feat: private server config

[xendarboh]

Currently, in og trellis:

• servers.json contains a master list of all mix-net servers
• can be generated from a list of remote hosts (with xtrellis coordinator config)
• is shared with all participating servers along with their group arrangement (groups.json)
• has full server info, including private and public keys mixed together

Desired State, initially

• servers do not reveal their private info
• servers generate their own config and share the public info
• servers.json contains only public server info
• individual servers generate their own key info
  • with a subcommand of xtrellis coordinator config
  • then share it with coordinator

Desired State, later...

• separation of server public info from numerical id (referenced by groups)
• minimize data to represent mix-net round configurations
• locally cache some information
• consider servers could manage publication of their public info to private/distributed db, then record ref to it

Holo-Terra-Formation

See go/trellis/config/config.proto:

// Fields that are secrets are included here for convience
// public value and server members agreement is out of scope
// Each server would have their own secrets
message Server {
  // Server address (public)
  string address = 1; 

  int64 id = 2;

  // TLS certificate (public)
  bytes identity = 3;

  // Secret for certificate (this should not be public)
  bytes private_identity = 4;

  // Public key for authenticated encryption to this server (public)
  bytes public_key = 5;

  // Secret for authenticated encryption (this should not be public)
  bytes private_key = 6;

  // Key to verify this servers signature (public)
  bytes verification_key = 7;

  // Signature key (this should not be public)
  bytes signature_key = 8;
}

public:

• address
• ?: id
• identity
• publicKey
• verificationKey

private:

• privateIdentity
• privateKey
• signatureKey

Originally posted in https://github.com/31333337/bmrng/issues/15#issuecomment-1769712139

[xendarboh]

Within the vision of many mix-net components as well as what can be supportive immediately:

• components identified by UUID (currently have incremental int64 assigned from 0)
  • (later could be static identifier for ZK-proveable ownership)
• some info is less dynamic than others including:
  • component public config info (keys/etc)
• some info changes more often including:
  • mix-net txm round configuration
• a database with API can:
  • be more effective, scaleable, and resilient than huge flat files
  • provide a local cache for distributed network/config information, post-coordicide
  • provide a facilitator for coordinated mix-net registration, pre-coordicide
  • develop into distributed off-chain ZK (merkle-tree) data for on-chain ZKProofs

[xendarboh]

• [ ] generate config for single server
  • [ ] given address:port
  • [ ] separate private info from public to share

[xendarboh]

Currently, servers are uniquely identified by a number starting from 0.

For self-regulating servers, they should have an UUID instead (likely to be related to a crypto address later).

• [ ] identify servers by UUID

[xendarboh]

fair amount of moving parts and missing feature in og-trellis balance now and then (ie, appropriately invest dev roi for short-lifecycle code) consider an initial step in between to mimic server<->coord comm

• servers
  • [x] generate public and private config in separate files
  • [x] load private config to run
  • [x] support multi address:port in private config (append or overwrite, don't replace)
• central coordinator
  • [x] retrieves all servers' public config (same way it sends all config: ssh)
  • [x] compile all pub config into servers.json
  • [x] send servers.json to each server
• [ ] consider rename servers.json -> mixnet-servers.json (likewise for groups), and/or a separate directory for local server configs

[xendarboh]

TODO... more complete e2e tests of critical execution paths of xtrellis

• [ ] xtrellis coordinator experiment --networktype 0
• [ ] xtrellis coordinator experiment --networktype 1
• [ ] xtrellis coordinator experiment --networktype 2 : requires hosts list
• [ ] xtrellis coordinator mixnet --gatewayenable : scripts/test-gateway-ci.sh

[xendarboh]

TODO... consider more complete local server config management and context of future db

• xtrellis server config list
• xtrellis server config add
• xtrellis server config del