From d7f1f25bf542531efaa9bdaa4511e53a9750fc44 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Raynaud Date: Tue, 7 Oct 2025 12:57:56 +0200 Subject: [PATCH 1/5] Update implementation plan --- CIP-0137/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/CIP-0137/README.md b/CIP-0137/README.md index 65cddeda7d..8b65cc2223 100644 --- a/CIP-0137/README.md +++ b/CIP-0137/README.md @@ -706,15 +706,15 @@ the KES key. - [x] Validate protocol behaviour with all relevant parties (Network and Node teams). - [x] Make the current Cardano Network Diffusion Layer general and reusable so a new, separate Mithril Diffusion Layer can be instantiated. - See [here](https://github.com/IntersectMBO/ouroboros-network/wiki/Reusable-Diffusion-Investigation) and [here](https://github.com/IntersectMBO/ouroboros-network/pull/5016) -- [ ] Implement DMQ Node that is able to run general diffusion (i.e. without the mini-protocols). +- [x] Implement DMQ Node that is able to run general diffusion (i.e. without the mini-protocols). - See [here](https://github.com/IntersectMBO/ouroboros-network/pull/5109) -- [ ] Implement the n2n and n2c mini-protocols: - - [ ] Haskell DMQ Node: - - [ ] n2c mini-protocols - - [ ] n2n mini-protocols - - [ ] Pallas Library (TxPipe): +- [x] Implement the n2n and n2c mini-protocols: + - [x] Haskell DMQ Node: - [x] n2c mini-protocols - - [ ] n2n mini-protocols + - [x] n2n mini-protocols + - [x] Pallas Library (TxPipe): + - [x] n2c mini-protocols + - [x] ~~n2n mini-protocols~~ (will be done in a separate stream of work) - [x] Implement the n2c mini-protocols in Mithril nodes: - [x] Mithril signer - [x] Mithril aggregator From 2ba19babbd9900e8bd6daf9971f21cd6d908eff4 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Raynaud Date: Tue, 7 Oct 2025 12:58:22 +0200 Subject: [PATCH 2/5] Update CDDL for DMQ message --- CIP-0137/README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/CIP-0137/README.md b/CIP-0137/README.md index 8b65cc2223..2c0d06eea1 100644 --- a/CIP-0137/README.md +++ b/CIP-0137/README.md @@ -151,7 +151,7 @@ messageList = [ * message ] messageSizeInBytes = word32 kesSignature = bstr kesPeriod = word32 -operationalCertificate = [ bstr, word64, word64, bstr ] +operationalCertificate = [ bstr .size 32, word64, word64, bstr .size 64 ] coldVerificationKey = bstr .size 32 expiresAt = word32 @@ -162,9 +162,9 @@ messagePayload = [ , expiresAt ] message = [ - bstr .cbor messagePayload + messagePayload , kesSignature - , bstr .cbor operationalCertificate + , operationalCertificate , coldVerificationKey ] ``` @@ -245,7 +245,7 @@ For a total of **3,100** Cardano SPOs on the `mainnet`, on an average **50%** of ##### Message authentication mechanism -The payload part of the message (message id, message body, KES period and expiration timestamp fields encoded as CBOR) is signed with the KES key of the SPO. The message is composed of the aforementioned payload (encoded as CBOR bytes), the KES signature (raw bytes), the operational certificate (the KES public key, the issue number of the operational certificate, the KES period at the time of creation of the operational certificate and their cold signing key signature, encoded as CBOR bytes) and the cold verification key (raw bytes) are appended to the message. +The payload part of the message (message id, message body, KES period and expiration timestamp fields) is signed with the KES key of the SPO (the message signed is the CBOR encoding of the payload: `bstr .cbor messagePayload`). The message is composed of the aforementioned payload (encoded as an array), the KES signature (raw bytes), the operational certificate (the KES public key, the issue number of the operational certificate, the KES period at the time