IETF Logo Mail Archive

Re: [Sat] Burn-Assertion and Mint-Assertion messages

Venkatraman Ramakrishna <vramakr2@in.ibm.com> Tue, 21 March 2023 17:59 UTC

Return-Path: <vramakr2@in.ibm.com>
X-Original-To: sat@ietfa.amsl.com
Delivered-To: sat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E118C14CE30 for <sat@ietfa.amsl.com>; Tue, 21 Mar 2023 10:59:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ibm.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TvI6EzbYFGL6 for <sat@ietfa.amsl.com>; Tue, 21 Mar 2023 10:59:11 -0700 (PDT)
Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 794E3C14CF1F for <sat@ietf.org>; Tue, 21 Mar 2023 10:59:11 -0700 (PDT)
Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 32LH1BTJ016669; Tue, 21 Mar 2023 17:59:10 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pp1; bh=goAIdp8nfcJNV8gweVgXz7FAWZjj72dqDLSwLPq0evs=; b=douzPn45cJn3K4TlEwY8ZRY7YHv3DPnsvYWZq/bUw3/SMJikoV14JXCpqTWRHQtKElTz Otwclt9tnzwuzVvwARhwHt1tmZPRDM4IjmrvQMDO8zfOKxuasNdSTsedk31p6JdrvRdT VWEXTC6ZyLdtlXs1QslTbOL1X+GmExRj7Y04OZfijpieGXUnqtjd47OKQ4Q35EcQCY+9 8VXducjVyqbpiXcVU/9wuwg/hwg743ZjiHa0DrJCigXmUSaBftw0eWiVnPBMtAUwvtiS Un6VwqwDLTVvdzIgEq8xgjdxYKA+BLLIfVPDqrvd6/8km2QZHQFuaFbwsj5cKlik35EG ww==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2104.outbound.protection.outlook.com [104.47.58.104]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3pf9246b4t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Mar 2023 17:59:09 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QNx2NrWW6na+tX/G/VepTDHPrKVnmhot2eoaL/bNjbY9gXx/Vz0mylIfk8eyut5CIZOgzVA81zZL240x++L+t4HaYRQWSfZT+AO7VwLtE7+aECYxvjs8MEV7ogUxNY9y8r3LJ4asnAxjTJJLFLJ960+2PoMYY7KlPqFipC2E8pQLIIKlTQmqlwZNcE+cGL4uUbg2v4ml7mtGRqqqG0H1c/G0B+R0mq2D3VXhzjE1/zA2ViEisPj4ZvxThv07mmB9aJpTowDdXoiIn4UafromTHbfUfLG4OPGO7E8d6VJ+DCOJ/cbTbkgZkxccdPmdsad4TOCQWXLiFznAew/Pd5u7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dCUUEKoCojGaDBUyDRvEik9GUQs9BrPs4wGRZXhGkoU=; b=P2XHVV9dSlYonJfh2cGQqNgsOCilO03XtJelLtzY51vLVaXxirrcDnkVO5iT7hzIGpoe6o/QVNLQmjraoUs6c7ytvfOcaRzPOR4JLZVX0GvcGo1el2vMt95fYYiNloZqP/BDpSqZpXErkLPOmUy8TUVCGdE2x0xV2+TYUDX/6nfD8sMSgtxGF6rvk0KhZRd/DAuifVScE5wR3E8nIJMnABo6+pJnMeEmCJwEZ5SbFPqnIaz+iTHarOKOmVO90eaFif18Tqq1LX4i9Y2riggASg1+GHc3RguktrXQntkaScMsxvgHvEIeeYS3j5/WkeXDFVtBNsBhH+daIfbvNJQJMw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=in.ibm.com; dmarc=pass action=none header.from=in.ibm.com; dkim=pass header.d=in.ibm.com; arc=none
Received: from BYAPR15MB2277.namprd15.prod.outlook.com (2603:10b6:a02:92::30) by BLAPR15MB3972.namprd15.prod.outlook.com (2603:10b6:208:27c::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.37; Tue, 21 Mar 2023 17:59:07 +0000
Received: from BYAPR15MB2277.namprd15.prod.outlook.com ([fe80::4e24:17a0:3cef:948f]) by BYAPR15MB2277.namprd15.prod.outlook.com ([fe80::4e24:17a0:3cef:948f%4]) with mapi id 15.20.6178.037; Tue, 21 Mar 2023 17:59:07 +0000
From: Venkatraman Ramakrishna <vramakr2@in.ibm.com>
