covidwatchorg / tcn-node Goto Github PK

View Code? Open in Web Editor NEW

4.0 6.0 1.0 2.42 MB

Node.js Module that Wraps TCN Protocol Rust Implementation

License: Apache License 2.0

Rust 51.31% Shell 6.18% TypeScript 42.51%

tcn-node's Introduction

tcn-node

Node.js module that wraps the TCN Protocol Rust Implementation

TODO

Installation

Pre-built binaries available for Node v10, v12, v13, and v14.

As long as you are using one of those versions, installing via npm should automatically download the binary for your platform:

$ npm install tcn-node

In case you are using a different version of Node or an unusual system architecture, you may need to also install Rust and the Node build tools so that it can to build the native addon during install.

Usage

Using the TCN native module directly

The API of the Rust tcn crate is wrapped in a native Node addon and can be used in much the same way as if you were using that crate in Rust code:

const { ReportAuthorizationKey, MemoType } = require("tcn-node").native;
const assert = require("assert");

// Generate a report authorization key.  This key represents the capability
// to publish a report about a collection of derived temporary contact numbers.
let rak = new ReportAuthorizationKey();

// Use the temporary contact key ratchet mechanism to compute a list
// of temporary contact numbers.
let tck = rak.initial_temporary_contact_key(); // tck <- tck_1
let tcns = [];
for (let i = 0; i < 100; i++) {
  tcns.push(tck.temporary_contact_number());
  tck = tck.ratchet();
}

// Prepare a report about a subset of the temporary contact numbers.
let signed_report = rak.create_report(
  MemoType.CoEpiV1, // The memo type
  Buffer.from("symptom data"), // The memo data
  20, // Index of the first TCN to disclose
  90 // Index of the last TCN to check
);

// Verify the source integrity of the report...
let report = signed_report.verify();
// ...allowing the disclosed TCNs to be recomputed.
let recomputed_tcns = report.temporary_contact_numbers();

// Check that the recomputed TCNs match the originals.
// The slice is offset by 1 because tcn_0 is not included.
assert.deepEqual(recomputed_tcns, tcns.slice(20 - 1, 90 - 1));

JavaScript API

The JS API is a work in progress and currently consists of a few example functions only:

const { tcnExample, signedReportExample, validateReport } = require("tcn-node");

console.log(tcnExample()); // => "symptom data"

console.log(signedReportExample()); // => generates a signed report as JSON

console.log(validateReport(signedReportExample())); // => true

console.log(
  validateReport({
    report: {
      rvk: [
        205,
        234,
        147,
        231,
        210,
        96,
        99,
        128,
        241,
        255,
        168,
        61,
        243,
        222,
        144,
        41,
        194,
        92,
        112,
        118,
        140,
        98,
        90,
        38,
        156,
        32,
        216,
        117,
        171,
        14,
        206,
        117,
      ],
      tck_bytes: [
        5,
        44,
        47,
        43,
        14,
        249,
        162,
        165,
        139,
        157,
        225,
        217,
        38,
        77,
        151,
        140,
        247,
        198,
        138,
        23,
        208,
        188,
        229,
        189,
        20,
        101,
        126,
        83,
        216,
        18,
        194,
        19,
      ],
      j_1: 20,
      j_2: 90,
      memo_type: "CoEpiV1",
      memo_data: [115, 121, 109, 112, 116, 111, 109, 32, 100, 97, 116, 97],
    },
    sig: {
      R_bytes: [
        171,
        0,
        174,
        55,
        138,
        201,
        100,
        209,
        69,
        98,
        176,
        85,
        27,
        240,
        129,
        22,
        204,
        209,
        89,
        245,
        9,
        31,
        170,
        4,
        1,
        69,
        243,
        251,
        36,
        31,
        249,
        192,
      ],
      s_bytes: [
        250,
        99,
        139,
        105,
        167,
        126,
        136,
        208,
        253,
        158,
        225,
        46,
        81,
        179,
        50,
        90,
        113,
        63,
        235,
        163,
        172,
        193,
        251,
        86,
        76,
        118,
        188,
        170,
        16,
        252,
        132,
        8,
      ],
    },
  })
); // => true

