From 10d6e3080e6c88e45c4ac759a491fb116ce8feb7 Mon Sep 17 00:00:00 2001
From: Sanaz <staheri14@ku.edu.tr>
Date: Fri, 18 Dec 2020 16:09:25 -0800
Subject: [PATCH] adds the terminology and adversarial model

---
 specs/waku/v2/waku-filter.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/specs/waku/v2/waku-filter.md b/specs/waku/v2/waku-filter.md
index 0f3fe924..78bae78f 100644
--- a/specs/waku/v2/waku-filter.md
+++ b/specs/waku/v2/waku-filter.md
@@ -11,6 +11,8 @@ authors: Oskar Thorén <oskar@status.im>, Dean Eigenmann <dean@status.im>, Hanno
 - [Content filtering](#content-filtering)
   - [Rationale](#rationale)
 - [Security Consideration](#security-consideration)
+  - [Terminology](#terminology)
+- [Adversarial Model](#adversarial-model)
   - [Protobuf](#protobuf)
       - [FilterRPC](#filterrpc)
       - [FilterRequest](#filterrequest)
@@ -56,6 +58,16 @@ frequent polling.
 
 Note that while using `WakuFilter` allows light nodes to save bandwidth, it comes with a privacy cost in the sense that they need to disclose their liking topics to the full nodes to retrieve the relevant messages. Currently, anonymous subscription is not supported by the `WakuFilter`, however, potential solutions in this regard are sketched below in [Future Work](#future-work) section. 
 
+## Terminology
+The term Personally identifiable information (PII) refers to any piece of data that can be used to uniquely identify a user. For example, the signature verification key, and the hash of one's static IP address are unique for each user and hence count as PII.
+
+# Adversarial Model
+Any node running the `WakuFilter` protocol i.e., both the subscriber node and the queried node are considered as an adversary. Furthermore, we consider the adversary as a passive entity that attempts to collect information from other nodes to conduct an attack but it does so without violating protocol definitions and instructions. For example, under the passive adversarial model, no malicious node intentionally hides the messages matching to one's subscribed content filter as it is against the description of the `WakuFilter` protocol. 
+
+The following are not considered as part of the adversarial model: 
+  - An adversary with a global view of all the nodes and their connections. 
+  - An adversary that can eavesdrop on communication links between arbitrary pairs of nodes (unless the adversary is one end of the communication). In specific, the communication channels are assumed to be secure.
+
 ## Protobuf
 
 ```protobuf