Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable moving keys #283

Closed
PhilippGackstatter opened this issue Nov 9, 2021 · 1 comment · Fixed by #297
Closed

Enable moving keys #283

PhilippGackstatter opened this issue Nov 9, 2021 · 1 comment · Fixed by #297
Assignees
@elenaf9

Comments

@PhilippGackstatter
Copy link
Contributor

Description

Add a function to move a key from one location to another. This way we can generate a key at some random location xyz, use the some part of the key (e.g. public key) to generate the actual location location, and then move the key from xyz to location.

Motivation

We would like to have this in identity.rs for two reasons.

  1. We would like to use a DID of an identity in the locations for everything that is stored for that identity. The DID itself is the hash of the public key of the initial keypair. So if we want to store the initial keypair at a location that is based on the DID, we have a circular dependency. Currently, we generate the keypair in-memory to work around this limitation, but this is less secure than being able to generate it in Stronghold directly.

  2. When creating a new verification method key-1, we generate a new key in stronghold. If we later want to update the key material of the method key-1, we cannot use a location that is only based on the unique key-1 identifier. This is because we may need the old key in order to sign a new document update, and only then could we get rid of the old key. Our current solution is to keep some extra state which is part of the location. We might move to a new approach where the public key together with the fragment is used as the location, so that two key-1's with different underlying key materials yield two different locations. That way, we don't have to keep the additional state, reducing complexity.

Requirements

Add a method along the lines of

Stronghold::move_data(&self, current_location: Location, new_location: Location);

that moves the key (names are suggestions, feel free to change).

Are you planning to do it yourself in a pull request?

No.
@elenaf9 elenaf9 self-assigned this Nov 9, 2021
@PhilippGackstatter PhilippGackstatter mentioned this issue Nov 11, 2021
Merged
9 tasks
@elenaf9 elenaf9 assigned felsweg-iota and unassigned elenaf9 Nov 15, 2021
@PhilippGackstatter PhilippGackstatter mentioned this issue Nov 24, 2021
Closed
13 tasks
@tensor-programming
Copy link
Contributor

tensor-programming commented Nov 29, 2021
edited
Loading

This could easily be achieved using DbView::exec_proc. It essentially lets you specify one input location and another output location. It would just be a matter of then creating a procedure around it which sets the data from the input location into the output location. Something like this:

#[derive(Procedure, Debug, Clone, Serialize, Deserialize)]
pub struct MoveKey {
   #[source]
   source: Location,
   #[target]
   target: Location
}

...

#[execute_procedure]
impl DeriveSecret for MoveKey {
   type Input = ();
   type Output = ();

  fn derive(self, _: Self::Input, guard: GuardedVec<u8>) -> Result<Products<()>, FatalProcedureError> {
     OK((*guard.borrow()).to_vec())
  }
}

@elenaf9 elenaf9 mentioned this issue Nov 29, 2021
Merged
6 tasks
@elenaf9 elenaf9 assigned elenaf9 and unassigned felsweg-iota Nov 29, 2021
@elenaf9 elenaf9 linked a pull request Nov 29, 2021 that will close this issue
feat(client): add procedure for copying a record #297
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elenaf9 elenaf9

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(client): add procedure for copying a record iotaledger/stronghold.rs
4 participants
@PhilippGackstatter @tensor-programming @elenaf9 @felsweg-iota