UNPKG

five-bells-condition

Version:

Implementation of crypto-conditions in JavaScript

github.com/interledgerjs/five-bells-condition

interledgerjs/five-bells-condition

355 lines (313 loc) 11.4 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
'use strict' /** * @module types */ const Condition = require('../lib/condition') const Fulfillment = require('../lib/fulfillment') const BaseSha256 = require('./base-sha256') const MissingDataError = require('../errors/missing-data-error') const isInteger = require('../util/is-integer') const Asn1ThresholdFingerprintContents = require('../schemas/fingerprint').ThresholdFingerprintContents const CONDITION = 'condition' const FULFILLMENT = 'fulfillment' /** * THRESHOLD-SHA-256: Threshold gate condition using SHA-256. * * Threshold conditions can be used to create m-of-n multi-signature groups. * * Threshold conditions can represent the AND operator by setting the threshold * to equal the number of subconditions (n-of-n) or the OR operator by setting * the thresold to one (1-of-n). * * Since threshold conditions operate on conditions, they can be nested as well * which allows the creation of deep threshold trees of public keys. * * By using Merkle trees, threshold fulfillments do not need to to provide the * structure of unfulfilled subtrees. That means only the public keys that are * actually used in a fulfillment, will actually appear in the fulfillment, * saving space. * * One way to formally interpret a threshold condition is as a booleanthreshold * gate. A tree of threshold conditions forms a boolean threshold circuit. * * THRESHOLD-SHA-256 is assigned the type ID 2. It relies on the SHA-256 and * THRESHOLD feature suites which corresponds to a feature bitmask of 0x09. */ class ThresholdSha256 extends BaseSha256 { constructor () { super() this.threshold = null this.subconditions = [] } /** * Add a subcondition (unfulfilled). * * This can be used to generate a new threshold condition from a set of * subconditions or to provide a non-fulfilled subcondition when creating a * threshold fulfillment. * * @param {Condition|String} subcondition Condition object or URI string * representing a new subcondition to be added. */ addSubcondition (subcondition) { if (typeof subcondition === 'string') { subcondition = Condition.fromUri(subcondition) } else if (!(subcondition instanceof Condition)) { throw new Error('Subconditions must be URIs or objects of type Condition') } this.subconditions.push({ type: CONDITION, body: subcondition }) } /** * Add a fulfilled subcondition. * * When constructing a threshold fulfillment, this method allows you to * provide a fulfillment for one of the subconditions. * * Note that you do **not** have to add the subcondition if you're adding the * fulfillment. The condition can be calculated from the fulfillment and will * be added automatically. * * @param {Fulfillment|String} subfulfillment Fulfillment object or URI string * representing a new subfulfillment to be added. */ addSubfulfillment (subfulfillment) { if (typeof subfulfillment === 'string') { subfulfillment = Fulfillment.fromUri(subfulfillment) } else if (!(subfulfillment instanceof Fulfillment)) { throw new Error('Subfulfillments must be URIs or objects of type Fulfillment') } this.subconditions.push({ type: FULFILLMENT, body: subfulfillment }) } /** * Set the threshold. * * Determines the threshold that is used to consider this condition fulfilled. * If the number of valid subfulfillments is greater or equal to this number, * the threshold condition is considered to be fulfilled. * * @param {Number} threshold Integer threshold */ setThreshold (threshold) { if (!isInteger(threshold) || threshold < 1) { throw new TypeError('Threshold must be a integer greater than zero, was: ' + threshold) } this.threshold = threshold } /** * Get set of used type names. * * This is a type of condition that can contain subconditions. A complete * set of subtypes must contain all types that must be supported in order to * validate this fulfillment. Therefore, we need to join the type of this * fulfillment with all of the sets of subtypes for each of the subconditions. * * @return {Number} Complete set of types for this fulfillment. */ getSubtypes () { const typeSets = this.subconditions .map(x => Array.from(x.body.getSubtypes()).concat(x.body.getTypeName())) const subtypes = new Set(Array.prototype.concat.apply([], typeSets)) // Never include our own type as a subtype. The reason is that we already // know that the validating implementation knows how to interpret this type, // otherwise it wouldn't be able to verify this fulfillment to begin with. subtypes.delete(this.constructor.TYPE_NAME) return subtypes } /** * Comparison function used to pre-sort conditions due to lack of sorting * support in our current DER encoder of choice. * * See: https://github.com/indutny/asn1.js/issues/80 * * @param {Condition} a First condition to compare * @param {Condition} b Second condition to compare * * @private */ static compareConditions (a, b) { return Buffer.compare(a.serializeBinary(), b.serializeBinary()) } /** * Produce the contents of the condition hash. * * This function is called internally by the `getCondition` method. * * @return {Buffer} Encoded contents of fingerprint hash. * * @private */ getFingerprintContents () { return Asn1ThresholdFingerprintContents.encode({ threshold: this.threshold, subconditions: this.subconditions .map(x => ( x.body instanceof Condition ? x.body : x.body.getCondition() )) .sort(ThresholdSha256.compareConditions) .map(x => x.getAsn1Json()) }) } /** * Calculate the cost of fulfilling this condition. * * In a threshold condition, the cost consists of the t most expensive * subconditions plus n times 32 where t is the threshold and n is the * total number of subconditions. * * @return {Number} Expected maximum cost to fulfill this condition * @private */ calculateCost () { // Calculate length of longest fulfillments const subconditions = this.subconditions .map(this.constructor.getSubconditionCost) const worstCaseFulfillmentsCost = this.constructor.calculateWorstCaseLength( this.threshold, subconditions ) if (worstCaseFulfillmentsCost === -Infinity) { throw new MissingDataError('Insufficient number of subconditions to meet the threshold') } return worstCaseFulfillmentsCost + 1024 * subconditions.length } static getSubconditionCost (cond) { return cond.type === FULFILLMENT ? cond.body.getCondition().getCost() : cond.body.getCost() } /** * Calculate the worst case cost of a set of subconditions. * * Given a set of costs C and a threshold t, it returns the sum of the largest * t elements in C. * * @param {Number} threshold Threshold that the remaining subconditions have * to meet. * @param {Number[]} subconditionCosts Set of subconditions. * @return {Number} Maximum cost of a valid, minimal set of fulfillments or * -Infinity if there is no valid set. * * @private */ static calculateWorstCaseLength (threshold, subconditionCosts) { if (subconditionCosts.length < threshold) { return -Infinity } return subconditionCosts .sort((a, b) => a - b) .slice(-threshold) .reduce((total, size) => total + size, 0) } parseJson (json) { this.setThreshold(json.threshold) if (json.subfulfillments) { for (let fulfillmentJson of json.subfulfillments) { this.addSubfulfillment(Fulfillment.fromJson(fulfillmentJson)) } } if (json.subconditions) { for (let conditionJson of json.subconditions) { this.addSubcondition(Condition.fromJson(conditionJson)) } } } parseAsn1JsonPayload (json) { this.setThreshold(json.subfulfillments.length) if (json.subfulfillments) { for (let fulfillmentJson of json.subfulfillments) { this.addSubfulfillment(Fulfillment.fromAsn1Json(fulfillmentJson)) } } if (json.subconditions) { for (let conditionJson of json.subconditions) { this.addSubcondition(Condition.fromAsn1Json(conditionJson)) } } } getAsn1JsonPayload () { const fulfillments = this.subconditions.filter(x => x.type === FULFILLMENT) .sort((a, b) => a.body.getCondition().getCost() - b.body.getCondition().getCost()) const conditions = this.subconditions.filter(x => x.type === CONDITION) if (fulfillments.length < this.threshold) { throw new Error('Not enough fulfillments') } const minimalFulfillments = fulfillments .slice(0, this.threshold) const remainingConditions = conditions .map(x => x.body) .concat( fulfillments .slice(this.threshold) .map(x => x.body.getCondition()) ) return { subfulfillments: minimalFulfillments .map(x => x.body) .sort(ThresholdSha256.compareConditions) .map(x => x.getAsn1Json()), subconditions: remainingConditions .sort(ThresholdSha256.compareConditions) .map(x => x.getAsn1Json()) } } /** * Select the smallest valid set of fulfillments. * * From a set of fulfillments, selects the smallest combination of * fulfillments which meets the given threshold. * * @param {Number} threshold (Remaining) threshold that must be met. * @param {Object[]} fulfillments Set of fulfillments * @return {Object[]} Minimal set of fulfillments. * * @private */ static calculateSmallestValidFulfillmentSet (threshold, fulfillments) { fulfillments.sort((a, b) => b.size - a.size) return fulfillments.slice(0, threshold) } /** * Check whether this fulfillment meets all validation criteria. * * This will validate the subfulfillments and verify that there are enough * subfulfillments to meet the threshold. * * @param {Buffer} message Message to validate against. * @return {Boolean} Whether this fulfillment is valid. */ validate (message) { const fulfillments = this.subconditions.filter((cond) => cond.type === FULFILLMENT) // Number of fulfilled conditions must meet the threshold if (fulfillments.length < this.threshold) { throw new Error('Threshold not met') } // But the set must be minimal, there mustn't be any fulfillments // we could take out if (fulfillments.length > this.threshold) { throw new Error('Fulfillment is not minimal') } // Ensure all subfulfillments are valid return fulfillments.every((f) => f.body.validate(message)) } } ThresholdSha256.TYPE_ID = 2 ThresholdSha256.TYPE_NAME = 'threshold-sha-256' ThresholdSha256.TYPE_ASN1_CONDITION = 'thresholdSha256Condition' ThresholdSha256.TYPE_ASN1_FULFILLMENT = 'thresholdSha256Fulfillment' ThresholdSha256.TYPE_CATEGORY = 'compound' // DEPRECATED ThresholdSha256.prototype.addSubconditionUri = ThresholdSha256.prototype.addSubcondition ThresholdSha256.prototype.addSubfulfillmentUri = ThresholdSha256.prototype.addSubfulfillment module.exports = ThresholdSha256