To: Thomas Hardjono <hardjono@mit.edu>, Denis Avrilionis <denis@compell.io>
CC: "sat@ietf.org" <sat@ietf.org>
Thread-Topic: [Sat] Burn-Assertion and Mint-Assertion messages
Thread-Index: AQHZS6pe8GeW3xAkUkujKYGFDINGf68FcjuAgAAxyVA=
Date: Tue, 21 Mar 2023 17:59:07 +0000
Message-ID: <BYAPR15MB2277132E32C2ACAF7AEA34A0B8819@BYAPR15MB2277.namprd15.prod.outlook.com>
References: <fad85665012c41b898bdb99732a01157@oc11expo23.exchange.mit.edu> <BYAPR15MB227742E676FD905CC592D708B8AC9@BYAPR15MB2277.namprd15.prod.outlook.com> <47d44fc2e27048eeab53c806f60cfcc0@oc11expo23.exchange.mit.edu> <BYAPR15MB2277AA090909E318D8620544B8AC9@BYAPR15MB2277.namprd15.prod.outlook.com> <bd33c32626614a5a8daa8caa56a60e55@oc11expo23.exchange.mit.edu> <488929ce6bd24c418abb6a4027f3b4da@oc11expo23.exchange.mit.edu>, <6D3D3A5B-7FCB-4AC4-8575-3A8CA95655B5@compell.io>, <b0efe0a5c2534ad586e0de399c8be586@oc11expo23.exchange.mit.edu> <dd2e8a6ed10c417c8933f7a77997ca27@oc11expo23.exchange.mit.edu>
In-Reply-To: <dd2e8a6ed10c417c8933f7a77997ca27@oc11expo23.exchange.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BYAPR15MB2277:EE_|BLAPR15MB3972:EE_
x-ms-office365-filtering-correlation-id: 2c6e0915-26ad-40a6-b5a3-08db2a35f73d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: zeJ+iwDKp7mcLINSgquYmYicpzdvMyqSTV1TbNTO2R2F3nhxjJrs3/BMmVVuevO5IWoiyQ9AJOAFvQCSLp3710K3ff9zWbWyu2FTrfxocsZajSiqpPfYETptoQ4YjyttqdZDz00XWMLrWz7codpTQbh6IMKuRQV1CbrkIrdnRmJOUqfQr4d9ByxTYzMjRuRUYxvrzE9sw6ft562/nxuivz9mCQ4iiFiZ7wGYfzXT2d7fmGFuHIoaQi2luMoUPuGeOxgH4Jdimq1LeA/RsUjooC6SKG7iJ60iE4NyCHA8GkoL8Av58FUu0SLdzJqDxEnyUF/pS2A9PxvpOS5ye17MK0xsAhJwMiv56oVtxtmxxL5nylkCsgpQfszcap20/9i0PU/GMp+O710nOXwQAlIlCKLt2/n83sR5bXnwwgcKsS1EOLd7fFgWMAev4w0hky5UhEfL4pd9ERStp3+0uQoRvaH66YlcGsF/OyTPo5jcEzx2qrIBF0dqGLMi1a16Avhyim3ZUF+yLl4mXhA97BfkYvi7mpwsbrZC1rLm3PDSF4QqUdBoHRH43maPeuRRXCmQhuzThJ8c93rNDZ30DPFeN7baKR8poUwlJep2mLAkCg1tWjEMLhZV848iu/y4vnGRmk2/6ABMuuNtaCDx/fMwUxlIcuchHz2vMG1Kc+2RDdn0rHmb/r/oKfMm5xKpQdOt
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR15MB2277.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(396003)(366004)(136003)(39860400002)(376002)(346002)(451199018)(8936002)(52536014)(53546011)(6506007)(5660300002)(26005)(76116006)(966005)(478600001)(71200400001)(33656002)(55016003)(41300700001)(66556008)(4326008)(66946007)(7696005)(66446008)(8676002)(66476007)(64756008)(38070700005)(83380400001)(30864003)(122000001)(38100700002)(316002)(186003)(9686003)(15650500001)(2906002)(110136005)(86362001)(66899018); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wgyOi54mLpLAosZ1SfF5bUh2y7DRdf+ZEMxUHO9LS8+EeMNcoGiNeE5tDp2sMEidsPF6hJzoznJSBIUGDKkYB44ozwMnr3SvIBFRxgY4z3nLbvm039N3wuVrEHXzojq0kfTT22wHoGE22Gg9UMWfsftwmS+Xg2JM0bgMB4hBKpD153cJaIcD2yHau5lwCwtirIRVmTn00Nwt+Asc1L+21/N6kL4y1BevcE/4905/5sulGDqKIgGfDMFzya9bLbghuufsS6LcOKxDYM+KwL8J7Kbd2RjMglM75x0oMFrZ+yL6PxM5EoOU+DJTf6ZtZCSMaVmzYaai/72UMBrhisImFwpfBJBDy2IJai/KMJUT/ZdwfKJw2g3KPq4do9D4m1sO/IcJxV57J9UpFZjLiF+0vqcEsTtSRWxI7Ey52OIGoNxOPqXUoHunup66olUXC/ODGvap1RyT2kkZsvxMfL7OFiHjNcbVJd/vySfvvh03H2XR3eXl/Jkt0/JRNmSBzHOF5KqIEzHjk+vXUeuk+dMgh+IED9497ZzClVEX8yj3QGjjQy8w1o7kneZJ6isSaxvxQ7StNDRUUKWpby5JgBU8DwW5iuDyV9YddYHB+RSRS3JhEsl1MdGl5Mzf5RmJX14L3C5n3yqXKCJbvRgkGjSXpzO15EBOQ4AsOm+mfHrvK6C31DycqVnofNSYjX6QrDz0t9Eohkcnt3uupstxk/xweEni9jq846kF87EGLAtZ6VIQh8HCBwD3kEI1DAgAezxTOHTTjOtxePh0ZK0VlXdL3oDweQQl6dxMV5LKjxTGsyEEgOUT7yNKVfKLQ84JLOeg4u7gHBGVSZEY/IWoelCMZ180AYljN3+F+bXOIGmXIh2hyf1Vx5RiUisYtmSHD78UokmF+sMhnU6LXE0faDbVnBM5OudDG8w5mVpOETqF622CI46wukNmCHoP9ytftnkBabsnUrPYAXczwdc/ehVbv/Knr2m6C5k10JF5PW/F5xCbJxgfk/EiHhguM/c+ZiXGnArWT0tGj112ICvBow8DUXhiQTnO5CDHGE7spEG46tEyqN0FuSiuxBFp4ST60+nrT7Y8HprgoMwNiMByhzbVZ/PYvnUMhon6dCC6CV1HL3zceZ8/g19viDvC+9zS7sGiPBe7B5J7xlLCAiFgfVJyayYMZtbvO/KazkWUlJyjKYxuRKBSurmZ6M2F3y8TbDzQKudGcAF/gFTzwXhExjGQTs+aBxGoypyEWjqY8higBSBBFxYEQyUy/Y8owdeDPqKaF0MA/NBeFC6kWQWVajjlFSVtRsPZ1h22s22pBYaYFJZrocRSJ3HftwZ4c3Xx7NERj/+/aPtVYBtJxuq2WVAoplPGsStZXeIwNcDFCmb8e9URoYO4zj36ZMLo+3LT3ZYf61BT5XSO2DX/+8ApuohG7wRiOTEW/RtRlUuD+4JWr1xiFufydTpSUomz51wi5VX4SzQsE64Yqoll9dq3AIDIe5VM30ASBC17P+U7PquBScuWjXnkguND0cY9G0OTn9c+nxIEmsbKAtJp3FHkKomeseWeVR4ldPNwp1uqu8w3vTojoEmp7durayN6vQOD0tK9
Content-Type: text/plain; charset="us-ascii"
X-OriginatorOrg: in.ibm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR15MB2277.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2c6e0915-26ad-40a6-b5a3-08db2a35f73d
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2023 17:59:07.2238 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: fcf67057-50c9-4ad4-98f3-ffca64add9e9
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: N64ZDb6XYMZ6S7Holkozv7/OVDltepFynwdzhJ10lWfl312ulp6jJsFgsFmvIFaOMautML7VmdUpT1wVEP1Knw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR15MB3972
X-Proofpoint-GUID: 3BrP3iTZy70OV8Wn8EDjngaG9e8B1hSn
X-Proofpoint-ORIG-GUID: 3BrP3iTZy70OV8Wn8EDjngaG9e8B1hSn
Content-Transfer-Encoding: quoted-printable
X-Proofpoint-UnRewURL: 4 URL's were un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-21_11,2023-03-21_01,2023-02-09_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 spamscore=0 malwarescore=0 lowpriorityscore=0 bulkscore=0 phishscore=0 clxscore=1015 impostorscore=0 mlxscore=0 priorityscore=1501 mlxlogscore=999 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303150002 definitions=main-2303210139
Archived-At: <https://mailarchive.ietf.org/arch/msg/sat/4SfLFfHb7rdTjX0nGbd_psGySdA>
Subject: Re: [Sat] Burn-Assertion and Mint-Assertion messages
X-BeenThere: sat@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "The purpose of this mailing-list is to discuss the secure asset transfer \(SAT\) protocol and related aspects." <sat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sat>, <mailto:sat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sat/>
List-Post: <mailto:sat@ietf.org>
List-Help: <mailto:sat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sat>, <mailto:sat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2023 17:59:13 -0000

