@reclaimprotocol/attestor-core 5.0.1-beta.2 → 5.0.1-beta.22

package/lib/utils/prepare-packets.js

@@ -1,69 +1,71 @@
-import { concatenateUint8Arrays, crypto } from "@reclaimprotocol/tls";
-import {
-  TranscriptMessageSenderType
-} from "../proto/api.js";
-import { makeZkProofGenerator } from "../utils/zk.js";
-async function preparePacketsForReveal(tlsTranscript, reveals, { onZkProgress, ...opts }) {
-  const transcript = [];
-  const proofGenerator = await makeZkProofGenerator(opts);
-  let zkPacketsDone = 0;
-  await Promise.all(tlsTranscript.map(async ({ message, sender }, i) => {
-    const msg = {
-      sender: sender === "client" ? TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_CLIENT : TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_SERVER,
-      message: message.data,
-      reveal: void 0
-    };
-    transcript.push(msg);
-    const reveal = reveals.get(message);
-    if (!reveal || message.type === "plaintext") {
-      return;
-    }
-    switch (reveal?.type) {
-      case "complete":
-        msg.reveal = {
-          directReveal: {
-            key: await crypto.exportKey(message.encKey),
-            iv: message.fixedIv,
-            recordNumber: message.recordNumber
-          }
+import { concatenateUint8Arrays, crypto } from '@reclaimprotocol/tls';
+import { TranscriptMessageSenderType } from "../proto/api.js";
+import { makeZkProofGenerator } from "./zk.js";
+/**
+ * Prepares the packets for reveal to the server
+ * according to the specified reveal type
+ */
+export async function preparePacketsForReveal(tlsTranscript, reveals, { onZkProgress, ...opts }) {
+    const transcript = [];
+    const proofGenerator = await makeZkProofGenerator(opts);
+    let zkPacketsDone = 0;
+    await Promise.all(tlsTranscript.map(async ({ message, sender }, i) => {
+        const msg = {
+            sender: sender === 'client'
+                ? TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_CLIENT
+                : TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_SERVER,
+            message: message.data,
+            reveal: undefined
         };
-        break;
-      case "zk": {
-        reveal.redactedPlaintext = concatenateUint8Arrays([
-          reveal.redactedPlaintext,
-          message.plaintext.slice(reveal.redactedPlaintext.length)
-        ]);
-        const oprfRawMarkers = reveal.oprfRawMarkers?.map((m) => ({
-          dataLocation: m.dataLocation
-        })) || [];
-        const overshotOprfRawLength = reveal.overshotOprfRawFromPrevBlock?.length ?? 0;
-        await proofGenerator.addPacketToProve(
-          message,
-          reveal,
-          (proofs, toprfs) => msg.reveal = {
-            zkReveal: { proofs, toprfs, oprfRawMarkers, overshotOprfRawLength }
-          },
-          () => {
-            const next = tlsTranscript.slice(i + 1).find((t) => t.sender === sender);
-            return next?.message;
-          }
-        );
-        break;
-      }
-      default:
-        break;
-    }
-  }));
-  const zkPacketsTotal = proofGenerator.getTotalChunksToProve();
-  onZkProgress?.(zkPacketsDone, zkPacketsTotal);
-  await proofGenerator.generateProofs(
-    () => {
-      zkPacketsDone += 1;
-      onZkProgress?.(zkPacketsDone, zkPacketsTotal);
-    }
-  );
-  return transcript;
+        transcript.push(msg);
+        const reveal = reveals.get(message);
+        if (!reveal || message.type === 'plaintext') {
+            return;
+        }
+        switch (reveal?.type) {
+            case 'complete':
+                msg.reveal = {
+                    directReveal: {
+                        key: await crypto.exportKey(message.encKey),
+                        iv: message.fixedIv,
+                        recordNumber: message.recordNumber,
+                    },
+                };
+                break;
+            case 'zk': {
+                // the redacted section can be smaller than the actual
+                // plaintext encrypted, in case of TLS1.3 as it has a
+                // content type suffix
+                reveal.redactedPlaintext = concatenateUint8Arrays([
+                    reveal.redactedPlaintext,
+                    message.plaintext.slice(reveal.redactedPlaintext.length)
+                ]);
+                // Capture oprfRawMarkers for server-side OPRF computation
+                const oprfRawMarkers = reveal.oprfRawMarkers?.map(m => ({
+                    dataLocation: m.dataLocation
+                })) || [];
+                // Capture overshoot from previous block's oprf-raw marker
+                const overshotOprfRawLength = reveal.overshotOprfRawFromPrevBlock?.length ?? 0;
+                await proofGenerator.addPacketToProve(message, reveal, (proofs, toprfs) => (msg.reveal = {
+                    zkReveal: { proofs, toprfs, oprfRawMarkers, overshotOprfRawLength }
+                }), () => {
+                    const next = tlsTranscript
+                        .slice(i + 1)
+                        .find(t => t.sender === sender);
+                    return next?.message;
+                });
+                break;
+            }
+            default:
+                // no reveal
+                break;
+        }
+    }));
+    const zkPacketsTotal = proofGenerator.getTotalChunksToProve();
+    onZkProgress?.(zkPacketsDone, zkPacketsTotal);
+    await proofGenerator.generateProofs(() => {
+        zkPacketsDone += 1;
+        onZkProgress?.(zkPacketsDone, zkPacketsTotal);
+    });
+    return transcript;
 }
-export {
-  preparePacketsForReveal
-};

