Merge pull request #1 from unpackdev/dstore

Decentralized Store: Preparation - Network && Topology V0

Author: 0x19

.gitignore

@@ -29,4 +29,6 @@ testdb/
 build/
 
 # binaries
-example
+example
+
+~/

Makefile

@@ -39,6 +39,10 @@ lint: ## Lint the Go code using golangci-lint
 .PHONY: build
 build: build-linux ## Build the binary for the current OS/Arch
 
+.PHONY: build-osx
+build-osx: ## Build the binary for macOS/OSX
+	go build -o ./$(BIN_NAME) -ldflags "-X main.Version=$(VERSION) -X main.CommitHash=$(COMMIT_HASH)" ./entrypoint/main.go
+
 .PHONY: build-linux
 build-linux: ## Build the binary for Linux
 	@GOOS=linux GOARCH=amd64 go build -o ./$(BIN_NAME) -ldflags "-X main.Version=$(VERSION) -X main.CommitHash=$(COMMIT_HASH)" ./entrypoint/main.go

accounts/README.md

@@ -0,0 +1,179 @@
+// pkg/accounts/account.go
+
+package accounts
+
+import (
+	"crypto/ecdsa"
+	"github.com/ethereum/go-ethereum/crypto"
+	libp2pCrypto "github.com/libp2p/go-libp2p/core/crypto"
+	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/unpackdev/fdb/logger"
+	"github.com/unpackdev/fdb/rbac"
+	"github.com/unpackdev/fdb/share"
+	"github.com/unpackdev/fdb/types"
+
+	"github.com/pkg/errors"
+	"github.com/sasha-s/go-deadlock"
+)
+
+// Ensure Account implements the share.Account interface
+var _ share.Account = (*Account)(nil)
+
+// Account represents a Decentralized Identifier with associated cryptographic keys and permissions.
+type Account struct {
+	logger           logger.Logger
+	rbacMgr          *rbac.Manager
+	id               string               // String representation of the peer ID
+	signerType       types.SignerType     // SignerType associated with the account
+	address          types.Address        // Derived address from MasterPublicKey
+	peerID           peer.ID              // Associated peer.ID object for easier manipulation
+	name             string               // Name of the account for descriptive purposes
+	comment          string               // Optional comment or description for the account
+	masterPrivateKey libp2pCrypto.PrivKey // Private key associated with libp2p PeerID, used as the master private key for all signers
+	masterPublicKey  libp2pCrypto.PubKey  // Public key associated with libp2p PeerID, used as the master public key for all signers
+	roles            []types.Role
+	extraPermissions map[types.Role][]types.Permission
+	mu               deadlock.RWMutex // Mutex for thread-safe operations
+}
+
+// NewConsensusAccount initializes Account used by the validators.
+// TODO: This needs to be extended with roles and many more things but for now it's this
+func NewConsensusAccount(logger logger.Logger, peerId peer.ID, address types.Address, pubKey libp2pCrypto.PubKey, roles []types.Role) (*Account, error) {
+	account := &Account{
+		logger:          logger,
+		peerID:          peerId,
+		id:              peerId.String(),
+		address:         address,
+		masterPublicKey: pubKey,
+		roles:           roles,
+	}
+
+	return account, nil
+}
+
+// NewAccount initializes a new Account with all the cryptographic keys and metadata.
+func NewAccount(
+	logger logger.Logger,
+	peerID peer.ID,
+	peerSk libp2pCrypto.PrivKey,
+	peerPk libp2pCrypto.PubKey,
+	signerType types.SignerType,
+	name, comment string,
+	roles []types.Role,
+	extraPermissions map[types.Role][]types.Permission,
+	rbacMgr *rbac.Manager,
+) (*Account, error) {
+
+	// Null and validity checks
+	if peerID == "" {
+		return nil, errors.New("peerID cannot be empty")
+	}
+	if peerSk == nil {
+		return nil, errors.New("peerSk (MasterPrivateKey) cannot be nil")
+	}
+	if peerPk == nil {
+		return nil, errors.New("peerPk (MasterPublicKey) cannot be nil")
+	}
+
+	// Marshal the public key bytes
+	pubKeyBytes, err := libp2pCrypto.MarshalPublicKey(peerPk)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to marshal MasterPublicKey")
+	}
+
+	// Compute account ID using SignerType
+	accountID := ComputeAccountID(signerType, pubKeyBytes)
+
+	// Compute address from the master public key bytes
+	address, err := computeAddressFromPublicKey(pubKeyBytes)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to derive address from MasterPublicKey")
+	}
+
+	account := &Account{
+		logger:           logger,
+		id:               accountID,
+		signerType:       signerType,
+		peerID:           peerID,
+		address:          address,
+		name:             name,
+		comment:          comment,
+		masterPrivateKey: peerSk,
+		masterPublicKey:  peerPk,
+		roles:            roles,
+		extraPermissions: extraPermissions,
+		rbacMgr:          rbacMgr,
+	}
+
+	return account, nil
+}
+
+// ID returns the unique identifier of the account.
+func (a *Account) ID() string {
+	return a.id
+}
+
+// Address returns the derived address from the MasterPublicKey.
+func (a *Account) Address() types.Address {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.address
+}
+
+// PeerID returns the associated libp2p PeerID.
+func (a *Account) PeerID() peer.ID {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.peerID
+}
+
+// Name returns the name of the account.
+func (a *Account) Name() string {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.name
+}
+
+// Comment returns the optional comment or description of the account.
+func (a *Account) Comment() string {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.comment
+}
+
+// MasterPrivateKey returns the master private key associated with the account.
+func (a *Account) MasterPrivateKey() libp2pCrypto.PrivKey {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.masterPrivateKey
+}
+
+func (a *Account) MasterKeyToECDSA() (*ecdsa.PrivateKey, error) {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+
+	privKeyBytes, err := a.MasterPrivateKey().Raw()
+	if err != nil {
+		return nil, err
+	}
+
+	return crypto.ToECDSA(privKeyBytes)
+}
+
+// MasterPublicKey returns the master public key associated with the account.
+func (a *Account) MasterPublicKey() libp2pCrypto.PubKey {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.masterPublicKey
+}
+
+// ExtraPermissions returns the additional permissions associated with each role.
+func (a *Account) ExtraPermissions() map[types.Role][]types.Permission {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.extraPermissions
+}
+
+func (a *Account) MarshalPublicKey() ([]byte, error) {
+	return libp2pCrypto.MarshalPublicKey(a.masterPublicKey)
+}

