View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007040 | Anastasis | C reducer implementation | public | 2021-10-17 21:48 | 2022-04-13 19:14 |
Reporter | Florian Dold | Assigned To | Florian Dold | ||
Priority | normal | Severity | trivial | Reproducibility | have not tried |
Status | closed | Resolution | won't fix | ||
Product Version | Git master | ||||
Target Version | 0.3.0 | Fixed in Version | 0.3.0 | ||
Summary | 0007040: reducer stores truth metadata redundantly and weirdly | ||||
Description | The reducer currently stores some truth-related data redundantly. A truth can be used by multiple policies, but the truth data is repeated in the "policies[*].methods" objects multiple times. Instead, there should be a top-level "truth_info" object, indexed by the truth key `${methodIndex}:${providerUrl}`. | ||||
Tags | No tags attached. | ||||
|
In the attached reducer state, the truth with UUID "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080" is stored twice, with exactly the same data. anastasis-redundant.json (10,722 bytes)
{ "continents": [ { "name": "Europe", "name_i18n": { "de_DE": "Europa", "es_ES": "Europa" } }, { "name": "India", "name_i18n": { "en_EN": "India" } }, { "name": "Asia", "name_i18n": { "en_EN": "Japan" } }, { "name": "North America", "name_i18n": { "de_DE": "Nordamerika" } }, { "name": "Testcontinent", "name_i18n": { "de_DE": "Testkontinent" } } ], "backup_state": "TRUTHS_PAYING", "selected_continent": "Testcontinent", "countries": [ { "code": "xx", "name": "Testland", "continent": "Testcontinent", "continent_i18n": { "de_DE": "Testkontinent" }, "name_i18n": { "de_DE": "Testlandt", "de_CH": "Testlandi", "fr_FR": "Testpais", "en_UK": "Testland" }, "currency": "TESTKUDOS", "call_code": "+00" }, { "code": "xy", "name": "Demoland", "continent": "Testcontinent", "continent_i18n": { "de_DE": "Testkontinent" }, "name_i18n": { "de_DE": "Demolandt", "de_CH": "Demolandi", "fr_FR": "Demopais", "en_UK": "Demoland" }, "currency": "KUDOS", "call_code": "+01" } ], "authentication_providers": { "http://localhost:8086/": { "methods": [ { "type": "question", "usage_fee": "TESTKUDOS:0" }, { "type": "totp", "usage_fee": "TESTKUDOS:0" } ], "annual_fee": "TESTKUDOS:0", "truth_upload_fee": "TESTKUDOS:0", "liability_limit": "TESTKUDOS:1", "currency": "TESTKUDOS", "business_name": "Data loss #1 Inc.", "storage_limit_in_megabytes": 1, "salt": "HE4N5H49NRY3CSZYEEGT963WNR", "http_status": 200 }, "http://localhost:8087/": { "methods": [ { "type": "question", "usage_fee": "TESTKUDOS:0" }, { "type": "totp", "usage_fee": "TESTKUDOS:0" } ], "annual_fee": "TESTKUDOS:0", "truth_upload_fee": "TESTKUDOS:0", "liability_limit": "TESTKUDOS:1", "currency": "TESTKUDOS", "business_name": "Data loss #2 Inc.", "storage_limit_in_megabytes": 1, "salt": "E277KVF4J0NRMP9KMGY0PJ7428", "http_status": 200 }, "http://localhost:8088/": { "methods": [ { "type": "question", "usage_fee": "TESTKUDOS:0" }, { "type": "totp", "usage_fee": "TESTKUDOS:0" } ], "annual_fee": "TESTKUDOS:0", "truth_upload_fee": "TESTKUDOS:0", "liability_limit": "TESTKUDOS:1", "currency": "TESTKUDOS", "business_name": "Data loss #3 Inc.", "storage_limit_in_megabytes": 1, "salt": "GC3MMQP5G6JGTJFFBA3NGMSVY4", "http_status": 200 }, "http://localhost:8089/": { "methods": [ { "type": "question", "usage_fee": "TESTKUDOS:0" }, { "type": "sms", "usage_fee": "TESTKUDOS:0" }, { "type": "post", "usage_fee": "TESTKUDOS:1" }, { "type": "email", "usage_fee": "TESTKUDOS:0" } ], "annual_fee": "TESTKUDOS:0", "truth_upload_fee": "TESTKUDOS:0", "liability_limit": "TESTKUDOS:1", "currency": "TESTKUDOS", "business_name": "Data