You cannot select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
	
	
		
			925 lines
		
	
	
		
			31 KiB
		
	
	
	
		
			TypeScript
		
	
			
		
		
	
	
			925 lines
		
	
	
		
			31 KiB
		
	
	
	
		
			TypeScript
		
	
| import { snodeRpc } from './sessionRpc';
 | |
| 
 | |
| import {
 | |
|   getRandomSnode,
 | |
|   getSwarmFor,
 | |
|   minSnodePoolCount,
 | |
|   requiredSnodesForAgreement,
 | |
| } from './snodePool';
 | |
| import { getSodiumRenderer } from '../../crypto';
 | |
| import _, { isEmpty, range } from 'lodash';
 | |
| import pRetry from 'p-retry';
 | |
| import {
 | |
|   fromBase64ToArray,
 | |
|   fromHexToArray,
 | |
|   fromUInt8ArrayToBase64,
 | |
|   stringToUint8Array,
 | |
|   toHex,
 | |
| } from '../../utils/String';
 | |
| import { Snode } from '../../../data/data';
 | |
| import { updateIsOnline } from '../../../state/ducks/onion';
 | |
| import { ed25519Str } from '../../onions/onionPath';
 | |
| import { StringUtils, UserUtils } from '../../utils';
 | |
| import { SnodePool } from '.';
 | |
| import { handleHardforkResult } from './hfHandling';
 | |
| 
 | |
| // ONS name can have [a-zA-Z0-9_-] except that - is not allowed as start or end
 | |
| // do not define a regex but rather create it on the fly to avoid https://stackoverflow.com/questions/3891641/regex-test-only-works-every-other-time
 | |
| export const onsNameRegex = '^\\w([\\w-]*[\\w])?$';
 | |
| 
 | |
| export const ERROR_CODE_NO_CONNECT = 'ENETUNREACH: No network connection.';
 | |
| 
 | |
| let latestTimestampOffset = Number.MAX_SAFE_INTEGER;
 | |
| 
 | |
| function handleTimestampOffset(_request: string, snodeTimestamp: number) {
 | |
|   if (snodeTimestamp && _.isNumber(snodeTimestamp) && snodeTimestamp > 1609419600 * 1000) {
 | |
|     // first january 2021. Arbitrary, just want to make sure the return timestamp is somehow valid and not some crazy low value
 | |
|     const now = Date.now();
 | |
|     if (latestTimestampOffset === Number.MAX_SAFE_INTEGER) {
 | |
|       window?.log?.info(`first timestamp offset received:  ${now - snodeTimestamp}ms`);
 | |
|     }
 | |
|     latestTimestampOffset = now - snodeTimestamp;
 | |
|   }
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * This function has no use to be called except during tests.
 | |
|  * @returns the current offset we have with the rest of the network.
 | |
|  */
 | |
| export function getLatestTimestampOffset() {
 | |
|   if (latestTimestampOffset === Number.MAX_SAFE_INTEGER) {
 | |
|     window.log.warn('latestTimestampOffset is not set yet');
 | |
|     return 0;
 | |
|   }
 | |
|   // window.log.info('latestTimestampOffset is ', latestTimestampOffset);
 | |
| 
 | |
|   return latestTimestampOffset;
 | |
| }
 | |
| 
 | |
| export function getNowWithNetworkOffset() {
 | |
|   // make sure to call exports here, as we stub the exported one for testing.
 | |
|   return Date.now() - exports.getLatestTimestampOffset();
 | |
| }
 | |
| 
 | |
| export type SendParams = {
 | |
|   pubKey: string;
 | |
|   ttl: string;
 | |
|   timestamp: string;
 | |
|   data: string;
 | |
|   isSyncMessage?: boolean;
 | |
|   messageId?: string;
 | |
|   namespace: number;
 | |
| };
 | |
| 
 | |
| /**
 | |
|  * get snodes for pubkey from random snode. Uses an existing snode
 | |
|  */
 | |
| async function requestSnodesForPubkeyWithTargetNodeRetryable(
 | |
|   pubKey: string,
 | |
|   targetNode: Snode
 | |
| ): Promise<Array<Snode>> {
 | |
|   const params = {
 | |
|     pubKey,
 | |
|   };
 | |
| 
 | |
|   const result = await snodeRpc({
 | |
|     method: 'get_snodes_for_pubkey',
 | |
|     params,
 | |
|     targetNode,
 | |
|     associatedWith: pubKey,
 | |
|   });
 | |
|   if (!result) {
 | |
|     window?.log?.warn(
 | |
|       `SessionSnodeAPI::requestSnodesForPubkeyWithTargetNodeRetryable - sessionRpc on ${targetNode.ip}:${targetNode.port} returned falsish value`,
 | |
|       result
 | |
|     );
 | |
|     throw new Error('requestSnodesForPubkeyWithTargetNodeRetryable: Invalid result');
 | |
|   }
 | |
| 
 | |
|   if (result.status !== 200) {
 | |
|     window?.log?.warn('Status is not 200 for get_snodes_for_pubkey');
 | |
|     throw new Error('requestSnodesForPubkeyWithTargetNodeRetryable: Invalid status code');
 | |
|   }
 | |
| 
 | |
|   try {
 | |
|     const json = JSON.parse(result.body);
 | |
| 
 | |
|     if (!json.snodes) {
 | |
|       // we hit this when snode gives 500s
 | |
|       window?.log?.warn(
 | |
|         `SessionSnodeAPI::requestSnodesForPubkeyRetryable - sessionRpc on ${targetNode.ip}:${targetNode.port} returned falsish value for snodes`,
 | |
|         result
 | |
|       );
 | |
|       throw new Error('Invalid json (empty)');
 | |
|     }
 | |
| 
 | |
|     const snodes = json.snodes.filter((tSnode: any) => tSnode.ip !== '0.0.0.0');
 | |
|     handleTimestampOffset('get_snodes_for_pubkey', json.t);
