Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Key Update Before Every New GroupIntent #658

Closed
wants to merge 34 commits into from
Closed
Show file tree
Hide file tree
Changes from 17 commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
8e87ba7
queue_key_update
Apr 15, 2024
9df8308
lint
Apr 15, 2024
60e8adc
lint
Apr 15, 2024
cb88c9e
merge main
Apr 15, 2024
3438591
queue key update test
Apr 16, 2024
0e9d812
key-update
Apr 22, 2024
1624a05
Fix paths in update-schema script
richardhuaaa Apr 22, 2024
7d0dade
merge master and add rotated_at_ns item
Apr 30, 2024
e62cdfc
add get_rotated_at_ns
Apr 30, 2024
5f35add
fetch rotated_at_ns
May 1, 2024
928bca4
Merge remote-tracking branch 'origin' into dz/key-update
May 1, 2024
b319f56
add pre_intent_hook
May 6, 2024
ed6e1dd
Revert unneeded fix, and specify the correct directory in the README …
richardhuaaa May 13, 2024
cd28efd
apply pre_intent_hook
May 16, 2024
c160c14
Merge remote-tracking branch 'origin' into dz/key-update
May 16, 2024
e1b5f56
merge master and resolve comments
May 16, 2024
c6ed2c0
fix tests
May 17, 2024
79d714e
test 1
May 30, 2024
4a317b4
merge master
May 31, 2024
ceb8d34
modify test
May 31, 2024
ecc3dc0
merge main
Jun 20, 2024
48ad52a
modify
Jun 20, 2024
059df1c
solve db connection and update
Jun 21, 2024
e8a3308
more key updates and test updates
Jun 24, 2024
a4482c6
add
Jun 24, 2024
dc2ba36
test
Jun 28, 2024
b4d676e
finish key update test
Jul 2, 2024
979dcea
Merge remote-tracking branch 'origin/main' into dz/key-update
richardhuaaa Oct 1, 2024
41a7618
Small fixes
richardhuaaa Oct 1, 2024
3d143eb
Fix group initialization error - no need to rotate keys if you are th…
richardhuaaa Oct 1, 2024
6377d85
Undo unit test changes
richardhuaaa Oct 1, 2024
71478f1
Make it impossible to miss a pre_intent_hook, add missing locations
richardhuaaa Oct 2, 2024
bb75ed4
Reduce duplication of maybe_update_installations
richardhuaaa Oct 2, 2024
8750c10
Progress on key rotation for optimistic message sends
richardhuaaa Oct 2, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions xmtp_mls/migrations/2024-04-22-061128_key_update/down.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
-- This file should undo anything in `up.sql`
2 changes: 2 additions & 0 deletions xmtp_mls/migrations/2024-04-22-061128_key_update/up.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
ALTER TABLE groups
ADD COLUMN rotated_at_ns BIGINT NOT NULL DEFAULT 0
2 changes: 2 additions & 0 deletions xmtp_mls/migrations/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
cargo install diesel_cli --no-default-features --features sqlite
```

### Change directory to libxmtp/xmtp_mls/

### Create your migration SQL

In this example the migration is called `create_key_store`:
Expand Down
Binary file not shown.
Empty file.
56 changes: 43 additions & 13 deletions xmtp_mls/src/groups/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -295,12 +295,8 @@
};

let stored_group = provider.conn().insert_or_ignore_group(to_store)?;

Ok(Self::new(
context,
stored_group.id,
stored_group.created_at_ns,
))
let xmtp_group = Self::new(context, stored_group.id, stored_group.created_at_ns);
Ok(xmtp_group)
}

// Decrypt a welcome message using HPKE and then create and save a group from the stored message
Expand Down Expand Up @@ -381,9 +377,7 @@
{
let conn = self.context.store.conn()?;

let update_interval = Some(5_000_000); // 5 seconds in nanoseconds
self.maybe_update_installations(conn.clone(), update_interval, client)
.await?;
self.pre_intent_hook(client).await?;

let now = now_ns();
let plain_envelope = Self::into_envelope(message, &now.to_string());
Expand All @@ -393,6 +387,7 @@
.map_err(GroupError::EncodeError)?;

let intent_data: Vec<u8> = SendMessageIntentData::new(encoded_envelope).into();

let intent =
NewGroupIntent::new(IntentKind::SendMessage, self.group_id.clone(), intent_data);
intent.store(&conn)?;
Expand Down Expand Up @@ -473,6 +468,9 @@
let conn = self.context.store.conn()?;
let intent_data: Vec<u8> =
AddMembersIntentData::new(account_addresses.into()).try_into()?;

self.pre_intent_hook(client).await?;

let intent = conn.insert_group_intent(NewGroupIntent::new(
IntentKind::AddMembers,
self.group_id.clone(),
Expand All @@ -483,6 +481,7 @@
.await
}

// Before calling this function, please verify pre_intent_hook has been called.
