ts-odd icon indicating copy to clipboard operation
ts-odd copied to clipboard
verified publisher icon oddsdk

Improve webnative AWAKE implementation to handle concurrent requestors

Open expede opened this issue 4 years ago • 6 comments

Writing down some thoughts that Brooke and I had late last year, not because I think that should be implemented in this PR, but because I think it could inform the design for the protocol state:

When there's more than 2 participants in a websocket channel for device linking, we should track the protocol state for all of them (maybe until a maximum of 10 or 100 or 1000) and simultaneously execute the AWAKE protocol with all of them. When the step for "comparing the numbers on both devices" comes, instead of showing the user numbers, we show the user a number input and they have to enter the number that they see on the other device themselves. This both serves as a check "are you connecting with the device you think you're connecting?" as well as a way to identify the device you want to connect with, if there's multiple devices that successfully went through every previous step of the AWAKE protocol.

(I thought I had written up an issue for that, but I can't find it :/ )

Again, just to inform the design code-wise. I personally find it helpful seeing ways that code might evolve in the future.

Originally posted by @matheus23 in https://github.com/fission-suite/webnative/issues/335#issuecomment-1009782161

expede avatar Jan 11 '22 17:01 expede

When the step for "comparing the numbers on both devices" comes, instead of showing the user numbers, we show the user a number input and they have to enter the number that they see on the other device themselves.

Which device do they enter the pin on? The device(s) they are linking (the consumers) or the device that is delegating credentials (the producer)?

In the current version of the whitepaper, the consumer generates the pin:

The requestor displays a challenge (PIN code) to the user. It sends the PIN and DID/signing key (encrypted with the AES key) over pubsub. The UCAN holder decrypts and displays this PIN to the user and asks them to confirm that it matches. If it matches, you are talking to the correct machine, and you have the DID to delegate to 🎉

Would we want to update this so the producer generates the pin and each consumer verifies the pin by entering it into an input?

bgins avatar Jan 11 '22 19:01 bgins

The other way around: The producer enters the pin. And the consumers keep being the ones to generate the PIN.

Don't think of the PIN as a password. It's just a random, kept-secret-from-the-other-consumers ID for the user to figure out which device they're linking with.

Sidenote: It's really unlikely that two consumers generate the same pin (assuming consumers choose random PINs & we're capping the protocol at 100 concurrent states).

matheus23 avatar Jan 12 '22 13:01 matheus23

Blocked by whitepaper changes.

walkah avatar Mar 18 '22 18:03 walkah

This is more of a priority now that partners have decided to adopt AWAKE!

jeffgca avatar Jun 03 '22 18:06 jeffgca

More details on how to improve this here: https://github.com/fission-suite/webnative/issues/358

Maybe we want to consolidate these into one issue? 🤔

bgins avatar Jun 03 '22 21:06 bgins

It's happening here: https://github.com/ucan-wg/awake

expede avatar Jun 06 '22 11:06 expede