feat: introduce a secret key for encryption type into context identity

Cargo.toml

@@ -11,6 +11,7 @@ members = [
     "./crates/config",
     "./crates/context",
     "./crates/context/config",
+    "./crates/crypto",
     "./crates/meroctl",
     "./crates/merod",
     "./crates/network",
@@ -56,6 +57,7 @@ claims = "0.7.1"
 clap = "4.4.18"
 color-eyre = "0.6.2"
 const_format = "0.2.32"
+curve25519-dalek = "4.1.3"
 dirs = "5.0.1"
 ed25519-dalek = "2.1.1"
 either = "1.13.0"
@@ -92,6 +94,7 @@ quote = "1.0.37"
 rand = "0.8.5"
 rand_chacha = "0.3.1"
 reqwest = "0.12.2"
+ring = "0.17.8"
 rocksdb = "0.22.0"
 rust-embed = "8.5.0"
 sha2 = "0.10.8"

crates/context/src/lib.rs

@@ -141,7 +141,7 @@ impl ContextManager {
     }
 
     #[must_use]
-    pub fn new_identity(&self) -> PrivateKey {
+    pub fn new_private_key(&self) -> PrivateKey {
         PrivateKey::random(&mut rand::thread_rng())
     }
 
@@ -175,7 +175,7 @@ impl ContextManager {
                 None => PrivateKey::random(&mut rng),
             };
 
-            let identity_secret = identity_secret.unwrap_or_else(|| self.new_identity());
+            let identity_secret = identity_secret.unwrap_or_else(|| self.new_private_key());
 
             (context_secret, identity_secret)
         };
@@ -312,6 +312,7 @@ impl ContextManager {
             &ContextIdentityKey::new(context.id, identity_secret.public_key()),
             &ContextIdentityValue {
                 private_key: Some(*identity_secret),
+                sender_key: Some(*self.new_private_key()),
             },
         )?;
 
@@ -400,6 +401,7 @@ impl ContextManager {
 
         let Some(ContextIdentityValue {
             private_key: Some(requester_secret),
+            ..
         }) = handle.get(&ContextIdentityKey::new(context_id, inviter_id))?
         else {
             return Ok(None);
@@ -498,7 +500,13 @@ impl ContextManager {
                     let key = ContextIdentityKey::new(context_id, member);
 
                     if !handle.has(&key)? {
-                        handle.put(&key, &ContextIdentityValue { private_key: None })?;
+                        handle.put(
+                            &key,
+                            &ContextIdentityValue {
+                                private_key: None,
+                                sender_key: Some(*self.new_private_key()),
+                            },
+                        )?;
                     }
                 }
             }
@@ -778,6 +786,35 @@ impl ContextManager {
         Ok(ids)
     }
 
+    pub fn get_sender_key(
+        &self,
+        context_id: &ContextId,
+        public_key: &PublicKey,
+    ) -> EyreResult<Option<PrivateKey>> {
+        let handle = self.store.handle();
+        let key = handle
+            .get(&ContextIdentityKey::new(*context_id, *public_key))?
+            .and_then(|ctx_identity| ctx_identity.sender_key);
+
+        Ok(key.map(PrivateKey::from))
+    }
+
+    pub fn get_private_key(
+        &self,
+        context_id: ContextId,
+        public_key: PublicKey,
+    ) -> EyreResult<Option<PrivateKey>> {
+        let handle = self.store.handle();
+
+        let key = ContextIdentityKey::new(context_id, public_key);
+
+        let Some(value) = handle.get(&key)? else {
+            return Ok(None);
+        };
+
+        Ok(value.private_key.map(PrivateKey::from))
+    }
+
     pub fn get_context_members_identities(
         &self,
         context_id: ContextId,
@@ -854,6 +891,7 @@ impl ContextManager {
 
         let Some(ContextIdentityValue {
             private_key: Some(requester_secret),
+            ..
         }) = handle.get(&ContextIdentityKey::new(context_id, signer_id))?
         else {
             bail!("'{}' is not a member of '{}'", signer_id, context_id)
@@ -1109,6 +1147,7 @@ impl ContextManager {
 
         let Some(ContextIdentityValue {
             private_key: Some(signing_key),
+            ..
         }) = handle.get(&ContextIdentityKey::new(context_id, signer_id))?
         else {
             bail!("No private key found for signer");
@@ -1146,6 +1185,7 @@ impl ContextManager {
 
         let Some(ContextIdentityValue {
             private_key: Some(signing_key),
+            ..
         }) = handle.get(&ContextIdentityKey::new(context_id, signer_id))?
         else {
             bail!("No private key found for signer");