package/lib/utils/redactions.js

@@ -1,135 +1,177 @@
-import { base64Encode } from "@bufbuild/protobuf/wire";
-import { concatenateUint8Arrays } from "@reclaimprotocol/tls";
-const REDACTION_CHAR = "*";
-const REDACTION_CHAR_CODE = REDACTION_CHAR.charCodeAt(0);
-function isRedactionCongruent(redacted, original) {
-  for (let i = 0; i < redacted.length; i++) {
-    const element = redacted[i];
-    const areSame = element === original[i] || typeof element === "string" && element === REDACTION_CHAR || typeof element === "number" && element === REDACTION_CHAR_CODE;
-    if (!areSame) {
-      return false;
+import { base64Encode } from '@bufbuild/protobuf/wire';
+import { concatenateUint8Arrays } from '@reclaimprotocol/tls';
+export const REDACTION_CHAR = '*';
+export const REDACTION_CHAR_CODE = REDACTION_CHAR.charCodeAt(0);
+/**
+ * Check if a redacted string is congruent with the original string.
+ * @param redacted the redacted content, redacted content is replaced by '*'
+ * @param original the original content
+ */
+export function isRedactionCongruent(redacted, original) {
+    for (let i = 0; i < redacted.length; i++) {
+        const element = redacted[i];
+        const areSame = element === original[i]
+            || (typeof element === 'string' && element === REDACTION_CHAR)
+            || (typeof element === 'number' && element === REDACTION_CHAR_CODE);
+        if (!areSame) {
+            return false;
+        }
     }
-  }
-  return true;
+    return true;
 }
-function isFullyRedacted(redacted) {
-  for (const element of redacted) {
-    if (element !== REDACTION_CHAR && element !== REDACTION_CHAR_CODE) {
-      return false;
+/**
+ * Is the string fully redacted?
+ */
+export function isFullyRedacted(redacted) {
+    for (const element of redacted) {
+        if (element !== REDACTION_CHAR
+            && element !== REDACTION_CHAR_CODE) {
+            return false;
+        }
     }
-  }
-  return true;
+    return true;
 }
-async function getBlocksToReveal(blocks, redact, performOprf) {
-  const slicesWithReveal = blocks.map((block) => ({
-    block,
-    // copy the plaintext to avoid mutating the original
-    redactedPlaintext: new Uint8Array(block.plaintext)
-  }));
-  const total = concatenateUint8Arrays(blocks.map((b) => b.plaintext));
-  const redactions = redact(total);
-  if (!redactions.length) {
-    return "all";
-  }
-  let blockIdx = 0;
-  let cursorInBlock = 0;
-  let cursor = 0;
-  for (const redaction of redactions) {
-    await redactBlocks(redaction);
-  }
-  return slicesWithReveal.filter((s) => !isFullyRedacted(s.redactedPlaintext));
-  async function redactBlocks(slice) {
-    while (cursor < slice.fromIndex) {
-      advance();
+/**
+ * Given some plaintext blocks and a redaction function, return the blocks that
+ * need to be revealed to the other party
+ *
+ * Use case: we get the response for a request in several blocks, and want to redact
+ * pieces that go through multiple blocks. We can use this function to get the
+ * blocks that need to be revealed to the other party
+ *
+ * @example if we received ["secret is 12","345","678. Thanks"]. We'd want
+ * to redact the "12345678" and reveal the rest. We'd pass in the blocks and
+ * the redact function will return the redactions, namely [10,19].
+ * The function will return the blocks ["secret is **","***. Thanks"].
+ * The middle block is fully redacted, so it's not returned
+ *
+ * @param blocks blocks to reveal
+ * @param redact function that returns the redactions
+ * @returns blocks to reveal
+ */
+export async function getBlocksToReveal(blocks, redact, performOprf) {
