View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007040 | Anastasis | C reducer implementation | public | 2021-10-17 21:48 | 2022-04-13 19:14 |
| Reporter | Florian Dold | Assigned To | Florian Dold | ||
| Priority | normal | Severity | trivial | Reproducibility | have not tried |
| Status | closed | Resolution | won't fix | ||
| Product Version | Git master | ||||
| Target Version | 0.3.0 | Fixed in Version | 0.3.0 | ||
| Summary | 0007040: reducer stores truth metadata redundantly and weirdly | ||||
| Description | The reducer currently stores some truth-related data redundantly. A truth can be used by multiple policies, but the truth data is repeated in the "policies[*].methods" objects multiple times. Instead, there should be a top-level "truth_info" object, indexed by the truth key `${methodIndex}:${providerUrl}`. | ||||
| Tags | No tags attached. | ||||
|
|
In the attached reducer state, the truth with UUID "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080" is stored twice, with exactly the same data. anastasis-redundant.json (10,722 bytes)
{
"continents": [
{
"name": "Europe",
"name_i18n": {
"de_DE": "Europa",
"es_ES": "Europa"
}
},
{
"name": "India",
"name_i18n": {
"en_EN": "India"
}
},
{
"name": "Asia",
"name_i18n": {
"en_EN": "Japan"
}
},
{
"name": "North America",
"name_i18n": {
"de_DE": "Nordamerika"
}
},
{
"name": "Testcontinent",
"name_i18n": {
"de_DE": "Testkontinent"
}
}
],
"backup_state": "TRUTHS_PAYING",
"selected_continent": "Testcontinent",
"countries": [
{
"code": "xx",
"name": "Testland",
"continent": "Testcontinent",
"continent_i18n": {
"de_DE": "Testkontinent"
},
"name_i18n": {
"de_DE": "Testlandt",
"de_CH": "Testlandi",
"fr_FR": "Testpais",
"en_UK": "Testland"
},
"currency": "TESTKUDOS",
"call_code": "+00"
},
{
"code": "xy",
"name": "Demoland",
"continent": "Testcontinent",
"continent_i18n": {
"de_DE": "Testkontinent"
},
"name_i18n": {
"de_DE": "Demolandt",
"de_CH": "Demolandi",
"fr_FR": "Demopais",
"en_UK": "Demoland"
},
"currency": "KUDOS",
"call_code": "+01"
}
],
"authentication_providers": {
"http://localhost:8086/": {
"methods": [
{
"type": "question",
"usage_fee": "TESTKUDOS:0"
},
{
"type": "totp",
"usage_fee": "TESTKUDOS:0"
}
],
"annual_fee": "TESTKUDOS:0",
"truth_upload_fee": "TESTKUDOS:0",
"liability_limit": "TESTKUDOS:1",
"currency": "TESTKUDOS",
"business_name": "Data loss #1 Inc.",
"storage_limit_in_megabytes": 1,
"salt": "HE4N5H49NRY3CSZYEEGT963WNR",
"http_status": 200
},
"http://localhost:8087/": {
"methods": [
{
"type": "question",
"usage_fee": "TESTKUDOS:0"
},
{
"type": "totp",
"usage_fee": "TESTKUDOS:0"
}
],
"annual_fee": "TESTKUDOS:0",
"truth_upload_fee": "TESTKUDOS:0",
"liability_limit": "TESTKUDOS:1",
"currency": "TESTKUDOS",
"business_name": "Data loss #2 Inc.",
"storage_limit_in_megabytes": 1,
"salt": "E277KVF4J0NRMP9KMGY0PJ7428",
"http_status": 200
},
"http://localhost:8088/": {
"methods": [
{
"type": "question",
"usage_fee": "TESTKUDOS:0"
},
{
"type": "totp",
"usage_fee": "TESTKUDOS:0"
}
],
"annual_fee": "TESTKUDOS:0",
"truth_upload_fee": "TESTKUDOS:0",
"liability_limit": "TESTKUDOS:1",
"currency": "TESTKUDOS",
"business_name": "Data loss #3 Inc.",
"storage_limit_in_megabytes": 1,
"salt": "GC3MMQP5G6JGTJFFBA3NGMSVY4",
"http_status": 200
},
"http://localhost:8089/": {
"methods": [
{
"type": "question",
"usage_fee": "TESTKUDOS:0"
},
{
"type": "sms",
"usage_fee": "TESTKUDOS:0"
},
{
"type": "post",
"usage_fee": "TESTKUDOS:1"
},
{
"type": "email",
"usage_fee": "TESTKUDOS:0"
}
],
