cwtch.im
/
cwtch
16
20
Fork 15
Code Issues 10 Pull Requests 2 Releases 163 Wiki Activity

WIP: Hybrid Groups Initial Sketch #545

Draft
sarah wants to merge 1 commits from hybridgroups into master
pull from: hybridgroups
merge into: cwtch.im:master
Conversation 0 Commits 1 Files Changed 16 +971 -48
sarah commented 2024-01-26 21:42:22 +00:00
Owner
Copy Link

Ok, this is part 1.

This implements the most basic version of hybrid groups where a group manager can proxy messages between peers with some very basic filtering.

What is done:

  • Fix a bug in Event Manager that was resulting in duplicate queues / events
  • Get/Set Conversation Number Vars (used a lot in hybrid groups, cuts down on code)
  • Initial Cut of functionality.Hybrid for both Clients and the Manager
  • New Cwtch level APIs for Internal Conversation Management (NewConversation, InternalInsertMessage and SignMessage - these are needed because Extensions now need to manage inserting messages on behalf of a conversation.
  • Hybrid Groups integration test that simple sets up a group and has alice post a message and check that 1) bob receives the message and 2) alice acks the message
  • Channel routing based on Overlay Number (see code comments)
  • Moving some Test Utils around to make writing integration tests cleaner. There will probably be more of these.

Things that are definitely missing:

  • Group Level Encryption / Key Management
  • ACL / Membership Checking
  • Offline Delivery
  • Queue for Offline Delivery (essential for above)
  • Group Metadata Management (add/edit/rotate key etc.)
  • Any checking that clients are following the protocol defined by the formal model

However, even without all these things, I think now is the right time to review this PR and get a feel for this code. All those other things are nuanced and will require detailed review and I don't want them lost while reviewing all the stuff in this PR - which is mostly a structural sketch.

Ok, this is part 1. This implements the most basic version of hybrid groups where a group manager can proxy messages between peers with some very basic filtering. What is done: - [X] Fix a bug in Event Manager that was resulting in duplicate queues / events - [X] Get/Set Conversation Number Vars (used a lot in hybrid groups, cuts down on code) - [X] Initial Cut of functionality.Hybrid for both Clients and the Manager - [X] New Cwtch level APIs for Internal Conversation Management (`NewConversation`, `InternalInsertMessage` and `SignMessage` - these are needed because Extensions now need to manage inserting messages on behalf of a conversation. - [X] Hybrid Groups integration test that simple sets up a group and has alice post a message and check that 1) bob receives the message and 2) alice acks the message - [X] Channel routing based on Overlay Number (see code comments) - [X] Moving some Test Utils around to make writing integration tests cleaner. There will probably be more of these. Things that are definitely missing: - [ ] Group Level Encryption / Key Management - [ ] ACL / Membership Checking - [ ] Offline Delivery - [ ] Queue for Offline Delivery (essential for above) - [ ] Group Metadata Management (add/edit/rotate key etc.) - [ ] Any checking that clients are following the protocol defined by the formal model However, even without all these things, I think now is the right time to review this PR and get a feel for this code. All those other things are nuanced and will require detailed review and I don't want them lost while reviewing all the stuff in this PR - which is mostly a structural sketch.
sarah added 1 commit 2024-01-26 21:42:23 +00:00
continuous-integration/drone/pr Build is pending Details
25e86426b2 WIP: Hybrid Groups Initial Sketch
dan was assigned by sarah 2024-01-26 21:57:06 +00:00
dan reviewed 2024-02-05 08:27:44 +00:00
dan left a comment
Owner
Copy Link

Ok I got through the first few files only, then the cat let me know it was bed time. Will pick up and continue soon!

Ok I got through the first few files only, then the cat let me know it was bed time. Will pick up and continue soon!
app/app.go
@ -405,3 +408,3 @@
log.Debugf("restartFlow: Creating a New Protocol Engine...")
app.engines[profile.GetOnion()] = engine
eventBus.Publish(event.NewEventList(event.ProtocolEngineCreated))
eventBus.Publish(event.NewEventList(event.ProtocolEngineCreated, event.Handle, profile.GetOnion()))
dan commented 2024-02-05 08:09:59 +00:00
Owner
Copy Link

Can you add/update the comment above event.ProtocolEngineCreated in common.go. We don't type arguments to events but I've been trying to at least leave comments there about how to use them

Can you add/update the comment above event.ProtocolEngineCreated in common.go. We don't type arguments to events but I've been trying to at least leave comments there about how to use them
app/app.go
@ -515,6 +518,7 @@ func (app *application) eventHandler() {
log.Infof("peer appearing offline, not launching listen threads or connecting jobs")
app.ConfigureConnections(onion, false, false, false)
} else {
log.Infof("configuring online connections for peer")
dan commented 2024-02-05 08:11:38 +00:00
Owner
Copy Link

add onion address else this line becomes noise when multiple peers activating (or remove log)

add onion address else this line becomes noise when multiple peers activating (or remove log)
event/infinitequeue.go
@ -54,6 +54,7 @@ func (q *infiniteQueue) resize() {
// Add puts an element on the end of the queue.
func (q *infiniteQueue) Add(elem Event) {
dan commented 2024-02-05 08:12:38 +00:00
Owner
Copy Link

delete

delete
functionality/hybrid/common.go
@ -0,0 +56,4 @@
// This file contains code for the Hybrid Group / Managed Group types..
type HybridGroupMessage struct {
Author string // the authors cwtch address
MemberGroupID uint32
dan commented 2024-02-05 08:15:42 +00:00
Owner
Copy Link

why not GroupID and MessageID?

