vault-tree 0.3.4 → 0.6.0

data/.gitignore

@@ -1,3 +1,6 @@
+# Do not Check In Gemfile.lock
+Gemfile.lock
+
 # simple_cove generated
 coverage
 coverage.data

data/.rspec

@@ -0,0 +1 @@
+--color

data/CHANGE_LOG.md

@@ -1,3 +1,30 @@
+## 0.6.0
+
+* Return JSON from close_vault method
+- now open_vault and close_vault return as string
+* Update tests to support new public interface
+
+## 0.3.17
+
+* Remove support for EXTERNAL_DATA Keyword
+* Use EXTERNAL_INPUT Insead
+
+## 0.3.16
+
+* Remove support for GENERATED_SHAMIR_KEY Keyword
+
+## 0.3.7
+
+* Add Better Exception Messaging
+* Verbose Messaging when Vault Tree Exceptions are thrown
+* Log the Message to STDOUT
+* Pattern for implementing future custom exceptions
+
+## 0.3.5
+
+* Remove support for MASTER_PASSPHRASE Keyword.
+* MASTER_PASSPHRASE has been removed from example contracts.
+
 ## 0.3.4
 
 * Bug Fix in Exception Handling

data/README.md

@@ -1,32 +1,18 @@
+[![Code Climate](https://codeclimate.com/github/VaultTree/vault-tree.png)](https://codeclimate.com/github/VaultTree/vault-tree)
+
 ## Vault Tree
 
 _The Self Enforcing Contract_
 
-Vault Tree is a collection of tools for building and executing distributed cryptographic contracts.
+Vault Tree helps you build crypto-based business logic into your application.
 
 Before you begin make sure you checkout the [Vault Tree Homepage] for an overview of the project.
 
-[Vault Tree Homepage]: http://vault-tree.org
-
-### Welcome!
-
-The Vault Tree Project consists of:
-
-* A JSON based DSL for building Distributed Crytographic Contracts
-* A a Ruby library to execute these contracts
-* A focal point of collaboration for developers writing and testing interesting crytographic contracts
-
+[Vault Tree Homepage]: http://vaulttree.github.io
 
 ### Install
 
-Before you start:
-
-* To use the library in your application or want to contribute code, you're in the right place.
-* Before you pull the trigger on the install remember we have a Vagrant Box.
-
-Okay, lets begin.
-
-As a prerequisite get [libsodium] (>= 0.4.3) on you machine. This is the underlying cryptographic library that Vault Tree depends on.
+As a prerequisite, get [libsodium] version (>= 0.4.3) on you machine. This is the underlying cryptographic library that Vault Tree depends on.
 
 [libsodium]: https://github.com/jedisct1/libsodium
 
@@ -39,13 +25,7 @@ As a prerequisite get [libsodium] (>= 0.4.3) on you machine. This is the underly
 [brew]: http://brew.sh/
 
 * If you're on a Debian based system, there is no _apt-get_ package that I know of, but there
-  are some helpful install scripts on the web. I've checked one of these in at:
-
-  ```
-  vault-tree/support/scripts/libsodium_ubuntu.sh
-  ```
-
-* If you're on Windows, the Vagrant install gives you a Linux virtual machine that helps you to pretend that you're not on Windows.
+  are some helpful install scripts on the web.
 
 Now that you have libsodium, if you're a Ruby developer you know the drill from here:
 
@@ -61,55 +41,17 @@ require 'vault-tree'
 
 somewhere before you use it.
 
+### Usage
 
-### Vagrant
-
-I think it should be easy for you to get a Vault Tree development environment up and running. If you don't know about Vagrant, you should, it's awesome!
- 
-* Follow the [Vagrant] download and install steps
-* Clone the Vault Tree Repo and go into it:
-
-[Vagrant]: http://www.vagrantup.com/
-
-```
-  git clone git@github.com:VaultTree/vault-tree.git
-  cd ~/path/to/vault-tree/
-```
-
-Now you just need to Vagrant Up!
-
-```
-  vagrant up
-```
-
-This will download and boot a pre-packaged Linux virtual machine with Vault-Tree and all dependencies already installed.
-
-Once your VM is downloaded and built. You can go inside with:
-
-```
-  vagrant ssh
-```
-
-As a developer working on Vault Tree you can now go to the VM's directory:
-
-```
-/vagrant
-```
-
-and run `bundle` then `rake`. This will grab your dependincies, run all the tests, and leave you in a good spot to start exploring the code.
-
-If you're not already familiar, take a few minutes to learn about how Vagrant will [sync your files] to and from the guest machine.
-
-[sync your files]: http://docs.vagrantup.com/v2/getting-started/synced_folders.html
+The [Documentation] is filled with examples of how to execute Vault Tree contracts.
 
