Merge pull request #18 from yeastplume/wallet_lifecycle

RFC - Full Wallet Lifecycle
mimblewimble · Aug 21, 2019 · 3fc8d75 · 3fc8d75
2 parents 07f01a9 + 4dcc0d3
commit 3fc8d75
Show file tree

Hide file tree

Showing 12 changed files with 452 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,8 @@ To begin writing your own RFC or to find out more about the process and the gene
 |:---|:---|
 | [0001-rfc-process](text/0001-rfc-process.md) | Introduce RFC process |
 | [0002-grin-governance](text/0002-grin-governance.md) | Articulate community values, define core and sub-teams |
+| [0003-security-process](text/0003-security-process.md) | Define community standards for ethical disclosure behaviour |
+| [0004-full-wallet-lifecycle](text/0004-full-wallet-lifecycle.md) | Define API standard for sensitive wallet operations |
 
 ## License
 

diff --git a/assets/0004/0004-api-call-direct.puml b/assets/0004/0004-api-call-direct.puml
@@ -0,0 +1,16 @@
+@startuml
+actor "Client" as client
+participant "Internal Rust API" as rustapi
+participant "Wallet Backend" as backend
+
+title Wallet API Call (Directly Linked)
+
+== API Call ==
+client -> client: Stored token **t**
+client -> rustapi: call_api_function(**t**, **other_params**)
+rustapi -> backend: retrieve_seed(**t**)
+backend -> backend: calc(**t** ^ **seedT**) -> **seed**
+rustapi -> backend: Internal Wallet Calls
+backend -> backend: Drop **seed**
+rustapi -> client: Return (**return_data**)
+@enduml
diff --git a/assets/0004/0004-api-call-direct.svg b/assets/0004/0004-api-call-direct.svg
diff --git a/assets/0004/0004-api-call.puml b/assets/0004/0004-api-call.puml
@@ -0,0 +1,24 @@
+@startuml
+actor "Client" as client
+participant "JSON-RPC API (if used)" as jsonrpc
+participant "Internal Rust API" as rustapi
+participant "Wallet Backend" as backend
+
+title Wallet API Call via JSON-RPC
+
+
+== API Call ==
+client -> client: Supply stored token **t** in **req** as **req.t**
+client -> client: enc(**req**, **s**) -> **reqEnc**
+client -> jsonrpc: call_api_function(**reqEnc**)
+jsonrpc -> jsonrpc: dec(**reqEnc**, **s**) -> **req**
+jsonrpc -> rustapi: call_api_function(**req**)
+rustapi -> backend: retrieve_seed(**req.t** as **t**)
+backend -> backend: calc(**t** ^ **seedT**) -> **seed**
+rustapi -> backend: Internal Wallet Calls
+backend -> backend: Drop **seed**
+rustapi -> jsonrpc: Return (**resp**)
+jsonrpc -> jsonrpc: enc(**resp**, **s**) -> (**respEnc**)
+jsonrpc -> client: Return (**respEnc**)
+client -> client: dec(**s**, **respEnc**) -> **resp**
+@enduml
diff --git a/assets/0004/0004-api-call.svg b/assets/0004/0004-api-call.svg
diff --git a/assets/0004/0004-dh-init.puml b/assets/0004/0004-dh-init.puml
@@ -0,0 +1,16 @@
+@startuml
+actor "Client" as client
+participant "JSON-RPC API" as jsonrpc
+participant "Internal Rust API" as rustapi
+participant "Wallet Backend" as backend
+
+title Wallet JSON-RPC API ECDH Initialization
+
+== Initialization (ECDH/secp256k1)==
+client -> client: Calc Pub ECDH Key (**cP**)
+client -> jsonrpc: init_api_secure (**cP**)
+jsonrpc -> jsonrpc: Calc Pub ECDH Key (**sP**)
+jsonrpc -> jsonrpc: Calc + store shared secret (**s**)
+jsonrpc -> client: **sP**
+client -> client: Calc + store shared secret (**s**)
+@enduml