loss #4 Inc.", "storage_limit_in_megabytes": 1, "salt": "RG309YPWMXBHK3938DP1BVV3A4", "http_status": 200 } }, "selected_country": "xx", "currencies": [ "TESTKUDOS" ], "required_attributes": [ { "type": "string", "name": "full_name", "label": "Full name", "widget": "anastasis_gtk_ia_full_name", "uuid": "9e8f463f-575f-42cb-85f3-759559997331" }, { "type": "date", "name": "birthdate", "label": "Birthdate", "widget": "anastasis_gtk_ia_birthdate", "uuid": "83d655c7-bdb6-484d-904e-80c1058c8854" }, { "type": "string", "name": "sq_number", "label": "Square number", "widget": "anastasis_gtk_xx_square", "uuid": "ed790bca-89bf-11eb-96f2-233996cf644e", "validation-regex": "^[0-9]+$", "validation-logic": "XX_SQUARE_check" } ], "identity_attributes": { "full_name": "Foo", "birthdate": "2020-01-01", "sq_number": "16" }, "authentication_methods": [ { "type": "sms", "instructions": "SMS to 123", "challenge": "64S36" }, { "type": "email", "instructions": "Email to 123", "challenge": "64S36" }, { "type": "question", "instructions": "foo", "challenge": "C9GQ4" } ], "policies": [ { "methods": [ { "authentication_method": 1, "provider": "http://localhost:8089/", "truth": { "uuid": "2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0", "key_share": "QHFW7QEYJ6DYP6WZPA1RAM8KJT1CW5NWA2RRY8H7VQW17QH9BD80", "truth_key": "GRXG9Q9X9M08Q2ZG9D6YJSJAZ8AW3Q28222VHC2QH43S1F5M0J4KZQPJHW4TVBCGA37C6K47PPFARD7YN68FXK8E9VNQ6HJTW7ZFR9R", "salt": "B3ZSNHY2PGYPZX41NFJ4DS2JMC", "nonce": "G1ZXCTJ2YMMC77GDS166W8RMPCJ7ZCH1MRX2J40", "provider_salt": "RG309YPWMXBHK3938DP1BVV3A4", "url": "http://localhost:8089/", "type": "email", "instructions": "Email to 123", "upload_status": 1 } }, { "authentication_method": 2, "provider": "http://localhost:8086/", "truth": { "uuid": "FA0SZBJCWWY0W2TTNK0ZMQTWWBQXPBZM2HAX8BPFSFZT9APB6MSG", "key_share": "YXCP8BWXQZTJE418J7JRJPK67N35DHDEG161XTXCQPNE73FKNDTG", "truth_key": "H1JRNZ9JW2YVW6JHA6M5VZXA96PYTA2XAQZGKW633NDKGS5MJ0Z1W4XBF01RQ6TWKD998B72B5YKJ0ZAYXA21BW5X43F5HRN175XTWR", "salt": "6FFDWTGQPJDZ0FVPE832Q7DPFC", "nonce": "JFCNZ0WG2CDTNF07G2AJB3ACDZ1M2E3M2S10YZ8", "provider_salt": "HE4N5H49NRY3CSZYEEGT963WNR", "url": "http://localhost:8086/", "type": "question", "instructions": "foo", "upload_status": 0 } } ] }, { "methods": [ { "authentication_method": 0, "provider": "http://localhost:8089/", "truth": { "uuid": "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080", "key_share": "1TX5K61370CVSP76NZEA4P2G0K38DN0RJX7S5T19HV6PREQR0TAG", "truth_key": "K0P10XR0JE7M79V9VD6NV3XH33GJJSARBNN2XNDGGHW1KVEJHW31MG1JDN7Y3P805J2RHXJWX2KYD7QWVRC095SW0J38P70BNYZ3T18", "salt": "NB3SHZGWTND8YRF01MP9KBDQJC", "nonce": "GVJA96PNAAEAM81KTSFNCX6R6V1D6KBY6DFT9Q8", "provider_salt": "RG309YPWMXBHK3938DP1BVV3A4", "url": "http://localhost:8089/", "type": "sms", "instructions": "SMS to 123", "upload_status": 1 } }, { "authentication_method": 2, "provider": "http://localhost:8086/", "truth": { "uuid": "FA0SZBJCWWY0W2TTNK0ZMQTWWBQXPBZM2HAX8BPFSFZT9APB6MSG", "key_share": "YXCP8BWXQZTJE418J7JRJPK67N35DHDEG161XTXCQPNE73FKNDTG", "truth_key": "H1JRNZ9JW2YVW6JHA6M5VZXA96PYTA2XAQZGKW633NDKGS5MJ0Z1W4XBF01RQ6TWKD998B72B5YKJ0ZAYXA21BW5X43F5HRN175XTWR", "salt": "6FFDWTGQPJDZ0FVPE832Q7DPFC", "nonce": "JFCNZ0WG2CDTNF07G2AJB3ACDZ1M2E3M2S10YZ8", "provider_salt": "HE4N5H49NRY3CSZYEEGT963WNR", "url": "http://localhost:8086/", "type": "question", "instructions": "foo", "upload_status": 