chore: add CHANGELOGs

chore: fluence-keypair v0.8.1

.github/workflows/release.yml

@@ -9,7 +9,6 @@ jobs:
   release:
     name: "Publish"
     runs-on: builder
-    container: rust
     defaults:
       run:
         shell: bash
@@ -22,10 +21,13 @@ jobs:
       - name: Set env
         run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
 
+      - run: mkdir -p ~/.bin
+      - run: echo "~/.bin" >> $GITHUB_PATH
+
       - name: Download jq
         run: |
-          curl -L https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 -o /usr/local/bin/jq
+          curl -L https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 -o  ~/.bin/jq
-          chmod +x /usr/local/bin/jq
+          chmod +x  ~/.bin/jq
 
       - name: Download marine
         run: bash $GITHUB_WORKSPACE/.github/download_marine.sh
@@ -57,13 +59,17 @@ jobs:
             ~/.cargo/bin
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
 
-      - name: Install Rust
+      - name: Install toolchain
-        working-directory: ./service
+        uses: actions-rs/toolchain@v1
-        run: |
+        with:
-          rustup toolchain install nightly-2022-01-16-x86_64-unknown-linux-gnu
+          profile: minimal
-          rustup default nightly-2022-01-16-x86_64-unknown-linux-gnu
+          toolchain: nightly
-          rustup override set nightly-2022-01-16-x86_64-unknown-linux-gnu
+          override: true
-          rustup target add wasm32-wasi --toolchain nightly-2022-01-16-x86_64-unknown-linux-gnu
+          target: wasm32-wasi
+
+      # - name: Install wasm32-wasi target
+      #   working-directory: ./service
+      #   run: rustup target add wasm32-wasi
 
 ### Build
       - name: Build trust-graph

.github/workflows/rust_ci.yml

@@ -11,7 +11,6 @@ jobs:
   check:
     name: cargo nextest
     runs-on: builder
-    container: rust
     defaults:
       run:
         working-directory: service
@@ -30,13 +29,14 @@ jobs:
       - run: mkdir -p ~/.bin
       - run: echo "~/.bin" >> $GITHUB_PATH
 
-      - name: Install Rust
+      - name: Install toolchain
-        working-directory: ./service
+        uses: actions-rs/toolchain@v1
-        run: |
+        with:
-          rustup toolchain install nightly-2022-01-16-x86_64-unknown-linux-gnu
+          profile: minimal
-          rustup default nightly-2022-01-16-x86_64-unknown-linux-gnu
+          toolchain: nightly
-          rustup override set nightly-2022-01-16-x86_64-unknown-linux-gnu
+
-          rustup target add wasm32-wasi --toolchain nightly-2022-01-16-x86_64-unknown-linux-gnu
+      - name: Add wasm32-wasi target
+        run: rustup target add wasm32-wasi
 
       - name: Download jq
         run: |

.gitignore

@@ -18,3 +18,12 @@ admin/src/generated/**
 admin/generated/**
 
 target
+
+# recommended by Fluence Labs:
+.idea
+.DS_Store
+.fluence
+Cargo.lock
+**/target/
+.vscode/settings.json
+.repl_history

Cargo.lock

@@ -133,22 +133,10 @@ dependencies = [
  "cc",
  "cfg-if 0.1.10",
  "constant_time_eq",
- "crypto-mac 0.8.0",
+ "crypto-mac",
  "digest 0.9.0",
 ]
 
-[[package]]
-name = "block-buffer"
-version = "0.7.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b"
-dependencies = [
- "block-padding",
- "byte-tools",
- "byteorder",
- "generic-array 0.12.4",
-]
-
 [[package]]
 name = "block-buffer"
 version = "0.9.0"
@@ -167,15 +155,6 @@ dependencies = [
  "generic-array 0.14.5",
 ]
 
-[[package]]
-name = "block-padding"
-version = "0.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5"
-dependencies = [
- "byte-tools",
-]
-
 [[package]]
 name = "boolinator"
 version = "2.4.0"
@@ -200,12 +179,6 @@ version = "3.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a4a45a46ab1f2412e53d3a0ade76ffad2025804294569aae387231a0cd6e0899"
 
-[[package]]
-name = "byte-tools"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7"
-
 [[package]]
 name = "byteorder"
 version = "1.4.3"
@@ -281,6 +254,15 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
 
+[[package]]
+name = "core2"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b49ba7ef1ad6107f8824dbe97de947cbaac53c44e7f9756a1fba0d37c1eec505"
+dependencies = [
+ "memchr",
+]
+
 [[package]]
 name = "cpufeatures"
 version = "0.2.1"
@@ -409,16 +391,6 @@ dependencies = [
  "generic-array 0.14.5",
 ]
 
-[[package]]
-name = "crypto-mac"
-version = "0.7.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4434400df11d95d556bac068ddfedd482915eb18fe8bea89bc80b6e4b1c179e5"
-dependencies = [
- "generic-array 0.12.4",
- "subtle 1.0.0",
-]
-
 [[package]]
 name = "crypto-mac"
 version = "0.8.0"
@@ -426,7 +398,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab"
 dependencies = [
  "generic-array 0.14.5",
- "subtle 2.4.1",
+ "subtle",
 ]
 
 [[package]]
@@ -448,7 +420,7 @@ dependencies = [
  "byteorder",
  "digest 0.9.0",
  "rand_core 0.5.1",
- "subtle 2.4.1",
+ "subtle",
  "zeroize",
 ]
 
@@ -671,12 +643,6 @@ dependencies = [
  "synstructure",
 ]
 
-[[package]]
-name = "fake-simd"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed"
-
 [[package]]
 name = "fallible-iterator"
 version = "0.2.0"
@@ -761,7 +727,7 @@ dependencies = [
 
 [[package]]
 name = "fluence-keypair"
-version = "0.6.0"
+version = "0.8.1"
 dependencies = [
  "asn1_der 0.6.3",
  "bs58 0.3.1",
@@ -770,7 +736,7 @@ dependencies = [
  "eyre",
  "lazy_static",
  "libp2p-core",
- "libsecp256k1 0.3.5",
+ "libsecp256k1",
  "quickcheck",
  "rand 0.7.3",
  "ring",
@@ -1001,6 +967,12 @@ dependencies = [
  "unicode-segmentation",
 ]
 
+[[package]]
+name = "heck"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9"
+
 [[package]]
 name = "hermit-abi"
 version = "0.1.19"
@@ -1016,37 +988,16 @@ version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
 
-[[package]]
-name = "hmac"
-version = "0.7.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5dcb5e64cda4c23119ab41ba960d1e170a774c8e4b9d9e6a9bc18aabf5e59695"
-dependencies = [
- "crypto-mac 0.7.0",
- "digest 0.8.1",
-]
-
 [[package]]
 name = "hmac"
 version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840"
 dependencies = [
- "crypto-mac 0.8.0",
+ "crypto-mac",
  "digest 0.9.0",
 ]
 