+    const slicesWithReveal = blocks.map(block => ({
+        block,
+        // copy the plaintext to avoid mutating the original
+        redactedPlaintext: new Uint8Array(block.plaintext)
+    }));
+    const total = concatenateUint8Arrays(blocks.map(b => b.plaintext));
+    const redactions = redact(total);
+    if (!redactions.length) {
+        return 'all';
     }
-    if (slice.hash === "oprf-raw") {
-      const startBlockIdx = blockIdx;
-      const startCursorInBlock = cursorInBlock;
-      const totalLength = slice.toIndex - slice.fromIndex;
-      const block = slicesWithReveal[blockIdx];
-      block.oprfRawMarkers ||= [];
-      block.oprfRawMarkers.push({
-        dataLocation: {
-          fromIndex: startCursorInBlock,
-          length: totalLength
+    let blockIdx = 0;
+    let cursorInBlock = 0;
+    let cursor = 0;
+    for (const redaction of redactions) {
+        await redactBlocks(redaction);
+    }
+    // only reveal blocks that have some data to reveal,
+    // or are completely plaintext
+    return slicesWithReveal
+        .filter(s => !isFullyRedacted(s.redactedPlaintext));
+    async function redactBlocks(slice) {
+        while (cursor < slice.fromIndex) {
+            advance();
         }
-      });
-      let overshootLen = 0;
-      while (cursor < slice.toIndex) {
-        if (blockIdx !== startBlockIdx) {
-          overshootLen += 1;
+        // Handle oprf-raw: don't redact, don't call OPRF, just mark position
+        // Server will compute OPRF and do replacement
+        if (slice.hash === 'oprf-raw') {
+            const startBlockIdx = blockIdx;
+            const startCursorInBlock = cursorInBlock;
+            const totalLength = slice.toIndex - slice.fromIndex;
+            // Set marker on first block
+            const block = slicesWithReveal[blockIdx];
+            block.oprfRawMarkers ||= [];
+            block.oprfRawMarkers.push({
+                dataLocation: {
+                    fromIndex: startCursorInBlock,
+                    length: totalLength
+                }
+            });
+            // Advance cursor past this slice, tracking overshoot
+            let overshootLen = 0;
+            while (cursor < slice.toIndex) {
+                if (blockIdx !== startBlockIdx) {
+                    overshootLen += 1;
+                }
+                advance();
+            }
+            // If data overshot into next block, mark it
+            if (overshootLen) {
+                slicesWithReveal[blockIdx]
+                    .overshotOprfRawFromPrevBlock = { length: overshootLen };
+            }
+            return;
         }
-        advance();
-      }
-      if (overshootLen) {
-        slicesWithReveal[blockIdx].overshotOprfRawFromPrevBlock = { length: overshootLen };
-      }
-      return;
-    }
-    if (slice.hash) {
-      const plaintext = total.slice(slice.fromIndex, slice.toIndex);
-      const { nullifier, responses, mask } = await performOprf(plaintext);
-      const toprf = {
-        nullifier,
-        responses,
-        dataLocation: {
-          fromIndex: cursorInBlock,
-          length: slice.toIndex - slice.fromIndex
-        },
-        mask,
-        plaintext
-      };
-      const startBlockIdx = blockIdx;
-      const block = slicesWithReveal[blockIdx];
-      block.toprfs ||= [];
-      block.toprfs.push(toprf);
-      const nullifierStr = binaryHashToStr(nullifier, toprf.dataLocation.length);
-      let i = 0;
-      let overshootLen = 0;
-      while (cursor < slice.toIndex) {
-        if (blockIdx !== startBlockIdx) {
-          overshootLen += 1;
+        if (slice.hash) {
