trustzone

Documentation

Index

• type AuthProvider
• type PeerGater
  • func NewPeerGater(relaxed bool) *PeerGater
  • func (pg *PeerGater) Disable()
  • func (pg *PeerGater) Enable()
  • func (pg *PeerGater) Enabled() bool
  • func (pg *PeerGater) Gate(n *node.Node, p peer.ID) bool
  • func (pg *PeerGater) UpdaterService(duration time.Duration) node.NetworkService
• type PeerGuardian
  • func NewPeerGuardian(logger log.StandardLogger, authProviders ...AuthProvider) *PeerGuardian
  • func (pg *PeerGuardian) Challenger(duration time.Duration, autocleanup bool) node.NetworkService
  • func (pg *PeerGuardian) ReceiveMessage(l *blockchain.Ledger, m *hub.Message, c chan *hub.Message) error

Types

type AuthProvider

type AuthProvider interface {
	// Authenticate either generates challanges to pick up later or authenticates a node
	// from a message with the available auth data in the blockchain
	Authenticate(*hub.Message, chan *hub.Message, map[string]blockchain.Data) bool
	Challenger(inTrustZone bool, c node.Config, n *node.Node, b *blockchain.Ledger, trustData map[string]blockchain.Data)
}

AuthProvider is a generic Blockchain authentity provider

type PeerGater

type PeerGater struct {
	sync.Mutex
	// contains filtered or unexported fields
}

func NewPeerGater

func NewPeerGater(relaxed bool) *PeerGater

NewPeerGater returns a new peergater In relaxed mode won't gate until the trustDB contains some auth data.

func (*PeerGater) Disable

func (pg *PeerGater) Disable()

Disables turn off the peer gating mechanism

func (*PeerGater) Enable

func (pg *PeerGater) Enable()

Enable turns on peer gating mechanism

func (*PeerGater) Enabled

func (pg *PeerGater) Enabled() bool

Enabled returns true if the PeerGater is enabled

func (*PeerGater) Gate

func (pg *PeerGater) Gate(n *node.Node, p peer.ID) bool

Implements peergating interface resolves to peers in the trustDB. if peer is absent will return true

func (*PeerGater) UpdaterService

func (pg *PeerGater) UpdaterService(duration time.Duration) node.NetworkService

UpdaterService is a service responsible to sync back trustDB from the ledger state. It is a network service which retrieves the senders ID listed in the Trusted Zone and fills it in the trustDB used to gate blockchain messages

type PeerGuardian

type PeerGuardian struct {
	// contains filtered or unexported fields
}

PeerGuardian provides auth for peers from blockchain data

func NewPeerGuardian

func NewPeerGuardian(logger log.StandardLogger, authProviders ...AuthProvider) *PeerGuardian

func (*PeerGuardian) Challenger

func (pg *PeerGuardian) Challenger(duration time.Duration, autocleanup bool) node.NetworkService

Challenger is a NetworkService that should send challenges with all enabled authenticators until we are in TZ note that might never happen as node might not have a satisfying authentication mechanism

func (*PeerGuardian) ReceiveMessage

func (pg *PeerGuardian) ReceiveMessage(l *blockchain.Ledger, m *hub.Message, c chan *hub.Message) error

ReceiveMessage is a GenericHandler for public channel to provide authentication. We receive messages here and we select them based on 2 criterias:

• messages that are supposed to generate challenges for auth mechanisms. Auth mechanisms should get user auth data from a special TZ dedicated to hashes that are manually added
• messages that are answers to such challenges and then means that the sender.ID should be added to the trust zone