-[[package]]
-name = "hmac-drbg"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c6e570451493f10f6581b48cdd530413b63ea9e780f544bfd3bdcaa0d89d1a7b"
-dependencies = [
- "digest 0.8.1",
- "generic-array 0.12.4",
- "hmac 0.7.1",
-]
-
 [[package]]
 name = "hmac-drbg"
 version = "0.3.0"
@@ -1055,7 +1006,7 @@ checksum = "17ea0a1394df5b6574da6e0c1ade9e78868c9fb0a4e5ef4428e32da4676b85b1"
 dependencies = [
  "digest 0.9.0",
  "generic-array 0.14.5",
- "hmac 0.8.1",
+ "hmac",
 ]
 
 [[package]]
@@ -1201,9 +1152,9 @@ checksum = "565dbd88872dbe4cc8a46e527f26483c1d1f7afa6b884a3bd6cd893d4f98da74"
 
 [[package]]
 name = "libp2p-core"
-version = "0.31.0"
+version = "0.36.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a24250cce58fb6ccb32e26647c1c25b48b6f7bd2d6fb3d6dba72001a6694b385"
+checksum = "b1fff5bd889c82a0aec668f2045edd066f559d4e5c40354e5a4c77ac00caac38"
 dependencies = [
  "asn1_der 0.7.5",
  "bs58 0.4.0",
@@ -1214,13 +1165,13 @@ dependencies = [
  "futures-timer",
  "instant",
  "lazy_static",
- "libsecp256k1 0.7.0",
+ "libsecp256k1",
  "log",
  "multiaddr",
  "multihash",
  "multistream-select",
- "parking_lot 0.11.2",
+ "parking_lot 0.12.1",
- "pin-project 1.0.10",
+ "pin-project",
  "prost",
  "prost-build",
  "rand 0.8.4",
@@ -1236,30 +1187,14 @@ dependencies = [
 
 [[package]]
 name = "libsecp256k1"
-version = "0.3.5"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1fc1e2c808481a63dc6da2074752fdd4336a3c8fcc68b83db6f1fd5224ae7962"
+checksum = "95b09eff1b35ed3b33b877ced3a691fc7a481919c7e29c53c906226fcf55e2a1"
-dependencies = [
- "arrayref",
- "crunchy",
- "digest 0.8.1",
- "hmac-drbg 0.2.0",
- "rand 0.7.3",
- "sha2 0.8.2",
- "subtle 2.4.1",
- "typenum",
-]
-
-[[package]]
-name = "libsecp256k1"
-version = "0.7.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b0452aac8bab02242429380e9b2f94ea20cea2b37e2c1777a1358799bbe97f37"
 dependencies = [
  "arrayref",
  "base64",
  "digest 0.9.0",
- "hmac-drbg 0.3.0",
+ "hmac-drbg",
  "libsecp256k1-core",
  "libsecp256k1-gen-ecmult",
  "libsecp256k1-gen-genmult",
@@ -1277,7 +1212,7 @@ checksum = "5be9b9bb642d8522a44d533eab56c16c738301965504753b03ad1de3425d5451"
 dependencies = [
  "crunchy",
  "digest 0.9.0",
- "subtle 2.4.1",
+ "subtle",
 ]
 
 [[package]]
@@ -1621,9 +1556,9 @@ dependencies = [
 
 [[package]]
 name = "multiaddr"
-version = "0.13.0"
+version = "0.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "48ee4ea82141951ac6379f964f71b20876d43712bea8faf6dd1a375e08a46499"
+checksum = "3c580bfdd8803cce319b047d239559a22f809094aaea4ac13902a1fdcfcd4261"
 dependencies = [
  "arrayref",
  "bs58 0.4.0",
@@ -1639,22 +1574,22 @@ dependencies = [
 
 [[package]]
 name = "multihash"
-version = "0.14.0"
+version = "0.16.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "752a61cd890ff691b4411423d23816d5866dd5621e4d1c5687a53b94b5a979d8"
+checksum = "1c346cf9999c631f002d8f977c4eaeaa0e6386f16007202308d0b3757522c2cc"
 dependencies = [
- "digest 0.9.0",
+ "core2",
- "generic-array 0.14.5",
+ "digest 0.10.1",
  "multihash-derive",
- "sha2 0.9.9",
+ "sha2 0.10.1",
  "unsigned-varint",
 ]
 
 [[package]]
 name = "multihash-derive"
-version = "0.7.2"
+version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "424f6e86263cd5294cbd7f1e95746b95aca0e0d66bff31e5a40d6baa87b4aa99"
+checksum = "fc076939022111618a5026d3be019fd8b366e76314538ff9a1b59ffbcbf98bcd"
 dependencies = [
  "proc-macro-crate",
  "proc-macro-error",
@@ -1682,7 +1617,7 @@ dependencies = [
  "bytes",
  "futures",
  "log",
- "pin-project 1.0.10",
+ "pin-project",
  "smallvec",
  "unsigned-varint",
 ]
@@ -1761,12 +1696,6 @@ version = "1.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5"
 
-[[package]]
-name = "opaque-debug"
-version = "0.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c"
-
 [[package]]
 name = "opaque-debug"
 version = "0.3.0"
@@ -1810,6 +1739,16 @@ dependencies = [
  "parking_lot_core 0.8.5",
 ]
 
+[[package]]
+name = "parking_lot"
+version = "0.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
+dependencies = [
+ "lock_api 0.4.6",
+ "parking_lot_core 0.9.3",
+]
+
 [[package]]
 name = "parking_lot_core"
 version = "0.7.2"
@@ -1838,6 +1777,19 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "parking_lot_core"
+version = "0.9.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929"
+dependencies = [
+ "cfg-if 1.0.0",
+ "libc",
+ "redox_syscall 0.2.10",
+ "smallvec",
+ "windows-sys",
+]
+
 [[package]]
 name = "paste"
 version = "1.0.6"
@@ -1869,33 +1821,13 @@ dependencies = [
  "indexmap",
 ]
 
-[[package]]
-name = "pin-project"
-version = "0.4.29"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9615c18d31137579e9ff063499264ddc1278e7b1982757ebc111028c4d1dc909"
-dependencies = [
- "pin-project-internal 0.4.29",
-]
-
 [[package]]
 name = "pin-project"
 version = "1.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "58ad3879ad3baf4e44784bc6a718a8698867bb991f8ce24d1bcbe2cfb4c3a75e"
 dependencies = [
- "pin-project-internal 1.0.10",
+ "pin-project-internal",
-]
-
-[[package]]
-name = "pin-project-internal"
-version = "0.4.29"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "044964427019eed9d49d9d5bbce6047ef18f37100ea400912a9fa4a3523ab12a"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
 ]
 
 [[package]]
@@ -1989,9 +1921,9 @@ dependencies = [
 
 [[package]]
 name = "prost"
-version = "0.9.0"
+version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "444879275cb4fd84958b1a1d5420d15e6fcf7c235fe47f053c9c2a80aceb6001"
+checksum = "399c3c31cdec40583bb68f0b18403400d01ec4289c383aa047560439952c4dd7"
 dependencies = [
  "bytes",
  "prost-derive",
@@ -1999,12 +1931,12 @@ dependencies = [
 
