From 3b4dcf3195772f49405a069a3a59c4e0176b1970 Mon Sep 17 00:00:00 2001 From: Richard Ramos Date: Thu, 20 Oct 2022 17:49:45 -0400 Subject: [PATCH] fix(rln): remove idcommitment and idkey --- docs/tutorials/rln.md | 60 +++++++++++++++------------- examples/chat2/exec.go | 11 ++--- examples/chat2/flags.go | 10 ----- examples/chat2/options.go | 2 - examples/chat2/rln-credentials.go | 35 +++++----------- waku/options.go | 2 - waku/rln-credentials.go | 9 +---- waku/v2/protocol/rln/onchain_test.go | 4 +- waku_rln.go | 10 ----- 9 files changed, 50 insertions(+), 93 deletions(-) diff --git a/docs/tutorials/rln.md b/docs/tutorials/rln.md index 2404c8d7..d809d5c6 100644 --- a/docs/tutorials/rln.md +++ b/docs/tutorials/rln.md @@ -1,9 +1,9 @@ -# Spam-protected chat2 application with on-chain group management +# Spam-protected chat2 application with on-chain group management This document is a tutorial on how to run the chat2 application in the spam-protected mode using the Waku-RLN-Relay protocol and with dynamic/on-chain group management. In the on-chain/dynamic group management, the state of the group members i.e., their identity commitment keys is moderated via a membership smart contract deployed on the Goerli network which is one of the Ethereum testnets. Members can be dynamically added to the group and the group size can grow up to 2^20 members. -This differs from the prior test scenarios in which the RLN group was static and the set of members' keys was hardcoded and fixed. +This differs from the prior test scenarios in which the RLN group was static and the set of members' keys was hardcoded and fixed. ## Prerequisites @@ -12,15 +12,17 @@ In case you are not familiar with either of these two steps, you may follow the Note that the required `0.001` ethers correspond to the registration fee, however, you still need to have more funds in your account to cover the cost of the transaction gas fee. + + ## Overview Figure 1 provides an overview of the interaction of the chat2 clients with the test fleets and the membership contract. -At a high level, when a chat2 client is run with Waku-RLN-Relay mounted in on-chain mode, it creates RLN credential (i.e., an identity key and an identity commitment key) and +At a high level, when a chat2 client is run with Waku-RLN-Relay mounted in on-chain mode, it creates an RLN credential (i.e., an identity key and an identity commitment key) and sends a transaction to the membership contract to register the corresponding membership identity commitment key. -This transaction will also transfer `0.001` Ethers to the contract as membership fee. +This transaction will also transfer `0.001` Ethers to the contract as a membership fee. This amount plus the transaction fee will be deducted from the supplied Goerli account. Once the transaction is mined and the registration is successful, the registered credential will get displayed on the console of your chat2 client. You may copy the displayed RLN credential and reuse them for the future execution of the chat2 application. -Proper instructions in this regard is provided in the following [section](#how-to-reuse-rln-credential). +Proper instructions in this regard is provided in the following [section](#how-to-persist-and-reuse-rln-credential). If you choose not to reuse the same credential, then for each execution, a new registration will take place and more funds will get deducted from your Goerli account. Under the hood, the chat2 client constantly listens to the membership contract and keeps itself updated with the latest state of the group. @@ -29,7 +31,7 @@ The test fleets will act as routers and are also set to run Waku-RLN-Relay over Spam messages published on the said combination of topics will be caught by the test fleet nodes and will not be routed. Note that spam protection does not rely on the presence of the test fleets. In fact, all the chat2 clients are also capable of catching and dropping spam messages if they receive any. -You can test it by connecting two chat2 clients (running Waku-RLN-Relay) directly to each others and see they can spot each others' spam activities. +You can test it by connecting two chat2 clients (running Waku-RLN-Relay) directly to each other and see if they can spot each other's spam activities. ![](./imgs/rln-relay-chat2-overview.png) Figure 1. @@ -45,7 +47,6 @@ You can test it by connecting two chat2 clients (running Waku-RLN-Relay) directl git clone https://github.com/status-im/go-waku cd go-waku ``` - ## Build chat2 ``` make chat2 @@ -63,18 +64,19 @@ In this command - the `--fleet=test` indicates that the chat2 app gets connected to the test fleets. - the `toy-chat/2/luzhou/proto` passed to the `--content-topic` option indicates the content topic on which the chat2 application is going to run. - the `--rln-relay` flag is set to `true` to enable the Waku-RLN-Relay protocol for spam protection. -- the `--rln-relay-dynamic` flag is set to `true` to enable the on-chain mode of Waku-RLN-Relay protocol with dynamic group management. +- the `--rln-relay-dynamic` flag is set to `true` to enable the on-chain mode of Waku-RLN-Relay protocol with dynamic group management. - the `--rln-relay-eth-contract-address` option gets the address of the membership contract. - The current address of the contract is `0x4252105670fe33d2947e8ead304969849e64f2a6`. - You may check the state of the contract on the [Goerli testnet](https://goerli.etherscan.io/address/0x4252105670fe33d2947e8ead304969849e64f2a6). + The current address of the contract is `0x4252105670fe33d2947e8ead304969849e64f2a6`. + You may check the state of the contract on the [Goerli testnet](https://goerli.etherscan.io/address/0x4252105670fe33d2947e8ead304969849e64f2a6). - the `--rln-relay-eth-account-private-key` option is for your account private key on the Goerli testnet. - It is made up of 64 hex characters (not sensitive to the `0x` prefix). -- the `--rln-relay-eth-client-address` should be assigned with the address of a websocket endpoint of the hosted node on the Goerli testnet. - You need to replace the `xxxx` with the actual node's websocket endpoint. + It is made up of 64 hex characters (not sensitive to the `0x` prefix). +- the `--rln-relay-eth-client-address` is the WebSocket address of the hosted node on the Goerli testnet. + You need to replace the `xxxx` with the actual node's address. -For the last two config options i.e., `--rln-relay-eth-account-private-key`, and `--rln-relay-eth-client-address`, if you do not know how to obtain those, you may use the following tutorial on the [prerequisites of running on-chain spam-protected chat2](https://github.com/status-im/nwaku/blob/master/docs/tutorial/pre-requisites-of-running-on-chain-spam-protected-chat2.md). +For the last three config options i.e., `rln-relay-eth-account-address`, `rln-relay-eth-account-private-key`, and `rln-relay-eth-client-address`, if you do not know how to obtain those, you may use the following tutorial on the [prerequisites of running on-chain spam-protected chat2](./pre-requisites-of-running-on-chain-spam-protected-chat2.md). -> You may set up more than one chat client, using the `--rln-relay-cred-path` flag, specifying in each client a different path to store the credentials. +You may set up more than one chat client, +using the `--rln-relay-cred-path` flag, specifying in each client a different path to store the credentials, and using a different `--tcp-port`. Once you run the command, you will see the following message: ``` @@ -140,6 +142,7 @@ Thus, if you send two messages less than `10` seconds apart, they are likely to After sending a chat message, you may experience some delay before the next chat prompt appears. The reason is that under the hood a zero-knowledge proof is being generated and attached to your message. + Try to spam the network by violating the message rate limit i.e., sending more than one message per epoch. Your messages will be routed via test fleets that are running in spam-protected mode over the same content topic i.e., `/toy-chat/2/luzhou/proto` as your chat client. @@ -153,20 +156,23 @@ Once you are done with the test, make sure you close all the chat2 clients by ty Bye! ``` -## How to reuse RLN credential +## How to persist and reuse RLN credential -You may reuse your old RLN credential using `--rln-relay-membership-index`, `--rln-relay-id` and `--rln-relay-id-commitment` options. -For instance, if the previously generated credential are -``` -INFO: RLN config: -- Your membership index is: 63 -- Your rln identity key is: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -- Your rln identity commitment key is: 6c6598126ba10d1b70100893b76d7f8d7343eeb8f5ecfd48371b421c5aa6f012 -``` -Then, the execution command will look like this (inspect the last three config options): -``` -./build/chat2 --fleet=test --content-topic=/toy-chat/2/luzhou/proto --rln-relay=true --rln-relay-dynamic=true --rln-relay-eth-contract-address=0x4252105670fe33d2947e8ead304969849e64f2a6 --rln-relay-eth-account-private-key=your_eth_private_key --rln-relay-eth-client-address=your_goerli_node --rln-relay-membership-index=63 --rln-relay-id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --rln-relay-id-commitment:6c6598126ba10d1b70100893b76d7f8d7343eeb8f5ecfd48371b421c5aa6f012 +You may pass the `--rln-relay-cred-path` config option to specify a path for 1) persisting RLN credentials and 2) retrieving persisted RLN credentials. +RLN credential is persisted in the `rlnCredentials.txt` file under the specified path. +If this file does not already exist under the supplied path, then a new credential is generated and persisted in the `rlnCredentials.txt` file. +Otherwise, the chat client does not generate a new credential and will use, instead, the persisted RLN credential. +```bash +./build/chat2 --fleet:test --content-topic:/toy-chat/2/luzhou/proto --rln-relay=true --rln-relay-dynamic=true --rln-relay-eth-contract-address=0x4252105670fe33d2947e8ead304969849e64f2a6 --rln-relay-eth-account-private-key=your_eth_private_key --rln-relay-eth-client-address==your_goerli_node --rln-relay-cred-path:./ +``` + +Note: If you are reusing credentials, you can omit the `--rln-relay-eth-account-private-key` flags + +Therefore, the command to start chat2 would be - + +```bash +./build/chat2 --fleet=test --content-topic=/toy-chat/2/luzhou/proto --rln-relay=true --rln-relay-dynamic=true --rln-relay-eth-contract-address=0x4252105670fe33d2947e8ead304969849e64f2a6 --rln-relay-eth-client-address=your_goerli_node --rln-relay-cred-path=./ ``` # Sample test output diff --git a/examples/chat2/exec.go b/examples/chat2/exec.go index 54796fc0..54c32c02 100644 --- a/examples/chat2/exec.go +++ b/examples/chat2/exec.go @@ -114,13 +114,10 @@ func execute(options Options) { } if options.RLNRelay.Enable && options.RLNRelay.Dynamic { - if options.RLNRelay.IDKey == "" && options.RLNRelay.IDCommitment == "" { - // Write membership credentials file only if the idkey and commitment are not specified - err := writeRLNMembershipCredentialsToFile(options.RLNRelay.CredentialsPath, wakuNode.RLNRelay().MembershipKeyPair(), wakuNode.RLNRelay().MembershipIndex(), wakuNode.RLNRelay().MembershipContractAddress()) - if err != nil { - fmt.Println(err.Error()) - return - } + err := writeRLNMembershipCredentialsToFile(options.RLNRelay.CredentialsPath, wakuNode.RLNRelay().MembershipKeyPair(), wakuNode.RLNRelay().MembershipIndex(), wakuNode.RLNRelay().MembershipContractAddress()) + if err != nil { + fmt.Println(err.Error()) + return } } diff --git a/examples/chat2/flags.go b/examples/chat2/flags.go index 488d0bb0..68d9aec9 100644 --- a/examples/chat2/flags.go +++ b/examples/chat2/flags.go @@ -202,16 +202,6 @@ func getFlags() []cli.Flag { Usage: "Enable waku-rln-relay with on-chain dynamic group management", Destination: &options.RLNRelay.Dynamic, }, - &cli.StringFlag{ - Name: "rln-relay-id-key", - Usage: "Rln relay identity secret key as a Hex string", - Destination: &options.RLNRelay.IDKey, - }, - &cli.StringFlag{ - Name: "rln-relay-id-commitment-key", - Usage: "Rln relay identity commitment key as a Hex string", - Destination: &options.RLNRelay.IDCommitment, - }, &cli.PathFlag{ Name: "rln-relay-cred-path", Usage: "The path for persisting rln-relay credential", diff --git a/examples/chat2/options.go b/examples/chat2/options.go index 302140ac..01306c9e 100644 --- a/examples/chat2/options.go +++ b/examples/chat2/options.go @@ -34,8 +34,6 @@ type RLNRelayOptions struct { PubsubTopic string ContentTopic string Dynamic bool - IDKey string - IDCommitment string ETHPrivateKey *ecdsa.PrivateKey ETHClientAddress string MembershipContractAddress common.Address diff --git a/examples/chat2/rln-credentials.go b/examples/chat2/rln-credentials.go index 3a680af0..cf53dcf4 100644 --- a/examples/chat2/rln-credentials.go +++ b/examples/chat2/rln-credentials.go @@ -70,11 +70,6 @@ func loadMembershipCredentialsFromFile(rlnCredentialsPath string) (node.Membersh } func getMembershipCredentials(options RLNRelayOptions) (credentials