accounts/account.go

@@ -0,0 +1,32 @@
+// pkg/accounts/common_test.go
+
+package accounts
+
+import (
+	"github.com/unpackdev/fdb/config"
+	"github.com/unpackdev/fdb/logger"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+// setupTestEnvironment initializes the test environment by creating a temporary directory
+// and initializing the logger. It returns the configuration and logger instances.
+func setupTestEnvironment(t *testing.T) (config.Identity, logger.Logger) {
+	// Set up a temporary directory for YAML file-based storage
+	tempDir := t.TempDir()
+	cfg := config.Identity{
+		Enabled:  true,
+		BasePath: tempDir,
+	}
+
+	// Initialize the logger
+	_, err := logger.InitializeGlobalLogger(config.Logger{
+		Enabled:     true,
+		Environment: "development",
+		Level:       "debug",
+	})
+	require.NoError(t, err, "Failed to initialize logger")
+
+	return cfg, logger.G()
+}

accounts/common_test.go

@@ -0,0 +1,70 @@
+// pkg/accounts/ethereum.go
+package accounts
+
+import (
+	"crypto/ecdsa"
+	"github.com/ethereum/go-ethereum/common"
+	ethCrypto "github.com/ethereum/go-ethereum/crypto"
+	libp2pCrypto "github.com/libp2p/go-libp2p/core/crypto"
+	"github.com/pkg/errors"
+)
+
+// computeEthereumAddress computes the Ethereum address from the libp2p public key.
+// It uses Keccak-256 hashing and returns the address in hexadecimal format with '0x' prefix.
+// computeEthereumAddress computes the Ethereum address from the libp2p public key.
+func computeEthereumAddress(pubKey libp2pCrypto.PubKey) (common.Address, error) {
+	var pubKeyBytes []byte
+	var err error
+
+	switch pubKey.Type() {
+	case libp2pCrypto.Secp256k1:
+		// Get the raw public key bytes
+		rawPubKeyBytes, err := pubKey.Raw()
+		if err != nil {
+			return common.Address{}, errors.Wrap(err, "failed to get raw public key bytes")
+		}
+
+		if len(rawPubKeyBytes) == 33 {
+			// Compressed key, decompress it
+			pubKeyDecompressed, err := ethCrypto.DecompressPubkey(rawPubKeyBytes)
+			if err != nil {
+				return common.Address{}, errors.Wrap(err, "failed to decompress Secp256k1 public key")
+			}
+			pubKeyBytes = ethCrypto.FromECDSAPub(pubKeyDecompressed)[1:] // Remove 0x04 prefix
+		} else if len(rawPubKeyBytes) == 65 {
+			// Uncompressed key, remove the prefix
+			pubKeyBytes = rawPubKeyBytes[1:] // Remove 0x04 prefix
+		} else {
+			return common.Address{}, errors.Errorf("unexpected Secp256k1 public key length: got %d bytes", len(rawPubKeyBytes))
+		}
+	case libp2pCrypto.Ed25519:
+		// Use the raw public key bytes for Ed25519 keys
+		pubKeyBytes, err = pubKey.Raw()
+		if err != nil {
+			return common.Address{}, errors.Wrap(err, "failed to get raw Ed25519 public key bytes")
+		}
+	default:
+		return common.Address{}, errors.Errorf("unsupported key type: %d", pubKey.Type())
+	}
+
+	// Compute Keccak-256 hash of the public key bytes
+	hash := ethCrypto.Keccak256(pubKeyBytes)
+