 [[package]]
 name = "prost-build"
-version = "0.9.0"
+version = "0.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "62941722fb675d463659e49c4f3fe1fe792ff24fe5bbaa9c08cd3b98a1c354f5"
+checksum = "7f835c582e6bd972ba8347313300219fed5bfa52caf175298d860b61ff6069bb"
 dependencies = [
  "bytes",
- "heck",
+ "heck 0.4.0",
  "itertools 0.10.3",
  "lazy_static",
  "log",
@@ -2019,9 +1951,9 @@ dependencies = [
 
 [[package]]
 name = "prost-derive"
-version = "0.9.0"
+version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f9cc1a3263e07e0bf68e96268f37665207b49560d98739662cdfaae215c720fe"
+checksum = "7345d5f0e08c0536d7ac7229952590239e77abf0a0100a1b1d890add6ea96364"
 dependencies = [
  "anyhow",
  "itertools 0.10.3",
@@ -2032,9 +1964,9 @@ dependencies = [
 
 [[package]]
 name = "prost-types"
-version = "0.9.0"
+version = "0.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "534b7a0e836e3c482d2693070f982e39e7611da9695d4d1f5a4b186b51faef0a"
+checksum = "4dfaa718ad76a44b3415e6c4d53b17c8f99160dcb3a99b10470fce8ad43f6e3e"
 dependencies = [
  "bytes",
  "prost",
@@ -2226,9 +2158,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.5.4"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461"
+checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -2237,9 +2169,9 @@ dependencies = [
 
 [[package]]
 name = "regex-syntax"
-version = "0.6.25"
+version = "0.6.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b"
+checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244"
 
 [[package]]
 name = "remove_dir_all"
@@ -2324,12 +2256,12 @@ checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f"
 
 [[package]]
 name = "rw-stream-sink"
-version = "0.2.1"
+version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4da5fcb054c46f5a5dff833b129285a93d3f0179531735e6c866e8cc307d2020"
+checksum = "26338f5e09bb721b85b135ea05af7767c90b52f6de4f087d4f4a3a9d64e7dc04"
 dependencies = [
  "futures",
- "pin-project 0.4.29",
+ "pin-project",
  "static_assertions",
 ]
 
@@ -2467,18 +2399,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "sha2"
-version = "0.8.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69"
-dependencies = [
- "block-buffer 0.7.3",
- "digest 0.8.1",
- "fake-simd",
- "opaque-debug 0.2.3",
-]
-
 [[package]]
 name = "sha2"
 version = "0.9.9"
@@ -2489,7 +2409,7 @@ dependencies = [
  "cfg-if 1.0.0",
  "cpufeatures",
  "digest 0.9.0",
- "opaque-debug 0.3.0",
+ "opaque-debug",
 ]
 
 [[package]]
@@ -2539,12 +2459,6 @@ version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
 
-[[package]]
-name = "subtle"
-version = "1.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2d67a5a62ba6e01cb2192ff309324cb4875d0c451d55fe2319433abe7a05a8ee"
-
 [[package]]
 name = "subtle"
 version = "2.4.1"
@@ -2657,7 +2571,6 @@ dependencies = [
  "derivative",
  "failure",
  "fluence-keypair",
- "libp2p-core",
  "log",
  "nonempty",
  "rand 0.7.3",
@@ -2838,7 +2751,7 @@ version = "0.18.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d7c2bb690b44cb1b0fdcc54d4998d21f8bdaf706b93775425e440b174f39ad16"
 dependencies = [
- "heck",
+ "heck 0.3.3",
  "proc-macro2",
  "quote",
  "syn",
@@ -3150,6 +3063,49 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 
+[[package]]
+name = "windows-sys"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2"
+dependencies = [
+ "windows_aarch64_msvc",
+ "windows_i686_gnu",
+ "windows_i686_msvc",
+ "windows_x86_64_gnu",
+ "windows_x86_64_msvc",
+]
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680"
+
 [[package]]
 name = "zeroize"
 version = "1.5.1"

Cargo.toml

@@ -8,10 +8,9 @@ license = "Apache-2.0"
 repository = "https://github.com/fluencelabs/trust-graph"
 
 [dependencies]
-libp2p-core = { version = "0.31", default-features = false, features = [ "secp256k1" ] }
 serde = { version = "1.0.118", features = ["derive"] }
 
-fluence-keypair = { path = "./keypair", version = "0.6.0" }
+fluence-keypair = { path = "./keypair", version = "0.8.1" }
 serde_json = "1.0.58"
 bs58 = "0.3.1"
 failure = "0.1.6"
@@ -30,3 +29,6 @@ members = [
     "keypair",
     "service"
 ]
+
+[workspace.dependencies]
+libp2p-core = { version = "0.36", default-features = false, features = [ "secp256k1", "rsa" ] }

README.md

@@ -1,20 +1,303 @@
 # Trust Graph
 
-Trust Graph is network-wide peer relationship layer. It's designed to be used to prioritize resources and control permissions in open networks. Being a decentralized graph of relationships, basically a Web of Trust, Trust Graph is distributed among all network peers. 
+- [Trust Graph](#trust-graph)
+  - [Overview](#overview)
+  - [Why is it important?](#why-is-it-important)
+  - [What is it?](#what-is-it)
+  - [How to Use it in Aqua](#how-to-use-it-in-aqua)
+    - [How to import](#how-to-import)
+    - [How to add roots](#how-to-add-roots)
+    - [How to issue and add trust](#how-to-issue-and-add-trust)
+    - [How to revoke the trust](#how-to-revoke-the-trust)
+    - [How to get certificates](#how-to-get-certificates)
+    - [How to get weights](#how-to-get-weights)
+  - [How to use it in TS/JS](#how-to-use-it-in-tsjs)
+  - [Use cases](#use-cases)
+    - [Create a trusted subnetwork](#create-a-trusted-subnetwork)
+    - [Service permission management](#service-permission-management)
+    - [Label trusted peers and execute computation only on this peers](#label-trusted-peers-and-execute-computation-only-on-this-peers)
+  - [FAQ](#faq)
+  - [API](#api)
+  - [Directory structure](#directory-structure)
+  - [Learn Aqua](#learn-aqua)
 
-Specifically, Trust Graph is used to prioritize connections from known peers to counteract Sybil attacks while still keeping network open by reserving resources for unknown peers. 
+## Overview
+The problem of access control and permissions is solved with centralized CAs (Certificate Authority) in web 2.0. However, such problem is urgent and becomes even more challenging considering a decentralized nature of web 3.0. TrustGraph is our point of view on the solution for this challenge.
 
-At the same time, Trust Graph can be used at the application level in various ways such as prioritization of service execution on authorized peers or to define an interconnected subnetwork among peers of a single protocol.
+TrustGraph is a bottom layer of trust for open p2p networks: every peer may be provided with SSL-like certificates that promoted over the network. Service providers and peers can treat certificate holders differently based on their certificate set.
 
