├── sinkhole ├── crypto │ └── paillier.go ├── sinkhole_test.go └── sinkhole.go ├── .travis.yml ├── fullrt ├── examples │ └── libp2p │ │ ├── priv.byte │ │ ├── go.mod │ │ ├── README.md │ │ ├── example.go │ │ └── go.sum ├── fullrt.go ├── fullrt_test.go └── README.md ├── sphinx ├── relayer_test.go ├── crypto │ ├── crypto_test.go │ └── crypto.go ├── relayer.go ├── sphinx_test.go └── sphinx.go ├── vendor └── vendor.json ├── .gitignore ├── go.mod ├── Makefile ├── specs ├── README.md ├── p3lib-sphinx-specs.md └── p3lib-sinkhole-specs.md ├── LICENSE ├── README.md └── go.sum /sinkhole/crypto/paillier.go: -------------------------------------------------------------------------------- 1 | package paillier 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | 3 | install: 4 | - go get ./sphinx/ 5 | 6 | go: 7 | - master 8 | 9 | -------------------------------------------------------------------------------- /fullrt/examples/libp2p/priv.byte: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hashmatter/p3lib/HEAD/fullrt/examples/libp2p/priv.byte -------------------------------------------------------------------------------- /sphinx/relayer_test.go: -------------------------------------------------------------------------------- 1 | package sphinx 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | func TestNewRelayerCtx(t *testing.T) {} 8 | -------------------------------------------------------------------------------- /vendor/vendor.json: -------------------------------------------------------------------------------- 1 | { 2 | "comment": "", 3 | "ignore": "test", 4 | "package": [], 5 | "rootPath": "github.com/gpestana/p3lib" 6 | } 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, build with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # private notes and drafts 15 | .pnotes 16 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/hashmatter/p3lib 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/Roasbeef/go-go-gadget-paillier v0.0.0-20181009074315-14f1f86b6000 7 | github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da 8 | github.com/libp2p/go-libp2p-kbucket v0.1.1 9 | github.com/libp2p/go-libp2p-peer v0.0.1 10 | github.com/libp2p/go-libp2p-peerstore v0.0.1 11 | golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82 // indirect 12 | ) 13 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | all: test-all 2 | ci: pre-build test 3 | 4 | pre-build: 5 | go get ./sphinx 6 | go get ./sphinx/crypto 7 | go get ./fullrt 8 | go get ./sinkhole 9 | 10 | test-all: 11 | make test-sphinx 12 | make test-fullrt 13 | #make test-sinkhole 14 | 15 | test-sphinx: 16 | go vet ./sphinx 17 | go test ./sphinx/... -cover 18 | 19 | test-fullrt: 20 | go vet ./fullrt 21 | go test ./fullrt/... -cover 22 | 23 | #test-sinkhole: 24 | # go vet ./sinkhole 25 | # go test ./sinkhole/... -cover 26 | -------------------------------------------------------------------------------- /specs/README.md: -------------------------------------------------------------------------------- 1 | # p3lib specifications 2 | 3 | p3lib is a library with primitives for privacy preserving routing and messaging 4 | in P2P networks. 5 | 6 | | Layer | p3lib component | 7 | | --- | --- | 8 | | Packet format | `p3lib-sphinx` [1] | 9 | 10 | As a general design goal, p3lib is built to seamlessly integrate with 11 | [libp2p](https://github.com/libp2p). 12 | 13 | ## p3lib-sphinx 14 | 15 | `p3lib-sphinx` implements the sphinx packet format as defined by [1]. 16 | [p3lib-sphinx specifications](./p3lib-sphinx-specs.md) 17 | 18 | ### References 19 | 20 | [1] [Sphinx: A Compact and Provably Secure Mix Format](https://www.cypherpunks.ca/~iang/pubs/SphinxOR.pdf) 21 | 22 | -------------------------------------------------------------------------------- /fullrt/examples/libp2p/go.mod: -------------------------------------------------------------------------------- 1 | module ex 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/hashmatter/p3lib/fullrt v0.0.0-00010101000000-000000000000 7 | github.com/ipfs/go-ipfs-addr v0.0.1 8 | github.com/libp2p/go-libp2p v0.0.28 9 | github.com/libp2p/go-libp2p-core v0.0.1 10 | github.com/libp2p/go-libp2p-crypto v0.0.2 11 | github.com/libp2p/go-libp2p-host v0.0.3 12 | github.com/libp2p/go-libp2p-kad-dht v0.0.13 13 | github.com/libp2p/go-libp2p-net v0.0.2 14 | github.com/libp2p/go-libp2p-peer v0.1.1 15 | github.com/libp2p/go-libp2p-peerstore v0.0.6 16 | github.com/libp2p/go-libp2p-protocol v0.0.1 17 | github.com/multiformats/go-multihash v0.0.5 18 | ) 19 | 20 | replace github.com/hashmatter/p3lib/fullrt => ../../ 21 | -------------------------------------------------------------------------------- /sphinx/crypto/crypto_test.go: -------------------------------------------------------------------------------- 1 | package crypto 2 | 3 | import ( 4 | "crypto/ecdsa" 5 | ec "crypto/elliptic" 6 | "crypto/rand" 7 | "fmt" 8 | "testing" 9 | ) 10 | 11 | func TestGenerateECDHSharedSecret(t *testing.T) { 12 | curve := ec.P256() 13 | r := rand.Reader 14 | 15 | privBob, _ := ecdsa.GenerateKey(curve, r) 16 | pubBob := privBob.Public().(*ecdsa.PublicKey) 17 | 18 | privAlice, _ := ecdsa.GenerateKey(curve, r) 19 | pubAlice := privAlice.Public().(*ecdsa.PublicKey) 20 | 21 | sBob := GenerateECDHSharedSecret(pubAlice, privBob) 22 | sAlice := GenerateECDHSharedSecret(pubBob, privAlice) 23 | 24 | if sBob != sAlice { 25 | t.Error(fmt.Printf("symmetric shared keys are not the same %v %v", sBob, sAlice)) 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 hashmatter 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /fullrt/examples/libp2p/README.md: -------------------------------------------------------------------------------- 1 | ## Full Routing Table request and reply with libp2p 2 | 3 | This example shows how to use the full routing table protocol between two libp2p 4 | hosts. In this example, a `node_a` sends a message to `node_b` as part of the 5 | protocol `/p3lib/fullrt/0.1`. `node_b` fetches and encodes its current full 6 | routing table and wires it back to `node_a`. `node_a` receives and decodes the 7 | full routing table and prints it. From here, it can proceed with finding locally 8 | the next set of peers to request the full routing table until the content is 9 | resolved. 10 | 11 | ``` 12 | 13 | Node_A Node_B 14 | | | 15 | | /p3lib/fullrt/1.0 --> | 16 | | rt := fullrt.GetFullRoutingTable() 17 | | | 18 | | <-- []byte(rt) | 19 | print(rt) 20 | 21 | ``` 22 | 23 | ### Running the example 24 | 25 | 1) `go run .` 26 | 27 | The main Makefile step will spawn 2 processes - one for `node_a` and another for 28 | `node_b`. The messages are printed to stdout with node tags to make it easier to 29 | understand the protocol flow. 30 | 31 | 32 | -------------------------------------------------------------------------------- /fullrt/fullrt.go: -------------------------------------------------------------------------------- 1 | package fullrt 2 | 3 | import ( 4 | "encoding/json" 5 | "errors" 6 | "fmt" 7 | kb "github.com/libp2p/go-libp2p-kbucket" 8 | peer "github.com/libp2p/go-libp2p-peer" 9 | ) 10 | 11 | type RoutingTableProvider interface { 12 | // returns local full routing table as a stream of bytes 13 | GetRoutingTable() (error, []byte) 14 | } 15 | 16 | // a RoutingTableRaw is a list of peerIDs (multihash) to be sent over wire once 17 | // encoded as byte stream 18 | type RoutingTableRaw []string 19 | 20 | type RTProvider struct { 21 | routingTable interface{} 22 | } 23 | 24 | func NewRTProvider(rt interface{}) *RTProvider { 25 | return &RTProvider{ 26 | routingTable: rt, 27 | } 28 | } 29 | 30 | func (rtp *RTProvider) GetFullRoutingTable() (error, []byte) { 31 | rt := rtp.routingTable 32 | rtr := RoutingTableRaw{} 33 | 34 | // for now p3lib only supports libp2p hosts, but in the future more 35 | // routing table formats can be added. the translation from a particular 36 | // implementation to the routing table format expected by the protocol is 37 | // sone here 38 | switch r := rt.(type) { 39 | 40 | // translate libp2p routing table to raw registry expected by the protocol. 41 | case *kb.RoutingTable: 42 | for _, pid := range r.ListPeers() { 43 | rtr = append(rtr, peer.IDB58Encode(pid)) 44 | } 45 | 46 | default: 47 | return errors.New("Routing table type not recognized"), []byte("") 48 | } 49 | 50 | // encodes the routing table 51 | var buf []byte 52 | buf, err := json.Marshal(rtr) 53 | if err != nil { 54 | return errors.New(fmt.Sprintf("Err encoding raw routing table, %v", err)), []byte("") 55 | } 56 | 57 | return nil, buf 58 | } 59 | -------------------------------------------------------------------------------- /fullrt/fullrt_test.go: -------------------------------------------------------------------------------- 1 | package fullrt 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | kb "github.com/libp2p/go-libp2p-kbucket" 7 | peer "github.com/libp2p/go-libp2p-peer" 8 | pstore "github.com/libp2p/go-libp2p-peerstore" 9 | "testing" 10 | "time" 11 | ) 12 | 13 | func TestReqFullRoutingTable(t *testing.T) { 14 | rt := kb.NewRoutingTable(10, kb.ConvertPeerID("test"), 15 | time.Duration(time.Second*1), pstore.NewMetrics()) 16 | 17 | // setup RT 18 | id1, _ := peer.IDB58Decode("QmWYob8Wax6xqoHydBGkoYtLjp5JVDXrvA47RtyEVnqVjK") 19 | fmt.Println(id1) 20 | _, err := rt.Update(id1) 21 | if err != nil { 22 | t.Fatal(err) 23 | } 24 | 25 | id2, _ := peer.IDB58Decode("QmYHnHTuDbYTEZoBypEDQHP7gb6r2krEQQy9F6dy1YTrbz") 26 | fmt.Println(id2) 27 | _, err = rt.Update(id2) 28 | if err != nil { 29 | t.Fatal(err) 30 | } 31 | 32 | id3, _ := peer.IDB58Decode("QmSoLPppuBtQSGwKDZT2M73ULpjvfd3aZ6ha4oFGL1KrGM") 33 | fmt.Println(id3) 34 | _, err = rt.Update(id3) 35 | if err != nil { 36 | t.Fatal(err) 37 | } 38 | 39 | fullRTManager := NewRTProvider(rt) 40 | err, rtBytes := fullRTManager.GetFullRoutingTable() 41 | if err != nil { 42 | t.Fatal(err) 43 | } 44 | 45 | frt := RoutingTableRaw{} 46 | err = json.Unmarshal(rtBytes, &frt) 47 | if err != nil { 48 | t.Fatal(err) 49 | } 50 | 51 | id3Res, _ := peer.IDB58Decode(frt[0]) 52 | if id3Res != id3 { 53 | t.Error(fmt.Sprintf("peerid 3 was not successfully transformed: %v != %v", id3Res, id3)) 54 | } 55 | 56 | id2Res, _ := peer.IDB58Decode(frt[1]) 57 | if id2Res != id2 { 58 | t.Error(fmt.Sprintf("peerid 2 was not successfully transformed: %v != %v", id2Res, id2)) 59 | } 60 | 61 | id1Res, _ := peer.IDB58Decode(frt[2]) 62 | if id1Res != id1 { 63 | t.Error(fmt.Sprintf("peerid 1 was not successfully transformed: %v != %v", id1Res, id1)) 64 | } 65 | 66 | } 67 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # p3lib 2 | 3 | [![Build Status](https://api.travis-ci.org/hashmatter/p3lib.svg)](https://travis-ci.org/hashmatter/p3lib) ![Version](https://img.shields.io/badge/version-0.1-blue.svg) 4 | 5 | **The toolbox for enhancing privacy in P2P networks** 6 | 7 | p3lib implements a set of privacy preserving primitives and protocols that help 8 | engineers to build P2P and decentralized systems that protect peer's privacy. 9 | 10 | The primitives implemented by p3lib are based on privacy enhancing technology 11 | research: 12 | 13 | - `p3lib-sphinx` implements a general-purpose onion routing packet 14 | construction and processor based on Sphinx [1]. p3lib aims at adding more primitives and 15 | protocols in the future. Stay tuned and [let us know what you'd like to see as part of p3lib](https://github.com/hashmatter/p3lib/issues/18) 16 | library. 17 | 18 | - `p3lib-fullrt` implements a full routing table DHT lookup for libp2p that was 19 | suggested by OctupusDHT [2], to protect DHT initiator privacy during the 20 | recursive network lookup. 21 | 22 | - `p3lib-sinkhole` is a computational PIR system [3] that complements DHT lookups 23 | and guarantees probavle privacy for DHT lookup initiators 24 | 25 | 26 | | Layer | p3lib components | implementation status | 27 | | --- | --- | --- | 28 | | Packet format | `p3lib-sphinx` [1] | v0.1 | 29 | | Full Routing Table request | `p3lib-fullrt` [2] | v0.1 | 30 | | Sinkhole DHT | `p3lib-sinkhole` | specs | 31 | 32 | If you are interested about implementation details and APIs of p3lib components, 33 | check the [specifications](./specs). 34 | 35 | p3lib is designed to integrate seamlessly with [libp2p](https://github.com/libp2p). 36 | 37 | Do you have ideas about some rad stuff you'd like to see implemented by p3lib? 38 | Open an issue or [let's have a chat](https://twitter.com/gpestana)!. 39 | 40 | ### References 41 | 42 | [1] [Sphinx: A Compact and Provably Secure Mix Format](https://www.cypherpunks.ca/~iang/pubs/SphinxOR.pdf) 43 | 44 | [3] [Private Information Retrieval](https://wikipedia.com/Private_information_retrieval) 45 | 46 | ### Contributing 47 | 48 | Fork and PR. Issues for discussion. 49 | 50 | ### License and support 51 | 52 | © MIT (hashmatter) 53 | 54 | This work is supported by [hashmatter](https://hashmatter.com). Want to become 55 | a supporter? [Reach out!](mailto:mx@hashmatter.com?subject=[p3lib]%20Become%20a%20backer!) 56 | -------------------------------------------------------------------------------- /sphinx/crypto/crypto.go: -------------------------------------------------------------------------------- 1 | package crypto 2 | 3 | import ( 4 | "crypto/ecdsa" 5 | ec "crypto/elliptic" 6 | "crypto/hmac" 7 | "crypto/sha256" 8 | "github.com/aead/chacha20" 9 | ) 10 | 11 | // TODO: initially, this implementation is using SHA256 as hashing function. 