Skip to content

Commit

Permalink
#274 Create salted hashes of privateData in Rfq (#294)
Browse files Browse the repository at this point in the history 
* Create salted hashes of privateData in Rfq

* fix Rfq omit private data test vector

* PR comments

* <PRESENTATION_SUBMISSION> -> <VERIFIABLE_CREDENTIAL>

* claimsHashes -> claimsHash

* claimsHashes -> claimsHash

* formatting

---------

Co-authored-by: Moe Jangda <moe@tbd.email>
  • Loading branch information
@mistermoe
Diane Huxley and mistermoe authored Mar 30, 2024
1 parent 6af20c9 commit 6df3807
Show file tree
Hide file tree
Showing 6 changed files with 169 additions and 75 deletions.
9 changes: 3 additions & 6 deletions hosted/json-schemas/message.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,6 @@
}
},
"required": ["from", "to", "kind", "id", "exchangeId", "createdAt", "protocol"]
},
"Private": {
"type": "object",
"description": "An ephemeral JSON object used to transmit sensitive data (e.g. PII)"
}
},
"type": "object",
Expand All @@ -60,8 +56,9 @@
"type": "string",
"description": "Signature that verifies the authenticity and integrity of a message"
},
"private": {
"$ref": "#/definitions/Private"
"privateData": {
"type": "object",
"description": "Private data which can be detached from the payload without disrupting integrity. Only used in RFQs"
}
},
"additionalProperties": false,
Expand Down
39 changes: 39 additions & 0 deletions hosted/json-schemas/rfq-private.schema.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "https://tbdex.dev/rfq-private.schema.json",
"type": "object",
"properties": {
"additionalProperties": false,
"salt": {
"type": "string",
"description": "Randomly generated cryptographic salt used to hash privateData fields"
},
"claims": {
"type": "array",
"items": {
"type": "string"
},
"description": "Presentation Submission that fulfills the requirements included in the respective Offering"
},
"payin": {
"type": "object",
"additionalProperties": false,
"properties": {
"paymentDetails": {
"type": "object",
"description": "An object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
}
}
},
"payout": {
"additionalProperties": false,
"type": "object",
"properties": {
"paymentDetails": {
"type": "object",
"description": "An object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
}
}
}
}
}
23 changes: 10 additions & 13 deletions hosted/json-schemas/rfq.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,9 @@
"type": "string",
"description": "Offering which Alice would like to get a quote for"
},
"claims": {
"type": "array",
"items": {
"type": "string"
},
