Commit Graph

20 Commits

Author SHA1 Message Date
Patryk Osmaczko e2cab1a8ae fix: ensure community events eventual consistency
- Extracted `community_events_factory.go`
- Introduced `eventsProcessor`
  - Improved processing logic order
  - Improved events filtering
- Introduced concept of `EventTypeID` to prevent redundant events handling
- Added sanity check before events appliance when reading community from
  database
- Removed reject&re-apply scheme (no more ping-pong issue)
- Fixed and added more variants to eventual consistency test

fixes: status-im/status-desktop#13387
fixes: status-im/status-desktop#13388
2024-02-20 21:07:01 +01:00
Patryk Osmaczko f7c40d4c40 chore: use lamport timestamp for events clock
- make clock logical per event type
- increase clock precision to millisecends

Rationale:
https://www.notion.so/Eventual-consistency-9d6a9c6c55c14ab1aee76f801301522b

iterates: status-im/status-desktop#13387
2024-02-20 21:07:01 +01:00
Andrea Maria Piana 605fe40e32 Fix encryption metadata issues #4613
This commit fixes a few issues with communities encryption:

Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked.
To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing.
This is a bit expensive for large communities, and it will require some further optimizations.

Key distribution is now also connected to the request to join response, so there are no timing issues.

Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-02-07 10:25:41 +00:00
Patryk Osmaczko 1d3c618fb4 feat: encrypt `CommunityDescription` fields
Extended `CommunityDescription` with a `privateData` map. This map
associates each hash ratchet `key_id` and `seq_no` with an encrypted
`CommunityDescription`. Each encrypted instance includes only data
requiring encryption.

closes: status-im/status-desktop#12851
closes: status-im/status-desktop#12852
closes: status-im/status-desktop#12853
2023-12-22 18:17:06 +01:00
Mykhailo Prakhov b9197510b1
fix: use community controlNode pubkey instead of community ID for verifying the received community data signer (#4411) 2023-12-04 10:56:54 +01:00
Vitaly Vlasov 1794b93c16 Always set PubsubTopic in filters 2023-11-18 02:26:34 +02:00
Mikhail Rogachev a17ee052fb
feat: Introduce KickedPending and BannedPending states (#3948)
* feat: introduce KickedPending state for community members

* feat: tests for ban/unban pending states

* fix: remove pending And banned members from public serialization

* feat: add check for banning and kicking privileged users

* fix: process only first event when obtaining PendingAndBannedMembers

* fix: review fixes

* fix: proper conditions for kicking and banning checks

* Fix: fix tests after rebase
2023-10-04 23:47:22 +03:00
Patryk Osmaczko a12e87dac6 feat: add pending state for token permissions
iterates: status-im/status-desktop#11852
2023-08-23 10:34:59 +02:00
Patryk Osmaczko 63131aebbc refactor: merge AddTokenPermission and UpdateTokenPermission 2023-08-23 10:34:59 +02:00
Patryk Osmaczko 8b9ee803e2 feat: auto re-apply rejected community events
closes: status-im/status-desktop#11552
2023-08-11 12:46:45 +02:00
Patryk Osmaczko 400ba52289 fix: ensure CommunityDescription msg kept in db is signed
closes: status-im/status-desktop#11859
2023-08-10 17:09:30 +02:00
Patryk Osmaczko dbd52edcd7 feat: sign community events
closes: status-im/status-desktop#11834
2023-08-09 13:53:32 +02:00
Pascal Precht 248e4a7f24 refactor: EventSenders forward RequestToJoin decision to control node
This is a bigger change in how community membership requests are handled
among admins, token masters, owners, and control nodes.

Prior to this commit, all privileged users, also known as
`EventSenders`, were able to accept and reject community membership
requests and those changes would be applied by all users.

This commit changes this behaviour such that:

1. EventSenders can make a decision (accept, reject), but merely forward
   their decision to the control node, which ultimately has to confirm
   it
2. EventSenders are no longer removing or adding members to and from
   communities
3. When an eventsender signaled a decision, the membership request will
   enter a pending state (acceptedPending or rejectedPending)
4. Once a decision was made by one eventsender, no other eventsender can
   override that decision

This implementation is covered with a bunch of tests:

- Ensure that decision made by event sender is shared with other event
  senders
  - `testAcceptMemberRequestToJoinResponseSharedWithOtherEventSenders()`
  - `testRejectMemberRequestToJoinResponseSharedWithOtherEventSenders()`
- Ensure memebrship request stays pending, until control node has
  confirmed decision by event senders
  - `testAcceptMemberRequestToJoinNotConfirmedByControlNode()`
  - `testRejectMemberRequestToJoinNotConfirmedByControlNode()`
- Ensure that decision made by event sender cannot be overriden by other
  event senders
  - `testEventSenderCannotOverrideRequestToJoinState()`

These test cases live in three test suites for different event sender
types respectively

- `OwnerWithoutCommunityKeyCommunityEventsSuite`
- `TokenMasterCommunityEventsSuite`
- `AdminCommunityEventsSuite`

In addition to the changes mentioned above, there's also a smaller
changes that ensures membership requests to *not* attached revealed wallet
addresses when the requests are sent to event senders (in addition to
control nodes).

Requests send to a control node will still include revealed addresses as
the control node needs them to verify token permissions.

This commit does not yet handle the case of event senders attempting to
kick and ban members.

Similar to accepting and rejecting membership requests, kicking and
banning need a new pending state. However, we don't track such state in
local databases yet so those two cases will be handled in future commit
to not have this commit grow larger.
2023-08-08 14:46:03 +02:00
Mykhailo Prakhov 3bd972dec4
chore: Added TokenMaster permission token type (#3848) 2023-08-04 12:28:46 +02:00
Patryk Osmaczko 47c568fb08 refactor: improve wrapped community description naming 2023-08-02 20:57:19 +02:00
Mykhailo Prakhov 89253ac684
fix: owner without community private key and token master was not able send all admin events (#3819) 2023-07-28 20:18:27 +02:00
Patryk Osmaczko 30da8390bd feat: introduce CommunitiesKeyDistributor
This component decouples key distribution from the Messenger, enhancing
code maintainability, extensibility and testability.
It also alleviates the need to impact all methods potentially affecting
encryption keys.
Moreover, it allows key distribution inspection for integration tests.

part of: status-im/status-desktop#10998
2023-07-27 11:35:59 +02:00
Mykhailo Prakhov ac64e33362
chore: validate CommunityDescription signature before sending/during receiving CommunityEventsMessage (#3784)
* chore: validate CommunityDescription in CommunityEventMessage

* Update protocol/communities/community_event.go
2023-07-21 11:38:34 +02:00
Patryk Osmaczko d9df8b6150 feat: add CommunityEncryptionKeyActions and its evaluation logic
Added utility that evaluates necessary encryption key actions based on
community changes.

part of: status-im/status-desktop#10998
2023-07-20 17:17:46 +02:00
Mykhailo Prakhov 0919a87588
chore: community admin events (#3678)
chore: 
- add CommunityEventsMessage
- refactor community_admin_event to accept a list of events and patch a CommunityDescription
- save/read community events into/from database
- publish and handle community events message
- fixed admin category tests
- rename AdminEvent to Events or CommunityEvents
2023-07-18 17:06:12 +02:00