12 | // implement for other digests 13 | 14 | type Hash256 [sha256.Size]byte 15 | 16 | // generates shared secret using ECDH protocol in an arbitrary curve. The shared 17 | // secret is the hash of the resulting x coordinate of point after scalar 18 | // multiplication between the a ECDSA key pair. 19 | func GenerateECDHSharedSecret(pub *ecdsa.PublicKey, priv *ecdsa.PrivateKey) Hash256 { 20 | curvep := pub.Curve.Params() 21 | x, _ := curvep.ScalarMult(pub.X, pub.Y, priv.D.Bytes()) 22 | sk := sha256.Sum256(x.Bytes()) 23 | return sk 24 | } 25 | 26 | // computes blinding factor used for blinding the cyclic group element at each 27 | // hop. The blinding factor is computed by hashing the concatenation of the the 28 | // hop's public key and the secret key derived between the sender and the hop 29 | // blinding_factor := sha256(hopPubKey || sharedSecret) 30 | func ComputeBlindingFactor(pubKey *ecdsa.PublicKey, secret Hash256) Hash256 { 31 | mPubKey := serializePubKey(pubKey) 32 | sha := sha256.New() 33 | sha.Write(mPubKey) 34 | sha.Write(secret[:]) 35 | 36 | var hash Hash256 37 | copy(hash[:], sha.Sum(nil)) 38 | return hash 39 | } 40 | 41 | func serializePubKey(pub *ecdsa.PublicKey) []byte { 42 | return ec.Marshal(ec.P256(), pub.X, pub.Y) 43 | } 44 | 45 | func GetCurve(priv ecdsa.PrivateKey) ec.Curve { 46 | return priv.PublicKey.Curve 47 | } 48 | 49 | // computes HMAC-SHA-256 50 | func ComputeMAC(key Hash256, message []byte) []byte { 51 | mac := hmac.New(sha256.New, key[:]) 52 | mac.Write(message) 53 | return mac.Sum(nil) 54 | } 55 | 56 | // checks HMAC-SHA-256 57 | func CheckMAC(message, messageMAC []byte, key Hash256) bool { 58 | mac := hmac.New(sha256.New, key[:]) 59 | mac.Write(message) 60 | expectedMAC := mac.Sum(nil) 61 | return hmac.Equal(messageMAC, expectedMAC) 62 | } 63 | 64 | // generates cipher stream of size numBytes from a given PRG. TODO: generalize 65 | // to other ciphers 66 | func GenerateCipherStream(key, nonce []byte, numBytes int) ([]byte, error) { 67 | c, err := chacha20.NewCipher(nonce, key) 68 | if err != nil { 69 | return []byte{}, err 70 | } 71 | out := make([]byte, numBytes) 72 | c.XORKeyStream(out, out) 73 | return out, nil 74 | } 75 | -------------------------------------------------------------------------------- /sinkhole/sinkhole_test.go: -------------------------------------------------------------------------------- 1 | package sinkhole 2 | 3 | import ( 4 | "fmt" 5 | paillier "github.com/Roasbeef/go-go-gadget-paillier" 6 | "log" 7 | "math" 8 | "math/big" 9 | "math/rand" 10 | "reflect" 11 | "testing" 12 | ) 13 | 14 | func TestGetIndex(t *testing.T) { 15 | a := []byte{0} 16 | a_ex := big.NewInt(0) 17 | if res := getIndex(a); res.Cmp(a_ex) != 0 { 18 | t.Error(reflect.TypeOf(res)) 19 | t.Error(reflect.TypeOf(a_ex)) 20 | t.Error(fmt.Sprintf("%v != %v", res, a_ex)) 21 | } 22 | 23 | // 00000001 0000001 24 | b := []byte{1, 1} 25 | b_ex := big.NewInt(257) 26 | if res := getIndex(b); res.Cmp(b_ex) != 0 { 27 | t.Error(fmt.Sprintf("%v != %v", res, b_ex)) 28 | } 29 | 30 | // 00000001 00000001 00000011 = 2pow16 + 256 + 3 31 | c := []byte{1, 1, 3} 32 | c_ex := big.NewInt(65536 + 256 + 3) 33 | if res := getIndex(c); res.Cmp(c_ex) != 0 { 34 | t.Error(fmt.Sprintf("%v != %v", res, c_ex)) 35 | } 36 | } 37 | 38 | func TestQueryPaillier(t *testing.T) { 39 | 40 | // 16 bytes IDs, where 4 bytes are the suffix space (represented by 41 | // "1dfe"), the private space is 8 bytes and the tail space is 16-8+4=4 bytes 42 | // to lookup for `1dfe fd325f31 112a`, the initiator only discloses `1dfe` and 43 | // uses the CPIR for querying fd325f31 (the private key) 44 | 45 | space_len := 16 46 | suffix_space_len := 4 47 | private_space_len := 2 48 | 49 | // bootstrap server 50 | privKey, _ := paillier.GenerateKey(rand.New(rand.NewSource(1)), 128) 51 | sinkhole := New(space_len, suffix_space_len, private_space_len, privKey, privKey.PublicKey) 52 | 53 | // add entry to provider 54 | // 1dfe003ab24b2213 == value1 55 | kv_suffix_space := "1dfe" 56 | k := "1dfe9a3ab24b22" //16 bytes key 57 | v := "value1" 58 | 59 | err := sinkhole.Add(kv_suffix_space, []byte(k), []byte(v)) 60 | if err != nil { 61 | t.Error(err) 62 | } 63 | 64 | // bootstrap client 65 | cliPrivKey, _ := paillier.GenerateKey(rand.New(rand.NewSource(2)), 128) 66 | 67 | // query 68 | // TODO: Refactor! 69 | num_query_fields := math.Pow(2, float64(8*private_space_len)) 70 | q := make([][]byte, int(num_query_fields)) 71 | q_position, _ := calculateIndex(space_len, suffix_space_len, private_space_len, []byte(k)) 72 | 73 | for i := range q { 74 | v := new(big.Int).SetInt64(0).Bytes() 75 | if int64(i) == q_position.Int64() { 76 | v = new(big.Int).SetInt64(1).Bytes() 77 | } 78 | 79 | el, err := paillier.Encrypt(&cliPrivKey.PublicKey, v) 80 | if err != nil { 81 | log.Fatal(err) 82 | } 83 | q[i] = el 84 | } 85 | 86 | array_result, err := sinkhole.Query(kv_suffix_space, q, cliPrivKey.PublicKey) 87 | if err != nil { 88 | log.Fatal(err) 89 | } 90 | 91 | // check result 92 | var res [][]byte 93 | for _, row := range array_result { 94 | dec, err := paillier.Decrypt(cliPrivKey, row) 95 | if err != nil { 96 | t.Error(err) 97 | return 98 | } 99 | 100 | if len(dec) != 0 { 101 | res = append(res, dec) 102 | } 103 | } 104 | 105 | if len(res) != 1 { 106 | t.Error("there should be one result, got ", len(res)) 107 | } 108 | 109 | if string(res[0]) != v { 110 | t.Error("wrong result: ", v) 111 | } 112 | } 113 | -------------------------------------------------------------------------------- /sinkhole/sinkhole.go: -------------------------------------------------------------------------------- 1 | package sinkhole 2 | 3 | import ( 4 | "crypto" 5 | "errors" 6 | "fmt" 7 | paillier "github.com/Roasbeef/go-go-gadget-paillier" 8 | "math" 9 | "math/big" 10 | ) 11 | 12 | type Sinkhole struct { 13 | space_len int //bytes 14 | suffix_space_len int 15 | private_space_len int 16 | buckets map[string]bucket 17 | pk crypto.PublicKey 18 | sk crypto.PrivateKey 19 | } 20 | 21 | type bucket struct { 22 | suffix_space string 23 | store [][]byte 24 | } 25 | 26 | func New(s_len, ss_len, ps_len int, sk crypto.PrivateKey, pk crypto.PublicKey) Sinkhole { 27 | buckets := map[string]bucket{} 28 | return Sinkhole{s_len, ss_len, ps_len, buckets, pk, sk} 29 | } 30 | 31 | func (s *Sinkhole) Query(ss string, q [][]byte, pubkey paillier.PublicKey) ([][]byte, error) { 32 | // select bucket 33 | var buck bucket 34 | exists := false 35 | for k, b := range s.buckets { 36 | if k == ss { 37 | buck = b 38 | exists = true 39 | break 40 | } 41 | } 42 | if !exists { 43 | return [][]byte{}, nil 44 | } 45 | 46 | // go through bucket rowns and multiply homomorphically 47 | for i, row := range buck.store { 48 | 49 | // TODO: init this before ?? 50 | if len(row) == 0 { 51 | row = []byte{0} 52 | } 53 | 54 | q[i] = paillier.Mul(&pubkey, q[i], row) 55 | } 56 | 57 | return q, nil 58 | } 59 | 60 | // TODO: feature more than one entry per row! 61 | func (s *Sinkhole) Add(suffix string, key []byte, value []byte) error { 62 | b, exists := s.buckets[suffix] 63 | 64 | // if bucket for suffix space of the new key value does not exit yet, create it 65 | if exists == false { 66 | num_rows := math.Pow(2, float64(8*s.private_space_len)) // num bits private space == num bucket entries 67 | s.buckets[suffix] = bucket{ 68 | suffix_space: suffix, 69 | store: make([][]byte, int(num_rows)), 70 | } 71 | b = s.buckets[suffix] 72 | } 73 | 74 | index, err := calculateIndex(s.space_len, s.suffix_space_len, s.private_space_len, key) 75 | if err != nil { 76 | return err 77 | } 78 | 79 | b.store[index.Int64()] = value 80 | return nil 81 | } 82 | 83 | func (s *Sinkhole) route(sufx string) (bucket, error) { 84 | return bucket{}, nil 85 | } 86 | 87 | func getIndex(k []byte) *big.Int { 88 | return big.NewInt(0).SetBytes(k) 89 | } 90 | 91 | // breaks key into [suffix_space:private_space:tail_space] 92 | // TODO: refactor, add checks for boundaries, etc.. 93 | func calculateIndex(spaceLen, suffixLen, privLen int, key []byte) (*big.Int, error) { 94 | tailSpace := spaceLen - (suffixLen + privLen) 95 | privSpaceKey := key[suffixLen : spaceLen-tailSpace] 96 | 97 | for i, _ := range privSpaceKey { 98 | b, err := hexByte(privSpaceKey[i]) 99 | if err != nil { 100 | return big.NewInt(0), err 101 | } 102 | privSpaceKey[i] = b 103 | } 104 | return big.NewInt(0).SetBytes(privSpaceKey), nil 105 | } 106 | 107 | func hexByte(b byte) (byte, error) { 108 | if b >= 48 && b <= 57 { 109 | return (b - 48), nil 110 | } 111 | if b >= 97 && b <= 102 { 112 | return (b - 87), nil 113 | } 114 | return 0, errors.New("out of hex boudaries") 115 | } 116 | 117 | var _ = fmt.Sprintf("remove me") 118 | -------------------------------------------------------------------------------- /fullrt/README.md: -------------------------------------------------------------------------------- 1 | # fullrt - Protocol for full routing table exchange 2 | 3 | `p3lib-fullrt` defines and implements a protocol for peers in P2P networks to 4 | request and provide information about their routing table. This mechanism can be 5 | used as a building block to construct protocols for privacy preserving lookups 6 | in P2P networks such as DHTs. It can also be used as a way for peers to exchange 7 | routing information for metrics, security checks [1] and performance optimizations. 8 | 9 | ## p3lib-fullrt as a privacy enhancing mechanism for DHT lookups 10 | 11 | `p3lib-fullrt` has been designed primarily as a mechanism for enhancing privacy 12 | on DHT lookups. In many vanilla DHT designs (e.g. Kademlia DHT [2]), the lookup 13 | initiator recursively requests other peers for a subset of their routing table 14 | containing the peers closest to a certain ID - the resource/peer ID the lookup 15 | initiator is interest. This protocol, although effective and highly scalable - 16 | leaks information of the lookup initiator's interests to other network peers. 17 | 18 | In order to not leak the lookup initiator's interest, she can request the full 19 | routing table from other peers and select the subset closest to her interest 20 | locally. Note that this approach, although much better from a privacy 21 | perspective than vanilla Kademlia - is still vulnerable to passive Range Estimation 22 | attacks [1] and active Lookup Bias attacks [1]. These vulnerabilities can be 23 | addressed by other primitives and protocols implemented by `p3lib`. 24 | 25 | ## API 26 | 27 | ```go 28 | // instantiates a routing table 29 | rt := kb.NewRoutingTable(10, peerID, time.Duration(time.Second*1), pstore.NewMetrics()) 30 | 31 | // starts a full routing table provider with a pointer to a routing table 32 | fullRTManager := NewRTProvider(rt) 33 | err, rtBytes := fullRTManager.GetFullRoutingTable() 34 | 35 | // rtBytes is an encoded and compressed (optional) snapshot of the current 36 | // routing table which can sent to other network peers 37 | 38 | // parse routing table 39 | fullrt := RoutingTableRaw{} 40 | json.Unmarshal(res, &rtBytes) 41 | 42 | // for libp2p routing tables, print peer IDs of the routing table 43 | for _, r := range fullrt { 44 | log.Println(peer.IDB58Decode(r)) 45 | } 46 | ``` 47 | 48 | Check the [libp2p example](./examples/libp2p) to see how to define the full 49 | blown protocol to exchange full routing table information between two network 50 | peers. 51 | 52 | ## Examples 53 | 54 | Check the [example directory](./examples/) to see how to use `p3lib-fullrt` with 55 | [libp2p](https://github.com/libp2p/go-libp2p). 56 | 57 | ## FAQ 58 | 59 | **1. Is using p3lib-fullrt enough to ensure that the lookup initiator's 60 | interest not disclosed to other peers?** 61 | 62 | Not entirely. This approach, although much better from a privacy 63 | perspective than vanilla Kademlia - is still vulnerable to passive Range Estimation 64 | attacks [1] and active Lookup Bias attacks [1]. These vulnerabilities can be 65 | addressed by other primitives and protocols implemented by `p3lib`. However, it 66 | does make it harder for attackers to infer the lookup initiator objectives and 67 | it requires more resources (i.e. more colluding peers) to effectively perform 68 | the attack. 69 | 70 | Keep in mind that `p3lib-fullrt` is one piece of the puzzle for providing 71 | privacy for DHT lookup initiators. 72 | 73 | **2. Why isn't requesting the full routing table part of the DHT protocol 74 | implementations?** 75 | 76 | Because in most cases, that is not how the lookup protocol is defined. It is 77 | much more resource efficient for peers to exchange a subset of entries of the 78 | routing table since it requires less data in the wire. But privacy requires most 79 | often than not more overhead and resource consumption. Having `p3lib-fullrt` as 80 | an optional mechanism to use allows developers to selectively pick which lookups 81 | are important to maintain as private as possible, while leaving other lookups to 82 | be more efficient and less private. We aim at building **plug and play privacy** 83 | and giving as much flexibility as possible to dweb app developers and 84 | requirements. 85 | 86 | **3. Peers are exchanging a full routing table over the wire. Isn't this too 87 | expensive?** 88 | 89 | It could be. We are planning to implement compression and sampling in 90 | `p3lib-fullrt`. The goal is to make it optional for peers to request the full 91 | routing table or a sample of it (e.g. 40% of its entries, as distributed through 92 | the network topology as possible). 93 | 94 | ### References 95 | 96 | [1] [Octopus: A Secure and Anonymous DHT Lookup](https://ieeexplore.ieee.org/document/6258005) 97 | 98 | [2] [Kademlia DHT](https://en.wikipedia.org/wiki/Kademlia) 99 | -------------------------------------------------------------------------------- /sphinx/relayer.go: -------------------------------------------------------------------------------- 1 | package sphinx 2 | 3 | import ( 4 | "crypto/ecdsa" 5 | ec "crypto/elliptic" 6 | "crypto/sha256" 7 | "fmt" 8 | scrypto "github.com/hashmatter/p3lib/sphinx/crypto" 9 | ) 10 | 11 | type RelayerCtx struct { 12 | processedTags [][32]byte 13 | privKey *ecdsa.PrivateKey 14 | } 15 | 16 | func NewRelayerCtx(privKey *ecdsa.PrivateKey) *RelayerCtx { 17 | return &RelayerCtx{ 18 | processedTags: [][32]byte{}, 19 | privKey: privKey, 20 | } 21 | } 22 | 23 | // returns list tags of each of the processed packets by the current relay 24 | // context 25 | func (r *RelayerCtx) ListProcessedPackets() [][32]byte { 26 | return r.processedTags 27 | } 28 | 29 | // processes packet in a given relayer context 30 | func (r *RelayerCtx) ProcessPacket(packet *Packet) ([addrSize]byte, *Packet, error) { 31 | var next Packet 32 | var emptyAddr [addrSize]byte 33 | 34 | curve := ec.P256() 35 | header := packet.Header 36 | 37 | // first verify if group element is part of the expected curve. this is very 38 | // important to avoid ECC twist security attacks 39 | gElement := &header.GroupElement 40 | isOnCurve := curve.Params().IsOnCurve(gElement.X, gElement.Y) 41 | if isOnCurve == false { 42 | return emptyAddr, &Packet{}, 43 | fmt.Errorf("Potential ECC attack! Group element is not on the expected curve.") 44 | } 45 | 46 | sessionKey := r.privKey 47 | sKey := scrypto.GenerateECDHSharedSecret(gElement, sessionKey) 48 | 49 | // checks if packet has been processed based on the derived secret key 50 | tag := sha256.Sum256([]byte(sKey[:])) 51 | if contains(r.processedTags, tag) { 52 | return emptyAddr, &Packet{}, 53 | fmt.Errorf("Packet already processed, discarding. (tag: %x)", tag) 54 | } 55 | 56 | r.processedTags = append(r.processedTags, tag) 57 | 58 | // process header 59 | nextAddr, nextHmac, nextRoutingInfo, err := processHeader(header, sessionKey, sKey) 60 | if err != nil { 61 | return emptyAddr, &Packet{}, err 62 | } 63 | 64 | // decrypts payload 65 | decryptedPayload, err := decryptPayload(packet.Payload, sKey) 66 | if err != nil { 67 | return emptyAddr, &Packet{}, err 68 | } 69 | 70 | // blind next group element 71 | var blindingF scrypto.Hash256 72 | blindingF = scrypto.ComputeBlindingFactor(&header.GroupElement, sKey) 73 | newGroupElement := blindGroupElement(&header.GroupElement, blindingF[:], curve) 74 | 75 | // prepares next header and packet 76 | var nextHeader Header 77 | nextHeader.GroupElement = *newGroupElement 78 | nextHeader.RoutingInfo = nextRoutingInfo 79 | nextHeader.RoutingInfoMac = nextHmac 80 | 81 | next.Version = packet.Version 82 | next.Header = &nextHeader 83 | next.Payload = decryptedPayload 84 | 85 | return nextAddr, &next, nil 86 | } 87 | 88 | func processHeader(header *Header, sessionKey *ecdsa.PrivateKey, sKey scrypto.Hash256) ([addrSize]byte, [hmacSize]byte, [routingInfoSize]byte, error) { 89 | 90 | var nextHmac [hmacSize]byte 91 | var nextAddr [addrSize]byte 92 | var nextRoutingInfo [routingInfoSize]byte 93 | routingInfo := header.RoutingInfo 94 | 95 | // generate keys 96 | encKey := generateEncryptionKey(sKey[:], encryptionKey) 97 | macKey := generateEncryptionKey(sKey[:], hashKey) 98 | 99 | // check hmac 100 | var routingInfoMac [hmacSize]byte 101 | var hKey scrypto.Hash256 102 | copy(hKey[:], macKey) 103 | copy(routingInfoMac[:], scrypto.ComputeMAC(hKey, routingInfo[:])) 104 | 105 | if equal(routingInfoMac[:], header.RoutingInfoMac[:]) == false { 106 | return [addrSize]byte{}, [hmacSize]byte{}, [routingInfoSize]byte{}, 107 | fmt.Errorf("HeaderMAC is not valid: \n %v\n %v\n", 108 | header.RoutingInfoMac, routingInfoMac) 109 | } 110 | 111 | // adds padding (x001) before decrypting 112 | padding := make([]byte, hmacSize+addrSize) 113 | paddedRi := append(routingInfo[:], padding...) 