Thomas,

So a function will be evaluated in Stage 1 that looks something like this, right: f([<assetId>, <assetProfileId>]) = <Session-ID>

If this is a one-way function, one can't recover the inputs given just the output. Then I think we will need to keep those fields in the Burn-assertion JSON as the receiving network (behind G2) may very well need to do some bookkeeping in its ledger based on those asset attributes (the same logic holds for other assertions). But if those values can be unambiguously extracted from <Session-ID>, then they don't need to be explicitly added to the JSON, strictly speaking.

Rama

-----Original Message-----
From: Thomas Hardjono <hardjono@mit.edu> 
Sent: 21 March 2023 20:23
To: Denis Avrilionis <denis@compell.io>; Venkatraman Ramakrishna <vramakr2@in.ibm.com>
Cc: sat@ietf.org
Subject: [EXTERNAL] RE: [Sat] Burn-Assertion and Mint-Assertion messages


Folks,

Just revisiting this in preparation for IETF116 next week.

Burn-assertion (lock-assertion):

{
"gatewayId": "did:gateway:tz:tz1aaYoabvj2DQtpHz74Z83fSNjY29asdBfZ",
"networkId": "tezos:NetXdQprcVkpaWU",
"assets": [{
"assetId": "tezos:NetXdQprcVkpaWU/tzip16:tz1YWK1gDPQx9N1Jh4JnmVre7xN6xhGGM4uC/1",
"assetData": {},
"assetProfileId": "tezos:NetXdQprcVkpaWU/tzip16:tz1CAK1gDPQx9N1Jh4JnmVre7xN6xhGGM433/1",
"assetState": "Burned",
"assetStateTimestamp": "2023-02-22T20:20:39+00:00"
}]


Question:  should the Burn-Assertion message (msg 2.6) and the Commit-Ready (that carries the Mint-Assertion) indicate a Session-ID?

Sorry if its unclear, let me rephrase:  if G1 and G2 already agreed on the assetId and assetProfileId early in Stage-1 (before Transfer-Commence msg 2.1) and that this agreement results in a jointly-derived Session-ID value, should these assertions be less verbose and simply mention Session-ID?

Or do we need to actually carry assetId and assetProfileId values in these assertions? 


SAT-Core (draft-hargreaves) currently has this payload for the Transfer-Commence (Section 81. in the text):

          {
          "message_type": "urn:ietf:satp:msgtype:transfer-commence-msg",
          "session_id":"9097hkstgkjvVbNH",
          "originator_pubkey":"zGy89097hkbfgkjvVbNH",
          "beneficiary_pubkey": "mBGHJjjuijh67yghb",
          "sender_net_system": "originNETsystem",
          "recipient_net_system":"recipientNETsystem",
          "client_identity_pubkey":"fgH654tgeryuryuy",
          "server_identity_pubkey":"dFgdfgdfgt43tetr535teyrfge4t54334",
          "hash_asset_profile":"nbvcwertyhgfdsertyhgf2h3v4bd3v21",
          "asset_unit": "ghytredcfvbhfr",
          "hash_prev_message":"DRvfrb654vgreDerverv654nhRbvder4",
          "client_transfer_number":"ji9876543ewdfgh",
          "client_signature":"fdw34567uyhgfer45"
          }




Thoughts?


best


--thomas






________________________________________
From: sat [sat-bounces@ietf.org] on behalf of Thomas Hardjono [hardjono@mit.edu]
Sent: Tuesday, February 28, 2023 2:24 PM
To: Denis Avrilionis; Venkatraman Ramakrishna
Cc: sat@ietf.org
Subject: Re: [Sat] Burn-Assertion and Mint-Assertion messages

Hi Denis,

>>> Maybe we shall keep the network assertions messages (related to the 
>>> Gateway <-> Network communication) decoupled from the messages 
>>> exchanged between gateways. However, messages between gateways may 
>>> include references to network assertions. For example, the 
>>> "Burn-Assertion" message below could be included as a reference in message 3.6 from G1 to G2. (That way, all network <-> gateway messages remain unchanged if for any reason we modify the sequence of messages between gateways).

