-
Notifications
You must be signed in to change notification settings - Fork 349
Binder protocol
The underlying is an RLP-based encrypted request/response protocol. Each request is completely stateless, allowing deployment on a very wide variety of substrates.
Both requests and responses look like this:
type plainRequest struct {
Cmd string
Args rlp.RawValue
}
type ciphRequest struct {
EphPK [32]byte
Nonce [32]byte
Ctext []byte
}
where Ctext
is an RLP-recoded plainRequest
, encrypted with Chacha20-Poly1305, under the key SHA256(Nonce || SharedSecret(EphSK, RemotePK))
where RemotePK
is the remote public key. All public keys are curve25519.
Clients generate new key pairs for every request, while the binder has a fixed pre-shared public key.
registerUser(uname, password, captchaID, captchaSoln)
returns one of
-
ok()
-
err(badName)
-
err(conflict)
-
retry()
getCaptcha()
returns one of
-
captcha(captchaID, pngCaptcha)
-
retry()
getTicket(uname, password, blinded)
returns one of
-
ticket(ticket)
whereticket
is[tier blindTicket]
-
err(badAuth)
-
retry()
getBridges(ticket)
returns one of
-
bridges(bridges)
wherebridges
is a list of bridge descriptors, each of which is:-
protocol
: currently only niaucchi4 -
cookie
-
host
-
setBridge(bridgeDescriptor, allocGroup, bridgeKey)
adds a bridge. Returns one of
- `