-## How to Use it in TypeScript
+TrustGraph is a basic component that allows storing and managing certificates without additional logic about how to decide whom to trust and whom to treat as unreliable.
+
+## Why is it important?
+
+The problem of peer choice and prioritization is very urgent in p2p networks. We can't use the network reliably and predictably without trust to any network participant. We also should mark and avoid malicious peers. In addition we need to control our application access and permissions in runtime, so it performs continuously without interruptions and redeployments.
+
+## What is it?
+
+TrustGraph is basically a directed graph with one root at least, vertices are peer ids, and edges are one of the two types of cryptographic relations: trust and revocation.
+
+**Root** is a peer id that we unconditionally trust until it is removed, and is defined by the node owner. Every root has characteristics that represent the maximum length for a chain of trusts.
+
+As a **path to the root**, we consider a path with only trust edges, given the following rule: chain `R -> A -> ...-> C` is not a path if A revoked C.
+
+**Trust** is a cryptographic relation representing that peer A trusts peer B until this trust expires or is revoked. Trust relation is transitive. If peer A trusts peer B, and peer B trusts peer C, it results in peer A trusts peer C transitively. Trust relation means that you trust to connect, compute or store based on your business logic and chosen metrics. For example, if you want to perform some computation and some well-known peers do that, and are trusted by others you trust, so you can safely use them for computing but not to store sensitive information (personal keys, etc).
+
+Trust data structure contains the following fields:
+- peer id, trust is issued to
+- creation timestamp
+- expiration timestamp
+- a signature of the issuer that contains all of the previous fields signed
+
+So the trust is signed and tamperproof by design.
+
+**Certificate** is a chain of trusts started with a self-signed root trust. Considering Trust and Certificate data structures, it is possible to track the chain of trust relations: the `issued_for` field of the first trust in a chain indicates a root peer id, second — whom root trusts, etc. So if we have a chain `R->A->B->C` in the certificate it looks like a chain of the following trusts: `R->R`, `R->A`, `A->B`, `B->C`. A certificate is tamperproof since it is a composition of signed trusts.
+
+![image](images/diagram.png)
+
+So peerA is trusted by peerB if there is a path between them in the instance of TrustGraph. The selection of certificates is subjective and defined by a node owner by choice of roots and maximum chain lengths. For now, there are no default metrics for a general case.
+
+**Revocation** is a cryptographic relation representing that a peer A considers a peer C malicious or unreliable. For example, all chains containing paths from A to C will not be treated as valid. So if A trusts a peer B, and B trusts C, a peer A has no trust to C transitively, it would have otherwise.
+
+![image](images/revocation.png)
+
+Every peer has a **weight**. A weight signifies a power of 2 or zero. If there is no path from any root to a peer, given revocations, its weight equals zero. The closer to the root, the bigger the weight. Weights are also subjective and relevant in the scope of a local TrustGraph.
+
+![image](images/weights.png)
+
+TrustGraph is a builtin meaning that every node is bundled with a TrustGraph instance and predefined certificates.
+
+Trust is transitive in terms of cryptographic relations. On the other hand, a subset of trusts and certificates is subjective for each network participant because of the choice of roots.
+
+
+## How to Use it in Aqua
+### How to import
+```
+import "@fluencelabs/trust-graph/trust-graph-api.aqua"
+import "@fluencelabs/trust-graph/trust-graph.aqua"
+
+func my_function(peer_id: string) -> u32:
+   on HOST_PEER_ID:
+       result <- get_weight(peer_id)
+   <- result
+```
+
+### How to add roots
+- `set_root(peer_id: PeerId, max_chain_len: u32) -> SetRootResult`
+- `add_root_trust(node: PeerId, peer_id: PeerId, max_chain_len: u32) -> ?Error`
+
+Let's set our peer id as a root on our relay and add self-signed trust:
+```rust
+func set_me_as_root(max_chain_len):
+  result <- add_root_trust(HOST_PEER_ID, INIT_PEER_ID, max_chain_len)
+
+  -- if you use peer_id different from INIT_PEER_ID
+  -- you should add keypair in your Sig service
+  if result.success:
+     -- do smth
+     Op.noop()
+  else:
+     -- handle failure
+     Op.noop()
+```
+- also you can use `set_root` + `add_trust` to achieve the same goal
+- [how to add keypair to Sig service](https://doc.fluence.dev/docs/fluence-js/3_in_depth#signing-service)
+- roots can be added only by the service owner
+- `max_chain_len` specifies a number of trusts in a chain for the root. Zero for chains that contain only root trust.
+
+### How to issue and add trust
+
+- `issue_trust(issuer: PeerId, issued_for: PeerId, expires_at_sec: u64) -> ?Trust, ?Error`
+- `import_trust(trust: Trust, issuer: PeerId) -> ?Error`
+- `add_trust(node: PeerId, issuer: PeerId, issued_for: PeerId, expires_at_sec: u64) -> ?Error`
+
+Let's issue trust, and import it to our relay:
+```rust
+func issue_trust_by_me(issued_for: PeerId, expires_at_sec: u64):
+  trust, error <- issue_trust(INIT_PEER_ID, issued_for, expires_at_sec)
+  if trust == nil:
+     -- handle failure
+     Op.noop()
+  else:
+     on HOST_PEER_ID:
+        error <- import_trust(trust!, INIT_PEER_ID)
+        -- handle error
+```
+
+
+- `add_trust` is a combination of `issue_trust` and `import_trust`
+- if you want to issue trust not by `INIT_PEER_ID` check the Sig service [docs](https://doc.fluence.dev/docs/fluence-js/3_in_depth#signing-service)
+
+### How to revoke the trust
+
+- `issue_revocation(revoked_by: PeerId, revoked: PeerId) -> ?Revocation, ?Error`
+- `import_revocation(revocation: Revocation) -> ?Error`
+- `revoke(node: PeerId, revoked_by: PeerId, revoked: PeerId) -> ?Error`
+
+Let's revoke some peers by our peer id:
+```rust
+func revoke_peer(revoked: PeerId):
+  revocation, error <- issue_revocation(INIT_PEER_ID, revoked)
+  if revocation == nil:
+     -- handle failure
+     Op.noop()
+  else:
+     on HOST_PEER_ID:
+        error <- import_revocation(revocation!)
+        -- handle error
+```
+
+- `revoke` is a combination of `issue_revocation` and `import_revocation`
+- if you want to issue revocation not by `INIT_PEER_ID` check the Sig service [docs](https://doc.fluence.dev/docs/fluence-js/3_in_depth#signing-service)
+
+
+### How to get certificates
+
+- `get_all_certs(issued_for: PeerId) -> AllCertsResult`
+- `get_all_certs_from(issued_for: PeerId, issuer: PeerId) -> AllCertsResult`
+- `get_host_certs() -> AllCertsResult`
+- `get_host_certs_from(issuer: PeerId) -> AllCertsResult`
+
+Let's get all certificates issued by us to our relay peer id (HOST_PEER_ID):
+```rust
+func get_certs_issued_by_me() -> AllCertsResult:
+  on HOST_PEER_ID:
+     result <- get_host_certs_from(INIT_PEER_ID)
+  <- result
+```
+- `get_host_certs` is just an alias for `get_all_certs(HOST_PEER_ID)`
+- `_from` calls results contain only certificates with trust issued by `issuer`
+
+### How to get weights
+- `get_weight(peer_id: PeerId) -> WeightResult`
+- `get_weight_from(peer_id: PeerId, issuer: PeerId) -> WeightResult`
+
+Let's get our weight for certificates which contain trust by our relay
+```rust
+func get_our_weight() -> ?u32, ?string:
+  weight: ?u32
+  error: ?string
+  on HOST_PEER_ID:
+     result <- get_weight_from(INIT_PEER_ID, HOST_PEER_ID)
+     if result.success:
+        weight <<- result.weight
+     else:
+        error <<- result.error
+  <- weight, error
+```
+
+- `get_weight` returns result among all the certificates, on the other hand, `get_weight_from` return certificates containing trust by the issuer only
+
+## How to use it in TS/JS
+1. Add `export.aqua` as in the Aqua [documentation](https://doc.fluence.dev/aqua-book/libraries#in-typescript-and-javascript)
+2. Add the following to your dependencies
+   - `@fluencelabs/trust-graph`
+   - `@fluencelabs/aqua`
+   - `@fluencelabs/aqua-lib`
+   - `@fluencelabs/fluence`
+   - `@fluencelabs/fluence-network-environment`
+
+3. Import dependencies
+  ```typescript
+  import * as tg from "./generated/export";
+  import { Fluence, KeyPair } from "@fluencelabs/fluence";
+  import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
+  ```
+4. Create a client (specify keypair if you are node owner
+[link](https://github.com/fluencelabs/node-distro/blob/main/fluence/Config.default.toml#L9))
+
+  ```typescript
+  await Fluence.start({ connectTo: relay /*, KeyPair: builtins_keypair*/});
+  ```
+5. Add a root and issue root trust.
+  ```typescript
+  let peer_id = Fluence.getStatus().peerId;
+  let relay = Fluence.getStatus().relayPeerId;
+  assert(peer_id !== null);
+  assert(relay !== null);
+  let max_chain_len = 2;
+  let far_future = 99999999999999;
+  let error = await tg.add_root_trust(relay, peer_id, max_chain_len, far_future);
+  if (error !== null) {
+   console.log(error);
+  }
+  ```
+6. By default, trusts/revocations signed with the client's private key. To sign with different keys see the Sig service [documentation](https://doc.fluence.dev/docs/fluence-js/3_in_depth#signing-service).
+  ```typescript
+  // issue signed trust
+  let error = await tg.issue_trust(relay, peer_id, issued_for_peer_id, expires_at_sec);
+  if (error !== null) {
+   console.log(error);
+  }
+  ```
+
+## Use cases
+
+### Create a trusted subnetwork
+
+You can organize a subnetwork with peers trusted by your choice or chosen metrics. So you can treat trusts given by a peer (or a key) as evidence.
+
+Let's consider we have peers A, B and C:
+- Choose a peer A as an authority, set it as a root for the local TrustGraphs on all peers
+- Issue and put self-signed by a peer A trust as a root trust
+- Issue trusts by a peer A a to peer B and a peer C, and put them on all peers
+- So for a call `get_weight_from(targetPeer, peerA)` will reflect whether targetPeer is in a subnetwork ABC
+
+### Service permission management
+
+You can specify in runtime who can access service functionality based on the local TrustGraph (certificates, weights). It's possible to check where the proof comes from based on [tetraplets](https://doc.fluence.dev/docs/knowledge_security). For example, only peers that have  a non-zero weight can execute a service function `trusted_call(weight: WeightResult) -> u8`.
+
+So if you want to have service permission management you should follow the steps:
+- Pass `WeightResult` from TrustGraph to the function that you need to control:
+ ```rust
+ ...
+ weight_result <- get_weight(INIT_PEER_ID)
+ result <- MyService.trusted_call(weight_result)
+ ...
+ ```
+- Inside your service you need to check tetraplets like [this](https://github.com/fluencelabs/registry/blob/main/service/src/misc.rs#L37) to be sure that they are resulted from the local TrustGraph
+- Add `INIT_PEER_ID` or another choosen key as a root
+- Issue trust to peers that can call this function:
+```rust
+func grant_access(issued_for: PeerId, expires_at_sec: u64):
+  error <- add_trust(INIT_PEER_ID, issued_for, expires_at_sec)
+  if error != nil
+     -- handle error
+```
+
+### Label trusted peers and execute computation only on this peers
 
