daphne
daphne copied to clipboard
cloudflare
Implementation of DAP
~Based on #574 (merge that first).~ This is a prototype of proposal 1 from: https://docs.google.com/document/d/1ZjXz-1kGsTDf2Vn2u-fwYqR8BSc3tOYlELVHAYvAfjk Daphne will use the Mastic VDAF rather than Poplar1 because we only support 1-round VDAFs....
current [`batch_exists`](https://github.com/cloudflare/daphne/blob/4c612db3d42230a97899ccfe09e0f2566af94bbf/daphne_server/src/roles/aggregator.rs#L310) implementation fetches the entire Aggregate Share just to see if it exists before fetching it again to return it. This takes 600ms on my machine
`DapVersion::Latest` points to draft10, however we have not fully implement it. Note that we may end up dropping draft10 in favor the next version.
If we detect a batch overlap, we abort: https://github.com/cloudflare/daphne/blob/main/daphne/src/roles/helper.rs#L199-L209 But if the batch interval hasn't changed, we're meant to handle this idempotently: https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap-09#section-4.6.2-16
This is optional because in the past we have stored task configs in KV that were configured by taskprov but lacked the "info" field needed to reconstruct the taskprov advertisement....
DAP wants to allow the Leader to repeat requests to: PUT /tasks/{tasks}/aggregation_jobs/{aggregation-job-id} [As long as the body of the request is the same](https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap-09#section-4.5.1.2-22), we should respond with the same `AggregationJobRep`...
When validating a bearer token we use a constant-time comparison algorithm in order to avoid leaking bits of the bearer token via a side channel: https://github.com/cloudflare/daphne/blob/main/daphne/src/messages/mod.rs#L1184 We should replace this...
Previously this was used to pick the KEM algorithm to when generating a fresh HPKE receiver config to populate KV. As of #353 the HPKE config is expected to be...
We currently use [libprio](https://github.com/divviup/libprio-rs)'s `codec::Decode` trait for decoding all messages in the DAP protocol. Currently all fields are owned by the struct, i.e., no fields reference data somewhere else. This...