Yes ideally all signed assertions (e.g. in JSON) must be standalone in the sense that the signed-assertion blob can be: (i) included in the message (e.g. part of HTTP body), or (ii) be storable elsewhere with a hash/reference of the blob included in the actual message.


--thomas





________________________________________
From: Denis Avrilionis [denis@compell.io]
Sent: Tuesday, February 28, 2023 2:02 PM
To: Thomas Hardjono; Venkatraman Ramakrishna
Cc: sat@ietf.org
Subject: Re: [Sat] Burn-Assertion and Mint-Assertion messages

Dear Thomas, Rama, Alex,

Regarding including hashes of messages / nonces, I understand this is to create an order in the sequence of exchange between gateways.

Maybe we shall keep the network assertions messages (related to the Gateway <-> Network communication) decoupled from the messages exchanged between gateways. However, messages between gateways may include references to network assertions. For example, the "Burn-Assertion" message below could be included as a reference in message 3.6 from G1 to G2. (That way, all network <-> gateway messages remain unchanged if for any reason we modify the sequence of messages between gateways).

Regarding the sequence of messages, all messages between Gateways can be defined with explicit numbers (as shown in the message flow diagram). Given that we also have a SATP instance ID that defines a specific exchange between two gateways, the couple [<SATP Instance ID>, <message flow number>] is equivalent to a nonce. (note: we should make sure all possible messages between gateways are defined and numbered, including all rollback cases too).

Denis


On 28 Feb 2023, at 17:09, Thomas Hardjono <hardjono@mit.edu<mailto:hardjono@mit.edu>> wrote:



Following Denis' model for the Lock-Assertion, for the Burn-Assertion do we need only to change the assetState to become "Burned" and include the timestamp:

{
"gatewayId": "did:gateway:tz:tz1aaYoabvj2DQtpHz74Z83fSNjY29asdBfZ",
"networkId": "tezos:NetXdQprcVkpaWU",
"assets": [{
"assetId": "tezos:NetXdQprcVkpaWU/tzip16:tz1YWK1gDPQx9N1Jh4JnmVre7xN6xhGGM4uC/1",
"assetData": {},
"assetProfileId": "tezos:NetXdQprcVkpaWU/tzip16:tz1CAK1gDPQx9N1Jh4JnmVre7xN6xhGGM433/1",
"assetState": "Burned",
"assetStateTimestamp": "2023-02-22T20:20:39+00:00"
}]
}



--thomas



________________________________________
From: sat [sat-bounces@ietf.org<mailto:sat-bounces@ietf.org>] on behalf of Thomas Hardjono [hardjono@mit.edu<mailto:hardjono@mit.edu>]
Sent: Tuesday, February 28, 2023 9:45 AM
To: Venkatraman Ramakrishna; sat@ietf.org<mailto:sat@ietf.org>
Subject: Re: [Sat] Burn-Assertion and Mint-Assertion messages

Hi Rama,

Would the hashes be there in addition to signatures and session IDs (or nonces) or in place of them?

Yes, in addition to signatures and the session-ID carried in each message.

The bigger question is that there are pairs of messages (e.g. messages 2.5 and 2.6, and msgs 3.6 and 3.8) that are loaded with implications, as compared to other pairs (e.g. messages 2.1 and 2.2).

So, should we require an explicitly inclusion of a hash for those pairs of important messages?

(The goal is to reduce cheating opportunities by G1 and G2, since the channel is already TLS protected).



Are there examples of other protocol sequences where successive messages include hashes of the previous ones?

Right now I can't think of any (I think SAML2.0 permits this for the Request/Response pairs).

But also, we are dealing with value-transfer (economic value), not just communications of bits/bytes.



--thomas



________________________________________
From: Venkatraman Ramakrishna [vramakr2@in.ibm.com<mailto:vramakr2@in.ibm.com>]
Sent: Tuesday, February 28, 2023 9:30 AM
To: Thomas Hardjono; sat@ietf.org<mailto:sat@ietf.org>
Subject: RE: Burn-Assertion and Mint-Assertion messages

Would the hashes be there in addition to signatures and session IDs (or nonces) or in place of them? Are there examples of other protocol sequences where successive messages include hashes of the previous ones?