ah is it not the ID of hte group but some member ID in the group? i see

and the MemeberMessageID?

why not GroupID and MessageID? --- ah is it not the ID of hte group but some member ID in the group? i see and the MemeberMessageID?
functionality/hybrid/common.go
@ -0,0 +67,4 @@
func AuthenticateMessage(message HybridGroupMessage) bool {
messageCopy := message
messageCopy.Signature = []byte{}
// Otherwise we derive the public key from the sender and check it against that.
dan commented 2024-02-05 08:17:02 +00:00
Owner
Copy Link

otherwise?

otherwise?
functionality/hybrid/common.go
@ -0,0 +72,4 @@
if err == nil {
data, err := json.Marshal(messageCopy)
if err == nil && len(decodedPub) >= 32 {
return ed25519.Verify(decodedPub[:32], data, message.Signature)
dan commented 2024-02-05 08:25:15 +00:00
Owner
Copy Link

only the first 32 bytes of an decoded onion address are the public key? can we make a like onion utils file and functions somewhere so it's a little easier to read / write with out having to remember / google the structure of an onion address?

only the first 32 bytes of an decoded onion address are the public key? can we make a like onion utils file and functions somewhere so it's a little easier to read / write with out having to remember / google the structure of an onion address?
dan reviewed 2024-02-09 17:57:47 +00:00
dan left a comment
Owner
Copy Link

we have messages from an "admin" with ManageGroup true in the ACL but how does this get setup or changed? every new member is added with DefaultACL, we're missing messages about adjusting the ACL of members so we could create new admins, demote old ones, etc?

... reads top comment showing things still undo... ahh..

we have messages from an "admin" with ManageGroup true in the ACL but how does this get setup or changed? every new member is added with DefaultACL, we're missing messages about adjusting the ACL of members so we could create new admins, demote old ones, etc? ... reads top comment showing things still undo... ahh..
dan reviewed 2024-02-09 18:40:20 +00:00
functionality/hybrid/managed.go
@ -0,0 +121,4 @@
// handleRotateKeyEvent rotates the encryption key for a given group
// assumes we are called after an event provided by an authorized peer (i.e. ManageGroup == true)
func (f *ManagedGroupFunctionality) handleRotateKeyEvent(profile peer.CwtchPeer, conversation model.Conversation, rke RotateKeyEvent) {
dan commented 2024-02-09 18:01:09 +00:00
Owner
Copy Link

Do we need to store the old keys so we can reconstruct message history? or is it that if we have the invite, we'll have the first key, and subequently can read the rotate messages in order, etc, and reconstruct, but only if we have full history?

Do we need to store the old keys so we can reconstruct message history? or is it that if we have the invite, we'll have the first key, and subequently can read the rotate messages in order, etc, and reconstruct, but only if we have full history?
functionality/hybrid/managed.go
@ -0,0 +127,4 @@
profile.SetConversationAttribute(conversation.ID, keyScope, keyB64)
}
func (f *ManagedGroupFunctionality) handleNewMessageEvent(profile peer.CwtchPeer, conversation model.Conversation, nme NewMessageEvent) {
dan commented 2024-02-09 18:02:42 +00:00
Owner
Copy Link

so a group manager can also send messages? relay them? what's the imagined use case here? group manager replacing servers?

so a group manager can also send messages? relay them? what's the imagined use case here? group manager replacing servers?
functionality/hybrid/managed.go
@ -0,0 +141,4 @@
log.Errorf("unable to decrypt hybrid group message: %v", err)
return
}
//
dan commented 2024-02-09 18:03:01 +00:00
Owner
Copy Link

ah we dont do anything with it yet?

ah we dont do anything with it yet?
functionality/hybrid/managed.go
@ -0,0 +145,4 @@
}
}
func (f *ManagedGroupFunctionality) handleNewClearMessageEvent(profile peer.CwtchPeer, conversation model.Conversation, nme NewClearMessageEvent) {
dan commented 2024-02-09 18:04:17 +00:00
Owner
Copy Link

what is the difference between receiving a message and a clear message from a group manager?

what is the difference between receiving a message and a clear message from a group manager?
functionality/hybrid/manager.go
@ -0,0 +129,4 @@
if err != nil {
return err
}
// enable channel 2 on this conversation (hybrid groups management channel)
dan commented 2024-02-09 18:09:28 +00:00
Owner
Copy Link

what are channels?

what are channels?
model/conversation.go
@ -88,0 +96,4 @@
return true
}
if requestedChannel == 1 {
return false // channel 1 is mapped to channel 0 for backwards compatibility
dan commented 2024-02-09 18:11:17 +00:00
Owner
Copy Link

? this hasn't launched? backwards compatibility with what? and why return false if it's "mapped to 0"? we have 0 so isnt this kinda true?

