Skip to content

Commit

Permalink
v1.1.0 update (#79)
Browse files Browse the repository at this point in the history
Adding automated chainhash switching.

Also added a Goreleaser GHA.

Some extra cleanups and extra tests too.
  • Loading branch information
AnomalRoil authored Jan 18, 2024
1 parent 4cd62b8 commit 1f7b571
Show file tree
Hide file tree
Showing 20 changed files with 455 additions and 164 deletions.
30 changes: 30 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: goreleaser

on:
push:
tags:
- 'v*'

jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: '1.21'
- run: go version

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
41 changes: 41 additions & 0 deletions .goreleaser.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
project_name: tlock

before:
hooks:
- go mod download

builds:
- id: tlock
binary: tle
main: ./cmd/tle/tle.go
flags:
- -trimpath
env:
- CGO_ENABLED=0
asmflags:
- all=-trimpath={{.Env.HOME}}
gcflags:
- all=-trimpath={{.Env.HOME}}
goos:
- darwin
- linux
- windows
goarch:
- amd64
- arm
- arm64
goarm:
- 6
- 7
checksum:
name_template: 'checksums.txt'
snapshot:
name_template: "{{ .Tag }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
release:
prerelease: auto
15 changes: 7 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Working endpoints to access it are, on mainnet:
On mainnet, the only chainhash supporting timelock encryption, with a 3s frequency and signatures on the G1 group is:
`dbd506d6ef76e5f386f41c651dcb808c5bcbd75471cc4eafa3f4df7ad4e4c493`

This is a production-ready network with high-availability guarantees. It is considered fully secure by the drand team
This is a production-ready network with high-availability guarantees. It is considered fully secure by the drand team
and ran by the same League of Entropy that has been running drand in production since 2019.

On testnet:
Expand Down Expand Up @@ -249,19 +249,19 @@ $ cat encrypted_data | tle -d | age -d -o data.txt

Note that you could do the same with PGP or any other encryption tool.

---
---

### Security considerations

The security of our timelock encryption mechanism relies on four main things:
- The security of the underlying [Identity Encryption Scheme](https://crypto.stanford.edu/~dabo/pubs/papers/bfibe.pdf) (proposed in 2001) and [its implementation](https://github.com/drand/kyber/blob/a780ab21355ebe7f60b441a586d5e73a40c564eb/encrypt/ibe/ibe.go#L39-L47) that we're using.
- The security of the [threshold BLS scheme](https://link.springer.com/content/pdf/10.1007/s00145-004-0314-9.pdf) (proposed in 2003), and [its impementation](https://github.com/drand/kyber/blob/master/sign/tbls/tbls.go) by the network you're relying on.
- The security of [age](https://age-encryption.org/)'s underlying primitives, and that of the [age implementation](https://age-encryption.org/) we're using to encrypt the data, since we rely on the [hybrid encryption](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) principle, where we only timelock encrypt ("wrap") a random symmetric key that is used by age to actually symmetrically encrypt the data using [Chacha20Poly1305](https://datatracker.ietf.org/doc/html/rfc8439)).
- The security of the threshold network providing you with its BLS signatures **at a given frequency**, for instance the default for `tle` is to rely on drand and its existing League of Entropy network.
In practice this means that if you trust there are never more than the threshold `t` malicious nodes on the network you're relying on, you are guaranteed that you timelocked data cannot be decrypted earlier than what you intended.
- The security of [age](https://age-encryption.org/)'s underlying primitives, and that of the [age implementation](https://age-encryption.org/) we're using to encrypt the data, since we rely on the [hybrid encryption](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) principle, where we only timelock encrypt ("wrap") a random symmetric key that is used by age to actually symmetrically encrypt the data using [Chacha20Poly1305](https://datatracker.ietf.org/doc/html/rfc8439)).
- The security of the threshold network providing you with its BLS signatures **at a given frequency**, for instance the default for `tle` is to rely on drand and its existing League of Entropy network.

In practice this means that if you trust there are never more than the threshold `t` malicious nodes on the network you're relying on, you are guaranteed that you timelocked data cannot be decrypted earlier than what you intended.

Please note that neither BLS nor the IBE scheme we are relying on are "quantum resistant", therefore shall a Quantum Computer be built that's able to threaten their security, our current design wouldn't resist. There are also no quantum resistant scheme that we're aware of that could be used to replace our current design since post-quantum signatures schemes do not "thresholdize" too well in a post-quantum IBE-compatible way.
Please note that neither BLS nor the IBE scheme we are relying on are "quantum resistant", therefore shall a Quantum Computer be built that's able to threaten their security, our current design wouldn't resist. There are also no quantum resistant scheme that we're aware of that could be used to replace our current design since post-quantum signatures schemes do not "thresholdize" too well in a post-quantum IBE-compatible way.

However, such a quantum computer seems unlikely to be built within the next 5-10 years and therefore we currently consider that you can expect a "**long term security**" horizon of at least 5 years by relying on our design.

