diff --git a/dev/kotlin/generate b/dev/kotlin/generate index 222ec90a..ccbbb356 100755 --- a/dev/kotlin/generate +++ b/dev/kotlin/generate @@ -48,6 +48,4 @@ docker run --platform linux/x86_64 --rm -i -v${PWD}:/code xmtp/protoc-kotlin \ mls/message_contents/group_metadata.proto \ mls/message_contents/group_mutable_metadata.proto \ mls/message_contents/content.proto \ - mls/message_contents/transcript_messages.proto \ - mls/message_contents/credential.proto \ - mls/message_contents/association.proto \ No newline at end of file + mls/message_contents/transcript_messages.proto \ No newline at end of file diff --git a/dev/ts/generate b/dev/ts/generate index 5f644cf4..e618bfe7 100755 --- a/dev/ts/generate +++ b/dev/ts/generate @@ -39,9 +39,7 @@ docker run --rm -i -v${PWD}:/code xmtp/protoc \ message_contents/ecies.proto \ mls/api/v1/mls.proto \ mls/database/intents.proto \ - mls/message_contents/association.proto \ mls/message_contents/content.proto \ - mls/message_contents/credential.proto \ mls/message_contents/group_membership.proto \ mls/message_contents/group_metadata.proto \ mls/message_contents/group_mutable_metadata.proto \ diff --git a/proto/mls/api/v1/mls.proto b/proto/mls/api/v1/mls.proto index 42865cb2..b382f4b5 100644 --- a/proto/mls/api/v1/mls.proto +++ b/proto/mls/api/v1/mls.proto @@ -4,16 +4,15 @@ package xmtp.mls.api.v1; import "google/api/annotations.proto"; import "google/protobuf/empty.proto"; -import "message_contents/signature.proto"; import "protoc-gen-openapiv2/options/annotations.proto"; option go_package = "github.com/xmtp/proto/v3/go/mls/api/v1"; option java_package = "org.xmtp.proto.mls.api.v1"; option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { info: { - title: "MlsApi"; - version: "1.0"; - }; + title: "MlsApi" + version: "1.0" + } }; // RPCs for the new MLS API @@ -35,14 +34,6 @@ service MlsApi { }; } - // Register a new installation, which would be validated before storage - rpc RegisterInstallation(RegisterInstallationRequest) returns (RegisterInstallationResponse) { - option (google.api.http) = { - post: "/mls/v1/register-installation" - body: "*" - }; - } - // Upload a new KeyPackage, which would be validated before storage rpc UploadKeyPackage(UploadKeyPackageRequest) returns (google.protobuf.Empty) { option (google.api.http) = { @@ -59,25 +50,6 @@ service MlsApi { }; } - // Would delete all key packages associated with the installation and mark - // the installation as having been revoked - rpc RevokeInstallation(RevokeInstallationRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - post: "/mls/v1/revoke-installation" - body: "*" - }; - } - - // Used to check for changes related to members of a group. - // Would return an array of any new installations associated with the wallet - // address, and any revocations that have happened. - rpc GetIdentityUpdates(GetIdentityUpdatesRequest) returns (GetIdentityUpdatesResponse) { - option (google.api.http) = { - post: "/mls/v1/get-identity-updates" - body: "*" - }; - } - // Query stored group messages rpc QueryGroupMessages(QueryGroupMessagesRequest) returns (QueryGroupMessagesResponse) { option (google.api.http) = { @@ -190,18 +162,6 @@ message KeyPackageUpload { bytes key_package_tls_serialized = 1; } -// Register a new installation -message RegisterInstallationRequest { - // The Key Package contains all information needed to register an installation - KeyPackageUpload key_package = 1; - bool is_inbox_id_credential= 2; -} - -// The response to a RegisterInstallationRequest -message RegisterInstallationResponse { - bytes installation_key = 1; -} - // Upload a new key packages message UploadKeyPackageRequest { // An individual key package upload request @@ -230,52 +190,6 @@ message FetchKeyPackagesResponse { repeated KeyPackage key_packages = 1; } -// Revoke an installation -message RevokeInstallationRequest { - bytes installation_key = 1; - // All revocations must be validated with a wallet signature over the - // installation_id being revoked (and some sort of standard prologue) - xmtp.message_contents.Signature wallet_signature = 2; -} - -// Get all updates for an identity since the specified time -message GetIdentityUpdatesRequest { - repeated string account_addresses = 1; - uint64 start_time_ns = 2; -} - -// Used to get any new or revoked installations for a list of wallet addresses -message GetIdentityUpdatesResponse { - // A new installation key was seen for the first time by the nodes - message NewInstallationUpdate { - bytes installation_key = 1; - bytes credential_identity = 2; - } - - // An installation was revoked - message RevokedInstallationUpdate { - bytes installation_key = 1; - } - - // A