114 | 115 | // decrypts header payload using the derived shared key 116 | cipher, err := scrypto.GenerateCipherStream(encKey, defaultNonce(), streamSize) 117 | if err != nil { 118 | return [addrSize]byte{}, [hmacSize]byte{}, [routingInfoSize]byte{}, err 119 | } 120 | 121 | ri, _ := xor(paddedRi, cipher) 122 | 123 | naddr := ri[:addrSize] 124 | nmac := ri[addrSize:relayDataSize] 125 | var ninfo [routingInfoSize]byte 126 | copy(ninfo[:], ri[relayDataSize:]) 127 | 128 | copy(nextAddr[:], naddr[:]) 129 | copy(nextHmac[:], nmac[:]) 130 | copy(nextRoutingInfo[:], ninfo[:]) 131 | 132 | return nextAddr, nextHmac, nextRoutingInfo, nil 133 | } 134 | 135 | func decryptPayload(p [payloadSize]byte, ss scrypto.Hash256) ([payloadSize]byte, error) { 136 | var resP [payloadSize]byte 137 | nonce := defaultNonce() 138 | cipher, err := scrypto.GenerateCipherStream(ss[:], nonce, payloadSize) 139 | if err != nil { 140 | return [payloadSize]byte{}, err 141 | } 142 | 143 | decrP, _ := xor(p[:], cipher) 144 | copy(resP[:], decrP[:]) 145 | return resP, nil 146 | } 147 | 148 | func contains(s [][32]byte, e [32]byte) bool { 149 | for _, a := range s { 150 | if a == e { 151 | return true 152 | } 153 | } 154 | return false 155 | } 156 | 157 | func equal(a, b []byte) bool { 158 | if len(a) != len(b) { 159 | return false 160 | } 161 | 162 | for i, ai := range a { 163 | if ai != b[i] { 164 | return false 165 | } 166 | } 167 | 168 | return true 169 | } 170 | -------------------------------------------------------------------------------- /specs/p3lib-sphinx-specs.md: -------------------------------------------------------------------------------- 1 | # p3lib-sphinx specifications 2 | 3 | `p3lib-sphinx` implements the sphinx packet format as defined by [1]. This 4 | package implements the data structures and primitives for creating, relaying and 5 | verifying sphinx packets for onion routing and mix-networks. 6 | 7 | ## Protocol overview 8 | 9 | ## Onion packet and header 10 | 11 | An onion packet contains the `version` of the packet, an `header` containing 12 | information for the relay to generate shared keys and, if that is the case, 13 | blinded data for next relays. It also contains `routing info` with the necessary 14 | information to route the packet for the next relay and, finally, the HMAC of the 15 | packet's header, used for integrity verification. 16 | 17 | The size of the `header` must be invariant throughout the circuit so that its 18 | position in the circuit is not leaked. The size of the `header` depends on the 19 | max. number of relays allowed for each circuit and the size of the keys. 20 | 21 | *Notes on defaults: current version of p3lib-sphinx (v0.1) sets sensible and 22 | secure defaults for the ECC curve, key sizes and max. number or relays. this 23 | will change in the future to allow more flexibility to developers to bing their 24 | own crypto and adapt to their application needs* 25 | 26 | ### Header 27 | 28 | An header contains a `group_element` and a `payload`. The `group_element` is sender's 29 | blinded public key and a `payload` is the header's payload with the information 30 | for the next relay. 31 | The size of the `header` must be invariant and deterministic depending on the 32 | cryptography defaults and it is calculated by the formula: 33 | 34 | ``` 35 | size_header = p + (2 * r * k) where, 36 | 37 | p: size of the public key (bytes) 38 | r: max number of hops 39 | k: security parameter, ie. size of symmetric key (bytes) 40 | ``` 41 | 42 | For version `v0.1`, the size of an header is `33 + (2 * 5 * 16) = 193` bytes 43 | 44 | ### Packet 45 | 46 | A sphinx packet wraps the encrypted layers for each of the relays to decrypt and 47 | retrieve routing data necessary to forward the packet to the next relay. The 48 | packet does not leak information about the identity of previous and next 49 | relays and position of the relay in the path. The source node and each of the 50 | relays perform ECDH to derive a secret key which is used to 1) verify the MAC of 51 | the header; 2) decrypt the set of routing information needed by the relay and 3) 52 | shuffle the ephemeral key for the next hop. 53 | 54 | A packet encapsulates both the `header` and the message `payload`. Both `header` 55 | and `payload` must be invariant in length, so that colluding relays cannot link 56 | packets across the circuit. A packet also contains a `version`, `routing_info` 57 | and `header_hmac`. The size of the packet is the sum of the size of those 58 | fields: 59 | 60 | ``` 61 | size_packet = size_header + size_version + size_routing_info + size_payload 62 | 63 | where 64 | 65 | size_routing_info = r * (address_size + header_hmac_size) 66 | ``` 67 | 68 | An `address` contains an IPv4 or IPv6 address (16 bytes) and an unique ID for 69 | the communication protocol (1 byte). The `header_hmac` is the HMAC of each of 70 | the headers computed by the hash function `SHA256-MAC-128`. 71 | 72 | For version `v0.1`, the size of the routing info is `5 * (17 + 32) = 245` bytes. 73 | A packet payload has a fixed lenght of 256 bytes. 74 | 75 | A sphinx packet is `193 + 1 + 245 + 256 = 695` bytes long. This means that for 76 | each 256 bytes transmitted, there is an overhead of 450 bytes. 77 | 78 | **API** 79 | 80 | 1) Create and encode packet 81 | 82 | ``` go 83 | // creates a new packet 84 | packet, _ := 85 | NewPacket(sessionKey, circuitPubKeys, finalAddr, relaysAddrs, payload) 86 | 87 | // encodes packet and writes it to a network buffer to be sent over the wire 88 | // to the next relay 89 | var network bytes.Buffer 90 | enc := gob.NewEncoder(&network) 91 | _ = enc.Encode(packet) 92 | ``` 93 | 94 | 2) Receive, decode and process packet 95 | 96 | ``` go 97 | // initiates the relay context used to process the packet 98 | ctx := NewRelayerCtx(privKey) 99 | 100 | // decodes bytes from network into packet 101 | dec := gob.NewDecoder(&network) 102 | var packet Packet 103 | _ = dec.Decode(&newPacket) 104 | 105 | // processes packet in the relayer context 106 | nextAddr, nextPacket, _ := ctx.ProcessPacket(packet) 107 | 108 | // checks if packet resulting from the packet processing is last 109 | if isLast := nextPacket.IsLast(); isLast == true { 110 | 111 | // if packet is last, forward payload to destination 112 | forwardToDestination(nextAddr, nextPacket) 113 | return 114 | } 115 | 116 | // if packet is not last, forward it to next relay 117 | forwardToRelay(nextAddr, nextPacket) 118 | ``` 119 | 120 | 3) Check relay context state 121 | 122 | ``` go 123 | ctx := NewRelayerCtx(privKey) 124 | 125 | // ... 126 | 127 | // gets all the tags of the processed packets 128 | tags := ctx.ListProcessedPackets() 129 | ``` 130 | 131 | ## Cryptography 132 | 133 | Different hash functions are used to generate encryption and verification keys 134 | of the Sphinx and integrity verification. 135 | 136 | ### Key Generation 137 | 138 | - `encryption`: string which converted to byte stream is used as key for data 139 | obfuscation at each hop. 140 | 141 | - `hash`: string which converted to byte stream is used as key for calculating 142 | header and payload MAC 143 | 144 | The default hash function used in the current version is `SHA256-MAC-128`. In 145 | the future, the developer may use other sensible hash functions. 146 | 147 | ### PRG obfuscation 148 | 149 | A secure pseudo-random stream is used to obfuscate the payload of the packet at 150 | each hop, so that relayers can only access the routing information necessary for 151 | forwarding the packet to the next hop. The default PR byte stream used to 152 | encrypt the packet is `ChaCha20` initialized with a `0x00` byte stream and the 153 | hop's shared secret. (Security note: it is secure to use a fixed nonce since the 154 | shared key is never reused). 155 | 156 | ### References 157 | 158 | - [1] [Sphinx: A Compact and Provably Secure Mix Format](https://www.cypherpunks.ca/~iang/pubs/SphinxOR.pdf) 159 | -------------------------------------------------------------------------------- /fullrt/examples/libp2p/example.go: -------------------------------------------------------------------------------- 1 | // This example spins up two libp2p hosts that exchange full routing table 2 | // with the protocol defined by p3lib-fullrt. `nodeA` is responsible to connect 3 | // to nodeB - which has a fixed identity and accepting connections to a well 4 | // defined port - and request its full routing table by intiating an exchange 5 | // protocol with ID `/p3lib/fullrt/1.0`. `nodeB` handles the protocol request 6 | // and uses the p3lib-fullrt helpers to parse and encode its current routing 7 | // table. 8 | package main 9 | 10 | import ( 11 | "context" 12 | "encoding/json" 13 | frt "github.com/hashmatter/p3lib/fullrt" 14 | ipfsaddr "github.com/ipfs/go-ipfs-addr" 15 | libp2p "github.com/libp2p/go-libp2p" 16 | crypto "github.com/libp2p/go-libp2p-crypto" 17 | dht "github.com/libp2p/go-libp2p-kad-dht" 18 | inet "github.com/libp2p/go-libp2p-net" 19 | peer "github.com/libp2p/go-libp2p-peer" 20 | pstore "github.com/libp2p/go-libp2p-peerstore" 21 | proto "github.com/libp2p/go-libp2p-protocol" 22 | "io" 23 | "log" 24 | "os" 25 | "time" 26 | ) 27 | 28 | var protocolID = proto.ID("/p3lib/fullrt/1.0") 29 | 30 | // we define static and well known address and ID for `nodeb` so that `nodea` 31 | // can connect directly without the need for a discovery mechanism (demo 32 | // purposes) 33 | var nodebConnAddr = "/ip4/127.0.0.1/tcp/4002" 34 | var nodebID = "QmcJzkupSVnePbJWBFU6YXq5Gk59m8cyY8KwFN57cMcAix" 35 | 36 | func main() { 37 | // spins up `nodeb` 38 | go func() { 39 | startNodeB() 40 | }() 41 | 42 | // spins up `nodea` 43 | go func() { 44 | startNodeA() 45 | }() 46 | 47 | select {} 48 | } 49 | 50 | // starts nodeA that will connect to nodeB and request its full routing table 51 | func startNodeA() { 52 | 53 | log.Println("**NodeA** | waits 20s to let nodeb init") 54 | time.Sleep(time.Second * 20) 55 | 56 | log.Println("**NodeA** | init") 57 | 58 | ctx := context.Background() 59 | host, err := libp2p.New(ctx) 60 | if err != nil { 61 | log.Fatal(err) 62 | } 63 | 64 | nodebAddr, _ := ipfsaddr.ParseString(nodebConnAddr + "/ipfs/" + nodebID) 65 | peerinfo, _ := pstore.InfoFromP2pAddr(nodebAddr.Multiaddr()) 66 | 67 | if err = host.Connect(ctx, *peerinfo); err != nil { 68 | log.Println("**NodeA** | ERROR: ", err) 69 | } 70 | 71 | peeridb, err := peer.IDB58Decode(nodebID) 72 | if err != nil { 73 | log.Fatal(err) 74 | } 75 | 76 | // now that `nodea` and `nodeb` know about each other, `nodea` starts a new 77 | // stream with the protocol ID `/p3lib/fullrt/1.0` which requests the full 78 | // routing table of the destination node (in this case, `nodeb`) 79 | s, err := host.NewStream(context.Background(), peeridb, protocolID) 80 | if err != nil { 81 | log.Fatal(err) 82 | } 83 | 84 | // the content of the request is empty. in the future, the protocol will 85 | // define options such as compression and max number of entries. those options 86 | // will be sent over the wire 87 | _, err = s.Write([]byte{}) 88 | if err != nil { 89 | log.Fatal(err) 90 | } 91 | 92 | log.Println("**NodeA** | fullRT request sent") 93 | 94 | // receives and parses response from `nodeb` 95 | var res []byte 96 | p := make([]byte, 4) 97 | for { 98 | n, err := s.Read(p) 99 | if err == io.EOF { 100 | break 101 | } 102 | res = append(res, p[:n]...) 103 | } 104 | 105 | log.Println("**NodeA** | nodeb routing table received:") 106 | 107 | // parses response as routing table 108 | fullrt := frt.RoutingTableRaw{} 109 | err = json.Unmarshal(res, &fullrt) 110 | if err != nil { 111 | log.Fatal(err) 112 | } 113 | 114 | // prints every entry of the received full routing table 115 | for _, r := range fullrt { 116 | log.Println(peer.IDB58Decode(r)) 117 | } 118 | 119 | s.Close() 120 | } 121 | 122 | func startNodeB() { 123 | log.Println("==NodeB== | init") 124 | ctx := context.Background() 125 | 126 | // reloads node identity from file, so that nodeA can find nodeB without any 127 | // discovery mechanism 128 | priv, err := reloadIdentityFromFile() 129 | if err != nil { 130 | log.Fatal(err) 131 | } 132 | 133 | // creates libp2p host with ID `QmcJzkupSVnePbJWBFU6YXq5Gk59m8cyY8KwFN57cMcAix` 134 | // listening to incoming requests at `/ip4/127.0.0.1/tcp/4002` 135 | host, err := libp2p.New(ctx, 136 | libp2p.ListenAddrStrings(nodebConnAddr), 137 | libp2p.Identity(priv), 138 | ) 139 | 140 | // joins the IPFS DHT in order to populate routing table 141 | log.Println("==NodeB== | joining IPFS dht") 142 | kad, err := dht.New(ctx, host) 143 | if err != nil { 144 | panic(err) 145 | } 146 | for _, peerAddr := range bootstrapPeers { 147 | pAddr, _ := ipfsaddr.ParseString(peerAddr) 148 | peerinfo, _ := pstore.InfoFromP2pAddr(pAddr.Multiaddr()) 149 | 150 | if err = host.Connect(ctx, *peerinfo); err != nil { 151 | log.Println("ERROR: ", err) 152 | } 153 | } 154 | 155 | log.Println("==NodeB== | OK host id:", host.ID()) 156 | if err != nil { 157 | log.Fatal(err) 158 | } 159 | 160 | // prepares full routing table provider component. it is responsible parse and 161 | // provide a canonical representation of routing tables when requested. in the 162 | // future, will include options to compressed and sample routing table entries 163 | // in order to save bandwidth 164 | fullRtProv := frt.NewRTProvider(kad.RoutingTable()) 165 | 166 | // sets the handler to reply for full routing table requests 167 | host.SetStreamHandler(protocolID, func(s inet.Stream) { 168 | log.Println("==NodeB== | received new stream: ", s) 169 | 170 | defer s.Close() 171 | 172 | // fetches and encodes full routing table 173 | err, rtBytes := fullRtProv.GetFullRoutingTable() 174 | if err != nil { 175 | log.Fatal(err) 176 | } 177 | // writes results to stream 178 | _, err = s.Write(rtBytes) 179 | if err != nil { 180 | log.Fatal(err) 181 | } 182 | }) 183 | } 184 | 185 | func reloadIdentityFromFile() (crypto.PrivKey, error) { 186 | var emptyPk crypto.PrivKey 187 | privRaw := make([]byte, 1196) 188 | f, err := os.Open("priv.byte") 189 | if err != nil { 190 | return emptyPk, err 191 | } 192 | defer f.Close() 193 | _, err = f.Read(privRaw) 194 | if err != nil { 195 | return emptyPk, err 196 | } 197 | priv, err := crypto.UnmarshalPrivateKey(privRaw) 198 | if err != nil { 199 | return emptyPk, err 200 | } 201 | return priv, nil 202 | } 203 | 204 | // bootstrapPeers to join the IPFS DHT 205 | var bootstrapPeers = []string{ 206 | "/ip4/104.131.131.82/tcp/4001/ipfs/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ", 207 | "/ip4/104.236.179.241/tcp/4001/ipfs/QmSoLPppuBtQSGwKDZT2M73ULpjvfd3aZ6ha4oFGL1KrGM", 208 | "/ip4/104.236.76.40/tcp/4001/ipfs/QmSoLV4Bbm51jM9C4gDYZQ9Cy3U6aXMJDAbzgu2fzaDs64", 209 | "/ip4/128.199.219.111/tcp/4001/ipfs/QmSoLSafTMBsPKadTEgaXctDQVcqN88CNLHXMkTNwMKPnu", 210 | "/ip4/178.62.158.247/tcp/4001/ipfs/QmSoLer265NRgSp2LA3dPaeykiS1J6DifTC88f5uVQKNAd", 211 | } 212 | -------------------------------------------------------------------------------- /specs/p3lib-sinkhole-specs.md: -------------------------------------------------------------------------------- 1 | # p3ib-sinkhole specifications 2 | 3 | `p3lib-sinkole` is a protocol base on a practical computational Private 4 | Information Retrieval (CPIR) key value store that aims at offering provable 5 | privacy to DHT lookup requests. 