node.MembershipCredentials, err error) { - valuesWereInput := false - if options.IDKey != "" || options.IDCommitment != "" { - valuesWereInput = true - } - path := options.CredentialsPath if path == "" { @@ -83,31 +78,21 @@ func getMembershipCredentials(options RLNRelayOptions) (credentials node.Members }, nil } - var osErr error - if !valuesWereInput { - path = filepath.Join(path, RLN_CREDENTIALS_FILENAME) - if _, osErr = os.Stat(path); osErr == nil { - if credentials, err := loadMembershipCredentialsFromFile(path); err != nil { - return node.MembershipCredentials{}, fmt.Errorf("could not read membership credentials file: %w", err) - } else { - if (bytes.Equal(credentials.Contract.Bytes(), common.Address{}.Bytes())) { - credentials.Contract = options.MembershipContractAddress - } - return credentials, nil + path = filepath.Join(path, RLN_CREDENTIALS_FILENAME) + _, osErr := os.Stat(path) + if osErr == nil { + if credentials, err := loadMembershipCredentialsFromFile(path); err != nil { + return node.MembershipCredentials{}, fmt.Errorf("could not read membership credentials file: %w", err) + } else { + if (bytes.Equal(credentials.Contract.Bytes(), common.Address{}.Bytes())) { + credentials.Contract = options.MembershipContractAddress } + return credentials, nil } } - var keypair *rln.MembershipKeyPair - if valuesWereInput || os.IsNotExist(osErr) { - if options.IDKey != "" && options.IDCommitment != "" { - keypair = new(rln.MembershipKeyPair) - copy((keypair.IDKey)[:], common.FromHex(options.IDKey)) - copy((keypair.IDCommitment)[:], common.FromHex(options.IDCommitment)) - } - + if os.IsNotExist(osErr) { return node.MembershipCredentials{ - Keypair: keypair, Index: uint(options.MembershipIndex), Contract: options.MembershipContractAddress, }, nil diff --git a/waku/options.go b/waku/options.go index cab6e3dd..ff225446 100644 --- a/waku/options.go +++ b/waku/options.go @@ -49,8 +49,6 @@ type RLNRelayOptions struct { PubsubTopic string ContentTopic string Dynamic bool - IDKey string - IDCommitment string ETHPrivateKey *ecdsa.PrivateKey ETHClientAddress string MembershipContractAddress common.Address diff --git a/waku/rln-credentials.go b/waku/rln-credentials.go index 60f23aac..42cb2b51 100644 --- a/waku/rln-credentials.go +++ b/waku/rln-credentials.go @@ -103,16 +103,9 @@ func getMembershipCredentials(logger *zap.Logger, options Options) (fromFile boo } } - var keypair *rln.MembershipKeyPair if os.IsNotExist(err) { - if options.RLNRelay.IDKey != "" && options.RLNRelay.IDCommitment != "" { - keypair = new(rln.MembershipKeyPair) - copy((keypair.IDKey)[:], common.FromHex(options.RLNRelay.IDKey)) - copy((keypair.IDCommitment)[:], common.FromHex(options.RLNRelay.IDCommitment)) - } - return false, node.MembershipCredentials{ - Keypair: keypair, + Keypair: nil, Index: uint(options.RLNRelay.MembershipIndex), Contract: options.RLNRelay.MembershipContractAddress, }, nil diff --git a/waku/v2/protocol/rln/onchain_test.go b/waku/v2/protocol/rln/onchain_test.go index 56b07ba9..fb0dc2c3 100644 --- a/waku/v2/protocol/rln/onchain_test.go +++ b/waku/v2/protocol/rln/onchain_test.go @@ -114,7 +114,7 @@ func (s *WakuRLNRelayDynamicSuite) TestDynamicGroupManagement() { RLN: rlnInstance, log: utils.Logger(), nullifierLog: make(map[r.Epoch][]r.ProofMetadata), - membershipKeyPair: *keyPair, + membershipKeyPair: keyPair, } // generate another membership key pair @@ -190,7 +190,7 @@ func (s *WakuRLNRelayDynamicSuite) TestRegistrationProcedure() { RLN: rlnInstance, log: utils.Logger(), nullifierLog: make(map[r.Epoch][]r.ProofMetadata), - membershipKeyPair: *keyPair, + membershipKeyPair: keyPair, } _, err = rlnPeer.Register(context.TODO()) diff --git a/waku_rln.go b/waku_rln.go index 4ce7a643..d6539e19 100644 --- a/waku_rln.go +++ b/waku_rln.go @@ -39,16 +39,6 @@ func rlnFlags() []cli.Flag { Usage: "Enable waku-rln-relay with on-chain dynamic group management", Destination: &options.RLNRelay.Dynamic, }, - &cli.StringFlag{ - Name: "rln-relay-id-key", - Usage: "Rln relay identity secret key as a Hex string", - Destination: &options.RLNRelay.IDKey, - }, - &cli.StringFlag{ - Name: "rln-relay-id-commitment-key", - Usage: "Rln relay identity commitment key as a Hex string", - Destination: &options.RLNRelay.IDCommitment, - }, &cli.PathFlag{ Name: "rln-relay-cred-path", Usage: "RLN relay membership credentials file",