-### Is it production ready?
+Also, a great way to get going is to simply run the tests:
 
-Are you serious? This project has like ... 1 fork and 1 star (Thanks Eric!).
-We have a long way to go.
+* clone the repo
+* bundle your dependencies
+* run `rake`
 
-Here are some of the big issues that I'm thinking about as we move to version 1.0:
+You should see a full suite of green tests that will give you plenty of living
+examples of how to use Vault Tree in your own application.
 
-* This is a crypto application so vulnerabilities need to be identified and corrected. We need more eyes in this area.
-* We we need to figure out if the supported keywords are sufficient to implement basic secure computation schemes.
-  - For example, Digital Signatures are not implemented but could be.
-  - Should they be implemented? What is the use case? Ect. We need to have these conversations.
+[Documentation]: https://www.relishapp.com/vault-tree/vault-tree/docs

data/features/contracts/asymmetric_vault.feature

@@ -13,8 +13,75 @@ Feature: Asymmetric Vaults
       key and the reciprocal public key
 
 Scenario: Bob Locks and Alice Unlocks with a Shared Key
-  Given Alice has the blank asymmetric vault contract
-  When she locks all of her public and private keys
+  Given the blank contract:
+    """javascript
+      {
+        "header": {
+          "title":"Asymmetric Vault",
+          "description":"Demonstrated use of a Vault Tree Asymmetric Vault"
+        },
+        "vaults": {
+          "bob_contract_secret":{
+            "description":"Contract specific password to lock private information",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "EXTERNAL_INPUT['bcs_key']",
+            "unlock_with": "EXTERNAL_INPUT['bcs_key']",
+            "contents": ""
+          },
+
+          "alice_contract_secret":{
+            "description":"Contract specific password to lock private information",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "EXTERNAL_INPUT['acs_key']",
+            "unlock_with": "EXTERNAL_INPUT['acs_key']",
+            "contents": ""
+          },
+
+          "alice_public_encryption_key":{
+            "description":"Public key for asymmetric encryption",
+            "fill_with": "PUBLIC_ENCRYPTION_KEY['alice_decryption_key']",
+            "lock_with": "UNLOCKED",
+            "unlock_with": "UNLOCKED",
+            "contents": ""
+          },
+
+          "bob_public_encryption_key":{
+            "description":"Public key for asymmetric encryption",
+            "fill_with": "PUBLIC_ENCRYPTION_KEY['bob_decryption_key']",
+            "lock_with": "UNLOCKED",
+            "unlock_with": "UNLOCKED",
+            "contents": ""
+          },
+
+          "alice_decryption_key":{
+            "description":"Private key for asymmetric decryption",
+            "fill_with": "DECRYPTION_KEY",
+            "lock_with": "KEY['alice_contract_secret']",
+            "unlock_with": "KEY['alice_contract_secret']",
+            "contents": ""
+          },
+
+          "bob_decryption_key":{
+            "description":"Private key for asymmetric decryption",
+            "fill_with": "DECRYPTION_KEY",
+            "lock_with": "KEY['bob_contract_secret']",
+            "unlock_with": "KEY['bob_contract_secret']",
+            "contents": ""
+          },
+
+          "message":{
+            "description":"This is an asymmetric vault. It contains a secret message.",
+            "fill_with": "EXTERNAL_INPUT['msg']",
+            "lock_with": "DH_KEY['alice_public_encryption_key','bob_decryption_key']",
+            "unlock_with": "DH_KEY['bob_public_encryption_key','alice_decryption_key']",
+            "contents": ""
+          }
+
+
+        }
+      }
+    """
+  When Alice locks all of her public and private keys
   And she sends the contract to Bob over the internet
   Then Bob can access of her public keys but not her private keys
   When Bob locks his public and private keys