6 | 7 | A sinkhole is a key-value database maintained by a single entity (in the CPIR 8 | construction), which maintains key-value pairs that are also maintained in the 9 | DHT. The difference is that queries to the sinkhole will not leak any 10 | information about the key being queried, even if the sinkhole provider is 11 | malicious. The `p3lib-sinkhole` prtocol combines the scalability, 12 | decentralization and simplicity of a DHT with the provable security properties 13 | of a CPIR to offer practical key-value lookups for a DHT setting. 14 | 15 | ## Protocol overview 16 | 17 | **Sinkhole provider registration**: A sinkhole provider registers itself in the 18 | DHT as a provider of a subset of 19 | the domain space of the DHT. We call this subset the `suffix-space`. 20 | 21 | Considering a DHT where the domain space is 8 bits long (ie. the peer 22 | ids and content ids have 8 bits) the sinkhole can define its `suffix-space` as 23 | the first 3 bits. This means that the sinkhole will store and provide 24 | anonymously key-value entries that are suffixed in the `suffix-space`. If the 25 | `suffix-space` is, eg, `2dt`, it means that the sinkhole will provide values for 26 | all the `2dtxxxxx` keys in the space. Registering as a valid sinkhole provider 27 | in this example can be done by issuing a `DHT.provide(2dt00000)` DHT request. 28 | 29 | **Sinkhole provider stores key-values upon request**: After the bootstrapping, 30 | the sinkhole's key-value storage is empty. The service exposes 31 | a RPC for letting users to request the sinkhole provider to store a `cid` that 32 | can be later retrieved in a privately way by DHT users. The storing request 33 | includes the `cid` of the resource to store. Upon receiving the request, the 34 | sinkhole provider issues a DHT lookup to get peer information of providers of 35 | the given `cid`. The information returned by the DHT refers to the values of 36 | the stored under `cid` key. 37 | 38 | **DHT user requests for the providers of a `cid` privately**: If a DHT node 39 | wants to lookup for the providers of a specific `cid` in the DHT without leaking 40 | information to other nodes about the `cid`, she first tries to discover if 41 | there is a sinkhole providing a storage in the same `suffix-space` as the `cid` 42 | to resolve. This first step is achieved by requesting the DHT for the providers 43 | of `suffix-id`, where the sinkhole provider might have registered itself. Let's 44 | assume the example above and that the user wants to lookup for the `2dt1hjjw` cid. 45 | She would start by requesting the DHT for the providers of `2dt00000`, by 46 | requesting `DHT.provide(2dt00000)`. If the discovery mechanism is successful, 47 | the user will learn about the peerinfo (IP address, pubkey) of the sinkhole 48 | providers that may have the key-value tuple associated with the cid `2dt1hjjw`. 49 | The second phase of the protocol consists of leveraging homomorphic 50 | multiplication of come cryptographic systems (e.g. Paillier) to generate an 51 | encrypted request that can be sent to the sinkhole provider and, while the 52 | sinkhole provider *is not able to decrypt the content of the request* (i.e. the 53 | `cid` to resolve), it will be able to compute the result over its key-value 54 | database. The result of the computation is encrypted and can only be decrypted 55 | by the requester. Once the user receives the encrypted response from the server, 56 | she can decrypt is using her private key and verify if the provider has stored 57 | the key-value tuple associated with the requested `cid`. Id successful, the user 58 | leveraged both DHT and the sinkhole provider to resolve a list of DHT `cid` 59 | providers while leaking information about its interests to adversaries and 60 | honest curious peers in the DHT. 61 | 62 | ## Computational PIR and homomorphic multiplication 63 | 64 | ## Addressing spaces 65 | 66 | **suffix-space**: the first `s` bits of the address; The `suffix-space` is the 67 | amount of information a user discloses to the network about the `cid` to 68 | resolve. The level of privacy is inversely proportional to `s`; 69 | 70 | **private-space**: the first `p` bits after the `suffix-space`; The 71 | `private-space` refers to the amount of entries in the operator key value store. 72 | The computation overhead for both user and provider is proportional `p`. 73 | 74 | **tail-space**: the remainder bits of the address (i.e. `N - (s + p)`); 75 | 76 | Each sinkhole provider defines its own parameters for `s` and `p`. These 77 | parameters affect privacy levels offered by a particular sinkhole provider and 78 | the communication and computation overhead of the protocol. The user must know 79 | `s` for the first stage of the protocol (the DHT lookup) and `p` for the second 80 | step of the protocol (the CPIR query). This information may be shared off-band 81 | or transmitted during the protocol. 82 | 83 | ### Example 84 | 85 | Let's consider a DHT addressing domain with 12 bits (ie. both peer IDs and 86 | `cids` are represented with 12 bits, with 2^12 possible addresses). 87 | 88 | A sink provider bootstraps with the following domain spaces as configurations: 89 | 90 | ``` 91 | suffix-space of 4 bit eg `(1dsa________)` 92 | private-space of 6 bits `(1dsaPPPP__)` 93 | tail-space of 2 bits `(1dsaPPPPTT)` 94 | ``` 95 | 96 | From these configurations, we can deduce the following: 97 | 98 | - The sinkhole will provide the service for keys from `1dsa00000000` to 99 | `1dsaffffffff`. This defines the amount of information the user leaks during 100 | the protocol, since adversaries and curious users in the DHT network are able to 101 | learn that the `cid` being looked up is one of `1dsa00000000` - 102 | `1dsaffffffff`. 103 | 104 | - The size number of rows in the database of the sink provider is `2^p` (64). 105 | This number also defines the computation required to encrypt the query and 106 | decrypt the result in the user side and the computation required to run the 107 | query in the sinkhole provider side. 108 | 109 | - Each row in the database will potentially store `2^t` (4) key-value tuples. 110 | 111 | ## Threat model, security and privacy guarantees 112 | ### Trust in the sinkhole provider 113 | 114 | ## Sinkhole provider API 115 | 116 | - **Query** 117 | 118 | ``` 119 | -> POST /sinkhole/1/query 120 | [p]byte 121 | 122 | <- [p] byte 123 | ``` 124 | 125 | - **Info** returns the configurations if of the provider, namely the 126 | `suffix-space`, `p` and `t`. 127 | 128 | ``` 129 | -> GET /sinkhole/1/info 130 | 131 | <- {suffix-name, p, t} 132 | ``` 133 | 134 | 135 | - **Status** returns the sinkhole current status, e.g. list of stored keys, 136 | number of stored key-value tuples. 137 | 138 | ``` 139 | -> GET /sinkhole/1/status 140 | 141 | <- {...} 142 | ``` 143 | 144 | ## Future work and orthogonal features 145 | 146 | ### Decentralized sinkholes 147 | ### Incentives 148 | 149 | 150 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/AndreasBriese/bbloom v0.0.0-20180913140656-343706a395b7/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= 2 | github.com/Kubuxu/go-os-helper v0.0.1/go.mod h1:N8B+I7vPCT80IcP58r50u4+gEEcsZETFUpAzWW2ep1Y= 3 | github.com/Roasbeef/go-go-gadget-paillier v0.0.0-20181009074315-14f1f86b6000 h1:jcW1SFUzfkw4HSXS3O/DoFOmXe18e9wqsrF2f7cgCyM= 4 | github.com/Roasbeef/go-go-gadget-paillier v0.0.0-20181009074315-14f1f86b6000/go.mod h1:vrrslkOJ8o7Ofmeg/lskw5yR+tml1iazaTSYVai9Kq8= 5 | github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY= 6 | github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= 7 | github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII= 8 | github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32 h1:qkOC5Gd33k54tobS36cXdAzJbeHaduLtnLQQwNoIi78= 9 | github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32/go.mod h1:DrZx5ec/dmnfpw9KyYoQyYo7d0KEvTkk/5M/vbZjAr8= 10 | github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= 11 | github.com/btcsuite/btcutil v0.0.0-20190207003914-4c204d697803/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= 12 | github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg= 13 | github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY= 14 | github.com/btcsuite/snappy-go v0.0.0-20151229074030-0bdef8d06723/go.mod h1:8woku9dyThutzjeg+3xrA5iCpBRH8XEEg3lh6TiUghc= 15 | github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtEyQwv5/p4Mg4C0fgbePVuGr935/5ddU9Z3TmDRY= 16 | github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs= 17 | github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 18 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 19 | github.com/dgraph-io/badger v1.5.5-0.20190226225317-8115aed38f8f/go.mod h1:VZxzAIRPHRVNRKRo6AXrX9BJegn6il06VMTZVJYCIjQ= 20 | github.com/dgryski/go-farm v0.0.0-20190104051053-3adb47b1fb0f/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= 21 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 22 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 23 | github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= 24 | github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE= 25 | github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= 26 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 27 | github.com/golang/protobuf v1.3.0/go.mod h1:Qd/q+1AKNOZr9uGQzbzCmRO6sUih6GTPZv6a1/R87v0= 28 | github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= 29 | github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 30 | github.com/gxed/hashland/keccakpg v0.0.1 h1:wrk3uMNaMxbXiHibbPO4S0ymqJMm41WiudyFSs7UnsU= 31 | github.com/gxed/hashland/keccakpg v0.0.1/go.mod h1:kRzw3HkwxFU1mpmPP8v1WyQzwdGfmKFJ6tItnhQ67kU= 32 | github.com/gxed/hashland/murmur3 v0.0.1 h1:SheiaIt0sda5K+8FLz952/1iWS9zrnKsEJaOJu4ZbSc= 33 | github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= 34 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 35 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 36 | github.com/ipfs/go-datastore v0.0.1/go.mod h1:d4KVXhMt913cLBEI/PXAy6ko+W7e9AhyAKBGh803qeE= 37 | github.com/ipfs/go-ds-badger v0.0.2/go.mod h1:Y3QpeSFWQf6MopLTiZD+VT6IC1yZqaGmjvRcKeSGij8= 38 | github.com/ipfs/go-ds-leveldb v0.0.1/go.mod h1:feO8V3kubwsEF22n0YRQCffeb79OOYIykR4L04tMOYc= 39 | github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw= 40 | github.com/ipfs/go-ipfs-util v0.0.1 h1:Wz9bL2wB2YBJqggkA4dD7oSmqB4cAnpNbGrlHJulv50= 41 | github.com/ipfs/go-ipfs-util v0.0.1/go.mod h1:spsl5z8KUnrve+73pOhSVZND1SIxPW5RyBCNzQxlJBc= 42 | github.com/ipfs/go-log v0.0.1 h1:9XTUN/rW64BCG1YhPK9Hoy3q8nr4gOmHHBpgFdfw6Lc= 43 | github.com/ipfs/go-log v0.0.1/go.mod h1:kL1d2/hzSpI0thNYjiKfjanbVNU+IIGA/WnNESY9leM= 44 | github.com/jbenet/goprocess v0.0.0-20160826012719-b497e2f366b8/go.mod h1:Ly/wlsjFq/qrU3Rar62tu1gASgGw6chQbSh/XgIIXCY= 45 | github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= 46 | github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= 47 | github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= 48 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= 49 | github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= 50 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 51 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 52 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 53 | github.com/libp2p/go-buffer-pool v0.0.1/go.mod h1:xtyIz9PMobb13WaxR6Zo1Pd1zXJKYg0a8KiIvDp3TzQ= 54 | github.com/libp2p/go-libp2p-crypto v0.0.1 h1:JNQd8CmoGTohO/akqrH16ewsqZpci2CbgYH/LmYl8gw= 55 | github.com/libp2p/go-libp2p-crypto v0.0.1/go.mod h1:yJkNyDmO341d5wwXxDUGO0LykUVT72ImHNUqh5D/dBE= 56 | github.com/libp2p/go-libp2p-kbucket v0.1.1 h1:ZrvW3qCM+lAuv7nrNts/zfEiClq+GZe8OIzX4Vb3Dwo= 57 | github.com/libp2p/go-libp2p-kbucket v0.1.1/go.mod h1:Y0iQDHRTk/ZgM8PC4jExoF+E4j+yXWwRkdldkMa5Xm4= 58 | github.com/libp2p/go-libp2p-peer v0.0.1 h1:0qwAOljzYewINrU+Kndoc+1jAL7vzY/oY2Go4DCGfyY= 59 | github.com/libp2p/go-libp2p-peer v0.0.1/go.mod h1:nXQvOBbwVqoP+T5Y5nCjeH4sP9IX/J0AMzcDUVruVoo= 60 | github.com/libp2p/go-libp2p-peerstore v0.0.1 h1:twKovq8YK5trLrd3nB7PD2Zu9JcyAIdm7Bz9yBWjhq8= 61 | github.com/libp2p/go-libp2p-peerstore v0.0.1/go.mod h1:RabLyPVJLuNQ+GFyoEkfi8H4Ti6k/HtZJ7YKgtSq+20= 62 | github.com/libp2p/go-testutil v0.0.1/go.mod h1:iAcJc/DKJQanJ5ws2V+u5ywdL2n12X1WbbEG+Jjy69I= 63 | github.com/mattn/go-colorable v0.1.1 h1:G1f5SKeVxmagw/IyvzvtZE4Gybcc4Tr1tf7I8z0XgOg= 64 | github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= 65 | github.com/mattn/go-isatty v0.0.5 h1:tHXDdz1cpzGaovsTB+TVB8q90WEokoVmfMqoVcrLUgw= 66 | github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= 67 | github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0OXOcUbGjvZxxijuBwbbmlSxLiuofa+g= 68 | github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= 69 | github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16 h1:5W7KhL8HVF3XCFOweFD3BNESdnO8ewyYTFT2R+/b8FQ= 70 | github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16/go.mod h1:2FMWW+8GMoPweT6+pI63m9YE3Lmw4J71hV56Chs1E/U= 71 | github.com/mr-tron/base58 v1.1.0 h1:Y51FGVJ91WBqCEabAi5OPUz38eAx8DakuAm5svLcsfQ= 72 | github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= 73 | github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA= 74 | github.com/multiformats/go-multiaddr v0.0.1 h1:/QUV3VBMDI6pi6xfiw7lr6xhDWWvQKn9udPn68kLSdY= 75 | github.com/multiformats/go-multiaddr v0.0.1/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= 76 | github.com/multiformats/go-multiaddr-dns v0.0.1/go.mod h1:9kWcqw/Pj6FwxAwW38n/9403szc57zJPs45fmnznu3Q= 77 | github.com/multiformats/go-multiaddr-net v0.0.1/go.mod h1:nw6HSxNmCIQH27XPGBuX+d1tnvM7ihcFwHMSstNAVUU= 78 | github.com/multiformats/go-multihash v0.0.1 h1:HHwN1K12I+XllBCrqKnhX949Orn4oawPkegHMu2vDqQ= 79 | github.com/multiformats/go-multihash v0.0.1/go.mod h1:w/5tugSrLEbWqlcgJabL3oHFKTwfvkofsjW2Qa1ct4U= 80 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 81 | github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 82 | github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 83 | github.com/opentracing/opentracing-go v1.0.2 h1:3jA2P6O1F9UOrWVpwrIo17pu01KWvNWg4X946/Y5Zwg= 84 | github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= 85 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 86 