Requests for forwards (!4) · Merge requests · dark crystal java / dark-crystal-key-backup-message-schemas-java

peg requested to merge requests-for-forwards into master Jun 10, 2020

Currently, requests can only be used to request messages to be sent to the original secret owner. This is the 'happy case' where the secret was not the thing securing our account itself, so the custodian can be sure they are sending the shard to the right person.

However this is often not the case, and the custodian needs to 'forward' a shard to a new identity.

It is currently difficult to make a request for a forward, because the request message contains the root id, which the new identity will not have access to for the first shard they request.

So here we allow request messages to contain either the rootid or the public key of the original secret owner. It is up to the application to decide how to interpret the latter. Either:

It can disallow these kinds of requests (by ignoring them)
It can forward all shards authored by that public key (and the nature of the application might mean there is only ever one type of secret - eg: the secret is always the associated private key)
It can follow some application-specific rule. Eg: Simply give the most recent shard authored by that key, or one which is marked with some extra application-specific metadata.

So this PR updates the schema for a request. This is a non-breaking change - original tests still pass.

Edited Jun 10, 2020 by peg

Requests for forwards

Merge request reports