data/features/contracts/block_chain_key_transfer.feature

@@ -25,6 +25,65 @@ Feature: Block Chain Key Transfer
 
 Scenario: SENDER Transfers a BTC Signing Key to the RECEIVER
 
+  Given the blank contract:
+    """javascript
+      {
+        "header": {
+          "title":"Block Chain Key Transfer",
+          "description":"A simple key transfer sheme utilizing a revealed BTC Wallet Address. This can be used as step within the execution of a larger contract."
+        },
+        "vaults": {
+
+        "sender_btc_signing_key":{
+          "description":"This is the secret Bitcoin Signing Key that SENDER wishes to transfer to RECEIVER. The RECEIVER can unlock only after he has the revealed address.",
+          "fill_with": "EXTERNAL_INPUT['ssk']",
+          "lock_with": "KEY['sender_concealed_destination_wallet_address']",
+          "unlock_with": "KEY['receiver_revealed_destination_wallet_address']",
+          "contents": ""
+        },
+
+        "sender_origin_wallet_address":{
+          "description":"SENDER origin wallet address. Chosen by SENDER and known in advance to RECEIVER.",
+          "fill_with": "EXTERNAL_INPUT['sowa']",
+          "lock_with": "UNLOCKED",
+          "unlock_with": "UNLOCKED",
+          "contents": ""
+        },
+
+        "sender_concealed_destination_wallet_address":{
+          "description":"SENDER concealed copy of the destination wallet address. This wallet address is kept secret until SENDER chosed to transfer BTC to it",
+          "fill_with": "EXTERNAL_INPUT['scdwa']",
+          "lock_with": "KEY['sender_secret']",
+          "unlock_with": "KEY['sender_secret']",
+          "contents": ""
+        },
+
+        "receiver_revealed_destination_wallet_address":{
+          "description":"RECEIVER monitors the Block Chain and fills this vault with the newly revealied destination address.",
+          "fill_with": "EXTERNAL_INPUT['rrdwa']",
+          "lock_with": "KEY['receiver_secret']",
+          "unlock_with": "KEY['receiver_secret']",
+          "contents": ""
+        },
+
+        "receiver_secret":{
+          "fill_with": "RANDOM_NUMBER",
+          "lock_with": "EXTERNAL_INPUT['rs_key']",
+          "unlock_with": "EXTERNAL_INPUT['rs_key']",
+          "contents": ""
+        },
+
+        "sender_secret":{
+          "description":"Contract specific password for SENDER. Used to Lock the SENDER private information.",
+          "fill_with": "RANDOM_NUMBER",
+          "lock_with": "EXTERNAL_INPUT['ss_key']",
+          "unlock_with": "EXTERNAL_INPUT['ss_key']",
+          "contents": ""
+        }
+
+      }
+    }
+    """
   Given the SENDER has the blank contract template
   And the SENDER chooses an origin address and a concealed destination address
   And he locks away the secret BTC signing key