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 87 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 88 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 89 | github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= 90 | github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1/go.mod h1:8UvriyWtv5Q5EOgjHaSseUEdkQfvwFv1I/In/O2M9gc= 91 | github.com/whyrusleeping/go-logging v0.0.0-20170515211332-0457bb6b88fc h1:9lDbC6Rz4bwmou+oE6Dt4Cb2BGMur5eR/GYptkKUVHo= 92 | github.com/whyrusleeping/go-logging v0.0.0-20170515211332-0457bb6b88fc/go.mod h1:bopw91TMyo8J3tvftk8xmU2kPmlrt4nScJQZU2hE5EM= 93 | github.com/whyrusleeping/mafmt v1.2.8/go.mod h1:faQJFPbLSxzD9xpA02ttW/tS9vZykNvXwGvqIpk20FA= 94 | golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 95 | golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 96 | golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b h1:+/WWzjwW6gidDJnMKWLKLX1gxn7irUTF1fLpQovfQ5M= 97 | golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 98 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 99 | golang.org/x/net v0.0.0-20190227160552-c95aed5357e7 h1:C2F/nMkR/9sfUTpvR3QrjBuTdvMUC/cFajkphs1YLQo= 100 | golang.org/x/net v0.0.0-20190227160552-c95aed5357e7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 101 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 102 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 103 | golang.org/x/sys v0.0.0-20190219092855-153ac476189d/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 104 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 105 | golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82 h1:vsphBvatvfbhlb4PO1BYSr9dzugGxJ/SQHoNufZJq1w= 106 | golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 107 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 108 | golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 109 | google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 110 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 111 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 112 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 113 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 114 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 115 | -------------------------------------------------------------------------------- /sphinx/sphinx_test.go: -------------------------------------------------------------------------------- 1 | package sphinx 2 | 3 | import ( 4 | "bytes" 5 | "crypto/ecdsa" 6 | ec "crypto/elliptic" 7 | "crypto/rand" 8 | "encoding/gob" 9 | "fmt" 10 | scrypto "github.com/hashmatter/p3lib/sphinx/crypto" 11 | "math/big" 12 | "testing" 13 | ) 14 | 15 | func TestPacketEncoding(t *testing.T) { 16 | numRelays := 2 17 | finalAddr := []byte("/ip4/127.0.0.1/udp/1234") 18 | relayAddrs := [][]byte{ 19 | []byte("/ip6/2607:f8b0:4003:c01::6a/udp/5678"), 20 | []byte("/ip4/127.0.0.1/tcp/50234"), 21 | //[]byte("/ip4/127.0.0.1/udp/1234"), 22 | } 23 | circuitPrivKeys := make([]ecdsa.PrivateKey, numRelays) 24 | circuitPubKeys := make([]ecdsa.PublicKey, numRelays) 25 | 26 | privSender, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 27 | 28 | for i := 0; i < numRelays; i++ { 29 | pub, priv := generateHopKeys() 30 | circuitPrivKeys[i] = *priv 31 | circuitPubKeys[i] = *pub 32 | } 33 | 34 | var payload [payloadSize]byte 35 | copy(payload[:], []byte("hello sphinx!")) 36 | 37 | packet, err := 38 | NewPacket(privSender, circuitPubKeys, finalAddr, relayAddrs, payload) 39 | if err != nil { 40 | t.Errorf("Err packet construction: %v", err) 41 | return 42 | } 43 | 44 | var buf bytes.Buffer 45 | 46 | // creates encoder, encodes packet and write to buffer buf 47 | enc := gob.NewEncoder(&buf) 48 | err = enc.Encode(packet) 49 | if err != nil { 50 | t.Error(err) 51 | return 52 | } 53 | 54 | // TODO: check size of the packet byte stream (must be fixed!) 55 | 56 | // creates decoder, reads bytes from buffer and populates newPacket 57 | dec := gob.NewDecoder(&buf) 58 | var newPacket Packet 59 | err = dec.Decode(&newPacket) 60 | if err != nil { 61 | t.Error(err) 62 | return 63 | } 64 | 65 | // #TODO impl equal for header? (only necessary for tests though.. ), maybe there 66 | // is a smarter way for doing this. also this is ugly af 67 | if string(newPacket.Header.RoutingInfo[:]) != string(packet.Header.RoutingInfo[:]) { 68 | t.Errorf("Encoded/decoded header.RoutingInfo is not correct: %v != %v", 69 | newPacket.Header, packet.Header) 70 | } 71 | 72 | if string(newPacket.Payload[:]) != string(packet.Payload[:]) { 73 | t.Errorf("Encoded/decoded packet payload is not correct: %v != %v", 74 | newPacket.Header, packet.Header) 75 | } 76 | } 77 | 78 | // tests the construction and processing of an onion packet with a numRelays 79 | // size circuit. 80 | func TestEndToEnd(t *testing.T) { 81 | numRelays := 5 82 | finalAddr := []byte("/ip6/2607:f8b0:4003:c01::6a/udp/5678#000000000") 83 | relayAddrs := [][]byte{ 84 | []byte("QmQV4LdB3jDKEZxB1EGoutUYyRSt8H8oW4B6DoBLB9z6b7"), 85 | []byte("/ip4/127.0.0.1/udp/1234#0000000000000000000000"), 86 | []byte("QmPxawpH7ymXENBZcbKpV3NTxMc4fs37gmREn8e9C2kgNe"), 87 | []byte("/ip4/120.120.0.2/tcp/1222#00000000000000000000"), 88 | []byte("/ip6/2607:f8b0:4003:c01::6a/udp/5678#000000000"), 89 | } 90 | 91 | circuitPrivKeys := make([]ecdsa.PrivateKey, numRelays) 92 | circuitPubKeys := make([]ecdsa.PublicKey, numRelays) 93 | 94 | privSender, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 95 | 96 | for i := 0; i < numRelays; i++ { 97 | pub, priv := generateHopKeys() 98 | circuitPrivKeys[i] = *priv 99 | circuitPubKeys[i] = *pub 100 | } 101 | 102 | var payload [payloadSize]byte 103 | copy(payload[:], []byte("hello sphinx!")) 104 | 105 | // initiator constructs new packet 106 | packet0, err := 107 | NewPacket(privSender, circuitPubKeys, finalAddr, relayAddrs, payload) 108 | if err != nil { 109 | t.Errorf("Err packet construction: %v", err) 110 | return 111 | } 112 | 113 | // check if paylaod was encrypted 114 | if string(packet0.Payload[:]) == string(payload[:]) { 115 | t.Errorf("Payload was not successfully ENCRYPTED: %v == %v", 116 | packet0.Payload, payload) 117 | } 118 | 119 | // relay 0 processes the header 120 | r0 := NewRelayerCtx(&circuitPrivKeys[0]) 121 | nextAddr, packet1, err := r0.ProcessPacket(packet0) 122 | if err != nil { 123 | t.Errorf("Err packet processing: %v", err) 124 | return 125 | } 126 | 127 | if string(packet1.Payload[:]) == string(payload[:]) { 128 | t.Errorf("Payload was not successfully ENCRYPTED: %v == %v", 129 | packet1.Payload, payload) 130 | } 131 | 132 | if string(nextAddr[:]) != string(relayAddrs[1]) { 133 | t.Errorf("NextAddr is incorrect (%v != %v)", string(nextAddr[:]), 134 | string(relayAddrs[1])) 135 | return 136 | } 137 | 138 | if packet1.Header == nil { 139 | t.Errorf("Packet's header is empty, abort. (pointer: %v)", packet1.Header) 140 | return 141 | } 142 | 143 | // relay 1 processes the header 144 | r1 := NewRelayerCtx(&circuitPrivKeys[1]) 145 | nextAddr, packet2, err := r1.ProcessPacket(packet1) 146 | if err != nil { 147 | t.Errorf("Err packet processing: %v", err) 148 | return 149 | } 150 | 151 | if string(packet2.Payload[:]) == string(payload[:]) { 152 | t.Errorf("Payload was not successfully ENCRYPTED: %v == %v", 153 | packet2.Payload, payload) 154 | } 155 | 156 | if string(nextAddr[:]) != string(relayAddrs[2]) { 157 | t.Errorf("NextAddr is incorrect (%v != %v)", nextAddr, relayAddrs[2]) 158 | return 159 | } 160 | 161 | // relay 2 processes the header 162 | r2 := NewRelayerCtx(&circuitPrivKeys[2]) 163 | nextAddr, packet3, err := r2.ProcessPacket(packet2) 164 | if err != nil { 165 | t.Errorf("Err packet processing: %v", err) 166 | return 167 | } 168 | 169 | // relays 3 and 4 process the header 170 | r3 := NewRelayerCtx(&circuitPrivKeys[3]) 171 | _, packet4, err := r3.ProcessPacket(packet3) 172 | if err != nil { 173 | t.Errorf("Err packet processing: %v", err) 174 | return 175 | } 176 | 177 | r4 := NewRelayerCtx(&circuitPrivKeys[4]) 178 | nextAddr, packet5, err := r4.ProcessPacket(packet4) 179 | if err != nil { 180 | t.Errorf("Err packet processing: %v", err) 181 | return 182 | } 183 | if string(nextAddr[:]) != string(finalAddr) { 184 | t.Errorf("NextAddr (which is the last) is incorrect (%v != %v)", 185 | nextAddr, finalAddr) 186 | return 187 | } 188 | 189 | if packet5.IsLast() != true { 190 | t.Errorf("Packet should be final, hmac must be all 0s, got %v", packet3.RoutingInfoMac) 191 | } 192 | 193 | if string(packet5.Payload[:]) != string(payload[:]) { 194 | t.Errorf("Payload was not successfully recovered by last relay: %v != %v", 195 | packet5.Payload, payload) 196 | } 197 | } 198 | 199 | func TestNewHeader(t *testing.T) { 200 | numRelays := 4 201 | finalAddr := []byte("QmZrXVN6xNkXYqFharGfjG6CjdE3X85werKm8AyMdqsQKS") 202 | relayAddrs := [][]byte{ 203 | []byte("/ip4/127.0.0.1/udp/1234#0000000000000000000000"), 204 | []byte("QmSFXZRzh6ZdpWXXQQ2mkYtx3ns39ZPtWgQJ7sSqStiHZH"), 205 | []byte("/ip6/2607:f8b0:4003:c00::6a/udp/5678#000000000"), 206 | []byte("/ip4/198.162.0.2/tcp/4321#00000000000000000000"), 207 | //[]byte("/ip4/198.162.0.3/tcp/4321"), 208 | } 209 | 210 | circuitPrivKeys := make([]ecdsa.PrivateKey, numRelays) 211 | circuitPubKeys := make([]ecdsa.PublicKey, numRelays) 212 | 213 | privSender, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 214 | //pubSender := privSender.PublicKey 215 | 216 | for i := 0; i < numRelays; i++ { 217 | pub, priv := generateHopKeys() 218 | circuitPrivKeys[i] = *priv 219 | circuitPubKeys[i] = *pub 220 | } 221 | 222 | sharedSecrets, err := generateSharedSecrets(circuitPubKeys, *privSender) 223 | 224 | header, err := 225 | constructHeader(privSender, finalAddr, relayAddrs, sharedSecrets) 226 | if err != nil { 227 | t.Error(err) 228 | } 229 | 230 | ri := header.RoutingInfo 231 | 232 | // checks if there are suffixed zeros in the padding 233 | count := 0 234 | for j := len(ri) - 1; j > 0; j-- { 235 | if ri[j] != 0 { 236 | break 237 | } 238 | count = count + 1 239 | } 240 | 241 | if count > 2 { 242 | t.Errorf("Header is revealing number of relays. Suffixed 0s count: %v", count) 243 | t.Errorf("len(routingInfo): %v | len(headerMac): %v", 244 | len(ri), len(header.RoutingInfoMac)) 245 | } 246 | } 247 | 248 | func TestGenSharedKeys(t *testing.T) { 249 | // setup 250 | curve := ec.P256() 251 | numRelays := 3 252 | circuitPubKeys := make([]ecdsa.PublicKey, numRelays) 253 | circuitPrivKeys := make([]ecdsa.PrivateKey, numRelays) 254 | 255 | privSender, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 256 | pubSender := privSender.PublicKey 257 | 258 | for i := 0; i < numRelays; i++ { 259 | pub, priv := generateHopKeys() 260 | circuitPrivKeys[i] = *priv 261 | circuitPubKeys[i] = *pub 262 | } 263 | 264 | // generateSharedSecrets 265 | sharedKeys, err := generateSharedSecrets(circuitPubKeys, *privSender) 266 | if err != nil { 267 | t.Error(err) 268 | } 269 | 270 | //e := ec.Marshal(pubSender.Curve, pubSender.X, pubSender.Y) 271 | //t.Error(e, len(e), pubSender.X.BitLen(), pubSender.Y.BitLen()) 272 | 273 | // if shared keys were properly generated, the 1st hop must be able to 1) 274 | // generate shared key and 2) blind group element. The 2rd hop must be able to 275 | // generate shared key from new blind element 276 | 277 | // 1) first hop derives shared key, which must be the same as sharedKeys[0] 278 | privKey_1 := circuitPrivKeys[0] 279 | sk_1 := scrypto.GenerateECDHSharedSecret(&pubSender, &privKey_1) 280 | if sk_1 != sharedKeys[0] { 281 | t.Error(fmt.Printf("First shared key was not properly computed\n> %x\n> %x\n", 282 | sk_1, sharedKeys[0])) 283 | } 284 | 285 | // 2) first hop blinds group element for next hop 286 | blindingF := scrypto.ComputeBlindingFactor(&pubSender, sk_1) 287 | var privElement big.Int 288 | privElement.SetBytes(privKey_1.D.Bytes()) 289 | newGroupElement := blindGroupElement(&pubSender, blindingF[:], curve) 290 | 291 | // 3) second hop derives shared key from blinded group element 292 | privKey_2 := circuitPrivKeys[1] 293 | sk_2 := scrypto.GenerateECDHSharedSecret(newGroupElement, &privKey_2) 294 | if sk_2 != sharedKeys[1] { 295 | t.Error(fmt.Printf("Second shared key was not properly computed\n> %x\n> %x\n", 296 | sk_2, sharedKeys[1])) 297 | } 298 | } 299 | 300 | func TestEncodingDecodingHeader(t *testing.T) { 301 | pub, _ := generateHopKeys() 302 | str := "dummy routing info" 303 | ri := [routingInfoSize]byte{} 304 | copy(ri[:], str[:]) 305 | header := &Header{RoutingInfo: ri, GroupElement: *pub} 306 | 307 | var buf bytes.Buffer 308 | enc := gob.NewEncoder(&buf) 309 | dec := gob.NewDecoder(&buf) 310 | 311 | err := enc.Encode(header) 312 | if err != nil { 313 | t.Error(err) 314 | return 315 | } 316 | 317 | var headerAfter Header 318 | err = dec.Decode(&headerAfter) 319 | if err != nil { 320 | t.Error(err) 321 | return 322 | } 323 | 324 | if string(header.RoutingInfo[:]) != string(headerAfter.RoutingInfo[:]) { 325 | t.Error(fmt.Printf("Original and encoded/decoded header routing info mismatch:\n >> %v \n >> %v\n", 326 | string(header.RoutingInfo[:]), string(headerAfter.RoutingInfo[:]))) 327 | } 328 | 329 | hGe := header.GroupElement 330 | haGe := headerAfter.GroupElement 331 | 332 | if hGe.Curve.Params().Name != haGe.Curve.Params().Name { 333 | t.Error(fmt.Printf("Original and encoded/decoded group elements mismatch:\n >> %v \n >> %v\n", 334 | hGe.Curve.Params().Name, haGe.Curve.Params().Name)) 335 | } 336 | 337 | var diff big.Int 338 | diff.Sub(hGe.X, haGe.X) 339 | if diff.Cmp(big.NewInt(0)) != 0 { 340 | t.Error(fmt.Printf("Original and encoded/decoded group elements mismatch:\n >> %v \n >> %v\n", 341 | hGe.X, haGe.X)) 342 | } 343 | } 344 | 345 | func TestPaddingGeneration(t *testing.T) { 346 | numRelays := 3 347 | circuitPubKeys := make([]ecdsa.PublicKey, numRelays) 348 | circuitPrivKeys := make([]ecdsa.PrivateKey, numRelays) 349 | 350 | privSender, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 351 | 352 | for i := 0; i < numRelays; i++ { 353 | pub, priv := generateHopKeys() 354 | circuitPrivKeys[i] = *priv 355 | circuitPubKeys[i] = *pub 356 | } 357 | 358 | // generateSharedSecrets 359 | sharedKeys, err := generateSharedSecrets(circuitPubKeys, *privSender) 360 | if err != nil { 361 | t.Error(err) 362 | } 363 | 364 | nonce := make([]byte, 24) 365 | padding, err := generatePadding(sharedKeys, nonce) 366 | if err != nil { 367 | t.Error(err) 368 | } 369 | 370 | expPaddingLen := (numRelays - 1) * relayDataSize 371 | if len(padding) != expPaddingLen { 372 | t.Error(fmt.Printf("Final padding should have lenght of |(numRelays - 1) * relaysDataSize| (%v), got %v", expPaddingLen, len(padding))) 373 | } 374 | 375 | } 376 | 377 | // helpers 378 | func generateHopKeys() (*ecdsa.PublicKey, *ecdsa.PrivateKey) { 379 | privHop, _ := ecdsa.GenerateKey(ec.P256(), rand.Reader) 380 | pubHop := privHop.Public().(*ecdsa.PublicKey) 381 | return pubHop, privHop 382 | } 383 | -------------------------------------------------------------------------------- /sphinx/sphinx.go: -------------------------------------------------------------------------------- 1 | package sphinx 2 | 3 | import ( 4 | "bytes" 5 | "crypto/ecdsa" 6 | ec "crypto/elliptic" 7 | "encoding/gob" 8 | "errors" 9 | "fmt" 10 | scrypto "github.com/hashmatter/p3lib/sphinx/crypto" 11 | "math/big" 12 | ) 13 | 14 | const ( 15 | // size in bytes of MAC used to verify integrity of header and packet payload 16 | hmacSize = 32 17 | 18 | // size in bytes for the address of relays and final destination. 