 See [example](./example):
-- How to call [`trust-graph`](./example/index.ts) functions in TS/JS 
+- How to call [`trust-graph`](./example/index.ts) functions in TS/JS
 - Step-by-step description [`README`](./example/README.md)
 
+
+## FAQ
+
+- Can a weight change during time?
+  - If the shortest path to a root changes, in case of trust expiration, importing or revocation, a weight also changes.
+
+- What does a zero weight mean?
+  - A zero weight means there is no trust and path from any roots to the target peer.
+
+- How we can interpret a certificate and/or a peer weight?
+  - A certificate contains a path from the root to the target peer we are looking for. A weight represents the presence of these certificates and peers' closeness to the root.
+
+- How are weights calculated and based on what feedback?
+  - Weights are calculated based on the existence of a chain of trusts from the roots. For example, if we have a root with a maximum chain length equal 4 and have a chain `R -> A -> B -> C`, so the corresponding weights of peers are `8`, `4`, `2`, `1`. Weights are the same if there are no changes in the paths.
+  As long as we have no metrics, all trust/revocation logic is a TrustGraph user's responsibility.
+
+- How do I set all weights to untrusted and then increase trust in a peer over time?
+  - All peers are untrusted by default. Trust is unmeasured, weight represents how far the peer is from the root, the bigger weight, the closer to the root, so if you want to increase the weight of the target peer, you should obtain the trust from the root or peers who are closer to the root than this peer.
+
+- How do I know that other peers are using the same processes to update weights?
+  - Weights calculated **locally** based on certificates that contain immutable signed trusts. Weights are subjective and have meaning only locally to this exact peer.
+
+-  Can I start my own instance of a trust graph or is there only a global version available?
+   - Every Fluence node is bundled with a builtin TrustGraph instance, but you can change or remove any service you want if you're a node owner.
+
 ## API
 
-High-level API is defined in the [trust-graph-api.aqua](./aqua/trust-graph-api.aqua) module.
+High-level API is defined in the [trust-graph-api.aqua](./aqua/trust-graph-api.aqua) module. API Reference soon will be available in the documentation.
 
 ## Directory structure
 
@@ -22,7 +305,7 @@ High-level API is defined in the [trust-graph-api.aqua](./aqua/trust-graph-api.a
 
 - [`keypair`](./keypair) directory is an abstracted cryptographical layer (key pairs, public keys, signatures, etc.)
 
