers that connect need to avoid using features
from newer protocol versions.
So, developers and servers will need to support the most recent version,
while the user can have an old version of debug-me and it will continue
to work.
This commit changes the protocol buffer encoding, and is the last such
free change. All changes past this point will need to be versioned.
This commit was sponsored by Jochen Bartl on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes debug-me not rely on the gpg keyservers at all.
Before, it was only working when the user had the developer's public key
already. I thought that --verify would download from --keyserver, but
seems not.
This is a protocol breaking change! Luckily done before any release, so
ok. ProtocolBuffers renumbered.
This commit was sponsored by Denis Dzyubenko on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Client requires this always point to the previous Entered it accepted,
so a hash chain of Entered is built up, and there is no possibility for
ambiguity about which order a client received two Entered activies in.
So restoreHashes now has to try every possible combination of
known hashes for both prevEntered and prevActivity. That could be
significantly more work, but it would be unusual for there to be a lot
of known hashes, so it should be ok.
--graphviz shows this additional hash chain with grey edges
(and leaves out edges identical to the other hash chain)
While testing this with an artifical network lag, it turned out that
signature verification was failing for Reject messages sent by the
user. Didn't quite figure out what was at the bottom of that,
but the Activity Entered that was sent back in a Reject message was
clearly not useful, because it probably had both its prevEntered and
prevActivity hashes set to Nothing (because restoreHashes didn't restore
them, because the original Activity Entered was out of the expected
chain). So, switched Rejected to use a Hash.
(And renamed Rejected to EnteredRejected to make it more clear what
it's rejecting.)
Also, added a lastAccepted hash to EnteredRejected. This lets
the developer find its way back to the accepted chain when some
of its input gets rejected.
This commit was sponsored by Trenton Cronholm on Patreon.
|
| |
|
|
|
|
| |
Works!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Do include it in the data that gets signed, so it can be recovered
by trying each likely (recently seen) Activity as the prevMessage, and
checking the signature.
The UserState and DeveloperState already had the necessary state about
recently seen hashes, so this does not impact data use.
One tricky bit is that relayFromSocket needs to wait for the TMChan
to be empty before calling restorePrevActivityHash. Otherwise, the
hashes of items in the channel that have not been processed yet won't be
tried. The TMChan is not really being used as a channel since only 1
item can be in it. It could be converted to a TMVar, but closeTMChan is
used so I left it as a channel.
Note that the server does not restore hashes of messages that pass
through it; it's just a dumb relay.
Sending a single key press now only needs 94 bytes of data to be sent,
down from 169!
---
Also switched to SHA512, since hashes are no longer being sent over
the wire and so the larger size does not matter. SHA512 is slightly
faster and more secure.
This commit was sponsored by Ewen McNeill.
|
|
|
|
|
|
| |
And part of what we need to have users verify them.
This commit was sponsored by andrea rota.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Time is relative, so the debug-me proof chain doesn't prove when things
happened, but it's still useful to have some idea of how long things
took to happen. This makes --replay work with logs gotten by --download.
Log still includes loggedTimestamp. This is a bit redundant, and is
unused now, but it's useful for log files to record when messages were
received.
This commit was sponsored by Riku Voipio.
|
|
|
|
| |
This commit was sponsored by Ethan Aubin.
|
|
|
|
|
|
|
|
|
| |
Make Control messages be out-of-band async messages, without a pointer
to a previous message.
And then followed the type change through the code for hours..
This commit was sponsored by Nick Daly on Patreon.
|
|
|
|
|
| |
Will use Ed25519 because it's from DJB and well regarded and in common
use now.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Need a way for the user to indicate when an Activity Entered is Rejected.
Changed hashing to include type tags, so Acticity Entered and Activity
Seen can never hash to the same hash.
Got debug-me.hs to compile after these changes, but currently it's buggy
after Activity Entered is Rejected.
Started protocol.txt documentation.
This commit was sponsored by Francois Marier on Patreon.
|
|
|
|
| |
This commit was sponsored by Shane-o on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of the time, ByteStrings will be able to be encoded as utf8, so avoid
base64 when not needed.
Adjusted some of the types in order to generate more usual JSON. In particular,
removed StartActivity.
The JSON now looks like this (with the signature still not populated):
{"signature":{"v":""},"prevActivity":{"hashValue":{"v":"3b1abe614dd43bdb2d9a56777884e2d0f3bac9796e2d25c1ad52bb689c117286"},"hashMethod":"SHA256"},"activity":{"echoData":{"v":""},"enteredData":{"v":"l"}}}
203 bytes to send a single keystroke is not great when there's really
only 1+64(hash) bytes of unique data. So, may end up adding a wire
encoding on top of this. But, JSON is good to have for storage of the
proofs, etc.
Also, it does compress well. Two such JSON objects gzip -9 to 219
bytes, and three to 265 bytes. So, 37 bytes per keystroke. This is
*exactly* as efficient as gzip -9 of $c$hash formatted data.
This commit was sponsored by Jack Hill on Patreon.
|
|
|
|
|
|
|
| |
Fairly straightforward, but did have to decide how to encode all the
ByteStrings, since they are not necessarily utf-8. Used base64.
This commit was sponsored by Henrik Riomar on Patreon.
|
|
This commit was sponsored by Denis Dzyubenko on Patreon.
|