data/features/contracts/one_two_three.feature

@@ -13,7 +13,115 @@ Feature: One-Two-Three Contract
       appropriate keys
 
 Scenario: Alice and Bob Execute the One Two Three Contract
-  Given Alice has the blank contract
+  Given the blank contract:
+    """javascript
+      {
+        "header": {
+          "title":"One Two Three",
+          "description":"A simple contract to test the full Vault Tree stack. Open each vault to proceed to the next one. Unlock the congratulations message"
+        },
+        "vaults": {
+
+          "bob_contract_secret":{
+            "description":"contract specific password to lock private information",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "EXTERNAL_INPUT['bcs_key']",
+            "unlock_with": "EXTERNAL_INPUT['bcs_key']",
+            "contents": ""
+          },
+
+          "alice_contract_secret":{
+            "description":"contract specific password to lock private information",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "EXTERNAL_INPUT['acs_key']",
+            "unlock_with": "EXTERNAL_INPUT['acs_key']",
+            "contents": ""
+          },
+
+          "alice_public_encryption_key":{
+            "description":"public key for asymmetric encryption",
+            "fill_with": "PUBLIC_ENCRYPTION_KEY['alice_decryption_key']",
+            "lock_with": "UNLOCKED",
+            "unlock_with": "UNLOCKED",
+            "contents": ""
+          },
+
+          "bob_public_encryption_key":{
+            "description":"public key for asymmetric encryption",
+            "fill_with": "PUBLIC_ENCRYPTION_KEY['bob_decryption_key']",
+            "lock_with": "UNLOCKED",
+            "unlock_with": "UNLOCKED",
+            "contents": ""
+          },
+
+          "alice_decryption_key":{
+            "description":"private key for asymmetric decryption",
+            "fill_with": "DECRYPTION_KEY",
+            "lock_with": "KEY['alice_contract_secret']",
+            "unlock_with": "KEY['alice_contract_secret']",
+            "contents": ""
+          },
+
+          "bob_decryption_key":{
+            "description":"private key for asymmetric decryption",
+            "fill_with": "DECRYPTION_KEY",
+            "lock_with": "KEY['bob_contract_secret']",
+            "unlock_with": "KEY['bob_contract_secret']",
+            "contents": ""
+          },
+
+          "congratulations_message":{
+            "description":"A simple message for Bob to put in the final vault",
+            "fill_with": "EXTERNAL_INPUT['msg']",
+            "lock_with": "KEY['bob_contract_secret']",
+            "unlock_with": "KEY['bob_contract_secret']",
+            "contents": ""
+          },
+
+          "vault_two_key":{
+            "description":"Key to lock vault two. Once Bob locks the second vault he will put this key inside vault one.",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "KEY['bob_contract_secret']",
+            "unlock_with": "KEY['bob_contract_secret']",
+            "contents": ""
+          },
+
+          "vault_three_key":{
+            "description":"Key to lock vault three. Once Bob locks the third vault he will put this key inside vault two.",
+            "fill_with": "RANDOM_NUMBER",
+            "lock_with": "KEY['bob_contract_secret']",
+            "unlock_with": "KEY['bob_contract_secret']",
+            "contents": ""
+          },
+
+          "first":{
+            "description":"This is an asymmetric vault with mutual authentication. It contains the key to vault two and is locked by Bob, with Alices public key. Only Alice can unlock it.",
+            "fill_with": "CONTENTS['vault_two_key']",
+            "lock_with": "DH_KEY['alice_public_encryption_key','bob_decryption_key']",
+            "unlock_with": "DH_KEY['bob_public_encryption_key','alice_decryption_key']",
+            "contents": ""
+          },
+
+          "second":{
+            "description":"Alice unlocks this vault with the key held in the first vault.",
+            "fill_with": "CONTENTS['vault_three_key']",
+            "lock_with": "KEY['vault_two_key']",
+            "unlock_with": "KEY['first']",
+            "contents": ""
+          },
+
+          "third":{
+            "description":"Contains a simple message. Unlock the key found in the second vault.",
+            "fill_with": "CONTENTS['congratulations_message']",
+            "lock_with": "KEY['vault_three_key']",
+            "unlock_with": "KEY['second']",
+            "contents": ""
+          }
+
+        }
+      }
+    """
+  And Alice has the blank contract
   When she locks all of her attributes
   And she sends the contract to Bob
   Then Bob can access all of her public attributes

data/features/contracts/readme.md

@@ -7,7 +7,7 @@ need to know:
   - The **Vaults** section, which can be any collection of _vaults_ that form the
     contract.
 * The way in which you, the contract author, organize the vaults will determine the **Self-Enforcing Terms** of your contract.
-* Each vault will typically contain either an **external data** string that is provided by one of the contract
+* Each vault will typically contain either an **external input** string that is provided by one of the contract
   participants, or a key to anther vault.
 
 ### Writing and Simulating Contracts
@@ -47,7 +47,6 @@ Well, what if we associate each one of these steps in the scenario with some sim
 
 ```Ruby
 # This file: "features/core/one_two_three/one_two_three.steps.rb"
-# Associated Contract: "core/one_two_three.0.7.0.json"
 
 Given(/^Alice has the blank contract$/) do
   contract_path = VaultTree::ContractsRepo::PathHelpers.core_contracts('one_two_three.0.7.0.json')
@@ -55,15 +54,15 @@ Given(/^Alice has the blank contract$/) do
 end
 
 When(/^she locks all of her attributes$/) do
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ALICE_SECURE_PASS', external_data: {})
+  @contract = VaultTree::Contract.new(@contract_json)
   @contract = @contract.close_vault('alice_decryption_key')
   @contract = @contract.close_vault('alice_public_encryption_key')
 end
 
 When(/^she sends the contract to Bob$/) do
   @contract_json = @contract.as_json
-  @bobs_external_data = {"congratulations_message" => "CONGRATS! YOU OPENED THE THIRD VAULT."}
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'BOB_SECURE_PASS', external_data: @bobs_external_data)
+  @bobs_external_input = {"congratulations_message" => "CONGRATS! YOU OPENED THE THIRD VAULT."}
+  @contract = VaultTree::Contract.new(@contract_json, @bobs_external_input)
 end
 ```
 
@@ -87,7 +86,7 @@ community off to a good start.
 I'll update these in the coming months as we get some more experience writing simple contracts.
 
 * The Vault Tree interpreter is stateless and always takes a contract as an input
-* All external data required for contract execution must be provided to the
+* All external input required for contract execution must be provided to the
 interpreter by the run time that is invoking the API. For example, there are no
 plans for the interpreter to make any network requests or do file IO.