 | |
|     return snodes;
 | |
|   } catch (e) {
 | |
|     throw new Error('Invalid json');
 | |
|   }
 | |
| }
 | |
| 
 | |
| async function requestSnodesForPubkeyWithTargetNode(
 | |
|   pubKey: string,
 | |
|   targetNode: Snode
 | |
| ): Promise<Array<Snode>> {
 | |
|   // don't catch exception in here. we want them to bubble up
 | |
| 
 | |
|   // this is the level where our targetNode is supposed to be valid. We retry a few times with this one.
 | |
|   // if all our retries fails, we retry from the caller of this function with a new target node.
 | |
|   return pRetry(
 | |
|     async () => {
 | |
|       return requestSnodesForPubkeyWithTargetNodeRetryable(pubKey, targetNode);
 | |
|     },
 | |
|     {
 | |
|       retries: 3,
 | |
|       factor: 2,
 | |
|       minTimeout: 100,
 | |
|       maxTimeout: 2000,
 | |
|       onFailedAttempt: e => {
 | |
|         window?.log?.warn(
 | |
|           `requestSnodesForPubkeyWithTargetNode attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left...`
 | |
|         );
 | |
|       },
 | |
|     }
 | |
|   );
 | |
| }
 | |
| 
 | |
| async function requestSnodesForPubkeyRetryable(pubKey: string): Promise<Array<Snode>> {
 | |
|   // don't catch exception in here. we want them to bubble up
 | |
| 
 | |
|   // this is the level where our targetNode is not yet known. We retry a few times with a new one everytime.
 | |
|   // the idea is that the requestSnodesForPubkeyWithTargetNode will remove a failing targetNode
 | |
|   return pRetry(
 | |
|     async () => {
 | |
|       const targetNode = await getRandomSnode();
 | |
| 
 | |
|       return requestSnodesForPubkeyWithTargetNode(pubKey, targetNode);
 | |
|     },
 | |
|     {
 | |
|       retries: 3,
 | |
|       factor: 2,
 | |
|       minTimeout: 100,
 | |
|       maxTimeout: 4000,
 | |
|       onFailedAttempt: e => {
 | |
|         window?.log?.warn(
 | |
|           `requestSnodesForPubkeyRetryable attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left...`
 | |
|         );
 | |
|       },
 | |
|     }
 | |
|   );
 | |
| }
 | |
| 
 | |
| export async function requestSnodesForPubkey(pubKey: string): Promise<Array<Snode>> {
 | |
|   try {
 | |
|     // catch exception in here only.
 | |
|     // the idea is that the pretry will retry a few times each calls, except if an AbortError is thrown.
 | |
| 
 | |
|     // if all retry fails, we will end up in the catch below when the last exception thrown
 | |
|     return await requestSnodesForPubkeyRetryable(pubKey);
 | |
|   } catch (e) {
 | |
|     window?.log?.error('SessionSnodeAPI::requestSnodesForPubkey - error', e);
 | |
| 
 | |
|     return [];
 | |
|   }
 | |
| }
 | |
| 
 | |
| export async function getSessionIDForOnsName(onsNameCase: string) {
 | |
|   const validationCount = 3;
 | |
| 
 | |
|   const onsNameLowerCase = onsNameCase.toLowerCase();
 | |
|   const sodium = await getSodiumRenderer();
 | |
|   const nameAsData = stringToUint8Array(onsNameLowerCase);
 | |
|   const nameHash = sodium.crypto_generichash(sodium.crypto_generichash_BYTES, nameAsData);
 | |
|   const base64EncodedNameHash = fromUInt8ArrayToBase64(nameHash);
 | |
| 
 | |
|   const params = {
 | |
|     endpoint: 'ons_resolve',
 | |
|     params: {
 | |
|       type: 0,
 | |
|       name_hash: base64EncodedNameHash,
 | |
|     },
 | |
|   };
 | |
|   // we do this request with validationCount snodes
 | |
|   const promises = range(0, validationCount).map(async () => {
 | |
|     const targetNode = await getRandomSnode();
 | |
|     const result = await snodeRpc({ method: 'oxend_request', params, targetNode });
 | |
|     if (!result || result.status !== 200 || !result.body) {
 | |
|       throw new Error('ONSresolve:Failed to resolve ONS');
 | |
|     }
 | |
|     let parsedBody;
 | |
| 
 | |
|     try {
 | |
|       parsedBody = JSON.parse(result.body);
 | |
|       handleTimestampOffset('ons_resolve', parsedBody.t);
 | |
|     } catch (e) {
 | |
|       window?.log?.warn('ONSresolve: failed to parse ons result body', result.body);
 | |
|       throw new Error('ONSresolve: json ONS resovle');
 | |
|     }
 | |
|     const intermediate = parsedBody?.result;
 | |
| 
 | |
|     if (!intermediate || !intermediate?.encrypted_value) {
 | |
|       throw new Error('ONSresolve: no encrypted_value');
 | |
|     }
 | |
|     const hexEncodedCipherText = intermediate?.encrypted_value;
 | |
| 
 | |
|     const isArgon2Based = !Boolean(intermediate?.nonce);
 | |
|     const ciphertext = fromHexToArray(hexEncodedCipherText);
 | |
|     let sessionIDAsData: Uint8Array;
 | |
|     let nonce: Uint8Array;
 | |
|     let key: Uint8Array;
 | |
| 
 | |
|     if (isArgon2Based) {
 | |
|       // Handle old Argon2-based encryption used before HF16
 | |
|       const salt = new Uint8Array(sodium.crypto_pwhash_SALTBYTES);
 | |