19 | addrSize = 46 20 | 21 | // max number of hops per circuit 22 | numMaxRelays = 5 23 | 24 | // size in bytes of the next address (n) and size of the hash of the packet (y) 25 | relayDataSize = addrSize + hmacSize 26 | 27 | // size in bytes for each routing info segment. each segment must be invariant 28 | // regardless the relay position in the circuit 29 | routingInfoSize = numMaxRelays * relayDataSize 30 | 31 | // size in bytes of the output of the stream cipher. the output is used to 32 | // encrypt the header, as well as create the header padding 33 | streamSize = routingInfoSize + relayDataSize 34 | 35 | // size in bytes of shared secret 36 | sharedSecretSize = 32 37 | 38 | // packet payload size. this size must be fixed so that all packets keep an 39 | // invariant size 40 | payloadSize = 256 41 | 42 | // size in bytes of the realm identifier. a real identifier can be any metadata 43 | // associeated with the version of the protocol used and us application 44 | // specific (ie. any developer can define the real version). The realm byte 45 | // mnust be padded with x0 up to REAL_SIZE 46 | realmSize = 1 47 | defRealm = byte(1) 48 | 49 | // key used to generate cipher stream used to obfuscate the header and 50 | // payload 51 | encryptionKey = "encryption" 52 | 53 | // key used to generate cipher stream to calculate hash signature of header 54 | // and payload 55 | hashKey = "hash" 56 | ) 57 | 58 | type Packet struct { 59 | Version byte 60 | *Header 61 | 62 | // packet payload has a fixed size and is obfuscated at each hop 63 | Payload [payloadSize]byte 64 | } 65 | 66 | // NewPacket creates a new packet to be forwarded to the first relay in the 67 | // secure circuit. It takes an ephemeral session key, the destination 68 | // information (address and payload) and relay information (public keys and 69 | // addresses) and constructs a cryptographically secure onion packet. The packet 70 | // is then encoded and sent over the wire to the first relay. This is the entry 71 | // point function for an initiator to construct a onion circuit. 72 | func NewPacket(sessionKey *ecdsa.PrivateKey, circuitPubKeys []ecdsa.PublicKey, 73 | finalAddr []byte, relayAddrs [][]byte, payload [payloadSize]byte) (*Packet, error) { 74 | 75 | if len(circuitPubKeys) == 0 { 76 | return &Packet{}, errors.New("Err: A set of relay pulic keys must be provided") 77 | } 78 | 79 | // first, verify if ALL relay group elements are part of the expected curve. 80 | // this is very important tp avoid ECC twist security attacks 81 | curve := ec.P256() 82 | for i, ge := range circuitPubKeys { 83 | isOnCurve := curve.Params().IsOnCurve(ge.X, ge.Y) 84 | if isOnCurve == false { 85 | return &Packet{}, 86 | fmt.Errorf("Potential ECC attack! Group element of relay [%v] is not on the expected curve:", i) 87 | } 88 | } 89 | 90 | sharedSecrets, err := generateSharedSecrets(circuitPubKeys, *sessionKey) 91 | if err != nil { 92 | return &Packet{}, fmt.Errorf("Shared secrets generation: %v", err) 93 | } 94 | 95 | header, err := constructHeader(sessionKey, finalAddr, relayAddrs, sharedSecrets) 96 | if err != nil { 97 | return &Packet{}, err 98 | } 99 | 100 | encPayload, err := encryptPayload(payload, sharedSecrets) 101 | if err != nil { 102 | return &Packet{}, fmt.Errorf("Encrypting payload: %v", err) 103 | } 104 | 105 | return &Packet{ 106 | Version: defRealm, 107 | Header: header, 108 | Payload: encPayload, 109 | }, nil 110 | } 111 | 112 | // checks if packet is last in the path. this is verified by inspecting the 113 | // hash of the routing information of the packet's header. if the hash is all 114 | // zeroes, then the current relayer is an exit relay. 115 | func (p *Packet) IsLast() bool { 116 | hmac := p.Header.RoutingInfoMac 117 | for _, b := range hmac { 118 | if b != 0 { 119 | return false 120 | } 121 | } 122 | return true 123 | } 124 | 125 | // Packet encoding auxiliar data structure and logic 126 | type P struct { 127 | V byte 128 | H []byte 129 | P [payloadSize]byte 130 | Pm [hmacSize]byte 131 | } 132 | 133 | func (p *Packet) GobEncode() ([]byte, error) { 134 | buf := &bytes.Buffer{} 135 | enc := gob.NewEncoder(buf) 136 | 137 | he, err := p.Header.GobEncode() 138 | if err != nil { 139 | return []byte{}, err 140 | } 141 | 142 | err = enc.Encode(P{H: he, P: p.Payload}) 143 | if err != nil { 144 | return []byte{}, err 145 | } 146 | return buf.Bytes(), nil 147 | } 148 | 149 | func (p *Packet) GobDecode(raw []byte) error { 150 | r := bytes.NewReader(raw) 151 | dec := gob.NewDecoder(r) 152 | var pbuf P 153 | err := dec.Decode(&pbuf) 154 | if err != nil { 155 | return err 156 | } 157 | 158 | var header Header 159 | header.GobDecode(pbuf.H) 160 | 161 | var payload [payloadSize]byte 162 | copy(payload[:], pbuf.P[:]) 163 | 164 | p.Payload = payload 165 | p.Header = &header 166 | p.Version = pbuf.V 167 | return nil 168 | } 169 | 170 | // encrypts packet payload in multiple layers using the shared secrets derived 171 | //from the relayers' public keys. the payload will be "peeled" as the packet 172 | // traversed the circuit 173 | func encryptPayload(payload [payloadSize]byte, 174 | sharedKeys []scrypto.Hash256) ([payloadSize]byte, error) { 175 | 176 | numRelayers := len(sharedKeys) 177 | nonce := defaultNonce() 178 | 179 | for i := numRelayers - 1; i >= 0; i-- { 180 | cipher, err := scrypto.GenerateCipherStream(sharedKeys[i][:], nonce, payloadSize) 181 | if err != nil { 182 | return [payloadSize]byte{}, err 183 | } 184 | p, _ := xor(payload[:], cipher[:]) 185 | copy(payload[:], p[:]) 186 | } 187 | return payload, nil 188 | } 189 | 190 | type Header struct { 191 | GroupElement ecdsa.PublicKey 192 | RoutingInfo [routingInfoSize]byte 193 | RoutingInfoMac [hmacSize]byte 194 | } 195 | 196 | func constructHeader(sessionKey *ecdsa.PrivateKey, ad []byte, 197 | circuitAddrs [][]byte, sharedSecrets []scrypto.Hash256) (*Header, error) { 198 | 199 | numRelays := len(circuitAddrs) 200 | defNonce := defaultNonce() 201 | 202 | validationErrs := validateHeaderInput(numRelays, ad[:]) 203 | if len(validationErrs) != 0 { 204 | return &Header{}, fmt.Errorf("Header validation errors %v", validationErrs) 205 | } 206 | 207 | padding, err := generatePadding(sharedSecrets, defNonce) 208 | if err != nil { 209 | return &Header{}, fmt.Errorf("Header construction: %v", err) 210 | } 211 | 212 | var addr [addrSize]byte 213 | var routingInfo [routingInfoSize]byte 214 | var hmac [hmacSize]byte 215 | 216 | // adds padding to end of routing info 217 | copy(routingInfo[routingInfoSize-len(padding):], padding) 218 | 219 | // sets destination address 220 | copy(addr[:], ad[:]) 221 | 222 | for i := numRelays - 1; i >= 0; i-- { 223 | // generate keys for obfuscate routing info and for generate header HMAC 224 | encKey := generateEncryptionKey(sharedSecrets[i][:], encryptionKey) 225 | macKey := generateEncryptionKey(sharedSecrets[i][:], hashKey) 226 | 227 | // first iteration does not need shift right 228 | if i != numRelays-1 { 229 | // beta shift right * len(addrHmac) [truncate] 230 | copy(routingInfo[:], shiftRight(routingInfo[:], relayDataSize)) 231 | } 232 | 233 | var addrHmac [relayDataSize]byte 234 | copy(addrHmac[:], addr[:]) 235 | copy(addrHmac[len(addr):], hmac[:]) 236 | 237 | // add addrHmac to beginning of current routingInfo 238 | copy(routingInfo[:], addrHmac[:]) 239 | 240 | cipher, err := scrypto.GenerateCipherStream(encKey, defNonce, streamSize) 241 | if err != nil { 242 | return &Header{}, err 243 | } 244 | 245 | // obfuscates beta by xoring the last bytes of the cipher stream with the 246 | // current header information 247 | r, _ := xor(routingInfo[:], cipher[:routingInfoSize]) 248 | copy(routingInfo[:], r[:]) 249 | 250 | // #TODO: comment 251 | if i == numRelays-1 { 252 | copy(routingInfo[len(routingInfo)-len(padding):], padding) 253 | } 254 | 255 | // calculate next hmac 256 | var hKey scrypto.Hash256 257 | copy(hKey[:], macKey) 258 | copy(hmac[:], scrypto.ComputeMAC(hKey, routingInfo[:])) 259 | 260 | // set next address 261 | copy(addr[:], circuitAddrs[i][:]) 262 | } 263 | 264 | return &Header{sessionKey.PublicKey, routingInfo, hmac}, nil 265 | } 266 | 267 | func validateHeaderInput(numRelays int, addr []byte) []error { 268 | var errs []error 269 | 270 | if numRelays > numMaxRelays { 271 | errs = append(errs, fmt.Errorf("Maximum number of relays is %v, got %v", 272 | numMaxRelays, numRelays)) 273 | } 274 | 275 | if len(addr) > addrSize { 276 | errs = append(errs, fmt.Errorf("Max. size final address is 21 bytes, got %v", 277 | len(addr))) 278 | } 279 | return errs 280 | } 281 | 282 | type H struct { 283 | Ge []byte 284 | Ri [routingInfoSize]byte 285 | Rim [hmacSize]byte 286 | } 287 | 288 | func (h *Header) GobEncode() ([]byte, error) { 289 | buf := &bytes.Buffer{} 290 | enc := gob.NewEncoder(buf) 291 | 292 | pk := h.GroupElement 293 | element := ec.Marshal(pk.Curve, pk.X, pk.Y) 294 | err := enc.Encode(H{Ge: element, Ri: h.RoutingInfo, Rim: h.RoutingInfoMac}) 295 | if err != nil { 296 | return nil, fmt.Errorf("Err encoding header: %s", err) 297 | } 298 | return buf.Bytes(), nil 299 | } 300 | 301 | func (h *Header) GobDecode(raw []byte) error { 302 | r := bytes.NewReader(raw) 303 | dec := gob.NewDecoder(r) 304 | 305 | var hb H 306 | err := dec.Decode(&hb) 307 | if err != nil { 308 | return fmt.Errorf("Err decoding header: %s", err) 309 | } 310 | 311 | curve := ec.P256() 312 | x, y := ec.Unmarshal(curve, hb.Ge) 313 | 314 | if x == big.NewInt(0) { 315 | return fmt.Errorf("Err decoding header: group element not using %s curve.", curve.Params().Name) 316 | } 317 | pubKey := ecdsa.PublicKey{Curve: curve, X: x, Y: y} 318 | 319 | h.GroupElement = pubKey 320 | h.RoutingInfo = hb.Ri 321 | h.RoutingInfoMac = hb.Rim 322 | return nil 323 | } 324 | 325 | func generatePadding(keys []scrypto.Hash256, nonce []byte) ([]byte, error) { 326 | numRelays := len(keys) 327 | if numRelays > numMaxRelays { 328 | return []byte{}, fmt.Errorf("Maximum number of relays is %v, got %v", 329 | numMaxRelays, len(keys)) 330 | } 331 | var padding []byte 332 | for i := 1; i < numRelays; i++ { 333 | filler := make([]byte, relayDataSize) 334 | padding = append(padding, filler...) 335 | 336 | key := generateEncryptionKey(keys[i-1][:], encryptionKey) 337 | cipher, err := scrypto.GenerateCipherStream(key, nonce, streamSize) 338 | if err != nil { 339 | return []byte{}, err 340 | } 341 | 342 | // xor padding with last |padding| bytes of stream data 343 | padding, _ = xor(padding, cipher[len(cipher)-len(padding):]) 344 | } 345 | return padding, nil 346 | } 347 | 348 | // returns HMAC-SHA-256 of the header 349 | func (h *Header) Mac(key scrypto.Hash256) []byte { 350 | var buf bytes.Buffer 351 | enc := gob.NewEncoder(&buf) 352 | enc.Encode(h) 353 | return buf.Bytes() 354 | } 355 | 356 | // generates all shared secrets for a given path. 357 | func generateSharedSecrets(circuitPubKeys []ecdsa.PublicKey, 358 | sessionKey ecdsa.PrivateKey) ([]scrypto.Hash256, error) { 359 | 360 | curve := scrypto.GetCurve(sessionKey) 361 | numHops := len(circuitPubKeys) 362 | if numHops == 0 { 363 | return []scrypto.Hash256{}, errors.New("Err: A set of relay pulic keys must be provided") 364 | } 365 | sharedSecrets := make([]scrypto.Hash256, numHops) 366 | 367 | // first group element, which is an ephemeral public key of the sender. The 368 | // group element is blinded at each hop 369 | groupElement := sessionKey.Public().(*ecdsa.PublicKey) 370 | 371 | // derives shared secret for first hop using ECDH with the local session key 372 | // and the hop's public key 373 | firstHopPubKey := circuitPubKeys[0] 374 | sharedSecret := scrypto.GenerateECDHSharedSecret(&firstHopPubKey, &sessionKey) 375 | sharedSecrets[0] = sharedSecret 376 | 377 | // compute blinding factor for first hop, by hashing the ephemeral pubkey of 378 | // the sender and the derived shared secret with the hop 379 | var blindingF scrypto.Hash256 380 | blindingF = scrypto.ComputeBlindingFactor(groupElement, sharedSecret) 381 | 382 | // used to derive next group element 383 | var privElement big.Int 384 | privElement.SetBytes(sessionKey.D.Bytes()) 385 | 386 | // recursively calculates group element, shared secret and blinding factor for 387 | // each of the remaining hops 388 | for i := 1; i < numHops; i++ { 389 | // derives new group element pair. private part of the element is derived 390 | // with the scalar_multiplication between the blinding factor and the 391 | // private scalar of the previous group element 392 | newGroupElement, nextPrivElement := deriveGroupElementPair(privElement, blindingF, curve) 393 | 394 | // computes shared secret 395 | currentHopPubKey := circuitPubKeys[i] 396 | blindedPrivateKey := ecdsa.PrivateKey{ 397 | PublicKey: *newGroupElement, 398 | D: &nextPrivElement, 399 | } 400 | sharedSecret = scrypto.GenerateECDHSharedSecret(¤tHopPubKey, &blindedPrivateKey) 401 | 402 | sharedSecrets[i] = sharedSecret 403 | 404 | // computes next blinding factor 405 | blindingF = scrypto.ComputeBlindingFactor(newGroupElement, sharedSecret) 406 | 407 | // sets next private element 408 | privElement = nextPrivElement 409 | } 410 | return sharedSecrets, nil 411 | } 412 | 413 | // blinds a group element given a blinding factor and returns both private and 414 | // public keys of the new element 415 | func deriveGroupElementPair(privElement big.Int, blindingF scrypto.Hash256, curve ec.Curve) (*ecdsa.PublicKey, big.Int) { 416 | var pointBlindingF big.Int 417 | pointBlindingF.SetBytes(blindingF[:]) 418 | privElement.Mul(&privElement, &pointBlindingF) 419 | privElement.Mod(&privElement, curve.Params().N) 420 | 421 | x, y := curve.Params().ScalarBaseMult(privElement.Bytes()) 422 | pubkey := ecdsa.PublicKey{Curve: curve, X: x, Y: y} 423 | 424 | return &pubkey, privElement 425 | } 426 | 427 | // blinds a group element given a blinding factor but returns only the public 428 | // key. this is a special case of deriveGroupElementPair() which does not 429 | // compute the private key of the blinded element. because of that, this 430 | // function is more efficient and suitable for relays 431 | func blindGroupElement(el *ecdsa.PublicKey, blindingF []byte, curve ec.Curve) *ecdsa.PublicKey { 432 | newX, newY := curve.Params().ScalarMult(el.X, el.Y, blindingF) 433 | return &ecdsa.PublicKey{Curve: curve, X: newX, Y: newY} 434 | } 435 | 436 | func copyPublicKey(pk *ecdsa.PublicKey) *ecdsa.PublicKey { 437 | newPk := ecdsa.PublicKey{} 438 | newPk.Curve = pk.Curve 439 | newPk.X = pk.X 440 | newPk.Y = pk.Y 441 | return &newPk 442 | } 443 | 444 | func shiftRight(buf []byte, n int) []byte { 445 | res := make([]byte, len(buf)+n) 446 | for i := 0; i < len(buf); i++ { 447 | res[i+n] = buf[i] 448 | } 449 | return res 450 | } 451 | 452 | func xor(a, b []byte) ([]byte, int) { 453 | n := len(a) 454 | dst := make([]byte, n) 455 | if len(b) < n { 456 | n = len(b) 457 | } 458 | for i := 0; i < n; i++ { 459 | dst[i] = a[i] ^ b[i] 460 | } 461 | return dst, n 462 | } 463 | 464 | // generates symmetric encryption/decryption keys used to generate the cipher 465 | // stream for xor'ing with plaintext. 