wrapper for any update to the wallet - message Update { - uint64 timestamp_ns = 1; - oneof kind { - NewInstallationUpdate new_installation = 2; - RevokedInstallationUpdate revoked_installation = 3; - } - } - - // A wrapper for the updates for a single wallet - message WalletUpdates { - repeated Update updates = 1; - } - - // A list of updates (or empty objects if no changes) in the original order - // of the request - repeated WalletUpdates updates = 1; -} - // Sort direction for queries enum SortDirection { SORT_DIRECTION_UNSPECIFIED = 0; diff --git a/proto/mls/message_contents/association.proto b/proto/mls/message_contents/association.proto deleted file mode 100644 index b18ab67f..00000000 --- a/proto/mls/message_contents/association.proto +++ /dev/null @@ -1,54 +0,0 @@ -// Associations and signatures -syntax = "proto3"; - -package xmtp.mls.message_contents; - -import "message_contents/public_key.proto"; - -option go_package = "github.com/xmtp/proto/v3/go/mls/message_contents"; -option java_package = "org.xmtp.proto.mls.message.contents"; - -// Allows for us to update the format of the association text without -// incrementing the entire proto -enum AssociationTextVersion { - ASSOCIATION_TEXT_VERSION_UNSPECIFIED = 0; - ASSOCIATION_TEXT_VERSION_1 = 1; -} - -// Used for "Grant Messaging Access" associations -message GrantMessagingAccessAssociation { - AssociationTextVersion association_text_version = 1; - RecoverableEcdsaSignature signature = 2; // EIP-191 signature - string account_address = 3; - uint64 created_ns = 4; -} - -// Used for "Revoke Messaging Access" associations -message RevokeMessagingAccessAssociation { - AssociationTextVersion association_text_version = 1; - RecoverableEcdsaSignature signature = 2; // EIP-191 signature - string account_address = 3; - uint64 created_ns = 4; -} - -// LegacyCreateIdentityAssociation is used when a v3 installation key -// is signed by a v2 identity key, which in turn is signed via a -// 'CreateIdentity' wallet signature -message LegacyCreateIdentityAssociation { - // Signs SHA-256 hash of installation key - RecoverableEcdsaSignature signature = 1; - // created_ns is encoded inside serialized key, account_address is recoverable - // from the SignedPublicKey signature - xmtp.message_contents.SignedPublicKey signed_legacy_create_identity_key = 2; -} - -// RecoverableEcdsaSignature -message RecoverableEcdsaSignature { - // 65-bytes [ R || S || V ], with recovery id as the last byte - bytes bytes = 1; -} - -// EdDSA signature bytes matching RFC 8032 -message EdDsaSignature { - bytes bytes = 1; -} diff --git a/proto/mls/message_contents/credential.proto b/proto/mls/message_contents/credential.proto deleted file mode 100644 index 69cee17a..00000000 --- a/proto/mls/message_contents/credential.proto +++ /dev/null @@ -1,31 +0,0 @@ -// Credentials and revocations -syntax = "proto3"; - -package xmtp.mls.message_contents; - -import "mls/message_contents/association.proto"; - -option go_package = "github.com/xmtp/proto/v3/go/mls/message_contents"; -option java_package = "org.xmtp.proto.mls.message.contents"; - -// A credential that can be used in MLS leaf nodes -message MlsCredential { - bytes installation_public_key = 1; - oneof association { - GrantMessagingAccessAssociation messaging_access = 2; - LegacyCreateIdentityAssociation legacy_create_identity = 3; - } -} - -// A declaration and proof that a credential is no longer valid -message CredentialRevocation { - oneof public_key { - // The 'installation_public_key' field of the MlsCredential proto - bytes installation_key = 1; - // The 'key_bytes' field of the legacy SignedPublicKey proto - bytes unsigned_legacy_create_identity_key = 2; - } - oneof association { - RevokeMessagingAccessAssociation messaging_access = 3; - } -} diff --git a/proto/mls_validation/v1/service.proto b/proto/mls_validation/v1/service.proto index 3842f8c6..61d994e2 100644 --- a/proto/mls_validation/v1/service.proto +++ b/proto/mls_validation/v1/service.proto @@ -9,40 +9,19 @@ option go_package = "github.com/xmtp/proto/v3/go/mls_validation/v1"; // RPCs for the new MLS API service ValidationApi { - // Validates and parses a batch of key packages and returns relevant details - rpc ValidateKeyPackages(ValidateKeyPackagesRequest) returns (ValidateKeyPackagesResponse) {} - // Validates and parses a group message and returns relevant details rpc ValidateGroupMessages(ValidateGroupMessagesRequest) returns (ValidateGroupMessagesResponse) {} - + // Gets the final association state for a batch of identity updates rpc GetAssociationState(GetAssociationStateRequest) returns (GetAssociationStateResponse) {} - + // Validates InboxID