CivMC / FactoryMod

Configurable factories for automating item production - Built for Paper 1.16.5
Other
0 stars 11 forks source link

Make secure notes more user friendly #13

Closed wingzero54 closed 11 months ago

wingzero54 commented 2 years ago

Secure notes currently use 32 digit codes which are not very user friendly - and hard to compare notes for authenticity at a glance. Can we reduce the number of characters, or do some combination of citadel group + code to make more user-friendly secure codes while still maintaining security?

Example secure note below: image

Maxopoly commented 2 years ago

There are two ways I can think of realizing this: The first one is generating more user friendly random output, something like gfycat's URL generation where it takes random adjectives: selfreliantsimilargrebe The other one would be allowing users to chose their tag. That would require a permission based system of uniqueness, which makes tying it into NameLayer the easiest solution. Would more than one code per group be desireable or is using the group name as code sufficient?

wingzero54 commented 2 years ago

It's hard to know, is there likely to be more than one maker using the same factories or groups? Would group + short code like HJI-c71f suffice to allow multiple codes per group with reasonable expectation that someone else on your group won't try to copy you? Could also result in people re-rolling secure plates until they get one with a suffix they like (HJI-1234) but that is probably getting into more wordbank-y solutions

Maxopoly commented 2 years ago

Well the group doesn't have to be the one the factory is reinforced on, just one the person running it has sufficient perms on. I am not actually sure how secure notes even work, but if someone makes a proper feature spec of how they want it to work I can implement it.

Lodish commented 2 years ago

I'd be a fan of the character's being reduced, the long code stretches the note out, for instance I never used secure notes for CivTCG cards (risking someone making forfeit cards) because how bad the stretching made the cards look. An 8 digit code would still have 2,612,182,843,000 combinations

wingzero54 commented 2 years ago

Considering using brute force to duplicate a secure printing plate isn't as easy as computing the combinations, 8 hex characters do have a pretty high level of entropy. What do you think Max? Creating millions of secure printing plates trying to find a collision would be pretty crazy, but then again there are crazy people that play civ

wingzero54 commented 2 years ago

Looks like right now the secure note code is just the uuid of the book used to make the printing plate

Lodish commented 2 years ago

Looks like right now the secure note code is just the uuid of the book used to make the printing plate

err are you sure? I could have sworn if you make more than one plate from the same book they all have different codes. I could be wrong though.

Maxopoly commented 2 years ago

8 Hex characters is 32 bit, which is trivial to brute force offline (only need a few plates for that as reference). Would be fine if we use sufficient input entropy though, for example hashing the UUID and some secret seed from the config.

Gjum commented 2 years ago

doesn't have to be hex, 8 digits base64 gives 48 bits, and we can even use special chars with less horizontal width like |iIl,.:;'

we can also hide the identifier completely (different nbt key, not lore)

human friendly validation could be done through some command, for example /checkhelditem $namelayergroup tells you that the item was made through a process that requires the creator having some "secure_note" permission in that nl group

wingzero54 commented 2 years ago

8 Hex characters is 32 bit, which is trivial to brute force offline (only need a few plates for that as reference). Would be fine if we use sufficient input entropy though, for example hashing the UUID and some secret seed from the config.

I think this is the best option, let's add a secret config seed to hash the UUID's into 8 hex characters. Going off #14 , would this enable us to secure stamp other items as well using their UUID?

Lodish commented 2 years ago

which is trivial to brute force offline

I'm not sure what this would even mean, how do you brute force running a factory recipe offline? I'm not even sure its a problem if someone could expend a huge amount of charcoal, iron and time on the chance of making a perfect counterfeit.

human friendly validation could be done through some command, for example /checkhelditem $namelayergroup tells you that the item was made through a process that requires the creator having some "secure_note" permission in that nl group

What does a namelayer group have to do with anything? I think what is effectively checking the stamp on a physical good is much more intuitive than a command.