466 | func generateEncryptionKey(k []byte, ktype string) []byte { 467 | var key scrypto.Hash256 468 | copy(key[:], k[:]) 469 | return scrypto.ComputeMAC(key, []byte(ktype)) 470 | } 471 | 472 | func defaultNonce() []byte { 473 | nonce := make([]byte, 24) 474 | return nonce[:] 475 | } 476 | -------------------------------------------------------------------------------- /fullrt/examples/libp2p/go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 2 | github.com/AndreasBriese/bbloom v0.0.0-20180913140656-343706a395b7/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= 3 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 4 | github.com/Kubuxu/go-os-helper v0.0.1/go.mod h1:N8B+I7vPCT80IcP58r50u4+gEEcsZETFUpAzWW2ep1Y= 5 | github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII= 6 | github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32 h1:qkOC5Gd33k54tobS36cXdAzJbeHaduLtnLQQwNoIi78= 7 | github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32/go.mod h1:DrZx5ec/dmnfpw9KyYoQyYo7d0KEvTkk/5M/vbZjAr8= 8 | github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= 9 | github.com/btcsuite/btcutil v0.0.0-20190207003914-4c204d697803/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= 10 | github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg= 11 | github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY= 12 | github.com/btcsuite/snappy-go v0.0.0-20151229074030-0bdef8d06723/go.mod h1:8woku9dyThutzjeg+3xrA5iCpBRH8XEEg3lh6TiUghc= 13 | github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtEyQwv5/p4Mg4C0fgbePVuGr935/5ddU9Z3TmDRY= 14 | github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs= 15 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= 16 | github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 17 | github.com/coreos/go-semver v0.2.1-0.20180108230905-e214231b295a h1:U0BbGfKnviqVBJQB4etvm+mKx53KfkumNLBt6YeF/0Q= 18 | github.com/coreos/go-semver v0.2.1-0.20180108230905-e214231b295a/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 19 | github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM= 20 | github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= 21 | github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 22 | github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= 23 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 24 | github.com/dgraph-io/badger v1.5.5-0.20190226225317-8115aed38f8f/go.mod h1:VZxzAIRPHRVNRKRo6AXrX9BJegn6il06VMTZVJYCIjQ= 25 | github.com/dgryski/go-farm v0.0.0-20190104051053-3adb47b1fb0f/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= 26 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 27 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 28 | github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= 29 | github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE= 30 | github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= 31 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= 32 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 33 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 34 | github.com/golang/protobuf v1.3.0/go.mod h1:Qd/q+1AKNOZr9uGQzbzCmRO6sUih6GTPZv6a1/R87v0= 35 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 36 | github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= 37 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= 38 | github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= 39 | github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 40 | github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q= 41 | github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= 42 | github.com/gxed/hashland/keccakpg v0.0.1 h1:wrk3uMNaMxbXiHibbPO4S0ymqJMm41WiudyFSs7UnsU= 43 | github.com/gxed/hashland/keccakpg v0.0.1/go.mod h1:kRzw3HkwxFU1mpmPP8v1WyQzwdGfmKFJ6tItnhQ67kU= 44 | github.com/gxed/hashland/murmur3 v0.0.1 h1:SheiaIt0sda5K+8FLz952/1iWS9zrnKsEJaOJu4ZbSc= 45 | github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= 46 | github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 47 | github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= 48 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= 49 | github.com/hashmatter/p3lib v0.0.0-20190516193108-ddc2f1976405 h1:MgFRm914FDPXky6huCmgDH3Afew1rOJWsMUkjbUor2U= 50 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 51 | github.com/huin/goupnp v1.0.0 h1:wg75sLpL6DZqwHQN6E1Cfk6mtfzS45z8OV+ic+DtHRo= 52 | github.com/huin/goupnp v1.0.0/go.mod h1:n9v9KO1tAxYH82qOn+UTIFQDmx5n1Zxd/ClZDMX7Bnc= 53 | github.com/huin/goutil v0.0.0-20170803182201-1ca381bf3150/go.mod h1:PpLOETDnJ0o3iZrZfqZzyLl6l7F3c6L1oWn7OICBi6o= 54 | github.com/ipfs/go-cid v0.0.1/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= 55 | github.com/ipfs/go-cid v0.0.2 h1:tuuKaZPU1M6HcejsO3AcYWW8sZ8MTvyxfc4uqB4eFE8= 56 | github.com/ipfs/go-cid v0.0.2/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= 57 | github.com/ipfs/go-datastore v0.0.1/go.mod h1:d4KVXhMt913cLBEI/PXAy6ko+W7e9AhyAKBGh803qeE= 58 | github.com/ipfs/go-datastore v0.0.5 h1:q3OfiOZV5rlsK1H5V8benjeUApRfMGs4Mrhmr6NriQo= 59 | github.com/ipfs/go-datastore v0.0.5/go.mod h1:d4KVXhMt913cLBEI/PXAy6ko+W7e9AhyAKBGh803qeE= 60 | github.com/ipfs/go-detect-race v0.0.1/go.mod h1:8BNT7shDZPo99Q74BpGMK+4D8Mn4j46UU0LZ723meps= 61 | github.com/ipfs/go-ds-badger v0.0.2/go.mod h1:Y3QpeSFWQf6MopLTiZD+VT6IC1yZqaGmjvRcKeSGij8= 62 | github.com/ipfs/go-ds-leveldb v0.0.1/go.mod h1:feO8V3kubwsEF22n0YRQCffeb79OOYIykR4L04tMOYc= 63 | github.com/ipfs/go-ipfs-addr v0.0.1 h1:DpDFybnho9v3/a1dzJ5KnWdThWD1HrFLpQ+tWIyBaFI= 64 | github.com/ipfs/go-ipfs-addr v0.0.1/go.mod h1:uKTDljHT3Q3SUWzDLp3aYUi8MrY32fgNgogsIa0npjg= 65 | github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw= 66 | github.com/ipfs/go-ipfs-util v0.0.1 h1:Wz9bL2wB2YBJqggkA4dD7oSmqB4cAnpNbGrlHJulv50= 67 | github.com/ipfs/go-ipfs-util v0.0.1/go.mod h1:spsl5z8KUnrve+73pOhSVZND1SIxPW5RyBCNzQxlJBc= 68 | github.com/ipfs/go-log v0.0.1 h1:9XTUN/rW64BCG1YhPK9Hoy3q8nr4gOmHHBpgFdfw6Lc= 69 | github.com/ipfs/go-log v0.0.1/go.mod h1:kL1d2/hzSpI0thNYjiKfjanbVNU+IIGA/WnNESY9leM= 70 | github.com/ipfs/go-todocounter v0.0.1 h1:kITWA5ZcQZfrUnDNkRn04Xzh0YFaDFXsoO2A81Eb6Lw= 71 | github.com/ipfs/go-todocounter v0.0.1/go.mod h1:l5aErvQc8qKE2r7NDMjmq5UNAvuZy0rC8BHOplkWvZ4= 72 | github.com/jackpal/gateway v1.0.5 h1:qzXWUJfuMdlLMtt0a3Dgt+xkWQiA5itDEITVJtuSwMc= 73 | github.com/jackpal/gateway v1.0.5/go.mod h1:lTpwd4ACLXmpyiCTRtfiNyVnUmqT9RivzCDQetPfnjA= 74 | github.com/jackpal/go-nat-pmp v1.0.1 h1:i0LektDkO1QlrTm/cSuP+PyBCDnYvjPLGl4LdWEMiaA= 75 | github.com/jackpal/go-nat-pmp v1.0.1/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= 76 | github.com/jbenet/go-cienv v0.0.0-20150120210510-1bb1476777ec/go.mod h1:rGaEvXB4uRSZMmzKNLoXvTu1sfx+1kv/DojUlPrSZGs= 77 | github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= 78 | github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= 79 | github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= 80 | github.com/jbenet/go-temp-err-catcher v0.0.0-20150120210811-aac704a3f4f2 h1:vhC1OXXiT9R2pczegwz6moDvuRpggaroAXhPIseh57A= 81 | github.com/jbenet/go-temp-err-catcher v0.0.0-20150120210811-aac704a3f4f2/go.mod h1:8GXXJV31xl8whumTzdZsTt3RnUIiPqzkyf7mxToRCMs= 82 | github.com/jbenet/goprocess v0.0.0-20160826012719-b497e2f366b8 h1:bspPhN+oKYFk5fcGNuQzp6IGzYQSenLEgH3s6jkXrWw= 83 | github.com/jbenet/goprocess v0.0.0-20160826012719-b497e2f366b8/go.mod h1:Ly/wlsjFq/qrU3Rar62tu1gASgGw6chQbSh/XgIIXCY= 84 | github.com/jbenet/goprocess v0.1.3 h1:YKyIEECS/XvcfHtBzxtjBBbWK+MbvA6dG8ASiqwvr10= 85 | github.com/jbenet/goprocess v0.1.3/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= 86 | github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= 87 | github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= 88 | github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= 89 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= 90 | github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= 91 | github.com/koron/go-ssdp v0.0.0-20180514024734-4a0ed625a78b h1:wxtKgYHEncAU00muMD06dzLiahtGM1eouRNOzVV7tdQ= 92 | github.com/koron/go-ssdp v0.0.0-20180514024734-4a0ed625a78b/go.mod h1:5Ky9EC2xfoUKUor0Hjgi2BJhCSXJfMOFlmyYrVKGQMk= 93 | github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= 94 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 95 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 96 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 97 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 98 | github.com/libp2p/go-addr-util v0.0.1 h1:TpTQm9cXVRVSKsYbgQ7GKc3KbbHVTnbostgGaDEP+88= 99 | github.com/libp2p/go-addr-util v0.0.1/go.mod h1:4ac6O7n9rIAKB1dnd+s8IbbMXkt+oBpzX4/+RACcnlQ= 100 | github.com/libp2p/go-buffer-pool v0.0.1/go.mod h1:xtyIz9PMobb13WaxR6Zo1Pd1zXJKYg0a8KiIvDp3TzQ= 101 | github.com/libp2p/go-buffer-pool v0.0.2 h1:QNK2iAFa8gjAe1SPz6mHSMuCcjs+X1wlHzeOSqcmlfs= 102 | github.com/libp2p/go-buffer-pool v0.0.2/go.mod h1:MvaB6xw5vOrDl8rYZGLFdKAuk/hRoRZd1Vi32+RXyFM= 103 | github.com/libp2p/go-conn-security v0.0.1 h1:4kMMrqrt9EUNCNjX1xagSJC+bq16uqjMe9lk1KBMVNs= 104 | github.com/libp2p/go-conn-security v0.0.1/go.mod h1:bGmu51N0KU9IEjX7kl2PQjgZa40JQWnayTvNMgD/vyk= 105 | github.com/libp2p/go-conn-security-multistream v0.0.2 h1:Ykz0lnNjxk+0SdslUmlLNyrleqdpS1S/VW+dxFdt74Y= 106 | github.com/libp2p/go-conn-security-multistream v0.0.2/go.mod h1:nc9vud7inQ+d6SO0I/6dSWrdMnHnzZNHeyUQqrAJulE= 107 | github.com/libp2p/go-flow-metrics v0.0.1 h1:0gxuFd2GuK7IIP5pKljLwps6TvcuYgvG7Atqi3INF5s= 108 | github.com/libp2p/go-flow-metrics v0.0.1/go.mod h1:Iv1GH0sG8DtYN3SVJ2eG221wMiNpZxBdp967ls1g+k8= 109 | github.com/libp2p/go-libp2p v0.0.27/go.mod h1:kjeVlESxQisK2DvyKp38/UMHYd9gAMTj3C3XOB/DEZo= 110 | github.com/libp2p/go-libp2p v0.0.28 h1:tkDnM7iwrz9OSRRb8YAV4HYjv8TKsAxyxrV2sES9/Aw= 111 | github.com/libp2p/go-libp2p v0.0.28/go.mod h1:GBW0VbgEKe8ELXVpLQJduJYlJHRv/XfwP6Fo9TEcDJU= 112 | github.com/libp2p/go-libp2p-autonat v0.0.5/go.mod h1:cKt+qOSnWAZp0dqIuUk62v0/QAPw0vnLuVZnmzkOXRk= 113 | github.com/libp2p/go-libp2p-autonat v0.0.6 h1:OCStANLLpeyQeWFUuqZJ7aS9+Bx0/uoVb1PtLA9fGTQ= 114 | github.com/libp2p/go-libp2p-autonat v0.0.6/go.mod h1:uZneLdOkZHro35xIhpbtTzLlgYturpu4J5+0cZK3MqE= 115 | github.com/libp2p/go-libp2p-blankhost v0.0.1/go.mod h1:Ibpbw/7cPPYwFb7PACIWdvxxv0t0XCCI10t7czjAjTc= 116 | github.com/libp2p/go-libp2p-circuit v0.0.7 h1:2oIJp4Qud9V8Boy+31nmbNBwH5PCJisGH4SwYTPSU50= 117 | github.com/libp2p/go-libp2p-circuit v0.0.7/go.mod h1:DFCgZ2DklFGTUIZIhSvbbWXTErUgjyNrJGfDHOrTKIA= 118 | github.com/libp2p/go-libp2p-core v0.0.1 h1:HSTZtFIq/W5Ue43Zw+uWZyy2Vl5WtF0zDjKN8/DT/1I= 119 | github.com/libp2p/go-libp2p-core v0.0.1/go.mod h1:g/VxnTZ/1ygHxH3dKok7Vno1VfpvGcGip57wjTU4fco= 120 | github.com/libp2p/go-libp2p-crypto v0.0.1 h1:JNQd8CmoGTohO/akqrH16ewsqZpci2CbgYH/LmYl8gw= 121 | github.com/libp2p/go-libp2p-crypto v0.0.1/go.mod h1:yJkNyDmO341d5wwXxDUGO0LykUVT72ImHNUqh5D/dBE= 122 | github.com/libp2p/go-libp2p-crypto v0.0.2 h1:TTdJ4y6Uoa6NxQcuEaVkQfFRcQeCE2ReDk8Ok4I0Fyw= 123 | github.com/libp2p/go-libp2p-crypto v0.0.2/go.mod h1:eETI5OUfBnvARGOHrJz2eWNyTUxEGZnBxMcbUjfIj4I= 124 | github.com/libp2p/go-libp2p-discovery v0.0.4 h1:/kZwOVmcUHvB94zegSJYnUA9EvT1g8APoQJb5FHyT1c= 125 | github.com/libp2p/go-libp2p-discovery v0.0.4/go.mod h1:ReQGiv7QTtza8FUWzewfuMmRDVOQVp+lxHlJJA8YQCM= 126 | github.com/libp2p/go-libp2p-host v0.0.1/go.mod h1:qWd+H1yuU0m5CwzAkvbSjqKairayEHdR5MMl7Cwa7Go= 127 | github.com/libp2p/go-libp2p-host v0.0.3 h1:BB/1Z+4X0rjKP5lbQTmjEjLbDVbrcmLOlA6QDsN5/j4= 128 | github.com/libp2p/go-libp2p-host v0.0.3/go.mod h1:Y/qPyA6C8j2coYyos1dfRm0I8+nvd4TGrDGt4tA7JR8= 129 | github.com/libp2p/go-libp2p-interface-connmgr v0.0.1/go.mod h1:GarlRLH0LdeWcLnYM/SaBykKFl9U5JFnbBGruAk/D5k= 130 | github.com/libp2p/go-libp2p-interface-connmgr v0.0.4 h1:/LngXETpII5qOD7YjAcQiIxhVtdAk/NQe5t9sC6BR0E= 131 | github.com/libp2p/go-libp2p-interface-connmgr v0.0.4/go.mod h1:GarlRLH0LdeWcLnYM/SaBykKFl9U5JFnbBGruAk/D5k= 132 | github.com/libp2p/go-libp2p-interface-connmgr v0.0.5 h1:KG/KNYL2tYzXAfMvQN5K1aAGTYSYUMJ1prgYa2/JI1E= 133 | github.com/libp2p/go-libp2p-interface-connmgr v0.0.5/go.mod h1:GarlRLH0LdeWcLnYM/SaBykKFl9U5JFnbBGruAk/D5k= 134 | github.com/libp2p/go-libp2p-interface-pnet v0.0.1 h1:7GnzRrBTJHEsofi1ahFdPN9Si6skwXQE9UqR2S+Pkh8= 135 | github.com/libp2p/go-libp2p-interface-pnet v0.0.1/go.mod h1:el9jHpQAXK5dnTpKA4yfCNBZXvrzdOU75zz+C6ryp3k= 136 | github.com/libp2p/go-libp2p-kad-dht v0.0.13 h1:ReMb41jJrngvXnU5Tirf74bBkXx4M9ne5QyFQPeNYtw= 137 | github.com/libp2p/go-libp2p-kad-dht v0.0.13/go.mod h1:3A4xaZJeJ3zD3jCg17mtI+rA7uuXiiQdKVyAZOhZo1U= 138 | github.com/libp2p/go-libp2p-kbucket v0.1.1 h1:ZrvW3qCM+lAuv7nrNts/zfEiClq+GZe8OIzX4Vb3Dwo= 139 | github.com/libp2p/go-libp2p-kbucket v0.1.1/go.mod h1:Y0iQDHRTk/ZgM8PC4jExoF+E4j+yXWwRkdldkMa5Xm4= 140 | github.com/libp2p/go-libp2p-loggables v0.0.1 h1:HVww9oAnINIxbt69LJNkxD8lnbfgteXR97Xm4p3l9ps= 141 | github.com/libp2p/go-libp2p-loggables v0.0.1/go.mod h1:lDipDlBNYbpyqyPX/KcoO+eq0sJYEVR2JgOexcivchg= 142 | github.com/libp2p/go-libp2p-metrics v0.0.1 h1:yumdPC/P2VzINdmcKZd0pciSUCpou+s0lwYCjBbzQZU= 143 | github.com/libp2p/go-libp2p-metrics v0.0.1/go.mod h1:jQJ95SXXA/K1VZi13h52WZMa9ja78zjyy5rspMsC/08= 144 | github.com/libp2p/go-libp2p-mplex v0.1.1 h1:lSPS1VJ36P01gGO//KgcsmSah5uoC3X9r7WY5j+iP4c= 145 | github.com/libp2p/go-libp2p-mplex v0.1.1/go.mod h1:KUQWpGkCzfV7UIpi8SKsAVxyBgz1c9R5EvxgnwLsb/I= 146 | github.com/libp2p/go-libp2p-nat v0.0.4 h1:+KXK324yaY701On8a0aGjTnw8467kW3ExKcqW2wwmyw= 147 | github.com/libp2p/go-libp2p-nat v0.0.4/go.mod h1:N9Js/zVtAXqaeT99cXgTV9e75KpnWCvVOiGzlcHmBbY= 148 | github.com/libp2p/go-libp2p-net v0.0.1 h1:xJ4Vh4yKF/XKb8fd1Ev0ebAGzVjMxXzrxG2kjtU+F5Q= 149 | github.com/libp2p/go-libp2p-net v0.0.1/go.mod h1:Yt3zgmlsHOgUWSXmt5V/Jpz9upuJBE8EgNU9DrCcR8c= 150 | github.com/libp2p/go-libp2p-net v0.0.2 h1:qP06u4TYXfl7uW/hzqPhlVVTSA2nw1B/bHBJaUnbh6M= 151 | github.com/libp2p/go-libp2p-net v0.0.2/go.mod h1:Yt3zgmlsHOgUWSXmt5V/Jpz9upuJBE8EgNU9DrCcR8c= 152 | github.com/libp2p/go-libp2p-netutil v0.0.1/go.mod h1:GdusFvujWZI9Vt0X5BKqwWWmZFxecf9Gt03cKxm2f/Q= 153 | github.com/libp2p/go-libp2p-peer v0.0.1 h1:0qwAOljzYewINrU+Kndoc+1jAL7vzY/oY2Go4DCGfyY= 154 | github.com/libp2p/go-libp2p-peer v0.0.1/go.mod h1:nXQvOBbwVqoP+T5Y5nCjeH4sP9IX/J0AMzcDUVruVoo= 155 | github.com/libp2p/go-libp2p-peer v0.1.1 h1:qGCWD1a+PyZcna6htMPo26jAtqirVnJ5NvBQIKV7rRY= 156 | github.com/libp2p/go-libp2p-peer v0.1.1/go.mod h1:jkF12jGB4Gk/IOo+yomm+7oLWxF278F7UnrYUQ1Q8es= 157 | github.com/libp2p/go-libp2p-peerstore v0.0.1 h1:twKovq8YK5trLrd3nB7PD2Zu9JcyAIdm7Bz9yBWjhq8= 158 | github.com/libp2p/go-libp2p-peerstore v0.0.1/go.mod h1:RabLyPVJLuNQ+GFyoEkfi8H4Ti6k/HtZJ7YKgtSq+20= 159 | github.com/libp2p/go-libp2p-peerstore v0.0.6 h1:RgX/djPFXqZGktW0j2eF4NAX0pzDsCot45jO2GewC+g= 160 | github.com/libp2p/go-libp2p-peerstore v0.0.6/go.mod h1:RabLyPVJLuNQ+GFyoEkfi8H4Ti6k/HtZJ7YKgtSq+20= 161 | github.com/libp2p/go-libp2p-protocol v0.0.1 h1:+zkEmZ2yFDi5adpVE3t9dqh/N9TbpFWywowzeEzBbLM= 162 | github.com/libp2p/go-libp2p-protocol v0.0.1/go.mod