"description": "Presentation Submission that fulfills the requirements included in the respective Offering"
"claimsHash": {
"type": "string",
"description": "Digests of Presentation Submissions that fulfills the requirements included in the respective Offering"
},
"payin": {
"type": "object",
Expand All @@ -25,9 +22,9 @@
"type": "string",
"description": "Type of payment method e.g. BTC_ADDRESS, DEBIT_CARD, MOMO_MPESA"
},
"paymentDetails": {
"type": "object",
"description": "An object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
"paymentDetailsHash": {
"type": "string",
"description": "Digest of an object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
}
},
"required": ["amount", "kind"]
Expand All @@ -39,13 +36,13 @@
"type": "string",
"description": "Selected payout method from the respective offering"
},
"paymentDetails": {
"type": "object",
"description": "An object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
"paymentDetailsHash": {
"type": "string",
"description": "Digest of an object containing the properties defined in the respective Offering's requiredPaymentDetails json schema"
}
},
"required": ["kind"]
}
},
"required": ["offeringId", "claims", "payin", "payout"]
"required": ["offeringId", "payin", "payout"]
}
30 changes: 30 additions & 0 deletions hosted/test-vectors/protocol/vectors/parse-rfq-omit-private-data.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
{
"description": "RFQ with privateData omitted parses from string",
"input": "{\"metadata\":{\"from\":\"did:dht:9kkuh34q7nkd4tphbcg7py9h1g16iftbtskesi9courdwj96q3sy\",\"to\":\"did:dht:8rqqxczxhdugndj5mykiahy7y4zg4zkk3jajr6qyo5owdrgqqx3y\",\"protocol\":\"1.0\",\"kind\":\"rfq\",\"id\":\"rfq_01ht6fh3fwe8etr9v0fkp0ffye\",\"exchangeId\":\"rfq_01ht6fh3fwe8etr9v0fkp0ffye\",\"createdAt\":\"2024-03-30T01:28:03.324Z\"},\"data\":{\"offeringId\":\"offering_01ht6fh3fwe8etr9v0fdrm75w7\",\"payin\":{\"kind\":\"DEBIT_CARD\",\"amount\":\"20000.00\",\"paymentDetailsHash\":\"L7tSdDuyGRNzsLta-9u2rxhz9-hY7iWVGomgnMcZWjQ\"},\"payout\":{\"kind\":\"BTC_ADDRESS\",\"paymentDetailsHash\":\"IR8FJQ8N68UPY5lrmylik4vbNFLodXn6R2w2eEdoxNc\"},\"claimsHash\":\"ccCbBV6ONcYloiS_NKo2aFnJlibuG5cK-zy74YmBQW0\"},\"signature\":\"eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0..HApQWjaJ_jpqfkCixd3FzZOqFjSVtuFbRkipp-jZ-ZnMW5TED-o2WFnu2dkWCVt-Zv7xQWmSkFqeIy6O0PZsBA\"}",
"output": {
"metadata": {
"from": "did:dht:9kkuh34q7nkd4tphbcg7py9h1g16iftbtskesi9courdwj96q3sy",
"to": "did:dht:8rqqxczxhdugndj5mykiahy7y4zg4zkk3jajr6qyo5owdrgqqx3y",
"protocol": "1.0",
"kind": "rfq",
"id": "rfq_01ht6fh3fwe8etr9v0fkp0ffye",
"exchangeId": "rfq_01ht6fh3fwe8etr9v0fkp0ffye",