key packages and returns credential information for them, without checking // whether an InboxId <> InstallationPublicKey pair is really valid. - rpc ValidateInboxIdKeyPackages(ValidateKeyPackagesRequest) returns (ValidateInboxIdKeyPackagesResponse) {} - - // Validate an InboxID Key Package - // need public key possibly - rpc ValidateInboxIds(ValidateInboxIdsRequest) returns (ValidateInboxIdsResponse) {} -} - -// Validates a Inbox-ID Key Package Type -message ValidateInboxIdKeyPackagesResponse { - // one response corresponding to information about one key package - message Response { - bool is_ok = 1; - string error_message = 2; - xmtp.identity.MlsCredential credential = 3; - bytes installation_public_key = 4; - uint64 expiration = 5; - } - - repeated Response responses = 1; + rpc ValidateInboxIdKeyPackages(ValidateInboxIdKeyPackagesRequest) returns (ValidateInboxIdKeyPackagesResponse) {} } // Contains a batch of serialized Key Packages -message ValidateKeyPackagesRequest { +message ValidateInboxIdKeyPackagesRequest { // Wrapper for each key package message KeyPackage { bytes key_package_bytes_tls_serialized = 1; @@ -52,19 +31,18 @@ message ValidateKeyPackagesRequest { repeated KeyPackage key_packages = 1; } -// Response to ValidateKeyPackagesRequest -message ValidateKeyPackagesResponse { - // An individual response to one key package - message ValidationResponse { +// Validates a Inbox-ID Key Package Type +message ValidateInboxIdKeyPackagesResponse { + // one response corresponding to information about one key package + message Response { bool is_ok = 1; string error_message = 2; - bytes installation_id = 3; - string account_address = 4; - bytes credential_identity_bytes = 5; - uint64 expiration = 6; + xmtp.identity.MlsCredential credential = 3; + bytes installation_public_key = 4; + uint64 expiration = 5; } - repeated ValidationResponse responses = 1; + repeated Response responses = 1; } // Contains a batch of serialized Group Messages @@ -102,28 +80,3 @@ message GetAssociationStateResponse { xmtp.identity.associations.AssociationState association_state = 1; xmtp.identity.associations.AssociationStateDiff state_diff = 2; } - -// Request to validate an InboxID with the backend service. Ensures an Inbox Id <> Installation key are valid. -message ValidateInboxIdsRequest { - // a single validation request - message ValidationRequest { - xmtp.identity.MlsCredential credential = 1; - bytes installation_public_key = 2; - repeated xmtp.identity.associations.IdentityUpdate identity_updates = 3; - } - - // list of validation requests - repeated ValidationRequest requests = 1; -} - -// Response to ValidateInboxIdRequest -message ValidateInboxIdsResponse { - // a single validation response - message ValidationResponse { - bool is_ok = 1; - string error_message = 2; - string inbox_id = 3; - } - // List of validation responses - repeated ValidationResponse responses = 1; -} diff --git a/proto/xmtpv4/message_api/message_api.proto b/proto/xmtpv4/message_api/message_api.proto index 694eed78..fec90971 100644 --- a/proto/xmtpv4/message_api/message_api.proto +++ b/proto/xmtpv4/message_api/message_api.proto @@ -4,6 +4,7 @@ syntax = "proto3"; package xmtp.xmtpv4; import "google/api/annotations.proto"; +import "identity/associations/association.proto"; import "identity/associations/signature.proto"; import "mls/api/v1/mls.proto"; @@ -26,9 +27,8 @@ message ClientEnvelope { oneof payload { xmtp.mls.api.v1.GroupMessageInput group_message = 1; xmtp.mls.api.v1.WelcomeMessageInput welcome_message = 2; - xmtp.mls.api.v1.RegisterInstallationRequest register_installation = 3; + xmtp.identity.associations.IdentityUpdate identity_update = 3; xmtp.mls.api.v1.UploadKeyPackageRequest upload_key_package = 4; - xmtp.mls.api.v1.RevokeInstallationRequest revoke_installation = 5; } AuthenticatedData aad = 6; } diff --git a/ts/index.ts b/ts/index.ts index 74a42232..3a3002f6 100644 --- a/ts/index.ts +++ b/ts/index.ts @@ -18,9 +18,7 @@ export * as signedPayload from "./message_contents/signed_payload.pb"; export * as ecies from "./message_contents/ecies.pb"; export * as mlsApi from "./mls/api/v1/mls.pb"; export * as mlsDatabaseIntent from "./mls/database/intents.pb"; -export * as mlsAssociation from "./mls/message_contents/association.pb"; export * as mlsContent from "./mls/message_contents/content.pb"; -export * as mlsCredential from "./mls/message_contents/credential.pb"; export * as mlsGroupMembership from "./mls/message_contents/group_membership.pb"; export * as mlsGroupMetadata from "./mls/message_contents/group_metadata.pb"; export * as mlsGroupMutableMetadata from "./mls/message_contents/group_mutable_metadata.pb";