Expand All @@ -288,4 +288,3 @@ Therefore, the project is dual-licensed under Apache 2.0 and MIT terms:

- Apache License, Version 2.0, ([LICENSE-APACHE](https://github.com/drand/drand/blob/master/LICENSE-APACHE) or https://www.apache.org/licenses/LICENSE-2.0)
- MIT license ([LICENSE-MIT](https://github.com/drand/drand/blob/master/LICENSE-MIT) or https://opensource.org/licenses/MIT)
89
23 changes: 16 additions & 7 deletions cmd/tle/commands/commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,10 @@ import (

// Default settings.
const (
defaultNetwork = "https://api.drand.sh/"
defaultChain = "52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971"
// DefaultNetwork is set to the HTTPs relay from drand, you can also use Cloudflare relay or any other relay.
DefaultNetwork = "https://api.drand.sh/"
// DefaultChain is set to the League of Entropy quicknet chainhash.
DefaultChain = "52db9ba70e0cc0f6eaf7803dd07447a1f5477735fd3f661792ba94600c84e971"
)

// =============================================================================
Expand Down Expand Up @@ -88,8 +90,8 @@ func Parse() (Flags, error) {
flag.Usage = func() { fmt.Fprintf(os.Stderr, "%s\n", usage) }

f := Flags{
Network: defaultNetwork,
Chain: defaultChain,
Network: DefaultNetwork,
Chain: DefaultChain,
}

err := envconfig.Process("tle", &f)
Expand Down Expand Up @@ -176,23 +178,30 @@ func validateFlags(f *Flags) error {
if f.Armor {
return fmt.Errorf("-a/--armor can't be used with -d/--decrypt")
}
if f.Network != defaultNetwork {
if f.Chain == defaultChain {
if f.Network != DefaultNetwork {
if f.Chain == DefaultChain {
fmt.Fprintf(os.Stderr,
"You've specified a non-default network endpoint but still use the default chain hash.\n"+
"You might want to also specify a custom chainhash with the -c/--chain flag.\n\n")
}
}
default:
if f.Chain == "" {
return fmt.Errorf("-c/--chain can't be empty")
fmt.Fprintf(os.Stderr, "-c/--chain is empty, will default to quicknet chainhash (%s).\n", DefaultChain)
}
if f.Duration != "" && f.Round != 0 {
return fmt.Errorf("-D/--duration can't be used with -r/--round")
}
if f.Duration == "" && f.Round == 0 {
return fmt.Errorf("-D/--duration or -r/--round must be specified")
}
if f.Network != DefaultNetwork {
if f.Chain == DefaultChain {
fmt.Fprintf(os.Stderr,
"You've specified a non-default network endpoint but still use the default chain hash.\n"+
"You might want to also specify a custom chainhash with the -c/--chain flag.\n\n")
}
}
}

return nil
Expand Down
11 changes: 6 additions & 5 deletions cmd/tle/commands/commands_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,11 @@ package commands

import (
"bytes"
"github.com/stretchr/testify/require"
"os"
"testing"
"time"

"github.com/stretchr/testify/require"
)

func TestParseDuration(t *testing.T) {
Expand Down Expand Up @@ -125,8 +126,8 @@ func TestEncryptionWithDurationOverflow(t *testing.T) {
flags := Flags{
Encrypt: true,
Decrypt: false,
Network: defaultNetwork,
Chain: defaultChain,
Network: DefaultNetwork,
Chain: DefaultChain,
Round: 0,
Duration: "292277042628y",
Armor: false,
Expand All @@ -139,8 +140,8 @@ func TestEncryptionWithDurationOverflowUsingOtherUnits(t *testing.T) {
flags := Flags{
Encrypt: true,
Decrypt: false,
Network: defaultNetwork,
Chain: defaultChain,
Network: DefaultNetwork,
Chain: DefaultChain,
Duration: "292277042627y12m1d",
Armor: false,
}
Expand Down
33 changes: 15 additions & 18 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,18 @@ go 1.19

require (
filippo.io/age v1.1.1
github.com/drand/drand v1.5.7
github.com/drand/drand v1.5.9
github.com/drand/kyber v1.2.0
github.com/drand/kyber-bls12381 v0.3.1
github.com/stretchr/testify v1.8.4
gopkg.in/yaml.v3 v3.0.1
)

require (
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/kr/pretty v0.3.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231212172506-995d672761c0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
)

require (
Expand All @@ -28,20 +28,17 @@ require (
github.com/hashicorp/golang-lru v1.0.2 // indirect
github.com/kelseyhightower/envconfig v1.4.0
github.com/kilic/bls12-381 v0.1.0 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/nikkolasg/hexjson v0.1.0 // indirect
github.com/prometheus/client_golang v1.16.0 // indirect
github.com/prometheus/client_model v0.4.0 // indirect
github.com/prometheus/common v0.44.0 // indirect
github.com/prometheus/procfs v0.11.1 // indirect
go.uber.org/atomic v1.11.0 // indirect
github.com/prometheus/client_golang v1.18.0 // indirect
github.com/prometheus/client_model v0.5.0 // indirect
github.com/prometheus/common v0.46.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.25.0 // indirect
golang.org/x/crypto v0.13.0 // indirect
golang.org/x/net v0.15.0 // indirect
golang.org/x/sys v0.12.0 // indirect
golang.org/x/text v0.13.0 // indirect
google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5 // indirect
google.golang.org/grpc v1.58.0 // indirect
google.golang.org/protobuf v1.31.0 // indirect
go.uber.org/zap v1.26.0 // indirect
golang.org/x/crypto v0.18.0 // indirect
golang.org/x/net v0.20.0 // indirect
golang.org/x/sys v0.16.0 // indirect
golang.org/x/text v0.14.0 // indirect
google.golang.org/grpc v1.60.1 // indirect
google.golang.org/protobuf v1.32.0 // indirect
)
Loading

0 comments on commit 1f7b571

Please sign in to comment.