search

PeaceFounder / PeaceFounder.jl

Centralised E2E verifiable evoting via pseudonym braiding and history trees
http://peacefounder.org
Apache License 2.0
17 stars 1 forks source link

Making the registration invite codes shorter and better #15

Closed JanisErdmanis closed 8 months ago

JanisErdmanis commented 10 months ago

The current invitation format, while functional, is rather verbose. It takes up too much space in the email, and the size of it can be offputting to users who need to copy and paste it. Another consideration is that the code could perhaps be made clickable, similar to how a magnet link works for torrent clients now.

As a reference, the current invite that PeaceFounder sends over email is as follows:

{"demehash":"8fd0ddc86f5ef0cf89a52bbb2f1f19b1b33ed53e73ce5a05da6fd9da3e94a4a7",
"route":"http://192.168.1.16:4584",
"hasher":"sha256",
"token":"2b148f52bc5a2f220b8e6f61b2b013c364ccb7050a0c397ec199413ebc923cb2",
"ticketid":"e9ef0fc87e04556487c656229fd140bd"}

There are three improvements which can be made to make the invites better:

  1. Removing ticketid from Invites: The ticketid field can be eliminated from the invite structure. Instead, we can use the token to derive a sessionid by hashing the token.

  2. Adopting a Magnet Link Inspired Format: Transitioning from JSON to a magnet link-inspired format will further streamline the invitation system. The proposed format is more compact and human-readable, which is beneficial for both use and debugging:

deme:xt=sha256:8fd0ddc86f5ef0cf89a52bbb2f1f19b1b33ed53e73ce5a05da6fd9da3e94a4a7&sr=http://192.168.1.16:4584&tk=2b148f52bc5a2f220b8e6f61b2b013c364ccb7050a0c397ec199413ebc923cb2
  1. Optimizing Token and Hash Lengths: Considering the short-lived nature of these tokens and the subsequent signing with a digital identity provider, we can limit the token range for efficiency. Additionally, truncating the hash to 128 bits should maintain reasonable security. This approach will further reduce the invite size: 
deme:xt=sha256:8fd0ddc86f5ef0cf89a52bbb2f1f19b1&sr=http://192.168.1.16:4584&tk=2b148f52bc5a2f22

This format maintains readability, which is essential for debugging while ensuring the invite is concise.

JanisErdmanis commented 8 months ago

After the last commit https://github.com/PeaceFounder/PeaceFounder.jl/commit/0440fffb9e9a29bd74cbe880251ff78d68ba7947 the ticketid is now been made redundant for the client registration. Next step is to remove it from the sent invite and refactor ticket struct to have a tokenid as cache.

JanisErdmanis commented 8 months ago

An invite to a deme now has a following short form:

deme:?xt=sha256:FLSdIo-DzJZf_geHi8eO8kMzmLOZo8axdA5fcO_y8dM&sr=http://peacefounder.org&tk=rROIpybpRBk

where hash and token is encoded with bas64 encoding with replacements '+'=>'-' and '/'=>'_'. The token is limited to 8 bytes which is sufficient as probability for adversary guessing it is $P=1/10^{20}$.