"createdAt": "2024-03-30T01:28:03.324Z"
},
"data": {
"offeringId": "offering_01ht6fh3fwe8etr9v0fdrm75w7",
"payin": {
"kind": "DEBIT_CARD",
"amount": "20000.00",
"paymentDetailsHash": "L7tSdDuyGRNzsLta-9u2rxhz9-hY7iWVGomgnMcZWjQ"
},
"payout": {
"kind": "BTC_ADDRESS",
"paymentDetailsHash": "IR8FJQ8N68UPY5lrmylik4vbNFLodXn6R2w2eEdoxNc"
},
"claimsHash": "ccCbBV6ONcYloiS_NKo2aFnJlibuG5cK-zy74YmBQW0"
},
"signature": "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0..HApQWjaJ_jpqfkCixd3FzZOqFjSVtuFbRkipp-jZ-ZnMW5TED-o2WFnu2dkWCVt-Zv7xQWmSkFqeIy6O0PZsBA"
},
"error": false
}
38 changes: 24 additions & 14 deletions hosted/test-vectors/protocol/vectors/parse-rfq.json
View file
Original file line number Diff line number Diff line change
@@ -1,39 +1,49 @@
{
"description": "RFQ parses from string",
"input": "{\"metadata\":{\"from\":\"did:dht:3bexemzgf5bw7oj47uspgd47gj64kr7j7gta4wsjgeu6qtiq1s7o\",\"to\":\"did:dht:otd1sndnrp9kprin9xcyj4pquyqunef465nm98pdniaug3e6mc5o\",\"protocol\":\"1.0\",\"kind\":\"rfq\",\"id\":\"rfq_01hsd3rqqeeb4t9539vjprtfz8\",\"exchangeId\":\"rfq_01hsd3rqqeeb4t9539vjprtfz8\",\"createdAt\":\"2024-03-20T05:01:29.710Z\"},\"data\":{\"offeringId\":\"offering_01hsd3rqqeeb4t9539vf68mcf8\",\"payinMethod\":{\"kind\":\"DEBIT_CARD\",\"paymentDetails\":{\"cardNumber\":\"1234567890123456\",\"expiryDate\":\"12/22\",\"cardHolderName\":\"Ephraim Bartholomew Winthrop\",\"cvv\":\"123\"}},\"payoutMethod\":{\"kind\":\"BTC_ADDRESS\",\"paymentDetails\":{\"btcAddress\":\"1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa\"}},\"payinAmount\":\"20000.00\",\"claims\":[\"eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byMwIn0.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiUHV1cHV1Q3JlZGVudGlhbCJdLCJpZCI6InVybjp1dWlkOmU3MTgzN2NlLTFkODMtNDZjOS04ODMxLWYyOTNmZWFjOTBiMiIsImlzc3VlciI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byIsImlzc3VhbmNlRGF0ZSI6IjIwMjQtMDMtMjBUMDU6MDE6MjlaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZGh0OjNiZXhlbXpnZjVidzdvajQ3dXNwZ2Q0N2dqNjRrcjdqN2d0YTR3c2pnZXU2cXRpcTFzN28iLCJiZWVwIjoiYm9vcCJ9fSwiaXNzIjoiZGlkOmRodDozYmV4ZW16Z2Y1Ync3b2o0N3VzcGdkNDdnajY0a3I3ajdndGE0d3NqZ2V1NnF0aXExczdvIiwic3ViIjoiZGlkOmRodDozYmV4ZW16Z2Y1Ync3b2o0N3VzcGdkNDdnajY0a3I3ajdndGE0d3NqZ2V1NnF0aXExczdvIn0.9vFvgKajc3CBMOiZln3Sac39cbAaRghMH5da4oKm4-xTctryVHSvsqJmyGgyLC7eQ4rOZcAZsy6Mts325eRBCw\"]},\"signature\":\"eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byMwIn0..pSvEzCyIrvFjeT95_IiUgqPLx6gdZAL0wfAeLoPbWQkiyYlVNsCnD7EisZtGVCkYCd4CIgodUdsnpAC4TRikDw\"}",