-- [`service`](./service) is a package that provides `marine` API and could be compiled to a Wasm file. It is uses `SQLite` as storage
+- [`service`](./service) is a package that provides `marine` API and could be compiled to a Wasm file. It uses` SQLite` as storage
 
 - [`example`](./example) is a `js` script that shows how to use Trust Graph to label peers
 
@@ -35,58 +318,3 @@ High-level API is defined in the [trust-graph-api.aqua](./aqua/trust-graph-api.a
 * [Aqua Book](https://fluence.dev/aqua-book/)
 * [Aqua Playground](https://github.com/fluencelabs/aqua-playground)
 * [Aqua repo](https://github.com/fluencelabs/aqua)
-
-## How to use in Aqua
-
-```
-import "@fluencelabs/trust-graph/trust-graph-api.aqua"
-import "@fluencelabs/trust-graph/trust-graph.aqua"
-
-func my_function(peer_id: string) -> u32:
-    on HOST_PEER_ID:
-        result <- get_weight(peer_id)
-    <- result
-```
-
-## How to use is js
-1. Add the following to your dependencies
-    - `@fluencelabs/trust-graph`
-    - `@fluencelabs/aqua`
-    - `@fluencelabs/aqua-lib`
-    - `@fluencelabs/fluence`
-    - `@fluencelabs/fluence-network-environment`
-
-2. Import dependencies
-   ```typescript
-   import * as tg from "./generated/export";
-   import { Fluence, KeyPair } from "@fluencelabs/fluence";
-   import { krasnodar, Node } from "@fluencelabs/fluence-network-environment";
-   ```
-3. Create client (specify keypair if you are node owner
-[link](https://github.com/fluencelabs/node-distro/blob/main/fluence/Config.default.toml#L9))
-
-   ```typescript
-   await Fluence.start({ connectTo: relay /*, KeyPair: builtins_keypair*/});
-   ```
-4. Add root and issue root trust.
-   ```typescript
-   let peer_id = Fluence.getStatus().peerId;
-   let relay = Fluence.getStatus().relayPeerId;
-   assert(peer_id !== null);
-   assert(relay !== null);
-   let max_chain_len = 2;
-   let far_future = tg.timestamp_sec() + 9999999999;
-   let error = await tg.add_root_trust(relay, peer_id, max_chain_len, far_future);
-   if (error !== null) {
-    console.log(error);
-   }
-   ```
-5. For now, trusts/revocations can only be signed with the client's private key.
-   Keypair specification will be available soon.
-   ```typescript
-   // issue signed trust
-   let error = await tg.issue_trust(relay, peer_id, issued_for_peer_id, expires_at_sec);
-   if (error !== null) {
-    console.log(error);
-   }
-   ```

example/README.md

@@ -1,10 +1,49 @@
 ## Description
-This example shows how to use Trust Graph to label peers. There are some `trusted_computation` which can only be executed 
+This example shows how to use Trust Graph for code execution only on trusted peers. There are some `trusted_computation` which can only be performed on a trusted peer. The label is determined by the presence of the certificate from `INIT_PEER_ID` to this peer. We use peer id from [`example_secret_key.ed25519`](../example_secret_key.ed25519) as `INIT_PEER_ID` since every node bundled with the certificate issued to this key, it should be used only for test purposes.
-on labeled peer. The label is determined by the presence of certificate from `%init_peer_id` to this peer.
+
+## Run example on network
+
+1. Run `npm i`
+2. Run `npm run start`
+
+
+## Run example on network
+1. Run `npm i`
+2. Run `npm run start`
 
 ## Run example locally
+
 1. Go to `local-network`
 2. Run `docker compose up -d` to start Fluence node
-3. Go back to `../example`
+3. It takes some time depending on your machine for node to start and builtin services deployed. Wait for this log line: `[2022-07-06T11:33:50.782054Z INFO  particle_node] Fluence has been successfully started.`
-4. Run `npm i`
+4. Go back to `../example`
-5. Run `npm run start`
+5. Run `npm i`
+6. Run `npm run start local`
+
+## Expected output
+
+After successful execution you will get this result:
+```
+In this example we try to execute some trusted computations based on trusts
+📘 Will connect to testNet
+📗 created a fluence peer 12D3KooWD2vAZva1u3TQgoxebBUBsaGMNawKjVkp57M6UcwNwXNv with relay 12D3KooWEXNUbCXooUwHrHBbrmjsrpHXoEphPwbjQXEGyzbqKnE9
+
+📕 Trusted computation on node 12D3KooWEXNUbCXooUwHrHBbrmjsrpHXoEphPwbjQXEGyzbqKnE9 failed, error: there is no certs for this peer
+📕 Trusted computation on node 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz failed, error: there is no certs for this peer
+📕 Trusted computation on node 12D3KooWHk9BjDQBUqnavciRPhAYFvqKBe4ZiPPvde7vDaqgn5er failed, error: there is no certs for this peer
+
+🌀 Issue trust to nodeB 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz and nodeC: 12D3KooWHk9BjDQBUqnavciRPhAYFvqKBe4ZiPPvde7vDaqgn5er
+Trust issued for 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz successfully added
+Trust issued for 12D3KooWHk9BjDQBUqnavciRPhAYFvqKBe4ZiPPvde7vDaqgn5er successfully added
+
+📕 Trusted computation on node 12D3KooWEXNUbCXooUwHrHBbrmjsrpHXoEphPwbjQXEGyzbqKnE9 failed, error: there is no certs for this peer
+📗 Trusted computation on node 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz successful, result is 5
+📗 Trusted computation on node 12D3KooWHk9BjDQBUqnavciRPhAYFvqKBe4ZiPPvde7vDaqgn5er successful, result is 5
+
+🚫 Revoke trust to nodeB
+Trust issued for 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz revoked
+
+📕 Trusted computation on node 12D3KooWEXNUbCXooUwHrHBbrmjsrpHXoEphPwbjQXEGyzbqKnE9 failed, error: there is no certs for this peer
+📕 Trusted computation on node 12D3KooWMhVpgfQxBLkQkJed8VFNvgN4iE6MD7xCybb1ZYWW2Gtz failed, error: there is no certs for this peer
+📗 Trusted computation on node 12D3KooWHk9BjDQBUqnavciRPhAYFvqKBe4ZiPPvde7vDaqgn5er successful, result is 5
+```

example/index.ts

@@ -39,22 +39,14 @@ let local: Node[] = [
     },
 ];
 
-async function revoke_all(relay: string, revoked_by: string) {
+async function revoke_all(relay: string, revoked_by: string, nodes: Node[]) {
-    for (var node of local) {
+    for (var node of nodes) {
         let error = await tg.revoke(relay, revoked_by, node.peerId);
         if (error !== null) {
             console.log(error)
         }
     }
 }
-async function add_root(relay: string, peer_id: string) {
-    let current_time = await tg.timestamp_sec();
-    let far_future = current_time + 9999999;
-    let error = await tg.add_root_trust(relay, peer_id, 2, far_future);
-    if (error !== null) {
-        console.log(error)
-    }
-}
 
 async function add_new_trust_checked(relay: string, issuer: string, issued_for_peer_id: string, expires_at_sec: number) {
     let error = await tg.add_trust(relay, issuer, issued_for_peer_id, expires_at_sec);
@@ -84,14 +76,13 @@ async function exec_trusted_computation(node: string) {
     }
 }
 