Development

This project uses:

Neon for compiling Rust code to a native Node.js addon
TSDX for typescript tooling
GitHub Actions for CI/CD

Prerequisites

Install Rust
Install Node Build Tools
- Mac:
  1. Install Xcode
  2. Install the Command Line Tools via Xcode under the menu Xcode → Preferences → Downloads.
- Windows:
  npm install --global --production windows-build-tools
- Linux/WSL:
  sudo apt install -y make gcc g++

Building and running from source

$ git clone https://github.com/covid19risk/tcn-node.git && cd tcn-node
$ npm install --build-from-source
$ node
> const tcn = require('.')
undefined
> tcn.tcnExample()
'symptom data'

You can also use npm start to run the typescript build in development/watch mode. This is handy for catching errors while you work.

Testing

$ npm run native:dev && npm test

Releasing

Suggestion: only make full releases from master, otherwise make a pre-release

Use minor/preminor for functional changes, patch/prepatch for bug fixes.
Use prerelease when already on a alpha/beta/rc version to just bump the last part. Major/premajor for large breaking changes / overhauls, and 1.0.0 release.

tcn-node's People

Contributors

Stargazers

Watchers

Forkers

mannimmond86

tcn-node's Issues

Add types / improve API

Currently tcn-node (v0.3) exposes only 1 useful function, validateReport, which is specified as type any => any.

I have added full typescript support in a new branch and am working on specifying the types for this function, it would be good to know what is convenient/expected by outside consumers. It would also be good to know what other useful methods we might add to our API.

So far I have this:

export interface Report {
  rvk: number[];
  tck_bytes: number[];
  j_1: number;
  j_2: number;
  memo_type: "CoEpiV1" | "CovidWatchV1" | "Reserved";
  memo_data: number[];
}

export interface Signature {
  R_bytes: number[];
  s_bytes: number[];
}

export interface SignedReport {
  report: Report;
  sig: Signature;
}

And validateReport therefore has type (signedReport: SignedReport) => boolean

But, all of those number[] typed fields represent byte arrays, so it is arguably better to represent them as Uint8Arrays. Base64 encoded or BAIS encoded strings could also work - but maybe better to have that as a separate function or expose some conversion/report building methods for convenience.

Also, the naming convention and structure could for sure be improved, currently the fields are very non descriptive. I'm open to suggestions for how we should call them. Another useful step would be to combine the signature into a single field instead of splitting on R_bytes and s_bytes - the splitting is likely an implementation detail not needing to be exposed to end users - though I am not confident on that topic.

What do you think? @madhavajay @inmyth

Add TCN validation to our Cloud Function

Our mobile apps generate cryptographic signatures and then upload these via a REST endpoint to our cloud function on firebase. The data is currently being written to the firestore but before we do that we want to verify the signature is correct.

The code is there and its setup so you can run the local firebase / firestore emulator on your machine.
https://github.com/covid19risk/covidwatch-cloud-functions

Once the emulators are running you can open postman and make some requests.
We are currently using the POST request to write data to the firestore.

in index.ts there is a line that says:
// validate crypto

Thats where we need to do the crypto validation.

All of the data needed should be available at that point although you might need to change the formats around, we are receiving base64 and turning it into bytes.

This is the TCN protocol
https://github.com/TCNCoalition/TCN

Basically we want to run the code in that Rust implementation to verify that the payload and signature match so that there has been no modification of the submitted data and that it is well formed.

The TCN rust implementation has been wrapped in a node module here, see the branch add-verification-function:
https://github.com/covid19risk/tcn-node/tree/add-verification-function

It might not be complete yet so there could be some work to be done there.

I did the cloud function stuff so if you have questions ping me, The guy who did tcn-node is @miridius and you can message him directly on EU time if you want any help there.