"annual_fee": "TESTKUDOS:0",
"truth_upload_fee": "TESTKUDOS:0",
"liability_limit": "TESTKUDOS:1",
"currency": "TESTKUDOS",
"business_name": "Data loss #4 Inc.",
"storage_limit_in_megabytes": 1,
"salt": "RG309YPWMXBHK3938DP1BVV3A4",
"http_status": 200
}
},
"selected_country": "xx",
"currencies": [
"TESTKUDOS"
],
"required_attributes": [
{
"type": "string",
"name": "full_name",
"label": "Full name",
"widget": "anastasis_gtk_ia_full_name",
"uuid": "9e8f463f-575f-42cb-85f3-759559997331"
},
{
"type": "date",
"name": "birthdate",
"label": "Birthdate",
"widget": "anastasis_gtk_ia_birthdate",
"uuid": "83d655c7-bdb6-484d-904e-80c1058c8854"
},
{
"type": "string",
"name": "sq_number",
"label": "Square number",
"widget": "anastasis_gtk_xx_square",
"uuid": "ed790bca-89bf-11eb-96f2-233996cf644e",
"validation-regex": "^[0-9]+$",
"validation-logic": "XX_SQUARE_check"
}
],
"identity_attributes": {
"full_name": "Foo",
"birthdate": "2020-01-01",
"sq_number": "16"
},
"authentication_methods": [
{
"type": "sms",
"instructions": "SMS to 123",
"challenge": "64S36"
},
{
"type": "email",
"instructions": "Email to 123",
"challenge": "64S36"
},
{
"type": "question",
"instructions": "foo",
"challenge": "C9GQ4"
}
],
"policies": [
{
"methods": [
{
"authentication_method": 1,
"provider": "http://localhost:8089/",
"truth": {
"uuid": "2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0",
"key_share": "QHFW7QEYJ6DYP6WZPA1RAM8KJT1CW5NWA2RRY8H7VQW17QH9BD80",
"truth_key": "GRXG9Q9X9M08Q2ZG9D6YJSJAZ8AW3Q28222VHC2QH43S1F5M0J4KZQPJHW4TVBCGA37C6K47PPFARD7YN68FXK8E9VNQ6HJTW7ZFR9R",
"salt": "B3ZSNHY2PGYPZX41NFJ4DS2JMC",
"nonce": "G1ZXCTJ2YMMC77GDS166W8RMPCJ7ZCH1MRX2J40",
"provider_salt": "RG309YPWMXBHK3938DP1BVV3A4",
"url": "http://localhost:8089/",
"type": "email",
"instructions": "Email to 123",
"upload_status": 1
}
},
{
"authentication_method": 2,
"provider": "http://localhost:8086/",
"truth": {
"uuid": "FA0SZBJCWWY0W2TTNK0ZMQTWWBQXPBZM2HAX8BPFSFZT9APB6MSG",
"key_share": "YXCP8BWXQZTJE418J7JRJPK67N35DHDEG161XTXCQPNE73FKNDTG",
"truth_key": "H1JRNZ9JW2YVW6JHA6M5VZXA96PYTA2XAQZGKW633NDKGS5MJ0Z1W4XBF01RQ6TWKD998B72B5YKJ0ZAYXA21BW5X43F5HRN175XTWR",
"salt": "6FFDWTGQPJDZ0FVPE832Q7DPFC",
"nonce": "JFCNZ0WG2CDTNF07G2AJB3ACDZ1M2E3M2S10YZ8",
"provider_salt": "HE4N5H49NRY3CSZYEEGT963WNR",
"url": "http://localhost:8086/",
"type": "question",
"instructions": "foo",
"upload_status": 0
}
}
]
},
{
"methods": [
{
"authentication_method": 0,
"provider": "http://localhost:8089/",
"truth": {
"uuid": "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080",
"key_share": "1TX5K61370CVSP76NZEA4P2G0K38DN0RJX7S5T19HV6PREQR0TAG",
"truth_key": "K0P10XR0JE7M79V9VD6NV3XH33GJJSARBNN2XNDGGHW1KVEJHW31MG1JDN7Y3P805J2RHXJWX2KYD7QWVRC095SW0J38P70BNYZ3T18",
"salt": "NB3SHZGWTND8YRF01MP9KBDQJC",
"nonce": "GVJA96PNAAEAM81KTSFNCX6R6V1D6KBY6DFT9Q8",
"provider_salt": "RG309YPWMXBHK3938DP1BVV3A4",
"url": "http://localhost:8089/",
"type": "sms",
"instructions": "SMS to 123",
"upload_status": 1
}
},
{
"authentication_method": 2,
"provider": "http://localhost:8086/",
"truth": {
"uuid": "FA0SZBJCWWY0W2TTNK0ZMQTWWBQXPBZM2HAX8BPFSFZT9APB6MSG",
"key_share": "YXCP8BWXQZTJE418J7JRJPK67N35DHDEG161XTXCQPNE73FKNDTG",
"truth_key": "H1JRNZ9JW2YVW6JHA6M5VZXA96PYTA2XAQZGKW633NDKGS5MJ0Z1W4XBF01RQ6TWKD998B72B5YKJ0ZAYXA21BW5X43F5HRN175XTWR",
"salt": "6FFDWTGQPJDZ0FVPE832Q7DPFC",
"nonce": "JFCNZ0WG2CDTNF07G2AJB3ACDZ1M2E3M2S10YZ8",
"provider_salt": "HE4N5H49NRY3CSZYEEGT963WNR",
"url": "http://localhost:8086/",
"type": "question",