pub async fn add_members_by_installation_id<ApiClient>(
&self,
installation_ids: Vec<Vec<u8>>,
Expand All @@ -494,6 +493,7 @@
validate_ed25519_keys(&installation_ids)?;
let conn = self.context.store.conn()?;
let intent_data: Vec<u8> = AddMembersIntentData::new(installation_ids.into()).try_into()?;

let intent = conn.insert_group_intent(NewGroupIntent::new(
IntentKind::AddMembers,
self.group_id.clone(),
Expand All @@ -515,6 +515,9 @@
let account_addresses = sanitize_evm_addresses(account_addresses_to_remove)?;
let conn = self.context.store.conn()?;
let intent_data: Vec<u8> = RemoveMembersIntentData::new(account_addresses.into()).into();

self.pre_intent_hook(client).await?;

let intent = conn.insert_group_intent(NewGroupIntent::new(
IntentKind::RemoveMembers,
self.group_id.clone(),
Expand All @@ -536,6 +539,9 @@
let conn = self.context.store.conn()?;
let intent_data: Vec<u8> =
UpdateMetadataIntentData::new_update_group_name(group_name).into();

self.pre_intent_hook(client).await?;

let intent = conn.insert_group_intent(NewGroupIntent::new(
IntentKind::MetadataUpdate,
self.group_id.clone(),
Expand Down Expand Up @@ -586,6 +592,9 @@
validate_ed25519_keys(&installation_ids)?;
let conn = self.context.store.conn()?;
let intent_data: Vec<u8> = RemoveMembersIntentData::new(installation_ids.into()).into();

self.pre_intent_hook(client).await?;

let intent = conn.insert_group_intent(NewGroupIntent::new(
IntentKind::RemoveMembers,
self.group_id.clone(),
Expand All @@ -602,17 +611,38 @@
ApiClient: XmtpApi,
{
let conn = self.context.store.conn()?;

let intent = NewGroupIntent::new(IntentKind::KeyUpdate, self.group_id.clone(), vec![]);
intent.store(&conn)?;

self.sync_with_conn(conn, client).await
}

/// Checking the last key rotation time before rotating the key.
pub async fn pre_intent_hook<ApiClient>(
&self,
client: &Client<ApiClient>,
) -> Result<(), GroupError>
where
ApiClient: XmtpApi,
{
let conn = self.context.store.conn()?;
let last_rotated_time = conn.get_rotated_time_checked(self.group_id.clone())?;

if last_rotated_time == 0 {
let _ = self.key_update(client).await?;

Check warning on line 633 in xmtp_mls/src/groups/mod.rs

View workflow job for this annotation

GitHub Actions / workspace

this let-binding has unit value

warning: this let-binding has unit value --> xmtp_mls/src/groups/mod.rs:633:13 | 633 | let _ = self.key_update(client).await?; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: omit the `let` binding: `self.key_update(client).await?;` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#let_unit_value = note: `#[warn(clippy::let_unit_value)]` on by default
}
let update_interval = Some(5_000_000);
self.maybe_update_installations(conn.clone(), update_interval, client)
.await?;

self.sync_with_conn(conn, client).await
}

pub fn is_active(&self) -> Result<bool, GroupError> {
let conn = self.context.store.conn()?;
let provider = XmtpOpenMlsProvider::new(conn);
let mls_group = self.load_mls_group(&provider)?;

Ok(mls_group.is_active())
}

Expand Down Expand Up @@ -860,7 +890,7 @@
.await
.expect("read topic");

assert_eq!(messages.len(), 1)
assert_eq!(messages.len(), 2)
}

#[tokio::test]
Expand Down Expand Up @@ -1034,7 +1064,7 @@
.await
.expect("read topic");

assert_eq!(messages.len(), 2);
richardhuaaa marked this conversation as resolved.
Show resolved Hide resolved
assert_eq!(messages.len(), 3);
}

#[tokio::test]
Expand All @@ -1055,7 +1085,7 @@
.query_group_messages(group.group_id.clone(), None)
.await
.unwrap();
assert_eq!(messages.len(), 2);
assert_eq!(messages.len(), 3);

let conn = &client.context.store.conn().unwrap();
let provider = super::XmtpOpenMlsProvider::new(conn.clone());
Expand Down
16 changes: 16 additions & 0 deletions xmtp_mls/src/storage/encrypted_store/group.rs
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ pub struct StoredGroup {
pub purpose: Purpose,
/// The wallet address of who added the user to a group.
pub added_by_address: String,
pub rotated_at_ns: i64,
}

impl_fetch!(StoredGroup, groups, Vec<u8>);
Expand All @@ -56,6 +57,7 @@ impl StoredGroup {
installations_last_checked: 0,
purpose: Purpose::Conversation,
added_by_address,
rotated_at_ns: 0,
}
}

Expand All @@ -72,6 +74,7 @@ impl StoredGroup {
installations_last_checked: 0,
purpose: Purpose::Sync,
added_by_address: "".into(),
rotated_at_ns: 0,
}
}
}
Expand Down Expand Up @@ -155,6 +158,19 @@ impl DbConnection {
last_ts.ok_or(StorageError::NotFound)
}

pub fn get_rotated_time_checked(&self, group_id: Vec<u8>) -> Result<i64, StorageError> {
let last_ts = self.raw_query(|conn| {
let ts = dsl::groups
.find(&group_id)
.select(dsl::rotated_at_ns)
.first(conn)
.optional()?;
Ok(ts)
})?;

last_ts.ok_or(StorageError::NotFound)
}

/// Updates the 'last time checked' we checked for new installations.
pub fn update_installations_time_checked(&self, group_id: Vec<u8>) -> Result<(), StorageError> {
self.raw_query(|conn| {
Expand Down
1 change: 1 addition & 0 deletions xmtp_mls/src/storage/encrypted_store/schema.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ diesel::table! {
installations_last_checked -> BigInt,
purpose -> Integer,
added_by_address -> Text,
rotated_at_ns -> BigInt,
}
}

Expand Down
Loading