-async function main() {
+async function main(nodes: Node[]) {
-    console.log("In this example we try to execute some trusted computations based on trusts");
+    // example_secret_key.ed25519
-    console.log("📘 Will connect to local nodes");
+    let sk = bs58.decode("E5ay3731i4HN8XjJozouV92RDMGAn3qSnb9dKSnujiWv");
-    // key from local-network/builtins_secret_key.ed25519 to connect as builtins owner
+
-    let sk = bs58.decode("5FwE32bDcphFzuMca7Y2qW1gdR64fTBYoRNvD4MLE1hecDGhCMQGKn8aseMr5wRo4Xo2CRFdrEAawUNLYkgQD78K").slice(0, 32); // first 32 bytes - secret key, second - public key
     let builtins_keypair = await KeyPair.fromEd25519SK(sk);
 
-    let relay = local[0];
+    let relay = nodes[0];
     await Fluence.start({ connectTo: relay, KeyPair: builtins_keypair });
     console.log(
         "📗 created a fluence peer %s with relay %s",
@@ -105,41 +96,55 @@ async function main() {
     let far_future = current_time + 9999999;
 
     // clear all trusts from our peer id on relay
-    await revoke_all(relay.peerId, local_peer_id);
+    await revoke_all(relay.peerId, local_peer_id, nodes.slice(0, 3));
+
     // wait to be sure that last revocation will be older than future trusts at least on 1 second (because timestamp in secs)
     await new Promise(f => setTimeout(f, 1000));
 
-    // set our peer id as root to our relay
+    let nodeA = nodes[0].peerId
-    await add_root(relay.peerId, local_peer_id);
+    let nodeB = nodes[1].peerId
-
+    let nodeC = nodes[2].peerId
-    let nodeA = local[0].peerId
-    let nodeB = local[1].peerId
-    let nodeC = local[2].peerId
 
+    console.log();
     // try to exec computation on every node, will fail
     await exec_trusted_computation(nodeA); // fail
     await exec_trusted_computation(nodeB); // fail
     await exec_trusted_computation(nodeC); // fail
 
-    console.log("🌀 Issue trust to nodeB: %s", nodeB);
+    console.log();
+    console.log("🌀 Issue trust to nodeB %s and nodeC: %s", nodeB, nodeC);
     await add_new_trust_checked(relay.peerId, local_peer_id, nodeB, far_future);
+    await add_new_trust_checked(relay.peerId, local_peer_id, nodeC, far_future);
 
+    console.log();
     await exec_trusted_computation(nodeA); // fail
     await exec_trusted_computation(nodeB); // success
-    await exec_trusted_computation(nodeC); // fail
+    await exec_trusted_computation(nodeC); // success
+    console.log();
 
     await new Promise(f => setTimeout(f, 1000));
     console.log("🚫 Revoke trust to nodeB");
     await revoke_checked(relay.peerId, local_peer_id, nodeB);
 
+    console.log();
     await exec_trusted_computation(nodeA); // fail
     await exec_trusted_computation(nodeB); // fail
-    await exec_trusted_computation(nodeC); // fail
+    await exec_trusted_computation(nodeC); // success
     return;
 }
 
+console.log("In this example we try to execute some trusted computations based on trusts");
+let args = process.argv.slice(2);
+var environment: Node[];
+if (args.length >= 1 && args[0] == "local") {
+  environment = local;
+  console.log("📘 Will connect to local nodes");
+} else {
+  environment = testNet;
+  console.log("📘 Will connect to testNet");
+}
 
-main()
+main(environment)
     .then(() => process.exit(0))
     .catch((error) => {
         console.error(error);

keypair/CHANGELOG.md

@@ -0,0 +1,24 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.8.1] - 2022-10-06
+
+### Added
+- *(keypair)* add KeyPair::from_secret_key (#50)
+
+### Other
+- set version of fluence-keypair to 0.8.0
+- fluence-keypair 0.8.0
+- libp2p-core 0.33.0 (#49)
+- remove circle, update gh, add lints; remove warnings (#43)
+- fluence-keypair 0.6.0
+- libp2p-core 0.31.0 (from crates.io) (#37)
+- Remove serde version lock (#15)
+- Fix revocations logic (#34)
+- Trust Graph: implement WASM built-in (#18)
+- Move fluence-identity to fluence-keypair (#17)

keypair/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "fluence-keypair"
-version = "0.6.0"
+version = "0.8.1"
 authors = ["Fluence Labs"]
 edition = "2018"
 description = "identity"
@@ -18,12 +18,12 @@ ed25519 = "1.0.3"
 serde_with = "1.6.0"
 thiserror = "1.0.23"
 lazy_static = "1.2"
-libsecp256k1 = "0.3.1"
+libsecp256k1 = "0.7.1"
 asn1_der = "0.6.1"
 sha2 = "0.9.1"
 zeroize = "1"
 serde_bytes = "0.11"
-libp2p-core = { version = "0.31", default-features = false, features = [ "secp256k1" ] }
+libp2p-core = { workspace = true }
 eyre = "0.6.5"
 
 [target.'cfg(not(target_arch = "wasm32"))'.dependencies]

keypair/rust-toolchain.toml

@@ -1,3 +1,3 @@
 [toolchain]
-channel = "nightly-2022-01-16"
+channel = "nightly-2022-08-30"
-targets = [ "x86_64-apple-darwin", "x86_64-unknown-linux-gnu" ]
+targets = [ "x86_64-apple-darwin", "x86_64-unknown-linux-gnu" ]

keypair/src/error.rs

@@ -68,7 +68,7 @@ pub enum SigningError {
     Secp256k1(
         #[from]
         #[source]
-        secp256k1::Error,
+        libsecp256k1::Error,
     ),
 }
 
@@ -83,5 +83,5 @@ pub enum VerificationError {
     Rsa(#[source] ring::error::Unspecified, String, String),
 