"input": "{\"metadata\":{\"from\":\"did:dht:9kkuh34q7nkd4tphbcg7py9h1g16iftbtskesi9courdwj96q3sy\",\"to\":\"did:dht:8rqqxczxhdugndj5mykiahy7y4zg4zkk3jajr6qyo5owdrgqqx3y\",\"protocol\":\"1.0\",\"kind\":\"rfq\",\"id\":\"rfq_01ht6fh3fsf9z8ekh5tyjbsmwk\",\"exchangeId\":\"rfq_01ht6fh3fsf9z8ekh5tyjbsmwk\",\"createdAt\":\"2024-03-30T01:28:03.321Z\"},\"data\":{\"offeringId\":\"offering_01ht6fh3fre7t8zfc6j97t2pe1\",\"payin\":{\"kind\":\"DEBIT_CARD\",\"amount\":\"20000.00\",\"paymentDetailsHash\":\"k8nU7MKYNb140u3pN8FO5ndAK3WDJ8lQDEsYA0H9fWA\"},\"payout\":{\"kind\":\"BTC_ADDRESS\",\"paymentDetailsHash\":\"xwyJqXOcLsYBBojNlVHZGZzlhZvswFPUh3xsLxus_EU\"},\"claimsHash\":\"o16anc251kJb3uyYKzPdlS5SdhGomylHZ8_YZ7CBbgU\"},\"signature\":\"eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0..R-dVpTPg0m4mejuadBwlSACXNqYvCm4qajhD1K8mX2r85ukz2INrEjp1OA4Yp4vr2gg57JzREb_KLnTOurChAA\",\"privateData\":{\"salt\":\"�>�����\\u0014�]�NɈ\",\"payin\":{\"paymentDetails\":{\"cardNumber\":\"1234567890123456\",\"expiryDate\":\"12/22\",\"cardHolderName\":\"Ephraim Bartholomew Winthrop\",\"cvv\":\"123\"}},\"payout\":{\"paymentDetails\":{\"btcAddress\":\"1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa\"}},\"claims\":[\"eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiUHV1cHV1Q3JlZGVudGlhbCJdLCJpZCI6InVybjp1dWlkOmY5YWVlNjdjLTQ1NmUtNGU1Yy05NDg3LWM3MjM2ZmQyMWUxNiIsImlzc3VlciI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSIsImlzc3VhbmNlRGF0ZSI6IjIwMjQtMDMtMzBUMDE6Mjg6MDNaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZGh0Ojlra3VoMzRxN25rZDR0cGhiY2c3cHk5aDFnMTZpZnRidHNrZXNpOWNvdXJkd2o5NnEzc3kiLCJiZWVwIjoiYm9vcCJ9fSwiaXNzIjoiZGlkOmRodDo5a2t1aDM0cTdua2Q0dHBoYmNnN3B5OWgxZzE2aWZ0YnRza2VzaTljb3VyZHdqOTZxM3N5Iiwic3ViIjoiZGlkOmRodDo5a2t1aDM0cTdua2Q0dHBoYmNnN3B5OWgxZzE2aWZ0YnRza2VzaTljb3VyZHdqOTZxM3N5In0.kxFwk-eCpCrO1m7lYAlqEioGjVZ1vlM-DctE52atVKa6Egn-DS0nqmqDcXo_yRmAUylU5E-7lOPsP7N90DbAAA\"]}}",
"output": {
"metadata": {
"from": "did:dht:3bexemzgf5bw7oj47uspgd47gj64kr7j7gta4wsjgeu6qtiq1s7o",
"to": "did:dht:otd1sndnrp9kprin9xcyj4pquyqunef465nm98pdniaug3e6mc5o",
"from": "did:dht:9kkuh34q7nkd4tphbcg7py9h1g16iftbtskesi9courdwj96q3sy",
"to": "did:dht:8rqqxczxhdugndj5mykiahy7y4zg4zkk3jajr6qyo5owdrgqqx3y",
"protocol": "1.0",
"kind": "rfq",
"id": "rfq_01hsd3rqqeeb4t9539vjprtfz8",
"exchangeId": "rfq_01hsd3rqqeeb4t9539vjprtfz8",
"createdAt": "2024-03-20T05:01:29.710Z"
"id": "rfq_01ht6fh3fsf9z8ekh5tyjbsmwk",
"exchangeId": "rfq_01ht6fh3fsf9z8ekh5tyjbsmwk",
"createdAt": "2024-03-30T01:28:03.321Z"
},
"data": {
"offeringId": "offering_01hsd3rqqeeb4t9539vf68mcf8",
"payinMethod": {
"offeringId": "offering_01ht6fh3fre7t8zfc6j97t2pe1",
"payin": {
"kind": "DEBIT_CARD",
"amount": "20000.00",