? this hasn't launched? backwards compatibility with what? and why return false if it's "mapped to 0"? we have 0 so isnt this kinda true?
model/overlay.go
@ -19,1 +26,4 @@
const OverlayFileSharing = 200
// ManageGroupEvent is the canonical identifier for the manage group overlay
const OverlayManageGroupEvent = 0x302
dan commented 2024-02-09 18:17:20 +00:00
Owner
Copy Link

shouldn't there also be a 0x300 for the admin channel 0 then?

I'm not sure I get why we're overloading channel into overlay here and not just another byte sized field in managed group messages? don't this mean adding binary logic somewhere to check an overlay contains 0x300 then?

shouldn't there also be a 0x300 for the admin channel 0 then? I'm not sure I get why we're overloading channel into overlay here and not just another byte sized field in managed group messages? don't this mean adding binary logic somewhere to check an overlay contains 0x300 then?
peer/cwtch_peer.go
@ -424,0 +443,4 @@
}
func (cp *cwtchPeer) resolveChannel(overlay int) int {
requestedChannel := overlay & 0xFF
dan commented 2024-02-09 18:23:11 +00:00
Owner
Copy Link

right like this. we use big json blob structs for so much, why bit packing for this?

also, is there an envisioned use for the range between 0xFF and 0x300? that seems abandoned?

right like this. we use big json blob structs for so much, why bit packing for this? also, is there an envisioned use for the range between 0xFF and 0x300? that seems abandoned?
peer/cwtch_peer.go
@ -439,0 +469,4 @@
var cm model.MessageWrapper
err = json.Unmarshal([]byte(message), &cm)
// we are now explictly rejecting invalidly encoded messages...
dan commented 2024-02-09 18:26:18 +00:00
Owner
Copy Link

was this happening a lot?

seems like that's a failing of our API then. perhaps the exposed send message shouldn't take a pre encoded message wrapper but the arguments ti construct one?

was this happening a lot? seems like that's a failing of our API then. perhaps the exposed send message shouldn't take a pre encoded message wrapper but the arguments ti construct one?
peer/cwtch_peer.go
@ -439,0 +476,4 @@
requestedChannel := cp.resolveChannel(cm.Overlay)
// if this channel has not been registered for a particular conversation
// then default to channel = 0;
if conversationInfo.HasChannel(requestedChannel) {
dan commented 2024-02-09 18:30:12 +00:00
Owner
Copy Link

resolveChannel will turn all legacy overlays to have channel 0 and hasChannel auto trues 0.

for managed groups was it 0 or 2 that is the admin channel? do we need this manual setting? wont managed group messages have a channel explicitly set?

resolveChannel will turn all legacy overlays to have channel 0 and hasChannel auto trues 0. for managed groups was it 0 or 2 that is the admin channel? do we need this manual setting? wont managed group messages have a channel explicitly set?
peer/cwtch_peer.go
@ -1482,9 +1558,23 @@ func (cp *cwtchPeer) storeMessage(handle string, message string, sent time.Time)
}
}
var cm model.MessageWrapper
dan commented 2024-02-09 18:33:02 +00:00
Owner
Copy Link

this check again? at least make it a private helper function like validateMessageWrapper

this check again? at least make it a private helper function like `validateMessageWrapper`
testing/hybrid_group_integration_test.go
@ -0,0 +79,4 @@
// ***** Cwtch Server management *****
app := app2.NewApp(acn, "./storage", app2.LoadAppSettings("./storage"))
managerApp := app2.NewApp(acn, "./managerstorage", app2.LoadAppSettings("./managerstorage"))
dan commented 2024-02-09 18:36:10 +00:00
Owner
Copy Link

why a second app for the manager profile?

why a second app for the manager profile?
testing/hybrid_group_integration_test.go
@ -0,0 +122,4 @@
t.Fatalf("could not create hybrid contact (bob): %v", err)
}
// Now we can allow alice, bob and carol to create a new hybrid group...
dan commented 2024-02-09 18:38:09 +00:00
Owner
Copy Link

nit: there is no carol

nit: there is no carol
Some checks are pending
continuous-integration/drone/pr Build is pending
Details
This pull request has changes conflicting with the target branch.
  • .gitignore
  • model/conversation.go
  • peer/cwtch_peer.go
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
applications

   
BLOCKED

   
bug

   
design

   
duplicate

   
enhancement

   
fixed?

   
funding-needed

   
help wanted

   
infrastructure

   
invalid

   
payments

   
qubes

   
question

   
ready-for-implementation

   
refactor

   
spam

   
tapir-server

   
testing

   
tor

   
wontfix
No Label
applications
BLOCKED
bug
design
duplicate
enhancement
fixed?
funding-needed
help wanted
infrastructure
invalid
payments
qubes
question
ready-for-implementation
refactor
spam
tapir-server
testing
tor
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
dan
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch#545
No description provided.
Delete Branch "hybridgroups"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?