     #[error("Failed to verify signature {1} with {2} secp256k1 public key: {0}")]
-    Secp256k1(#[source] secp256k1::Error, String, String),
+    Secp256k1(#[source] libsecp256k1::Error, String, String),
 }

keypair/src/key_pair.rs

@@ -219,6 +219,17 @@ impl KeyPair {
         }
     }
 
+    pub fn from_secret_key(bytes: Vec<u8>, format: KeyFormat) -> Result<Self, DecodingError> {
+        use KeyPair::*;
+
+        match format {
+            KeyFormat::Ed25519 => Ok(Ed25519(ed25519::SecretKey::from_bytes(bytes)?.into())),
+            KeyFormat::Secp256k1 => Ok(Secp256k1(secp256k1::SecretKey::from_bytes(bytes)?.into())),
+            #[cfg(not(target_arch = "wasm32"))]
+            KeyFormat::Rsa => Err(DecodingError::KeypairDecodingIsNotSupported),
+        }
+    }
+
     pub fn get_peer_id(&self) -> PeerId {
         self.public().to_peer_id()
     }

keypair/src/secp256k1.rs

@@ -23,8 +23,8 @@ use crate::error::{DecodingError, SigningError, VerificationError};
 
 use asn1_der::{DerObject, FromDerObject};
 use core::fmt;
+use libsecp256k1::Message;
 use rand::RngCore;
-use secp256k1::Message;
 use serde::de::Error as SerdeError;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use serde_bytes::{ByteBuf as SerdeByteBuf, Bytes as SerdeBytes};
@@ -66,7 +66,7 @@ impl fmt::Debug for Keypair {
 /// Promote a Secp256k1 secret key into a keypair.
 impl From<SecretKey> for Keypair {
     fn from(secret: SecretKey) -> Self {
-        let public = PublicKey(secp256k1::PublicKey::from_secret_key(&secret.0));
+        let public = PublicKey(libsecp256k1::PublicKey::from_secret_key(&secret.0));
         Keypair { secret, public }
     }
 }
@@ -80,7 +80,7 @@ impl From<Keypair> for SecretKey {
 
 /// A Secp256k1 secret key.
 #[derive(Clone)]
-pub struct SecretKey(secp256k1::SecretKey);
+pub struct SecretKey(libsecp256k1::SecretKey);
 
 impl fmt::Debug for SecretKey {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
@@ -92,12 +92,12 @@ impl SecretKey {
     /// Generate a new Secp256k1 secret key.
     pub fn generate() -> Self {
         let mut r = rand::thread_rng();
-        let mut b = [0; secp256k1::util::SECRET_KEY_SIZE];
+        let mut b = [0; libsecp256k1::util::SECRET_KEY_SIZE];
         // This is how it is done in `secp256k1::SecretKey::random` which
         // we do not use here because it uses `rand::Rng` from rand-0.4.
         loop {
             r.fill_bytes(&mut b);
-            if let Ok(k) = secp256k1::SecretKey::parse(&b) {
+            if let Ok(k) = libsecp256k1::SecretKey::parse(&b) {
                 return SecretKey(k);
             }
         }
@@ -108,8 +108,8 @@ impl SecretKey {
     /// error is returned.
     pub fn from_bytes(mut sk: impl AsMut<[u8]>) -> Result<Self, DecodingError> {
         let sk_bytes = sk.as_mut();
-        let secret =
+        let secret = libsecp256k1::SecretKey::parse_slice(&*sk_bytes)
-            secp256k1::SecretKey::parse_slice(&*sk_bytes).map_err(|_| DecodingError::Secp256k1)?;
+            .map_err(|_| DecodingError::Secp256k1)?;
         sk_bytes.zeroize();
         Ok(SecretKey(secret))
     }
@@ -149,7 +149,7 @@ impl SecretKey {
     /// ECDSA signature.
     pub fn sign_hashed(&self, msg: &[u8]) -> Result<Vec<u8>, SigningError> {
         let m = Message::parse_slice(msg).map_err(SigningError::Secp256k1)?;
-        Ok(secp256k1::sign(&m, &self.0)
+        Ok(libsecp256k1::sign(&m, &self.0)
             .0
             .serialize_der()
             .as_ref()
@@ -159,7 +159,7 @@ impl SecretKey {
 
 /// A Secp256k1 public key.
 #[derive(PartialEq, Eq, Clone, Debug)]
-pub struct PublicKey(secp256k1::PublicKey);
+pub struct PublicKey(libsecp256k1::PublicKey);
 
 impl PublicKey {
     /// Verify the Secp256k1 signature on a message using the public key.
@@ -171,7 +171,8 @@ impl PublicKey {
     pub fn verify_hashed(&self, msg: &[u8], sig: &[u8]) -> Result<(), VerificationError> {
         Message::parse_slice(msg)
             .and_then(|m| {
-                secp256k1::Signature::parse_der(sig).map(|s| secp256k1::verify(&m, &s, &self.0))
+                libsecp256k1::Signature::parse_der(sig)
+                    .map(|s| libsecp256k1::verify(&m, &s, &self.0))
             })
             .map_err(|e| {
                 VerificationError::Secp256k1(
@@ -197,7 +198,7 @@ impl PublicKey {
     /// Decode a public key from a byte slice in the the format produced
     /// by `encode`.
     pub fn decode(bytes: &[u8]) -> Result<Self, DecodingError> {
-        secp256k1::PublicKey::parse_slice(bytes, Some(secp256k1::PublicKeyFormat::Compressed))
+        libsecp256k1::PublicKey::parse_slice(bytes, Some(libsecp256k1::PublicKeyFormat::Compressed))
             .map_err(|_| DecodingError::Secp256k1)
             .map(PublicKey)
     }

rust-toolchain.toml

@@ -1,3 +1,3 @@
 [toolchain]
-channel = "nightly-2022-01-16"
+channel = "nightly-2022-08-30"
 targets = [ "x86_64-apple-darwin", "x86_64-unknown-linux-gnu" ]

service/CHANGELOG.md

@@ -0,0 +1,30 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.3.1] - 2022-10-06
+
+### Added
+- *(keypair)* add KeyPair::from_secret_key (#50)
+
+### Fixed
+- fix bug get_all_certs_from, update example (#44)
+- fix db paths (#28)
+
+### Other
+- set version of fluence-keypair to 0.8.0
+- fluence-keypair 0.8.0
+- libp2p-core 0.33.0 (#49)
+- remove circle, update gh, add lints; remove warnings (#43)
+- Add memory leak temporary mitigation (#42)
+- High-level Aqua API (#35)
+- fluence-keypair 0.6.0
+- libp2p-core 0.31.0 (from crates.io) (#37)
+- Fix revocations logic (#34)
+- Remove mutex from TG instance (#31)
+- refactoring (#30)
+- Trust Graph: implement WASM built-in (#18)

service/Cargo.toml

@@ -12,11 +12,11 @@ path = "src/main.rs"
 
 [dependencies]
 trust-graph = { version = "0.3.0", path = "../." }
-fluence-keypair = { version = "0.6.0", path = "../keypair" }
+fluence-keypair = { version = "0.8.1", path = "../keypair" }
 marine-rs-sdk = { version = "0.6.14", features = ["logger"] }
 marine-sqlite-connector = "0.5.2"
 
-libp2p-core = { version = "0.31", default-features = false, features = [ "secp256k1" ] }
+libp2p-core = { workspace = true }
 
 log = "0.4.8"
 anyhow = "1.0.31"

service/rust-toolchain.toml

@@ -1,3 +1,3 @@
 [toolchain]
-channel = "nightly-2022-01-16"
+channel = "nightly-2022-08-30"
 targets = [ "x86_64-apple-darwin", "x86_64-unknown-linux-gnu" ]