| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is distinct from the wire protocol version used in the websocket
framing of messages. Versioning the high level protocol will let later
features be added.
The user controls the protocol version, since they send the first
several messages. Developers that connect need to avoid using features
from newer protocol versions.
So, developers and servers will need to support the most recent version,
while the user can have an old version of debug-me and it will continue
to work.
This commit changes the protocol buffer encoding, and is the last such
free change. All changes past this point will need to be versioned.
This commit was sponsored by Jochen Bartl on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes debug-me not rely on the gpg keyservers at all.
Before, it was only working when the user had the developer's public key
already. I thought that --verify would download from --keyserver, but
seems not.
This is a protocol breaking change! Luckily done before any release, so
ok. ProtocolBuffers renumbered.
This commit was sponsored by Denis Dzyubenko on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Client requires this always point to the previous Entered it accepted,
so a hash chain of Entered is built up, and there is no possibility for
ambiguity about which order a client received two Entered activies in.
So restoreHashes now has to try every possible combination of
known hashes for both prevEntered and prevActivity. That could be
significantly more work, but it would be unusual for there to be a lot
of known hashes, so it should be ok.
--graphviz shows this additional hash chain with grey edges
(and leaves out edges identical to the other hash chain)
While testing this with an artifical network lag, it turned out that
signature verification was failing for Reject messages sent by the
user. Didn't quite figure out what was at the bottom of that,
but the Activity Entered that was sent back in a Reject message was
clearly not useful, because it probably had both its prevEntered and
prevActivity hashes set to Nothing (because restoreHashes didn't restore
them, because the original Activity Entered was out of the expected
chain). So, switched Rejected to use a Hash.
(And renamed Rejected to EnteredRejected to make it more clear what
it's rejecting.)
Also, added a lastAccepted hash to EnteredRejected. This lets
the developer find its way back to the accepted chain when some
of its input gets rejected.
This commit was sponsored by Trenton Cronholm on Patreon.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I think there was a race where a SessionKey message had been drained
from the TChan, but not yet added to the developer state, which was
resonsible for recent instability at startup.
It manifested as protocol errors where the prevActivity hash was wrongly
Nothing.
Fixed by adding a MissingHashes type to tag things whose hashes have
been stripped, and adding back the hashes when needed, which always
happens inside atomically blocks, so won't have such a race.
|
|
|
|
| |
Works!
|
|
|
|
| |
This way changes to JSON won't risk breaking that.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Do include it in the data that gets signed, so it can be recovered
by trying each likely (recently seen) Activity as the prevMessage, and
checking the signature.
The UserState and DeveloperState already had the necessary state about
recently seen hashes, so this does not impact data use.
One tricky bit is that relayFromSocket needs to wait for the TMChan
to be empty before calling restorePrevActivityHash. Otherwise, the
hashes of items in the channel that have not been processed yet won't be
tried. The TMChan is not really being used as a channel since only 1
item can be in it. It could be converted to a TMVar, but closeTMChan is
used so I left it as a channel.
Note that the server does not restore hashes of messages that pass
through it; it's just a dumb relay.
Sending a single key press now only needs 94 bytes of data to be sent,
down from 169!
---
Also switched to SHA512, since hashes are no longer being sent over
the wire and so the larger size does not matter. SHA512 is slightly
faster and more secure.
This commit was sponsored by Ewen McNeill.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This way it's not tied to details of the haskell binary library,
and implementations in other languages should be fairly simple to do.
The haskell protobuf library was used because it does not need extra
tooling or build steps. So I didn't write a .proto file, but one could
fairly easily be written by following ProtocolBuffers.hs and translating
it.
ProtocolBuffers.hs is *extremely* repetative and tedious code. Surely
there must be a way to not need to write all of that? Oh well, I wrote
it..
Sizes of serialized messages:
">>> debug-me session started": 121
sending a single key press: 169
This seems equally as efficient as the binary serialization was;
that was 165 bytes before elapsedTime was added.
This commit was sponsored by Ethan Aubin.
|
|
|
|
| |
Make it a monoid and use mempty = 0
|
|
|
|
| |
Not related to the Log anymore.
|
|
|
|
|
|
| |
And part of what we need to have users verify them.