"instructions": "foo",
"upload_status": 0
}
}
]
},
{
"methods": [
{
"authentication_method": 0,
"provider": "http://localhost:8089/",
"truth": {
"uuid": "WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080",
"key_share": "1TX5K61370CVSP76NZEA4P2G0K38DN0RJX7S5T19HV6PREQR0TAG",
"truth_key": "K0P10XR0JE7M79V9VD6NV3XH33GJJSARBNN2XNDGGHW1KVEJHW31MG1JDN7Y3P805J2RHXJWX2KYD7QWVRC095SW0J38P70BNYZ3T18",
"salt": "NB3SHZGWTND8YRF01MP9KBDQJC",
"nonce": "GVJA96PNAAEAM81KTSFNCX6R6V1D6KBY6DFT9Q8",
"provider_salt": "RG309YPWMXBHK3938DP1BVV3A4",
"url": "http://localhost:8089/",
"type": "sms",
"instructions": "SMS to 123",
"upload_status": 1
}
},
{
"authentication_method": 1,
"provider": "http://localhost:8089/",
"truth": {
"uuid": "2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0",
"key_share": "QHFW7QEYJ6DYP6WZPA1RAM8KJT1CW5NWA2RRY8H7VQW17QH9BD80",
"truth_key": "GRXG9Q9X9M08Q2ZG9D6YJSJAZ8AW3Q28222VHC2QH43S1F5M0J4KZQPJHW4TVBCGA37C6K47PPFARD7YN68FXK8E9VNQ6HJTW7ZFR9R",
"salt": "B3ZSNHY2PGYPZX41NFJ4DS2JMC",
"nonce": "G1ZXCTJ2YMMC77GDS166W8RMPCJ7ZCH1MRX2J40",
"provider_salt": "RG309YPWMXBHK3938DP1BVV3A4",
"url": "http://localhost:8089/",
"type": "email",
"instructions": "Email to 123",
"upload_status": 1
}
}
]
}
],
"policy_providers": [
{
"provider_url": "http://localhost:8086/"
},
{
"provider_url": "http://localhost:8087/"
},
{
"provider_url": "http://localhost:8088/"
},
{
"provider_url": "http://localhost:8089/"
}
],
"upload_fees": [],
"expiration": {
"t_ms": 1792321852000
},
"secret_name": "foo",
"success_details": {
"http://localhost:8086/": {
"policy_version": 1,
"policy_expiration": {
"t_ms": 1792321732000
}
},
"http://localhost:8087/": {
"policy_version": 1,
"policy_expiration": {
"t_ms": 1792321732000
}
},
"http://localhost:8088/": {
"policy_version": 1,
"policy_expiration": {
"t_ms": 1792321732000
}
},
"http://localhost:8089/": {
"policy_version": 1,
"policy_expiration": {
"t_ms": 1792321732000
}
}
},
"core_secret": {
"value": "C5SP8SG",
"mime": "text/plain"
},
"payments": [
"taler+http://pay/localhost:9966/WS6WJX7TB8SGCWHEW02JDC2J7HB7WFEDP2VQPR1NA8T0WHMRT080/",
"taler+http://pay/localhost:9966/2FF4HE7E23JQW3RCVCYSYGVWTR5Y5P8YP01MNN573A9KDSHNN7B0/"
]
}
|
|
|
I see. Yes, it should be safe to have a separate 'truths' object where we map the UUIDs to those details to de-duplicate this. One thing to check here is that IF the same challenge is stored at different providers, we MUST use a different UUID, salt and truth_key. That's just something to be careful about, not saying it is a bug, but it might be ;-). |
|
|
No impact, closing. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-10-17 21:48 | Florian Dold | New Issue | |
| 2021-10-17 21:48 | Florian Dold | Status | new => assigned |
| 2021-10-17 21:48 | Florian Dold | Assigned To | => Florian Dold |
| 2021-10-19 13:13 | Florian Dold | Note Added: 0018440 | |
| 2021-10-19 13:13 | Florian Dold | File Added: anastasis-redundant.json | |
| 2021-10-19 19:26 | Christian Grothoff | Note Added: 0018441 | |
| 2022-04-13 19:14 | Christian Grothoff | Severity | minor => trivial |
| 2022-04-13 19:14 | Christian Grothoff | Status | assigned => closed |
| 2022-04-13 19:14 | Christian Grothoff | Resolution | open => won't fix |
| 2022-04-13 19:14 | Christian Grothoff | Product Version | => Git master |
| 2022-04-13 19:14 | Christian Grothoff | Fixed in Version | => 0.3.0 |
| 2022-04-13 19:14 | Christian Grothoff | Target Version | => 0.3.0 |
| 2022-04-13 19:14 | Christian Grothoff | Note Added: 0018871 |