+            const plaintext = total.slice(slice.fromIndex, slice.toIndex);
+            const { nullifier, responses, mask } = await performOprf(plaintext);
+            // set the TOPRF claim on the first blocks this
+            // redaction covers
+            const toprf = {
+                nullifier,
+                responses,
+                dataLocation: {
+                    fromIndex: cursorInBlock,
+                    length: slice.toIndex - slice.fromIndex
+                },
+                mask,
+                plaintext
+            };
+            const startBlockIdx = blockIdx;
+            const block = slicesWithReveal[blockIdx];
+            block.toprfs ||= [];
+            block.toprfs.push(toprf);
+            const nullifierStr = binaryHashToStr(nullifier, toprf.dataLocation.length);
+            let i = 0;
+            let overshootLen = 0;
+            while (cursor < slice.toIndex) {
+                if (blockIdx !== startBlockIdx) {
+                    overshootLen += 1;
+                }
+                slicesWithReveal[blockIdx].redactedPlaintext[cursorInBlock]
+                    = nullifierStr.charCodeAt(i);
+                advance();
+                i += 1;
+            }
+            if (overshootLen) {
+                slicesWithReveal[blockIdx]
+                    .overshotToprfFromPrevBlock = { length: overshootLen };
+            }
+        }
+        while (cursor < slice.toIndex) {
+            slicesWithReveal[blockIdx]
+                .redactedPlaintext[cursorInBlock] = REDACTION_CHAR_CODE;
+            advance();
         }
-        slicesWithReveal[blockIdx].redactedPlaintext[cursorInBlock] = nullifierStr.charCodeAt(i);
-        advance();
-        i += 1;
-      }
-      if (overshootLen) {
-        slicesWithReveal[blockIdx].overshotToprfFromPrevBlock = { length: overshootLen };
-      }
-    }
-    while (cursor < slice.toIndex) {
-      slicesWithReveal[blockIdx].redactedPlaintext[cursorInBlock] = REDACTION_CHAR_CODE;
-      advance();
     }
-  }
-  function advance() {
-    cursor += 1;
-    cursorInBlock += 1;
-    if (cursorInBlock >= blocks[blockIdx].plaintext.length) {
-      blockIdx += 1;
-      cursorInBlock = 0;
+    function advance() {
+        cursor += 1;
+        cursorInBlock += 1;
+        if (cursorInBlock >= blocks[blockIdx].plaintext.length) {
+            blockIdx += 1;
+            cursorInBlock = 0;
+        }
     }
-  }
 }
-function redactSlices(total, slices) {
-  const redacted = new Uint8Array(total);
-  for (const slice of slices) {
-    for (let i = slice.fromIndex; i < slice.toIndex; i++) {
-      redacted[i] = REDACTION_CHAR_CODE;
+/**
+ * Redact the following slices from the total
+ */
+export function redactSlices(total, slices) {
+    const redacted = new Uint8Array(total);
+    for (const slice of slices) {
+        for (let i = slice.fromIndex; i < slice.toIndex; i++) {
+            redacted[i] = REDACTION_CHAR_CODE;
+        }
     }
-  }
-  return redacted;
+    return redacted;
 }
-function binaryHashToStr(hash, expLength) {
-  return base64Encode(hash).padEnd(expLength, "0").slice(0, expLength);
+/**
+ * Converts the binary hash to an ASCII string of the expected length.
+ * If the hash is shorter than the expected length, it will be padded with
+ * '0' characters. If it's longer, it will be truncated.
+ */
+export function binaryHashToStr(hash, expLength) {
+    return base64Encode(hash).padEnd(expLength, '0').slice(0, expLength);
 }
-export {
-  REDACTION_CHAR,
-  REDACTION_CHAR_CODE,
-  binaryHashToStr,
-  getBlocksToReveal,
-  isFullyRedacted,
-  isRedactionCongruent,
-  redactSlices
-};