|       nonce = new Uint8Array(sodium.crypto_secretbox_NONCEBYTES);
 | |
|       try {
 | |
|         const keyHex = sodium.crypto_pwhash(
 | |
|           sodium.crypto_secretbox_KEYBYTES,
 | |
|           onsNameLowerCase,
 | |
|           salt,
 | |
|           sodium.crypto_pwhash_OPSLIMIT_MODERATE,
 | |
|           sodium.crypto_pwhash_MEMLIMIT_MODERATE,
 | |
|           sodium.crypto_pwhash_ALG_ARGON2ID13,
 | |
|           'hex'
 | |
|         );
 | |
|         if (!keyHex) {
 | |
|           throw new Error('ONSresolve: key invalid argon2');
 | |
|         }
 | |
|         key = fromHexToArray(keyHex);
 | |
|       } catch (e) {
 | |
|         throw new Error('ONSresolve: Hashing failed');
 | |
|       }
 | |
| 
 | |
|       sessionIDAsData = sodium.crypto_secretbox_open_easy(ciphertext, nonce, key);
 | |
|       if (!sessionIDAsData) {
 | |
|         throw new Error('ONSresolve: Decryption failed');
 | |
|       }
 | |
| 
 | |
|       return toHex(sessionIDAsData);
 | |
|     }
 | |
| 
 | |
|     // not argon2Based
 | |
|     const hexEncodedNonce = intermediate.nonce as string;
 | |
|     if (!hexEncodedNonce) {
 | |
|       throw new Error('ONSresolve: No hexEncodedNonce');
 | |
|     }
 | |
|     nonce = fromHexToArray(hexEncodedNonce);
 | |
| 
 | |
|     try {
 | |
|       key = sodium.crypto_generichash(sodium.crypto_generichash_BYTES, nameAsData, nameHash);
 | |
|       if (!key) {
 | |
|         throw new Error('ONSresolve: Hashing failed');
 | |
|       }
 | |
|     } catch (e) {
 | |
|       window?.log?.warn('ONSresolve: hashing failed', e);
 | |
|       throw new Error('ONSresolve: Hashing failed');
 | |
|     }
 | |
| 
 | |
|     sessionIDAsData = sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(
 | |
|       null,
 | |
|       ciphertext,
 | |
|       null,
 | |
|       nonce,
 | |
|       key
 | |
|     );
 | |
| 
 | |
|     if (!sessionIDAsData) {
 | |
|       throw new Error('ONSresolve: Decryption failed');
 | |
|     }
 | |
| 
 | |
|     return toHex(sessionIDAsData);
 | |
|   });
 | |
| 
 | |
|   try {
 | |
|     // if one promise throws, we end un the catch case
 | |
|     const allResolvedSessionIds = await Promise.all(promises);
 | |
|     if (allResolvedSessionIds?.length !== validationCount) {
 | |
|       throw new Error('ONSresolve: Validation failed');
 | |
|     }
 | |
| 
 | |
|     // assert all the returned session ids are the same
 | |
|     if (_.uniq(allResolvedSessionIds).length !== 1) {
 | |
|       throw new Error('ONSresolve: Validation failed');
 | |
|     }
 | |
|     return allResolvedSessionIds[0];
 | |
|   } catch (e) {
 | |
|     window.log.warn('ONSresolve: error', e);
 | |
|     throw e;
 | |
|   }
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Try to fetch from 3 different snodes an updated list of snodes.
 | |
|  * If we get less than 24 common snodes in those result, we consider the request to failed and an exception is thrown.
 | |
|  * The three snode we make the request to is randomized.
 | |
|  * This function is to be called with a pRetry so that if one snode does not reply anything, another might be choose next time.
 | |
|  * Return the list of nodes all snodes agreed on.
 | |
|  */
 | |
| export async function getSnodePoolFromSnodes() {
 | |
|   const existingSnodePool = await SnodePool.getSnodePoolFromDBOrFetchFromSeed();
 | |
|   if (existingSnodePool.length <= minSnodePoolCount) {
 | |
|     window?.log?.warn(
 | |
|       'getSnodePoolFromSnodes: Cannot get snodes list from snodes; not enough snodes',
 | |
|       existingSnodePool.length
 | |
|     );
 | |
|     throw new Error(
 | |
|       `Cannot get snodes list from snodes; not enough snodes even after refetching from seed', ${existingSnodePool.length}`
 | |
|     );
 | |
|   }
 | |
| 
 | |
|   // Note intersectionWith only works with 3 at most array to find the common snodes.
 | |
|   const nodesToRequest = _.sampleSize(existingSnodePool, 3);
 | |
|   const results = await Promise.all(
 | |
|     nodesToRequest.map(async node => {
 | |
|       /**
 | |
|        * this call is already retried if the snode does not reply
 | |
|        * (at least when onion requests are enabled)
 | |
|        * this request might want to rebuild a path if the snode length gets < minSnodePoolCount during the
 | |
|        * retries, so we need to make sure this does not happen.
 | |
|        *
 | |
|        * Remember that here, we are trying to fetch from snodes the updated list of snodes to rebuild a path.
 | |
|        * If we don't disable rebuilding a path below, this gets to a chicken and egg problem.
 | |
|        */
 | |
|       return TEST_getSnodePoolFromSnode(node);
 | |
|     })
 | |
|   );
 | |
| 
 | |
|   // we want those at least `requiredSnodesForAgreement` snodes common between all the result
 | |
|   const commonSnodes = _.intersectionWith(
 | |
|     results[0],