+	// Take the last 20 bytes for the Ethereum address
+	ethAddress := common.BytesToAddress(hash[12:])
+
+	return ethAddress, nil
+}
+
+// computeEthereumAddressFromECDSAPubKey computes the Ethereum address from an ECDSA public key.
+// It uses Keccak-256 hashing and returns the address in hexadecimal format with '0x' prefix.
+func computeEthereumAddressFromECDSAPubKey(pubKey *ecdsa.PublicKey) (common.Address, error) {
+	if pubKey == nil {
+		return common.Address{}, errors.New("public key is nil")
+	}
+
+	pubBytes := ethCrypto.FromECDSAPub(pubKey) // 65 bytes with 0x04 prefix
+	hash := ethCrypto.Keccak256(pubBytes[1:])  // Exclude the 0x04 prefix
+
+	return common.BytesToAddress(hash[12:]), nil // Last 20 bytes
+}

accounts/ethereum.go

@@ -0,0 +1,9 @@
+package accounts
+
+import "github.com/unpackdev/fdb/types"
+
+// TODO: Not even sure how to do this... And is this even how it should be done...
+// Perhaps based on node type and configuration instead of anything else...
+func (a *Account) SupportedProtocols() []types.ProtocolType {
+	return []types.ProtocolType{}
+}

accounts/protocols.go

@@ -0,0 +1,71 @@
+// pkg/accounts/rbac.go
+package accounts
+
+import (
+	"fmt"
+	"github.com/unpackdev/fdb/types"
+)
+
+// Roles returns the list of roles assigned to the account.
+func (a *Account) Roles() []types.Role {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+	return a.roles
+}
+
+// AssignRole assigns a new role to the account.
+func (a *Account) AssignRole(role types.Role, permissions ...types.Permission) error {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+
+	// Assign the role using RBAC Manager
+	if err := a.rbacMgr.AssignRole(role, permissions...); err != nil {
+		return err
+	}
+
+	// Add the role to the account's Roles slice if not already present
+	for _, r := range a.roles {
+		if r == role {
+			// Role already assigned
+			return nil
+		}
+	}
+	a.roles = append(a.roles, role)
+	return nil
+}
+
+// RemoveRole removes a role from the account.
+func (a *Account) RemoveRole(role types.Role) error {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+
+	// Remove the role from RBAC Manager
+	if err := a.rbacMgr.RemoveRole(role); err != nil {
+		return err
+	}
+
+	// Remove the role from the account's Roles slice
+	for i, r := range a.roles {
+		if r == role {
+			a.roles = append(a.roles[:i], a.roles[i+1:]...)
+			break
+		}
+	}
+	return nil
+}
+
+// HasPermission checks if the account has the specified permission.
+func (a *Account) HasPermission(permission types.Permission) bool {
+	a.mu.RLock()
+	defer a.mu.RUnlock()
+
+	return a.rbacMgr.HasPermission(a.roles, permission)
+}
+
+// Authorize ensures the account has the required permission.
+func (a *Account) Authorize(permission types.Permission) error {
+	if a.HasPermission(permission) {
+		return nil
+	}
+	return fmt.Errorf("account %s does not have permission %s", a.name, permission)
+}