0 } } ] }, { "methods": [ { "authentication_method": 0, "provider": "http://localhost:8089/", "truth": { "uuid": "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080", "key_share": "1TX5K61370CVSP76NZEA4P2G0K38DN0RJX7S5T19HV6PREQR0TAG", "truth_key": "K0P10XR0JE7M79V9VD6NV3XH33GJJSARBNN2XNDGGHW1KVEJHW31MG1JDN7Y3P805J2RHXJWX2KYD7QWVRC095SW0J38P70BNYZ3T18", "salt": "NB3SHZGWTND8YRF01MP9KBDQJC", "nonce": "GVJA96PNAAEAM81KTSFNCX6R6V1D6KBY6DFT9Q8", "provider_salt": "RG309YPWMXBHK3938DP1BVV3A4", "url": "http://localhost:8089/", "type": "sms", "instructions": "SMS to 123", "upload_status": 1 } }, { "authentication_method": 1, "provider": "http://localhost:8089/", "truth": { "uuid": "2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0", "key_share": "QHFW7QEYJ6DYP6WZPA1RAM8KJT1CW5NWA2RRY8H7VQW17QH9BD80", "truth_key": "GRXG9Q9X9M08Q2ZG9D6YJSJAZ8AW3Q28222VHC2QH43S1F5M0J4KZQPJHW4TVBCGA37C6K47PPFARD7YN68FXK8E9VNQ6HJTW7ZFR9R", "salt": "B3ZSNHY2PGYPZX41NFJ4DS2JMC", "nonce": "G1ZXCTJ2YMMC77GDS166W8RMPCJ7ZCH1MRX2J40", "provider_salt": "RG309YPWMXBHK3938DP1BVV3A4", "url": "http://localhost:8089/", "type": "email", "instructions": "Email to 123", "upload_status": 1 } } ] } ], "policy_providers": [ { "provider_url": "http://localhost:8086/" }, { "provider_url": "http://localhost:8087/" }, { "provider_url": "http://localhost:8088/" }, { "provider_url": "http://localhost:8089/" } ], "upload_fees": [], "expiration": { "t_ms": 1792321852000 }, "secret_name": "foo", "success_details": { "http://localhost:8086/": { "policy_version": 1, "policy_expiration": { "t_ms": 1792321732000 } }, "http://localhost:8087/": { "policy_version": 1, "policy_expiration": { "t_ms": 1792321732000 } }, "http://localhost:8088/": { "policy_version": 1, "policy_expiration": { "t_ms": 1792321732000 } }, "http://localhost:8089/": { "policy_version": 1, "policy_expiration": { "t_ms": 1792321732000 } } }, "core_secret": { "value": "C5SP8SG", "mime": "text/plain" }, "payments": [ "taler+http://pay/localhost:9966/WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080/", "taler+http://pay/localhost:9966/2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0/" ] } |
|
I see. Yes, it should be safe to have a separate 'truths' object where we map the UUIDs to those details to de-duplicate this. One thing to check here is that IF the same challenge is stored at different providers, we MUST use a different UUID, salt and truth_key. That's just something to be careful about, not saying it is a bug, but it might be ;-). |
|
No impact, closing. |
Date Modified | Username | Field | Change |
---|---|---|---|
2021-10-17 21:48 | Florian Dold | New Issue | |
2021-10-17 21:48 | Florian Dold | Status | new => assigned |
2021-10-17 21:48 | Florian Dold | Assigned To | => Florian Dold |
2021-10-19 13:13 | Florian Dold | Note Added: 0018440 | |
2021-10-19 13:13 | Florian Dold | File Added: anastasis-redundant.json | |
2021-10-19 19:26 | Christian Grothoff | Note Added: 0018441 | |
2022-04-13 19:14 | Christian Grothoff | Severity | minor => trivial |
2022-04-13 19:14 | Christian Grothoff | Status | assigned => closed |
2022-04-13 19:14 | Christian Grothoff | Resolution | open => won't fix |
2022-04-13 19:14 | Christian Grothoff | Product Version | => Git master |
2022-04-13 19:14 | Christian Grothoff | Fixed in Version | => 0.3.0 |
2022-04-13 19:14 | Christian Grothoff | Target Version | => 0.3.0 |
2022-04-13 19:14 | Christian Grothoff | Note Added: 0018871 |