 | |
|     results[1],
 | |
|     results[2],
 | |
|     (s1: Snode, s2: Snode) => {
 | |
|       return s1.ip === s2.ip && s1.port === s2.port;
 | |
|     }
 | |
|   );
 | |
|   // We want the snodes to agree on at least this many snodes
 | |
|   if (commonSnodes.length < requiredSnodesForAgreement) {
 | |
|     throw new Error(
 | |
|       `Inconsistent snode pools. We did not get at least ${requiredSnodesForAgreement} in common`
 | |
|     );
 | |
|   }
 | |
|   return commonSnodes;
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Returns a list of unique snodes got from the specified targetNode.
 | |
|  * This function won't try to rebuild a path if at some point we don't have enough snodes.
 | |
|  * This is exported for testing purpose only
 | |
|  */
 | |
| // tslint:disable-next-line: function-name
 | |
| export async function TEST_getSnodePoolFromSnode(targetNode: Snode): Promise<Array<Snode>> {
 | |
|   const params = {
 | |
|     endpoint: 'get_service_nodes',
 | |
|     params: {
 | |
|       active_only: true,
 | |
|       fields: {
 | |
|         public_ip: true,
 | |
|         storage_port: true,
 | |
|         pubkey_x25519: true,
 | |
|         pubkey_ed25519: true,
 | |
|       },
 | |
|     },
 | |
|   };
 | |
|   const result = await snodeRpc({
 | |
|     method: 'oxend_request',
 | |
|     params,
 | |
|     targetNode,
 | |
|   });
 | |
|   if (!result || result.status !== 200) {
 | |
|     throw new Error('Invalid result');
 | |
|   }
 | |
| 
 | |
|   try {
 | |
|     const json = JSON.parse(result.body);
 | |
| 
 | |
|     if (!json || !json.result || !json.result.service_node_states?.length) {
 | |
|       window?.log?.error('getSnodePoolFromSnode - invalid result from snode', result.body);
 | |
|       return [];
 | |
|     }
 | |
| 
 | |
|     // Filter 0.0.0.0 nodes which haven't submitted uptime proofs
 | |
|     const snodes = json.result.service_node_states
 | |
|       .filter((snode: any) => snode.public_ip !== '0.0.0.0')
 | |
|       .map((snode: any) => ({
 | |
|         ip: snode.public_ip,
 | |
|         port: snode.storage_port,
 | |
|         pubkey_x25519: snode.pubkey_x25519,
 | |
|         pubkey_ed25519: snode.pubkey_ed25519,
 | |
|       })) as Array<Snode>;
 | |
|     handleTimestampOffset('get_service_nodes', json.t);
 | |
| 
 | |
|     // we the return list by the snode is already made of uniq snodes
 | |
|     return _.compact(snodes);
 | |
|   } catch (e) {
 | |
|     window?.log?.error('Invalid json response');
 | |
|     return [];
 | |
|   }
 | |
| }
 | |
| 
 | |
| export async function storeOnNode(
 | |
|   targetNode: Snode,
 | |
|   params: SendParams
 | |
| ): Promise<string | null | boolean> {
 | |
|   try {
 | |
|     // no retry here. If an issue is with the path this is handled in lokiOnionFetch
 | |
|     // if there is an issue with the targetNode, we still send a few times this request to a few snodes in // already so it's handled
 | |
|     const result = await snodeRpc({
 | |
|       method: 'store',
 | |
|       params,
 | |
|       targetNode,
 | |
|       associatedWith: params.pubKey,
 | |
|     });
 | |
| 
 | |
|     if (!result || result.status !== 200 || !result.body) {
 | |
|       return false;
 | |
|     }
 | |
| 
 | |
|     try {
 | |
|       const parsed = JSON.parse(result.body);
 | |
|       handleTimestampOffset('store', parsed.t);
 | |
|       await handleHardforkResult(parsed);
 | |
| 
 | |
|       const messageHash = parsed.hash;
 | |
|       if (messageHash) {
 | |
|         return messageHash;
 | |
|       }
 | |
| 
 | |
|       return true;
 | |
|     } catch (e) {
 | |
|       window?.log?.warn('Failed to parse "store" result: ', e.msg);
 | |
|     }
 | |
|     return false;
 | |
|   } catch (e) {
 | |
|     window?.log?.warn('store - send error:', e, `destination ${targetNode.ip}:${targetNode.port}`);
 | |
|     throw e;
 | |
|   }
 | |
| }
 | |
| 
 | |
| async function getRetrieveSignatureParams(
 | |
|   params: RetrieveRequestParams
 | |
| ): Promise<{ timestamp: number; signature: string; pubkey_ed25519: string } | null> {
 | |
|   const ourPubkey = UserUtils.getOurPubKeyFromCache();
 | |
|   const ourEd25519Key = await UserUtils.getUserED25519KeyPair();
 | |
| 
 | |
|   if (isEmpty(params?.pubKey) || ourPubkey.key !== params.pubKey || !ourEd25519Key) {
 | |
|     return null;
 | |
|   }
 | |
|   const hasNamespace = params.namespace && params.namespace !== 0;
 | |
|   const namespace = params.namespace || 0;
 | |
|   const edKeyPrivBytes = fromHexToArray(ourEd25519Key?.privKey);
 | |
| 
 | |
|   const signatureTimestamp = getNowWithNetworkOffset();
 | |
| 
 | |
|   const verificationData = hasNamespace
 | |
|     ? StringUtils.encode(`retrieve${namespace}${signatureTimestamp}`, 'utf8')
 | |
|     : StringUtils.encode(`retrieve${signatureTimestamp}`, 'utf8');
 | |