package/lib/utils/retries.js

@@ -1,26 +1,24 @@
-async function executeWithRetries(code, {
-  maxRetries = 3,
-  shouldRetry,
-  logger
-}) {
-  let retries = 0;
-  while (retries < maxRetries) {
-    try {
-      const result = await code(retries);
-      return result;
-    } catch (err) {
-      retries += 1;
-      if (retries >= maxRetries) {
-        throw err;
-      }
-      if (!shouldRetry(err)) {
-        throw err;
-      }
-      logger.info({ err, retries }, "retrying failed operation");
+/**
+ * Execute a function, and upon failure -- retry
+ * based on specified options.
+ */
+export async function executeWithRetries(code, { maxRetries = 3, shouldRetry, logger, }) {
+    let retries = 0;
+    while (retries < maxRetries) {
+        try {
+            const result = await code(retries);
+            return result;
+        }
+        catch (err) {
+            retries += 1;
+            if (retries >= maxRetries) {
+                throw err;
+            }
+            if (!shouldRetry(err)) {
+                throw err;
+            }
+            logger.info({ err, retries }, 'retrying failed operation');
+        }
     }
-  }
-  throw new Error("retries exhausted");
+    throw new Error('retries exhausted');
 }
-export {
-  executeWithRetries
-};

package/lib/utils/signatures/eth.js

@@ -1,31 +1,32 @@
-import { computeAddress, getBytes, hexlify, SigningKey, verifyMessage, Wallet } from "ethers";
-const ETH_SIGNATURE_PROVIDER = {
-  getPublicKey(privateKey) {
-    const pub = SigningKey.computePublicKey(privateKey, true);
-    return getBytes(pub);
-  },
-  getAddress(publicKey) {
-    const pubKeyHex = typeof publicKey === "string" ? publicKey : hexlify(publicKey);
-    return computeAddress(pubKeyHex).toLowerCase();
-  },
-  async sign(data, privateKey) {
-    const wallet = getEthWallet(privateKey);
-    const signature = await wallet.signMessage(data);
-    return getBytes(signature);
-  },
-  async verify(data, signature, addressBytes) {
-    const address = typeof addressBytes === "string" ? addressBytes : hexlify(addressBytes);
-    const signatureHex = typeof signature === "string" ? signature : hexlify(signature);
-    const signerAddress = verifyMessage(data, signatureHex);
-    return signerAddress.toLowerCase() === address.toLowerCase();
-  }
+import { computeAddress, getBytes, hexlify, SigningKey, verifyMessage, Wallet } from 'ethers';
+export const ETH_SIGNATURE_PROVIDER = {
+    getPublicKey(privateKey) {
+        const pub = SigningKey.computePublicKey(privateKey, true);
+        return getBytes(pub);
+    },
+    getAddress(publicKey) {
+        // computeAddress in v6 expects hex string
+        const pubKeyHex = typeof publicKey === 'string' ? publicKey : hexlify(publicKey);
+        return computeAddress(pubKeyHex).toLowerCase();
+    },
+    async sign(data, privateKey) {
+        const wallet = getEthWallet(privateKey);
+        const signature = await wallet.signMessage(data);
+        return getBytes(signature);
+    },
+    async verify(data, signature, addressBytes) {
+        const address = typeof addressBytes === 'string'
+            ? addressBytes
+            : hexlify(addressBytes);
+        // verifyMessage in v6 expects SignatureLike (hex string)
+        const signatureHex = typeof signature === 'string' ? signature : hexlify(signature);
+        const signerAddress = verifyMessage(data, signatureHex);
+        return signerAddress.toLowerCase() === address.toLowerCase();
+    }
 };
 function getEthWallet(privateKey) {
-  if (!privateKey) {
-    throw new Error("Private key missing");
-  }
-  return new Wallet(privateKey);
+    if (!privateKey) {
+        throw new Error('Private key missing');
+    }
+    return new Wallet(privateKey);
 }
-export {
-  ETH_SIGNATURE_PROVIDER
-};

package/lib/utils/signatures/index.js

@@ -1,12 +1,7 @@
 import { ServiceSignatureType } from "../../proto/api.js";
-import { ETH_SIGNATURE_PROVIDER } from "../../utils/signatures/eth.js";
-const SIGNATURES = {
-  [ServiceSignatureType.SERVICE_SIGNATURE_TYPE_ETH]: ETH_SIGNATURE_PROVIDER
-};
-const SelectedServiceSignatureType = ServiceSignatureType.SERVICE_SIGNATURE_TYPE_ETH;
-const SelectedServiceSignature = SIGNATURES[SelectedServiceSignatureType];
-export {
-  SIGNATURES,
-  SelectedServiceSignature,
-  SelectedServiceSignatureType
+import { ETH_SIGNATURE_PROVIDER } from "./eth.js";
+export const SIGNATURES = {
+    [ServiceSignatureType.SERVICE_SIGNATURE_TYPE_ETH]: ETH_SIGNATURE_PROVIDER,
 };
+export const SelectedServiceSignatureType = ServiceSignatureType.SERVICE_SIGNATURE_TYPE_ETH;
+export const SelectedServiceSignature = SIGNATURES[SelectedServiceSignatureType];