Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Register code #2

Merged
merged 10 commits into from
Mar 12, 2024
Merged

Register code #2

merged 10 commits into from
Mar 12, 2024

Conversation

AnthonyRonning
Copy link
Contributor

DRAFT

@AnthonyRonning
Copy link
Contributor Author

This is ready @benthecarman

Can you check this and add the blinding stuff tomorrow?

@benthecarman
Copy link
Contributor

Added the blind sig stuff, will just need to make sure we haven't seen the signature before

@AnthonyRonning
Copy link
Contributor Author

I'm a bit confused how the blinded checking is supposed to work. I do a blind registration with the service:

{
    "service_id": 1,
    "plan_id": 1,
    "blinded_message": "8875ab424681778260d3cc606c8c283a5708a746ef03d37f4bf2ef8acacc6a506c1abbfa7b59f85b21323e13502f6b06"
}

and get back the sig:

{
    "service_id": 1,
    "plan_id": 1,
    "blind_sig": "a512370123f7464b0b33a59ab6e6b625dcea546c58e526c96906c2247adb73231f6a2b9dbeceea07cce759cd11e45b50"
}

Then I register a username with the message and sig:

{
    "pubkey": "552a9d06810f306bfc085cb1e1c26102554138a51fa3a7fdf98f5b03a945143a",
    "federation_id": "c8d423964c7ad944d30f57359b6e5b260e211dcfdb945140e28d4df51fd572d2",
    "federation_invite_code": "fed11qgqzc2nhwden5te0vejkg6tdd9h8gepwvejkg6tdd9h8garhduhx6at5d9h8jmn9wshxxmmd9uqqzgxg6s3evnr6m9zdxr6hxkdkukexpcs3mn7mj3g5pc5dfh63l4tj6g9zk4er",
    "msg": "8875ab424681778260d3cc606c8c283a5708a746ef03d37f4bf2ef8acacc6a506c1abbfa7b59f85b21323e13502f6b06",
    "sig": "a512370123f7464b0b33a59ab6e6b625dcea546c58e526c96906c2247adb73231f6a2b9dbeceea07cce759cd11e45b50"
}

and that passes the check. However, it's the same signature that the server had returned before? So the server can correlate that?

Is this just due to me manually sending requests around and not doing the proper client side unblinding stuff?

@benthecarman
Copy link
Contributor

Yeah you need to unblind it client side.

@AnthonyRonning
Copy link
Contributor Author

Yeah you need to unblind it client side.

Is it expected that it still cryptographically validates without unblinding it client side?

@benthecarman
Copy link
Contributor

Yeah I think so

benthecarman
benthecarman requested changes Mar 12, 2024
View reviewed changes
benthecarman
benthecarman reviewed Mar 12, 2024
View reviewed changes
@AnthonyRonning AnthonyRonning merged commit 8277893 into master Mar 12, 2024
2 checks passed
@AnthonyRonning AnthonyRonning deleted the register branch March 12, 2024 16:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benthecarman benthecarman benthecarman approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AnthonyRonning @benthecarman