|   const message = new Uint8Array(verificationData);
 | |
| 
 | |
|   const sodium = await getSodiumRenderer();
 | |
|   try {
 | |
|     const signature = sodium.crypto_sign_detached(message, edKeyPrivBytes);
 | |
|     const signatureBase64 = fromUInt8ArrayToBase64(signature);
 | |
| 
 | |
|     const namespaceObject = hasNamespace ? { namespace } : {};
 | |
| 
 | |
|     return {
 | |
|       timestamp: signatureTimestamp,
 | |
|       signature: signatureBase64,
 | |
|       pubkey_ed25519: ourEd25519Key.pubKey,
 | |
|       ...namespaceObject,
 | |
|     };
 | |
|   } catch (e) {
 | |
|     window.log.warn('getSignatureParams failed with: ', e.message);
 | |
|     return null;
 | |
|   }
 | |
| }
 | |
| 
 | |
| type RetrieveRequestParams = {
 | |
|   pubKey: string;
 | |
|   lastHash: string;
 | |
|   namespace?: number;
 | |
| };
 | |
| 
 | |
| /** */
 | |
| export async function retrieveNextMessages(
 | |
|   targetNode: Snode,
 | |
|   lastHash: string,
 | |
|   associatedWith: string,
 | |
|   namespace?: number
 | |
| ): Promise<Array<any>> {
 | |
|   const params: RetrieveRequestParams = {
 | |
|     pubKey: associatedWith,
 | |
|     lastHash: lastHash || '',
 | |
|     namespace,
 | |
|   };
 | |
| 
 | |
|   const signatureParams = (await getRetrieveSignatureParams(params)) || {};
 | |
| 
 | |
|   // let exceptions bubble up
 | |
|   // no retry for this one as this a call we do every few seconds while polling for messages
 | |
|   const result = await snodeRpc({
 | |
|     method: 'retrieve',
 | |
|     params: { ...signatureParams, ...params },
 | |
|     targetNode,
 | |
|     associatedWith,
 | |
|     timeout: 4000,
 | |
|   });
 | |
| 
 | |
|   if (!result) {
 | |
|     window?.log?.warn(
 | |
|       `_retrieveNextMessages - sessionRpc could not talk to ${targetNode.ip}:${targetNode.port}`
 | |
|     );
 | |
|     throw new Error(
 | |
|       `_retrieveNextMessages - sessionRpc could not talk to ${targetNode.ip}:${targetNode.port}`
 | |
|     );
 | |
|   }
 | |
| 
 | |
|   if (result.status !== 200) {
 | |
|     window?.log?.warn('retrieveNextMessages result is not 200');
 | |
|     throw new Error(
 | |
|       `_retrieveNextMessages - retrieve result is not 200 with ${targetNode.ip}:${targetNode.port}`
 | |
|     );
 | |
|   }
 | |
| 
 | |
|   try {
 | |
|     const json = JSON.parse(result.body);
 | |
|     if (!window.inboxStore?.getState().onionPaths.isOnline) {
 | |
|       window.inboxStore?.dispatch(updateIsOnline(true));
 | |
|     }
 | |
| 
 | |
|     handleTimestampOffset('retrieve', json.t);
 | |
|     await handleHardforkResult(json);
 | |
| 
 | |
|     // console.log(`WIP: retrieveNextMessages`, json.messages);
 | |
| 
 | |
|     return json.messages || [];
 | |
|   } catch (e) {
 | |
|     window?.log?.warn('exception while parsing json of nextMessage:', e);
 | |
|     if (!window.inboxStore?.getState().onionPaths.isOnline) {
 | |
|       window.inboxStore?.dispatch(updateIsOnline(true));
 | |
|     }
 | |
|     throw new Error(
 | |
|       `_retrieveNextMessages - exception while parsing json of nextMessage ${targetNode.ip}:${targetNode.port}: ${e?.message}`
 | |
|     );
 | |
|   }
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Makes a post to a node to receive the timestamp info. If non-existent, returns -1
 | |
|  * @param snode Snode to send request to
 | |
|  * @returns timestamp of the response from snode
 | |
|  */
 | |
| // tslint:disable-next-line: variable-name
 | |
| export const getNetworkTime = async (snode: Snode): Promise<string | number> => {
 | |
|   const response = await snodeRpc({ method: 'info', params: {}, targetNode: snode });
 | |
|   if (!response || !response.body) {
 | |
|     throw new Error('getNetworkTime returned empty response or body');
 | |
|   }
 | |
|   const body = JSON.parse(response.body);
 | |
|   const timestamp = body?.timestamp;
 | |
|   if (!timestamp) {
 | |
|     throw new Error(`getNetworkTime returned invalid timestamp: ${timestamp}`);
 | |
|   }
 | |
|   handleTimestampOffset('getNetworkTime', timestamp);
 | |
|   return timestamp;
 | |
| };
 | |
| 
 | |
| // tslint:disable-next-line: max-func-body-length
 | |
| export const forceNetworkDeletion = async (): Promise<Array<string> | null> => {
 | |
|   const sodium = await getSodiumRenderer();
 | |
|   const userX25519PublicKey = UserUtils.getOurPubKeyStrFromCache();
 | |
| 
 | |
|   const userED25519KeyPair = await UserUtils.getUserED25519KeyPair();
 | |
| 
 | |
|   if (!userED25519KeyPair) {
 | |
|     window?.log?.warn('Cannot forceNetworkDeletion, did not find user ed25519 key.');
 | |
|     return null;
 | |
|   }
 | |
|   const edKeyPriv = userED25519KeyPair.privKey;
 | |
| 
 | |
|   try {
 | |
|     const maliciousSnodes = await pRetry(
 | |
|       async () => {
 | |
|         const userSwarm = await getSwarmFor(userX25519PublicKey);