of creation of the operational certificate and their cold signing key signature, encoded as an array) and the cold verification key (raw bytes) are appended to the message. Before being diffused to other peers, an incoming message must be verified by the receiving node. This is done with the following steps: @@ -479,7 +479,7 @@ messageId = bstr messageBody = bstr kesSignature = bstr kesPeriod = word64 -operationalCertificate = [ bstr, word64, word64, bstr ] +operationalCertificate = [ bstr .size 32, word64, word64, bstr .size 64 ] coldVerificationKey = bstr .size 32 expiresAt = word32 @@ -490,9 +490,9 @@ messagePayload = [ , expiresAt ] message = [ - bstr .cbor messagePayload + messagePayload , kesSignature - , bstr .cbor operationalCertificate + , operationalCertificate , coldVerificationKey ] ``` @@ -576,7 +576,7 @@ messageId = bstr messageBody = bstr kesSignature = bstr kesPeriod = word64 -operationalCertificate = [ bstr, word64, word64, bstr ] +operationalCertificate = [ bstr .size 32, word64, word64, bstr .size 64 ] coldVerificationKey = bstr .size 32 expiresAt = word32 @@ -587,9 +587,9 @@ messagePayload = [ , expiresAt ] message = [ - bstr .cbor messagePayload + messagePayload , kesSignature - , bstr .cbor operationalCertificate + , operationalCertificate , coldVerificationKey ] From e3d1422b0cb20fc0f453a8c0e378229550f554e6 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Raynaud Date: Fri, 10 Oct 2025 08:21:17 +0200 Subject: [PATCH 3/5] Fix typo --- CIP-0137/README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/CIP-0137/README.md b/CIP-0137/README.md index 2c0d06eea1..5859377010 100644 --- a/CIP-0137/README.md +++ b/CIP-0137/README.md @@ -511,10 +511,6 @@ The protocol follows a simple request-response pattern: #### State machine -| Agency | | -| ----------------- | ---------------------------------------- | -| Client has Agency | StIdle | -| Server has Agency | StBusyNonBlocking,StBusyBlocking, StDone | | Agency | | | ----------------- | ---------------------------------------- | | Client has Agency | StIdle | From 522a0b247445153ae35c84d4016a826c381fe58b Mon Sep 17 00:00:00 2001 From: Jean-Philippe Raynaud Date: Fri, 10 Oct 2025 15:05:43 +0200 Subject: [PATCH 4/5] Update CDDLs for n2c local message notification --- CIP-0137/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CIP-0137/README.md b/CIP-0137/README.md index 5859377010..ee3e928354 100644 --- a/CIP-0137/README.md +++ b/CIP-0137/README.md @@ -564,8 +564,8 @@ localMessageNotificationMessage / msgClientDone msgRequestMessages = [0, isBlocking] -msgReplyMessagesNonBlocking = [1, messages, hasMore] -msgReplyMessagesBlocking = [2, messages] +msgReplyMessagesNonBlocking = [1, [*sig.message], hasMore] +msgReplyMessagesBlocking = [2, [+sig.message]] msgClientDone = [3] messageId = bstr From de22dae5502f37fd81cb351281288497bd2300a4 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Raynaud Date: Tue, 14 Oct 2025 15:55:37 +0200 Subject: [PATCH 5/5] Fix CDDLs for n2c local message notification --- CIP-0137/README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/CIP-0137/README.md b/CIP-0137/README.md index ee3e928354..d3e312d25e 100644 --- a/CIP-0137/README.md +++ b/CIP-0137/README.md @@ -564,8 +564,8 @@ localMessageNotificationMessage / msgClientDone msgRequestMessages = [0, isBlocking] -msgReplyMessagesNonBlocking = [1, [*sig.message], hasMore] -msgReplyMessagesBlocking = [2, [+sig.message]] +msgReplyMessagesNonBlocking = [1, [* message], hasMore] +msgReplyMessagesBlocking = [2, [+ message]] msgClientDone = [3] messageId = bstr @@ -591,7 +591,6 @@ message = [ hasMore = false / true isBlocking = false / true -messages = [* message] ``` ## Rationale: how does this CIP achieve its goals?