| title | Routing V1 HTTP Delegated Routing Reader Privacy Upgrade | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| description | This specification outlines the Delegated Routing Reader Privacy Upgrade, representing an incremental enhancement to the HTTP Delegated Routing API. It seamlessly integrates with the existing API, adopting its formats and design principles, to ensure continuity and coherence while offering improved privacy protections. | ||||||||||||||||||||
| date | 2023-05-31 | ||||||||||||||||||||
| maturity | reliable | ||||||||||||||||||||
| editors |
|
||||||||||||||||||||
| order | 1 | ||||||||||||||||||||
| tags |
|
This specification details the implementation of a new HTTP API for Privacy Preserving Delegated Content Routing provider lookups. It represents an expansion of the HTTP Delegated Routing API, embracing its formats and design principles.
All salts below are 64-bytes long and represent a string padded with \x00.
-
SALT_DOUBLEHASH: The string valueCR_DOUBLEHASH, where each if the 13 characters are represented by their byte value. The remainder of the 64 bytes is filled with null bytes represented by\x00. This results in 51 null bytes after theCR_DOUBLEHASHstring. The following illustrates its corresponding byte frame diagram:+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ | C | R | _ | D | O | U | B | L | E | H | A | S | H | \x00...\x00 | +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ <---------------------------- 64 Bytes --------------------------->For reference, the following snippet represents the hex dump of the above, where each character of
CR_DOUBLEHASHis represented by its ASCII hexadecimal equivalent, and the null bytes are represented by "00":43 52 5F 44 4F 55 42 4C 45 48 41 53 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -
SALT_ENCRYPTIONKEY: The string valueCR_ENCRYPTIONKEY, where each if the 15 characters are represented by their byte value. The remainder of the 64 bytes is filled with null bytes represented by\x00. This results in 49 null bytes after theCR_ENCRYPTIONKEYstring. The following illustrates its corresponding byte frame diagram:+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ | C | R | _ | E | N | C | R | Y | P | T | I | O | N | K | E | Y | +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ | \x00...\x00 | +---+---+---+ <---------------------------- 64 Bytes --------------------------->For reference, the following snippet represents the hex dump of the above, where each character of
CR_ENCRYPTIONKEYis represented by its ASCII hexadecimal equivalent, and the null bytes are represented by "00":43 52 5F 45 4E 43 52 59 50 54 49 4F 4E 4B 45 59 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
These magic values are utilized to compute distinct digests from identical values for varying purposes. For instance, a hash of a Multihash employed for lookups should differ from the one used for key derivation, despite originating from the same value. To achieve this, the Multihash is concatenated with different magic values before applying the hash function: SALT_DOUBLEHASH for lookups and SALT_ENCRYPTIONKEY for key derivation as elaborated in the Glossary.
encrefers to AESGCM encryption. The notationenc(passphrase, nonce, payload)will be used henceforth in this specification.hashdenotes SHA256 hashing.||signifies concatenation of two values.deriveKeypertains to the derivation of a 32-byte encryption key from a passphrase, performed ashash(SALT_ENCRYPTIONKEY || passphrase).CIDstands for Content IDentifier.MHrefers to the Multihash contained in aCID. It corresponds to the hash function's digest over certain content.HASH2is a second hash over the multihash. Second Hashes must follow theMultihashformat withSHA2_256codec. The digest must be calculated ashash(SALT_DOUBLEHASH || MH).ProviderRecordis a JSON with Provider Record as described in the HTTP Delegated Routing Specification.ProviderRecordKeyis a concatenation ofpeerID || contextID. Explicit encoding lengths are unnecessary as they are inherently encoded as part of the multihash format. MaxcontextIDlength is 64 bytes.EncProviderRecordKeyisNonce || enc(deriveKey(multihash), Nonce, ProviderRecordKey). MaxEncProviderRecordKeyis 200 bytes.HashProviderRecordKeyis a hash overProviderRecordKey, calculated ashash(SALT_DOUBLEHASH || ProviderRecordKey).Metadataare free-form bytes that can represent such information such as IPNI metadata. MaxMetadatalength is 1024 bytes.EncMetadataisNonce || enc(deriveKey(ProviderRecordKey), Nonce, Metadata). MaxEncMetadatalength is 2000 bytes.
:::note
Maximum allowed lengths may change without incrementing the API version. Such fields as contextID or Metadata are free-form bytes and their maximum lengths can be altered in the underlying protocols.
:::
200(OK): the response body contains one or more records404(Not Found): must be returned if no matching records are found422(Unprocessable Entity): request does not conform to schema or semantic constraints
{
"EncProviderRecordKeys": [
"EBxdYDhd.....",
"IOknr9DK....."
]
}
Where:
EncProviderRecordKeysis a list of base64 encodedEncProviderRecordKey;
200(OK): the response body contains one record404(Not Found): must be returned if no matching records are found422(Unprocessable Entity): request does not conform to schema or semantic constraints
{
"EncMetadata": "EBxdYDhd....."
}Where:
EncMetadatais a base64 encodedEncMetadata;
Assembling a full ProviderRecord from the encrypted data requires multiple server roundtrips. The first fetches a list of EncProviderRecordKeys, followed by one for each EncProviderRecordKey to retrieve EncMetadata. To minimize the number of roundtrips to one, the client implementation should use the local libp2p peerstore for multiaddress discovery and libp2p multistream select for protocol negotiation.