 | |
|         const snodeToMakeRequestTo: Snode | undefined = _.sample(userSwarm);
 | |
|         const edKeyPrivBytes = fromHexToArray(edKeyPriv);
 | |
| 
 | |
|         if (!snodeToMakeRequestTo) {
 | |
|           window?.log?.warn('Cannot forceNetworkDeletion, without a valid swarm node.');
 | |
|           return null;
 | |
|         }
 | |
| 
 | |
|         return pRetry(
 | |
|           async () => {
 | |
|             const timestamp = await exports.getNetworkTime(snodeToMakeRequestTo);
 | |
| 
 | |
|             const verificationData = StringUtils.encode(`delete_all${timestamp}`, 'utf8');
 | |
|             const message = new Uint8Array(verificationData);
 | |
|             const signature = sodium.crypto_sign_detached(message, edKeyPrivBytes);
 | |
|             const signatureBase64 = fromUInt8ArrayToBase64(signature);
 | |
| 
 | |
|             const deleteMessageParams = {
 | |
|               pubkey: userX25519PublicKey,
 | |
|               pubkey_ed25519: userED25519KeyPair.pubKey.toUpperCase(),
 | |
|               timestamp,
 | |
|               signature: signatureBase64,
 | |
|             };
 | |
|             const ret = await snodeRpc({
 | |
|               method: 'delete_all',
 | |
|               params: deleteMessageParams,
 | |
|               targetNode: snodeToMakeRequestTo,
 | |
|               associatedWith: userX25519PublicKey,
 | |
|             });
 | |
| 
 | |
|             if (!ret) {
 | |
|               throw new Error(
 | |
|                 `Empty response got for delete_all on snode ${ed25519Str(
 | |
|                   snodeToMakeRequestTo.pubkey_ed25519
 | |
|                 )}`
 | |
|               );
 | |
|             }
 | |
| 
 | |
|             try {
 | |
|               const parsedResponse = JSON.parse(ret.body);
 | |
|               const { swarm } = parsedResponse;
 | |
| 
 | |
|               if (!swarm) {
 | |
|                 throw new Error(
 | |
|                   `Invalid JSON swarm response got for delete_all on snode ${ed25519Str(
 | |
|                     snodeToMakeRequestTo.pubkey_ed25519
 | |
|                   )}, ${ret?.body}`
 | |
|                 );
 | |
|               }
 | |
|               const swarmAsArray = Object.entries(swarm) as Array<Array<any>>;
 | |
|               if (!swarmAsArray.length) {
 | |
|                 throw new Error(
 | |
|                   `Invalid JSON swarmAsArray response got for delete_all on snode ${ed25519Str(
 | |
|                     snodeToMakeRequestTo.pubkey_ed25519
 | |
|                   )}, ${ret?.body}`
 | |
|                 );
 | |
|               }
 | |
|               // results will only contains the snode pubkeys which returned invalid/empty results
 | |
|               const results: Array<string> = _.compact(
 | |
|                 swarmAsArray.map(snode => {
 | |
|                   const snodePubkey = snode[0];
 | |
|                   const snodeJson = snode[1];
 | |
| 
 | |
|                   const isFailed = snodeJson.failed || false;
 | |
| 
 | |
|                   if (isFailed) {
 | |
|                     const reason = snodeJson.reason;
 | |
|                     const statusCode = snodeJson.code;
 | |
|                     if (reason && statusCode) {
 | |
|                       window?.log?.warn(
 | |
|                         `Could not delete data from ${ed25519Str(
 | |
|                           snodeToMakeRequestTo.pubkey_ed25519
 | |
|                         )} due to error: ${reason}: ${statusCode}`
 | |
|                       );
 | |
|                       // if we tried to make the delete on a snode not in our swarm, just trigger a pRetry error so the outer block here finds new snodes to make the request to.
 | |
|                       if (statusCode === 421) {
 | |
|                         throw new pRetry.AbortError(
 | |
|                           '421 error on network delete_all. Retrying with a new snode'
 | |
|                         );
 | |
|                       }
 | |
|                     } else {
 | |
|                       window?.log?.warn(
 | |
|                         `Could not delete data from ${ed25519Str(
 | |
|                           snodeToMakeRequestTo.pubkey_ed25519
 | |
|                         )}`
 | |
|                       );
 | |
|                     }
 | |
|                     return snodePubkey;
 | |
|                   }
 | |
| 
 | |
|                   const hashes = snodeJson.deleted as Array<string>;
 | |
|                   const signatureSnode = snodeJson.signature as string;
 | |
|                   // The signature format is ( PUBKEY_HEX || TIMESTAMP || DELETEDHASH[0] || ... || DELETEDHASH[N] )
 | |
|                   const dataToVerify = `${userX25519PublicKey}${timestamp}${hashes.join('')}`;
 | |
|                   const dataToVerifyUtf8 = StringUtils.encode(dataToVerify, 'utf8');