"paymentDetailsHash": "k8nU7MKYNb140u3pN8FO5ndAK3WDJ8lQDEsYA0H9fWA"
},
"payout": {
"kind": "BTC_ADDRESS",
"paymentDetailsHash": "xwyJqXOcLsYBBojNlVHZGZzlhZvswFPUh3xsLxus_EU"
},
"claimsHash": "o16anc251kJb3uyYKzPdlS5SdhGomylHZ8_YZ7CBbgU"
},
"signature": "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0..R-dVpTPg0m4mejuadBwlSACXNqYvCm4qajhD1K8mX2r85ukz2INrEjp1OA4Yp4vr2gg57JzREb_KLnTOurChAA",
"privateData": {
"salt": "�>�����\u0014�]�NɈ",
"payin": {
"paymentDetails": {
"cardNumber": "1234567890123456",
"expiryDate": "12/22",
"cardHolderName": "Ephraim Bartholomew Winthrop",
"cvv": "123"
}
},
"payoutMethod": {
"kind": "BTC_ADDRESS",
"payout": {
"paymentDetails": {
"btcAddress": "1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa"
}
},
"payinAmount": "20000.00",
"claims": [
"eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byMwIn0.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiUHV1cHV1Q3JlZGVudGlhbCJdLCJpZCI6InVybjp1dWlkOmU3MTgzN2NlLTFkODMtNDZjOS04ODMxLWYyOTNmZWFjOTBiMiIsImlzc3VlciI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byIsImlzc3VhbmNlRGF0ZSI6IjIwMjQtMDMtMjBUMDU6MDE6MjlaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZGh0OjNiZXhlbXpnZjVidzdvajQ3dXNwZ2Q0N2dqNjRrcjdqN2d0YTR3c2pnZXU2cXRpcTFzN28iLCJiZWVwIjoiYm9vcCJ9fSwiaXNzIjoiZGlkOmRodDozYmV4ZW16Z2Y1Ync3b2o0N3VzcGdkNDdnajY0a3I3ajdndGE0d3NqZ2V1NnF0aXExczdvIiwic3ViIjoiZGlkOmRodDozYmV4ZW16Z2Y1Ync3b2o0N3VzcGdkNDdnajY0a3I3ajdndGE0d3NqZ2V1NnF0aXExczdvIn0.9vFvgKajc3CBMOiZln3Sac39cbAaRghMH5da4oKm4-xTctryVHSvsqJmyGgyLC7eQ4rOZcAZsy6Mts325eRBCw"
"eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSMwIn0.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiUHV1cHV1Q3JlZGVudGlhbCJdLCJpZCI6InVybjp1dWlkOmY5YWVlNjdjLTQ1NmUtNGU1Yy05NDg3LWM3MjM2ZmQyMWUxNiIsImlzc3VlciI6ImRpZDpkaHQ6OWtrdWgzNHE3bmtkNHRwaGJjZzdweTloMWcxNmlmdGJ0c2tlc2k5Y291cmR3ajk2cTNzeSIsImlzc3VhbmNlRGF0ZSI6IjIwMjQtMDMtMzBUMDE6Mjg6MDNaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZGh0Ojlra3VoMzRxN25rZDR0cGhiY2c3cHk5aDFnMTZpZnRidHNrZXNpOWNvdXJkd2o5NnEzc3kiLCJiZWVwIjoiYm9vcCJ9fSwiaXNzIjoiZGlkOmRodDo5a2t1aDM0cTdua2Q0dHBoYmNnN3B5OWgxZzE2aWZ0YnRza2VzaTljb3VyZHdqOTZxM3N5Iiwic3ViIjoiZGlkOmRodDo5a2t1aDM0cTdua2Q0dHBoYmNnN3B5OWgxZzE2aWZ0YnRza2VzaTljb3VyZHdqOTZxM3N5In0.kxFwk-eCpCrO1m7lYAlqEioGjVZ1vlM-DctE52atVKa6Egn-DS0nqmqDcXo_yRmAUylU5E-7lOPsP7N90DbAAA"
]
},
"signature": "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6M2JleGVtemdmNWJ3N29qNDd1c3BnZDQ3Z2o2NGtyN2o3Z3RhNHdzamdldTZxdGlxMXM3byMwIn0..pSvEzCyIrvFjeT95_IiUgqPLx6gdZAL0wfAeLoPbWQkiyYlVNsCnD7EisZtGVCkYCd4CIgodUdsnpAC4TRikDw"
}
},
"error": false
}
Loading

0 comments on commit 6df3807

Please sign in to comment.