Rama

-----Original Message-----
From: Thomas Hardjono <hardjono@mit.edu<mailto:hardjono@mit.edu>>
Sent: 28 February 2023 19:44
To: Venkatraman Ramakrishna <vramakr2@in.ibm.com<mailto:vramakr2@in.ibm.com>>; sat@ietf.org<mailto:sat@ietf.org>
Subject: [EXTERNAL] RE: Burn-Assertion and Mint-Assertion messages



Regarding the ACK-Final, as you say, it is critical for the conclusion of asset transfer.
Does 3.10 serve as a sort of an ACK for the ACK-Final then?

That is, should it be incumbent upon G2 to attempt retransmission of an ACK-Final until it receives a conclusive "Transfer-Completed"?

Yes, I think G2 has to keep trying until it gets a Transfer-Completed message.

Also, the Transfer-Completed message 3.10 from G1 needs to carry a hash of the ACK-Final (msg 3.8) as a means to implicitly state that G1 has received & accepted the Mint-Assertion from G2.


On a separate but related question, does it make sense for us require each message to include a hash of the previous message (for the same transfer session)?



--thomas




________________________________________
From: Venkatraman Ramakrishna [vramakr2@in.ibm.com<mailto:vramakr2@in.ibm.com>]
Sent: Tuesday, February 28, 2023 7:45 AM
To: Thomas Hardjono; sat@ietf.org<mailto:sat@ietf.org>
Subject: RE: Burn-Assertion and Mint-Assertion messages

"Burn-Assertion" and "Mint-Assertion" sound fine from a terminology perspective. Should we say "Assertion" or "Confirmation"? Does it matter? I think "Assertion" de-links the gateway from its network, which is OK.

Regarding the ACK-Final, as you say, it is critical for the conclusion of asset transfer. Does 3.10 serve as a sort of an ACK for the ACK-Final then? That is, should it be incumbent upon G2 to attempt retransmission of an ACK-Final until it receives a conclusive "Transfer-Completed"?

Rama

PS: Still recovering from illness and injury, so will try to participate in brainstorming to the best of my ability.

-----Original Message-----
From: sat <sat-bounces@ietf.org<mailto:sat-bounces@ietf.org>> On Behalf Of Thomas Hardjono
Sent: 28 February 2023 17:56
To: sat@ietf.org<mailto:sat@ietf.org>
Subject: [EXTERNAL] [Sat] Burn-Assertion and Mint-Assertion messages


Hi folks,

Seeing that we are discussing the Lock-Assertion format, I think we also need two (2) more assertion message types related to the extinguishment (burning) of the asset in NW1 and the re-generation (minting) in NW2.


Looking at our message flow diagram (version 16):

(a) In Step 3.5A the gateway G1 is "extinguishing" (i.e. "burning" or permanently disabling) the asset from NW1.

Then in Message 3.6 we said that the Commit-Final message would also carry a signed assertion stating that G1 has completed the burning of the asset in NW1.

Could we call this assertion something like:  "Burn-Assertion" ?  (using the terms "burn" and "mint" that is popular today).


(b) In Step 3.7A the gateway G2 completes the minting process by way of assigning newly-created asset to the beneficiary (e.g. Bob's address on NW2).

This is then reported to G1 in a signed assertion from G2 carried within message 3.8 (the ACK-Final message).

Could we call this assertion something like:  "Mint-Assertion" ?


Its probably worth highlighting that message 3.8 is an important one (far more relevant here than in the classic 2PC usage).

In the traditional usage of the 2PC/3PC commitment protocol (e.g. distributed databases), the ACK-Final message is simply an acknowledgement message that could be lost (i.e. loss can be tolerated).

In our case, the signed Mint-Assertion blob carried within message 3.8 legally binds G2 in the sense that G2-owner is now liable if it lies or makes an error.

That is, the ACK-Final message must not be lost.  If G2 never receives message 3.10, then G2 may need to retransmit message 3.8.



Thoughts?



--thomas

--
sat mailing list
sat@ietf.org<mailto:sat@ietf.org>
https://www.ietf.org/mailman/listinfo/sat 

--
sat mailing list
sat@ietf.org
https://www.ietf.org/mailman/listinfo/sat 

--
sat mailing list
sat@ietf.org
https://www.ietf.org/mailman/listinfo/sat 

--
sat mailing list
sat@ietf.org
https://www.ietf.org/mailman/listinfo/sat

v2.23.0 | Report a Bug | By Email