 | |
|                   const isValid = sodium.crypto_sign_verify_detached(
 | |
|                     fromBase64ToArray(signatureSnode),
 | |
|                     new Uint8Array(dataToVerifyUtf8),
 | |
|                     fromHexToArray(snodePubkey)
 | |
|                   );
 | |
|                   if (!isValid) {
 | |
|                     return snodePubkey;
 | |
|                   }
 | |
|                   return null;
 | |
|                 })
 | |
|               );
 | |
| 
 | |
|               return results;
 | |
|             } catch (e) {
 | |
|               throw new Error(
 | |
|                 `Invalid JSON response got for delete_all on snode ${ed25519Str(
 | |
|                   snodeToMakeRequestTo.pubkey_ed25519
 | |
|                 )}, ${ret?.body}`
 | |
|               );
 | |
|             }
 | |
|           },
 | |
|           {
 | |
|             retries: 3,
 | |
|             minTimeout: exports.TEST_getMinTimeout(),
 | |
|             onFailedAttempt: e => {
 | |
|               window?.log?.warn(
 | |
|                 `delete_all INNER request attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left...`
 | |
|               );
 | |
|             },
 | |
|           }
 | |
|         );
 | |
|       },
 | |
|       {
 | |
|         retries: 3,
 | |
|         minTimeout: exports.TEST_getMinTimeout(),
 | |
|         onFailedAttempt: e => {
 | |
|           window?.log?.warn(
 | |
|             `delete_all OUTER request attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left... ${e.message}`
 | |
|           );
 | |
|         },
 | |
|       }
 | |
|     );
 | |
| 
 | |
|     return maliciousSnodes;
 | |
|   } catch (e) {
 | |
|     window?.log?.warn('failed to delete everything on network:', e);
 | |
|     return null;
 | |
|   }
 | |
| };
 | |
| 
 | |
| // tslint:disable-next-line: variable-name
 | |
| export const TEST_getMinTimeout = () => 500;
 | |
| 
 | |
| /**
 | |
|  * Locally deletes message and deletes message on the network (all nodes that contain the message)
 | |
|  */
 | |
| // tslint:disable-next-line: max-func-body-length
 | |
| export const networkDeleteMessages = async (
 | |
|   hashes: Array<string>
 | |
| ): Promise<Array<string> | null> => {
 | |
|   const sodium = await getSodiumRenderer();
 | |
|   const userX25519PublicKey = UserUtils.getOurPubKeyStrFromCache();
 | |
| 
 | |
|   const userED25519KeyPair = await UserUtils.getUserED25519KeyPair();
 | |
| 
 | |
|   if (!userED25519KeyPair) {
 | |
|     window?.log?.warn('Cannot networkDeleteMessages, did not find user ed25519 key.');
 | |
|     return null;
 | |
|   }
 | |
|   const edKeyPriv = userED25519KeyPair.privKey;
 | |
| 
 | |
|   try {
 | |
|     const maliciousSnodes = await pRetry(
 | |
|       async () => {
 | |
|         const userSwarm = await getSwarmFor(userX25519PublicKey);
 | |
|         const snodeToMakeRequestTo: Snode | undefined = _.sample(userSwarm);
 | |
|         const edKeyPrivBytes = fromHexToArray(edKeyPriv);
 | |
| 
 | |
|         if (!snodeToMakeRequestTo) {
 | |
|           window?.log?.warn('Cannot networkDeleteMessages, without a valid swarm node.');
 | |
|           return null;
 | |
|         }
 | |
| 
 | |
|         return pRetry(
 | |
|           async () => {
 | |
|             const verificationData = StringUtils.encode(`delete${hashes.join('')}`, 'utf8');
 | |
|             const message = new Uint8Array(verificationData);
 | |
|             const signature = sodium.crypto_sign_detached(message, edKeyPrivBytes);
 | |
|             const signatureBase64 = fromUInt8ArrayToBase64(signature);
 | |
| 
 | |
|             const deleteMessageParams = {
 | |
|               pubkey: userX25519PublicKey,
 | |
|               pubkey_ed25519: userED25519KeyPair.pubKey.toUpperCase(),
 | |
|               messages: hashes,
 | |
|               signature: signatureBase64,
 | |
|             };
 | |
|             const ret = await snodeRpc({
 | |
|               method: 'delete',
 | |
|               params: deleteMessageParams,
 | |
|               targetNode: snodeToMakeRequestTo,
 | |
|               associatedWith: userX25519PublicKey,
 | |
|             });
 | |
|             if (!ret) {
 | |
|               throw new Error(
 | |
|                 `Empty response got for delete on snode ${ed25519Str(
 | |
|                   snodeToMakeRequestTo.pubkey_ed25519
 | |
|                 )}`
 | |
|               );
 | |
|             }
 | |
| 
 | |
|             try {
 | |
|               const parsedResponse = JSON.parse(ret.body);
 | |
|               const { swarm } = parsedResponse;
 | |
| 
 | |
|               if (!swarm) {
 | |
|                 throw new Error(
 | |
|                   `Invalid JSON swarm response got for delete on snode ${ed25519Str(
 | |
|                     snodeToMakeRequestTo.pubkey_ed25519