This commit was sponsored by andrea rota.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Time is relative, so the debug-me proof chain doesn't prove when things
happened, but it's still useful to have some idea of how long things
took to happen. This makes --replay work with logs gotten by --download.
Log still includes loggedTimestamp. This is a bit redundant, and is
unused now, but it's useful for log files to record when messages were
received.
This commit was sponsored by Riku Voipio.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Incomplete, but the client is able to connect and send messages which
get logged.
Split up debug-me.hs into Role/*
Switched from cereal to binary, since websockets operate on lazy
ByteStrings, and using cereal would involve a copy on every receive.
This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
|
|
|
|
|
|
|
|
|
|
|
| |
I tried both binary and cereal. For a ActivityMessage that takes 341
bytes in JSON and has a dataSize of 129, both used 165 bytes. Went with
cereal since lazy bytestrings are not needed, and I might want to use
https://hackage.haskell.org/package/safecopy later.
(Perhaps I should be using protocol buffers or something to make it
easier for non-haskell implementations? But that would complicate things
a lot.)
|
|
|
|
| |
This commit was sponsored by Ethan Aubin.
|
|
|
|
|
|
|
|
|
| |
Make Control messages be out-of-band async messages, without a pointer
to a previous message.
And then followed the type change through the code for hours..
This commit was sponsored by Nick Daly on Patreon.
|
|
|
|
|
| |
Will use Ed25519 because it's from DJB and well regarded and in common
use now.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent DOS of user side by limiting the size of the BackLog that
is maintained. This should not cause problems in even high latency
environments, and should prevent memory use > 16 mb.
The developer side does not keep much data, other than a list of the
Hashes of things it has recently sent, so is not susceptable to memory
DOS.
This commit was sponsored by Brock Spratlen on Patreon.
|
| |
|
| |
|
|
|
|
| |
Including adding a timestamp to logs
|
|
|
|
|
|
|
|
| |
So when the developer makes 2 keypresses close together, they send the
second Activity Entered with the first Activity Entered as its HashPointer.
This allows the developer to prove the order they did things.
This commit was sponsored by Peter Hogg on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Need a way for the user to indicate when an Activity Entered is Rejected.
Changed hashing to include type tags, so Acticity Entered and Activity
Seen can never hash to the same hash.
Got debug-me.hs to compile after these changes, but currently it's buggy
after Activity Entered is Rejected.
Started protocol.txt documentation.
This commit was sponsored by Francois Marier on Patreon.
|
|
|
|
| |
This commit was sponsored by Shane-o on Patreon.
|
|
|
|
|
|
| |
useful for debugging, etc
This commit was sponsored by Alexander Thompson on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of the time, ByteStrings will be able to be encoded as utf8, so avoid
base64 when not needed.
Adjusted some of the types in order to generate more usual JSON. In particular,
removed StartActivity.
The JSON now looks like this (with the signature still not populated):
{"signature":{"v":""},"prevActivity":{"hashValue":{"v":"3b1abe614dd43bdb2d9a56777884e2d0f3bac9796e2d25c1ad52bb689c117286"},"hashMethod":"SHA256"},"activity":{"echoData":{"v":""},"enteredData":{"v":"l"}}}
203 bytes to send a single keystroke is not great when there's really
only 1+64(hash) bytes of unique data. So, may end up adding a wire
encoding on top of this. But, JSON is good to have for storage of the
proofs, etc.
Also, it does compress well. Two such JSON objects gzip -9 to 219
bytes, and three to 265 bytes. So, 37 bytes per keystroke. This is
*exactly* as efficient as gzip -9 of $c$hash formatted data.
This commit was sponsored by Jack Hill on Patreon.
|
|
|
|
|
|
|
| |
Fairly straightforward, but did have to decide how to encode all the
ByteStrings, since they are not necessarily utf-8. Used base64.
This commit was sponsored by Henrik Riomar on Patreon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Still all in a single process with no serialization, but now there are
separate threads for the user and developer sides, and they communicate
Activity back and forth.
Signatures are not checked yet, but both user and developer check that
the other side is sending Activity that forms a valid hash chain with
previous Activity.
The echo simulation is included, but may be buggy. This seems to work
well enough with 0 latency at least.
This commit was sponsored by Thom May on Patreon.
|
|
This commit was sponsored by Denis Dzyubenko on Patreon.
|