h1:Af9n4PiruirSDjHycM1QuiMi/1VZNHYcK8cLgFJLZ4s= 163 | github.com/libp2p/go-libp2p-record v0.0.1 h1:zN7AS3X46qmwsw5JLxdDuI43cH5UYwovKxHPjKBYQxw= 164 | github.com/libp2p/go-libp2p-record v0.0.1/go.mod h1:grzqg263Rug/sRex85QrDOLntdFAymLDLm7lxMgU79Q= 165 | github.com/libp2p/go-libp2p-routing v0.0.1 h1:hPMAWktf9rYi3ME4MG48qE7dq1ofJxiQbfdvpNntjhc= 166 | github.com/libp2p/go-libp2p-routing v0.0.1/go.mod h1:N51q3yTr4Zdr7V8Jt2JIktVU+3xBBylx1MZeVA6t1Ys= 167 | github.com/libp2p/go-libp2p-secio v0.0.3 h1:h3fPeDrej7bvvARnC2oSjAfcLZOaS4REZKgWCRQNpE4= 168 | github.com/libp2p/go-libp2p-secio v0.0.3/go.mod h1:hS7HQ00MgLhRO/Wyu1bTX6ctJKhVpm+j2/S2A5UqYb0= 169 | github.com/libp2p/go-libp2p-swarm v0.0.5/go.mod h1:+nkJir4feiXtWQjb/4CQHMEK8Vw+c5nVVxT8R5bs0yY= 170 | github.com/libp2p/go-libp2p-swarm v0.0.6 h1:gE0P/v2h+KEXtAi9YTw2UBOSODJ4m9VuuJ+ktc2LVUo= 171 | github.com/libp2p/go-libp2p-swarm v0.0.6/go.mod h1:s5GZvzg9xXe8sbeESuFpjt8CJPTCa8mhEusweJqyFy8= 172 | github.com/libp2p/go-libp2p-transport v0.0.1/go.mod h1:UzbUs9X+PHOSw7S3ZmeOxfnwaQY5vGDzZmKPod3N3tk= 173 | github.com/libp2p/go-libp2p-transport v0.0.4/go.mod h1:StoY3sx6IqsP6XKoabsPnHCwqKXWUMWU7Rfcsubee/A= 174 | github.com/libp2p/go-libp2p-transport v0.0.5 h1:pV6+UlRxyDpASSGD+60vMvdifSCby6JkJDfi+yUMHac= 175 | github.com/libp2p/go-libp2p-transport v0.0.5/go.mod h1:StoY3sx6IqsP6XKoabsPnHCwqKXWUMWU7Rfcsubee/A= 176 | github.com/libp2p/go-libp2p-transport-upgrader v0.0.3/go.mod h1:Ng1HzfMIopyYscMHNFmJqiMMcpgDlj0t+NyjVWW89ws= 177 | github.com/libp2p/go-libp2p-transport-upgrader v0.0.4 h1:uGMOd14BL1oFlfb/cGfOxPjiTKBhzWV4aMjjoCF1Z1o= 178 | github.com/libp2p/go-libp2p-transport-upgrader v0.0.4/go.mod h1:RGq+tupk+oj7PzL2kn/m1w6YXxcIAYJYeI90h6BGgUc= 179 | github.com/libp2p/go-libp2p-yamux v0.1.2 h1:DgGItlrWi0j9y1OhRMC8qqL4zj2MEPWeKJTHb55R16Q= 180 | github.com/libp2p/go-libp2p-yamux v0.1.2/go.mod h1:xUoV/RmYkg6BW/qGxA9XJyg+HzXFYkeXbnhjmnYzKp8= 181 | github.com/libp2p/go-maddr-filter v0.0.1/go.mod h1:6eT12kSQMA9x2pvFQa+xesMKUBlj9VImZbj3B9FBH/Q= 182 | github.com/libp2p/go-maddr-filter v0.0.4 h1:hx8HIuuwk34KePddrp2mM5ivgPkZ09JH4AvsALRbFUs= 183 | github.com/libp2p/go-maddr-filter v0.0.4/go.mod h1:6eT12kSQMA9x2pvFQa+xesMKUBlj9VImZbj3B9FBH/Q= 184 | github.com/libp2p/go-mplex v0.0.3 h1:YiMaevQcZtFU6DmKIF8xEO0vaui5kM5HJ1V1xkWQv14= 185 | github.com/libp2p/go-mplex v0.0.3/go.mod h1:pK5yMLmOoBR1pNCqDlA2GQrdAVTMkqFalaTWe7l4Yd0= 186 | github.com/libp2p/go-msgio v0.0.2 h1:ivPvEKHxmVkTClHzg6RXTYHqaJQ0V9cDbq+6lKb3UV0= 187 | github.com/libp2p/go-msgio v0.0.2/go.mod h1:63lBBgOTDKQL6EWazRMCwXsEeEeK9O2Cd+0+6OOuipQ= 188 | github.com/libp2p/go-nat v0.0.3 h1:l6fKV+p0Xa354EqQOQP+d8CivdLM4kl5GxC1hSc/UeI= 189 | github.com/libp2p/go-nat v0.0.3/go.mod h1:88nUEt0k0JD45Bk93NIwDqjlhiOwOoV36GchpcVc1yI= 190 | github.com/libp2p/go-reuseport v0.0.1 h1:7PhkfH73VXfPJYKQ6JwS5I/eVcoyYi9IMNGc6FWpFLw= 191 | github.com/libp2p/go-reuseport v0.0.1/go.mod h1:jn6RmB1ufnQwl0Q1f+YxAj8isJgDCQzaaxIFYDhcYEA= 192 | github.com/libp2p/go-reuseport-transport v0.0.2 h1:WglMwyXyBu61CMkjCCtnmqNqnjib0GIEjMiHTwR/KN4= 193 | github.com/libp2p/go-reuseport-transport v0.0.2/go.mod h1:YkbSDrvjUVDL6b8XqriyA20obEtsW9BLkuOUyQAOCbs= 194 | github.com/libp2p/go-stream-muxer v0.0.1 h1:Ce6e2Pyu+b5MC1k3eeFtAax0pW4gc6MosYSLV05UeLw= 195 | github.com/libp2p/go-stream-muxer v0.0.1/go.mod h1:bAo8x7YkSpadMTbtTaxGVHWUQsR/l5MEaHbKaliuT14= 196 | github.com/libp2p/go-stream-muxer-multistream v0.1.1 h1:DhHqb4nu1fQv/vQKeLAaZGmhLsUA4SF77IdYJiWE1d4= 197 | github.com/libp2p/go-stream-muxer-multistream v0.1.1/go.mod h1:zmGdfkQ1AzOECIAcccoL8L//laqawOsO03zX8Sa+eGw= 198 | github.com/libp2p/go-tcp-transport v0.0.3/go.mod h1:f11C2zvCaGDkE8aFPUKmuYZwd3pP6HI24LeLMWhJnkQ= 199 | github.com/libp2p/go-tcp-transport v0.0.4 h1:2iRu994wCT/iEz62F+c60FUoSkijNEQ0q2Itc+79XlQ= 200 | github.com/libp2p/go-tcp-transport v0.0.4/go.mod h1:+E8HvC8ezEVOxIo3V5vCK9l1y/19K427vCzQ+xHKH/o= 201 | github.com/libp2p/go-testutil v0.0.1/go.mod h1:iAcJc/DKJQanJ5ws2V+u5ywdL2n12X1WbbEG+Jjy69I= 202 | github.com/libp2p/go-ws-transport v0.0.3/go.mod h1:iU0kzfMcO4tBVIk3z+7srp1YG/RFLWTSuO4enpivw8g= 203 | github.com/libp2p/go-ws-transport v0.0.4 h1:3wt9ed0gIUrne627XHvPMTwG4/AUpsLDy4TGQi2EyQ0= 204 | github.com/libp2p/go-ws-transport v0.0.4/go.mod h1:X9wfEcm2LAJYMox9x2VHAMHAZZSQMFC9mIa/UF6OuZk= 205 | github.com/libp2p/go-yamux v1.2.1 h1:VumHkMhJ2iFk1lzAeoDRgekiZSylGc6NnAEihVdBCiw= 206 | github.com/libp2p/go-yamux v1.2.1/go.mod h1:FGTiPvoV/3DVdgWpX+tM0OW3tsM+W5bSE3gZwqQTcow= 207 | github.com/mattn/go-colorable v0.1.1 h1:G1f5SKeVxmagw/IyvzvtZE4Gybcc4Tr1tf7I8z0XgOg= 208 | github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= 209 | github.com/mattn/go-isatty v0.0.5 h1:tHXDdz1cpzGaovsTB+TVB8q90WEokoVmfMqoVcrLUgw= 210 | github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= 211 | github.com/miekg/dns v1.1.12/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= 212 | github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0OXOcUbGjvZxxijuBwbbmlSxLiuofa+g= 213 | github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= 214 | github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16 h1:5W7KhL8HVF3XCFOweFD3BNESdnO8ewyYTFT2R+/b8FQ= 215 | github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16/go.mod h1:2FMWW+8GMoPweT6+pI63m9YE3Lmw4J71hV56Chs1E/U= 216 | github.com/minio/sha256-simd v0.0.0-20190328051042-05b4dd3047e5 h1:l16XLUUJ34wIz+RIvLhSwGvLvKyy+W598b135bJN6mg= 217 | github.com/minio/sha256-simd v0.0.0-20190328051042-05b4dd3047e5/go.mod h1:2FMWW+8GMoPweT6+pI63m9YE3Lmw4J71hV56Chs1E/U= 218 | github.com/mr-tron/base58 v1.1.0 h1:Y51FGVJ91WBqCEabAi5OPUz38eAx8DakuAm5svLcsfQ= 219 | github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= 220 | github.com/mr-tron/base58 v1.1.1/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= 221 | github.com/mr-tron/base58 v1.1.2 h1:ZEw4I2EgPKDJ2iEw0cNmLB3ROrEmkOtXIkaG7wZg+78= 222 | github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= 223 | github.com/multiformats/go-base32 v0.0.3 h1:tw5+NhuwaOjJCC5Pp82QuXbrmLzWg7uxlMFp8Nq/kkI= 224 | github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA= 225 | github.com/multiformats/go-multiaddr v0.0.1 h1:/QUV3VBMDI6pi6xfiw7lr6xhDWWvQKn9udPn68kLSdY= 226 | github.com/multiformats/go-multiaddr v0.0.1/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= 227 | github.com/multiformats/go-multiaddr v0.0.2/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= 228 | github.com/multiformats/go-multiaddr v0.0.4 h1:WgMSI84/eRLdbptXMkMWDXPjPq7SPLIgGUVm2eroyU4= 229 | github.com/multiformats/go-multiaddr v0.0.4/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= 230 | github.com/multiformats/go-multiaddr-dns v0.0.1/go.mod h1:9kWcqw/Pj6FwxAwW38n/9403szc57zJPs45fmnznu3Q= 231 | github.com/multiformats/go-multiaddr-dns v0.0.2 h1:/Bbsgsy3R6e3jf2qBahzNHzww6usYaZ0NhNH3sqdFS8= 232 | github.com/multiformats/go-multiaddr-dns v0.0.2/go.mod h1:9kWcqw/Pj6FwxAwW38n/9403szc57zJPs45fmnznu3Q= 233 | github.com/multiformats/go-multiaddr-net v0.0.1 h1:76O59E3FavvHqNg7jvzWzsPSW5JSi/ek0E4eiDVbg9g= 234 | github.com/multiformats/go-multiaddr-net v0.0.1/go.mod h1:nw6HSxNmCIQH27XPGBuX+d1tnvM7ihcFwHMSstNAVUU= 235 | github.com/multiformats/go-multibase v0.0.1 h1:PN9/v21eLywrFWdFNsFKaU04kLJzuYzmrJR+ubhT9qA= 236 | github.com/multiformats/go-multibase v0.0.1/go.mod h1:bja2MqRZ3ggyXtZSEDKpl0uO/gviWFaSteVbWT51qgs= 237 | github.com/multiformats/go-multihash v0.0.1 h1:HHwN1K12I+XllBCrqKnhX949Orn4oawPkegHMu2vDqQ= 238 | github.com/multiformats/go-multihash v0.0.1/go.mod h1:w/5tugSrLEbWqlcgJabL3oHFKTwfvkofsjW2Qa1ct4U= 239 | github.com/multiformats/go-multihash v0.0.5 h1:1wxmCvTXAifAepIMyF39vZinRw5sbqjPs/UIi93+uik= 240 | github.com/multiformats/go-multihash v0.0.5/go.mod h1:lt/HCbqlQwlPBz7lv0sQCdtfcMtlJvakRUn/0Ual8po= 241 | github.com/multiformats/go-multistream v0.0.1 h1:JV4VfSdY9n7ECTtY59/TlSyFCzRILvYx4T4Ws8ZgihU= 242 | github.com/multiformats/go-multistream v0.0.1/go.mod h1:fJTiDfXJVmItycydCnNx4+wSzZ5NwG2FEVAI30fiovg= 243 | github.com/multiformats/go-multistream v0.0.4 h1:rNgWgFyzRSTI9L+xISrz7kN5MdNXoEcoIeeCH05wLKA= 244 | github.com/multiformats/go-multistream v0.0.4/go.mod h1:fJTiDfXJVmItycydCnNx4+wSzZ5NwG2FEVAI30fiovg= 245 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 246 | github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 247 | github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= 248 | github.com/opentracing/opentracing-go v1.0.2 h1:3jA2P6O1F9UOrWVpwrIo17pu01KWvNWg4X946/Y5Zwg= 249 | github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= 250 | github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= 251 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 252 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 253 | github.com/spacemonkeygo/openssl v0.0.0-20181017203307-c2dcc5cca94a/go.mod h1:7AyxJNCJ7SBZ1MfVQCWD6Uqo2oubI2Eq2y2eqf+A5r0= 254 | github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= 255 | github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= 256 | github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= 257 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 258 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 259 | github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= 260 | github.com/whyrusleeping/base32 v0.0.0-20170828182744-c30ac30633cc h1:BCPnHtcboadS0DvysUuJXZ4lWVv5Bh5i7+tbIyi+ck4= 261 | github.com/whyrusleeping/base32 v0.0.0-20170828182744-c30ac30633cc/go.mod h1:r45hJU7yEoA81k6MWNhpMj/kms0n14dkzkxYHoB96UM= 262 | github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1 h1:EKhdznlJHPMoKr0XTrX+IlJs1LH3lyx2nfr1dOlZ79k= 263 | github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1/go.mod h1:8UvriyWtv5Q5EOgjHaSseUEdkQfvwFv1I/In/O2M9gc= 264 | github.com/whyrusleeping/go-logging v0.0.0-20170515211332-0457bb6b88fc h1:9lDbC6Rz4bwmou+oE6Dt4Cb2BGMur5eR/GYptkKUVHo= 265 | github.com/whyrusleeping/go-logging v0.0.0-20170515211332-0457bb6b88fc/go.mod h1:bopw91TMyo8J3tvftk8xmU2kPmlrt4nScJQZU2hE5EM= 266 | github.com/whyrusleeping/go-notifier v0.0.0-20170827234753-097c5d47330f h1:M/lL30eFZTKnomXY6huvM6G0+gVquFNf6mxghaWlFUg= 267 | github.com/whyrusleeping/go-notifier v0.0.0-20170827234753-097c5d47330f/go.mod h1:cZNvX9cFybI01GriPRMXDtczuvUhgbcYr9iCGaNlRv8= 268 | github.com/whyrusleeping/go-smux-multiplex v0.1.0/go.mod h1:OXL5hggHNZSsadXDlBJDD4eD3IQYEB3Yu6xpovd6pPw= 269 | github.com/whyrusleeping/go-smux-multistream v0.1.0/go.mod h1:/usW3LIBirW4h9ko1PnoF7tExBnbxPBszG0n4wylJr8= 270 | github.com/whyrusleeping/go-smux-yamux v0.1.1/go.mod h1:Yw+ayOEKERDHXLJ4GiE5AnBmldJW4QRLDzGFC9do8G0= 271 | github.com/whyrusleeping/mafmt v1.2.8 h1:TCghSl5kkwEE0j+sU/gudyhVMRlpBin8fMBBHg59EbA= 272 | github.com/whyrusleeping/mafmt v1.2.8/go.mod h1:faQJFPbLSxzD9xpA02ttW/tS9vZykNvXwGvqIpk20FA= 273 | github.com/whyrusleeping/mdns v0.0.0-20180901202407-ef14215e6b30/go.mod h1:j4l84WPFclQPj320J9gp0XwNKBb3U0zt5CBqjPp22G4= 274 | github.com/whyrusleeping/multiaddr-filter v0.0.0-20160516205228-e903e4adabd7 h1:E9S12nwJwEOXe2d6gT6qxdvqMnNq+VnSsKPgm2ZZNds= 275 | github.com/whyrusleeping/multiaddr-filter v0.0.0-20160516205228-e903e4adabd7/go.mod h1:X2c0RVCI1eSUFI8eLcY3c0423ykwiUdxLJtkDvruhjI= 276 | github.com/whyrusleeping/yamux v1.2.0/go.mod h1:Cgw3gpb4DrDZ1FrP/5pxg/cpiY54Gr5uCXwUylwi2GE= 277 | go.opencensus.io v0.21.0 h1:mU6zScU4U1YAFPHEHYk+3JC4SY7JxgkqS10ZOSyksNg= 278 | go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= 279 | golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 280 | golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 281 | golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b h1:+/WWzjwW6gidDJnMKWLKLX1gxn7irUTF1fLpQovfQ5M= 282 | golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 283 | golang.org/x/crypto v0.0.0-20190228161510-8dd112bcdc25/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 284 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 285 | golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734 h1:p/H982KKEjUnLJkM3tt/LemDnOc1GiZL5FCVlORJ5zo= 286 | golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 287 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 288 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 289 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= 290 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 291 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 292 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 293 | golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 294 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 295 | golang.org/x/net v0.0.0-20190227160552-c95aed5357e7 h1:C2F/nMkR/9sfUTpvR3QrjBuTdvMUC/cFajkphs1YLQo= 296 | golang.org/x/net v0.0.0-20190227160552-c95aed5357e7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 297 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 298 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ= 299 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 300 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 301 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 302 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 303 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 304 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 305 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 306 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 307 | golang.org/x/sys v0.0.0-20190219092855-153ac476189d/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 308 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223 h1:DH4skfRX4EBpamg7iV4ZlCpblAHI6s6TDM39bFZumv8= 309 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 310 | golang.org/x/sys v0.0.0-20190228124157-a34e9553db1e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 311 | golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI= 312 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 313 | golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= 314 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 315 | golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 316 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 317 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= 318 | golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522 h1:bhOzK9QyoD0ogCnFro1m2mz41+Ib0oOhfJnBp5MR4K4= 319 | golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 320 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= 321 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 322 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 323 | google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 324 | google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 325 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= 326 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 327 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= 328 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 329 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 330 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 331 | gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= 332 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 333 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 334 | --------------------------------------------------------------------------------