 | |
|                   )}, ${ret?.body}`
 | |
|                 );
 | |
|               }
 | |
|               const swarmAsArray = Object.entries(swarm) as Array<Array<any>>;
 | |
|               if (!swarmAsArray.length) {
 | |
|                 throw new Error(
 | |
|                   `Invalid JSON swarmAsArray response got for delete on snode ${ed25519Str(
 | |
|                     snodeToMakeRequestTo.pubkey_ed25519
 | |
|                   )}, ${ret?.body}`
 | |
|                 );
 | |
|               }
 | |
|               // results will only contains the snode pubkeys which returned invalid/empty results
 | |
|               const results: Array<string> = _.compact(
 | |
|                 swarmAsArray.map(snode => {
 | |
|                   const snodePubkey = snode[0];
 | |
|                   const snodeJson = snode[1];
 | |
| 
 | |
|                   //#region failure handling
 | |
|                   const isFailed = snodeJson.failed || false;
 | |
| 
 | |
|                   if (isFailed) {
 | |
|                     const reason = snodeJson.reason;
 | |
|                     const statusCode = snodeJson.code;
 | |
|                     if (reason && statusCode) {
 | |
|                       window?.log?.warn(
 | |
|                         `Could not delete msgs from ${ed25519Str(
 | |
|                           snodeToMakeRequestTo.pubkey_ed25519
 | |
|                         )} due to error: ${reason}: ${statusCode}`
 | |
|                       );
 | |
|                       // if we tried to make the delete on a snode not in our swarm, just trigger a pRetry error so the outer block here finds new snodes to make the request to.
 | |
|                       if (statusCode === 421) {
 | |
|                         throw new pRetry.AbortError(
 | |
|                           '421 error on network delete_all. Retrying with a new snode'
 | |
|                         );
 | |
|                       }
 | |
|                     } else {
 | |
|                       window?.log?.info(
 | |
|                         `Could not delete msgs from ${ed25519Str(
 | |
|                           snodeToMakeRequestTo.pubkey_ed25519
 | |
|                         )}`
 | |
|                       );
 | |
|                     }
 | |
|                     return snodePubkey;
 | |
|                   }
 | |
|                   //#endregion
 | |
| 
 | |
|                   //#region verification
 | |
|                   const responseHashes = snodeJson.deleted as Array<string>;
 | |
|                   const signatureSnode = snodeJson.signature as string;
 | |
|                   // The signature looks like ( PUBKEY_HEX || RMSG[0] || ... || RMSG[N] || DMSG[0] || ... || DMSG[M] )
 | |
|                   const dataToVerify = `${userX25519PublicKey}${hashes.join(
 | |
|                     ''
 | |
|                   )}${responseHashes.join('')}`;
 | |
|                   const dataToVerifyUtf8 = StringUtils.encode(dataToVerify, 'utf8');
 | |
|                   const isValid = sodium.crypto_sign_verify_detached(
 | |
|                     fromBase64ToArray(signatureSnode),
 | |
|                     new Uint8Array(dataToVerifyUtf8),
 | |
|                     fromHexToArray(snodePubkey)
 | |
|                   );
 | |
|                   if (!isValid) {
 | |
|                     return snodePubkey;
 | |
|                   }
 | |
|                   return null;
 | |
|                   //#endregion
 | |
|                 })
 | |
|               );
 | |
| 
 | |
|               return results;
 | |
|             } catch (e) {
 | |
|               throw new Error(
 | |
|                 `Invalid JSON response got for delete on snode ${ed25519Str(
 | |
|                   snodeToMakeRequestTo.pubkey_ed25519
 | |
|                 )}, ${ret?.body}`
 | |
|               );
 | |
|             }
 | |
|           },
 | |
|           {
 | |
|             retries: 3,
 | |
|             minTimeout: exports.TEST_getMinTimeout(),
 | |
|             onFailedAttempt: e => {
 | |
|               window?.log?.warn(
 | |
|                 `delete INNER request attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left...`
 | |
|               );
 | |
|             },
 | |
|           }
 | |
|         );
 | |
|       },
 | |
|       {
 | |
|         retries: 3,
 | |
|         minTimeout: exports.TEST_getMinTimeout(),
 | |
|         onFailedAttempt: e => {
 | |
|           window?.log?.warn(
 | |
|             `delete OUTER request attempt #${e.attemptNumber} failed. ${e.retriesLeft} retries left...`
 | |
|           );
 | |
|         },
 | |
|       }
 | |
|     );
 | |
| 
 | |
|     return maliciousSnodes;
 | |
|   } catch (e) {
 | |
|     window?.log?.warn('failed to delete message on network:', e);
 | |
|     return null;
 | |
|   }
 | |
| };
 |