crates/crypto/Cargo.toml

@@ -0,0 +1,22 @@
+[package]
+name = "calimero-crypto"
+version = "0.1.0"
+authors.workspace = true
+edition.workspace = true
+repository.workspace = true
+license.workspace = true
+
+[dependencies]
+curve25519-dalek.workspace = true
+ed25519-dalek = { workspace = true, features = ["rand_core"] }
+ring.workspace = true
+serde = { workspace = true, features = ["derive"] }
+
+calimero-primitives = { path = "../primitives", features = ["rand"] }
+
+[dev-dependencies]
+eyre.workspace = true
+rand.workspace = true
+
+[lints]
+workspace = true

crates/crypto/src/lib.rs

@@ -0,0 +1,126 @@
+use calimero_primitives::identity::{PrivateKey, PublicKey};
+use ed25519_dalek::{SecretKey, SigningKey};
+use ring::aead;
+use serde::{Deserialize, Serialize};
+
+#[derive(Copy, Clone, Debug, Serialize, Deserialize)]
+pub struct SharedKey {
+    key: SecretKey,
+}
+
+#[derive(Debug)]
+pub struct Record {
+    pub token: Vec<u8>,
+    pub nonce: [u8; 12],
+}
+
+impl SharedKey {
+    pub fn new(sk: &PrivateKey, pk: &PublicKey) -> Self {
+        SharedKey {
+            key: (SigningKey::from_bytes(sk).to_scalar()
+                * curve25519_dalek::edwards::CompressedEdwardsY(**pk)
+                    .decompress()
+                    .expect("pk should be guaranteed to be the y coordinate"))
+            .compress()
+            .to_bytes(),
+        }
+    }
+
+    pub fn from_sk(sk: &PrivateKey) -> Self {
+        SharedKey { key: **sk }
+    }
+
+    pub fn encrypt(&self, payload: Vec<u8>, nonce: [u8; 12]) -> Option<Vec<u8>> {
+        let encryption_key =
+            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).ok()?);
+
+        let mut cipher_text = payload;
+        encryption_key
+            .seal_in_place_append_tag(
+                aead::Nonce::assume_unique_for_key(nonce),
+                aead::Aad::empty(),
+                &mut cipher_text,
+            )
+            .ok()?;
+
+        Some(cipher_text)
+    }
+
+    pub fn decrypt(&self, cipher_text: Vec<u8>, nonce: [u8; aead::NONCE_LEN]) -> Option<Vec<u8>> {
+        let decryption_key =
+            aead::LessSafeKey::new(aead::UnboundKey::new(&aead::AES_256_GCM, &self.key).ok()?);
+
+        let mut payload = cipher_text;
+        let decrypted_len = decryption_key
+            .open_in_place(
+                aead::Nonce::assume_unique_for_key(nonce),
+                aead::Aad::empty(),
+                &mut payload,
+            )
+            .ok()?
+            .len();
+
+        payload.truncate(decrypted_len);
+
+        Some(payload)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use eyre::OptionExt;
+
+    use super::*;
+
+    #[test]
+    fn test_encrypt_decrypt() -> eyre::Result<()> {
+        let mut csprng = rand::thread_rng();
+
+        let signer = PrivateKey::random(&mut csprng);
+        let verifier = PrivateKey::random(&mut csprng);
+
+        let signer_shared_key = SharedKey::new(&signer, &verifier.public_key());
+        let verifier_shared_key = SharedKey::new(&verifier, &signer.public_key());
+
+        let payload = b"privacy is important";
+        let nonce = [0u8; aead::NONCE_LEN];
+
+        let encrypted_payload = signer_shared_key
+            .encrypt(payload.to_vec(), nonce)
+            .ok_or_eyre("encryption failed")?;
+
+        let decrypted_payload = verifier_shared_key
+            .decrypt(encrypted_payload, nonce)
+            .ok_or_eyre("decryption failed")?;
+
+        assert_eq!(decrypted_payload, payload);
+        assert_ne!(decrypted_payload, b"privacy is not important");
+
+        Ok(())
+    }
+
+    #[test]
+    fn test_decrypt_with_invalid_key() -> eyre::Result<()> {
+        let mut csprng = rand::thread_rng();
+
+        let signer = PrivateKey::random(&mut csprng);
+        let verifier = PrivateKey::random(&mut csprng);
+        let invalid = PrivateKey::random(&mut csprng);
+
+        let signer_shared_key = SharedKey::new(&signer, &verifier.public_key());
+        let invalid_shared_key = SharedKey::new(&invalid, &invalid.public_key());
+
+        let token = b"privacy is important";
+        let nonce = [0u8; aead::NONCE_LEN];
+
+        let encrypted_token = signer_shared_key
+            .encrypt(token.to_vec(), nonce)
+            .ok_or_eyre("encryption failed")?;
+
+        let decrypted_data = invalid_shared_key.decrypt(encrypted_token, nonce);
+
+        assert!(decrypted_data.is_none());
+
+        Ok(())
+    }
+}

crates/node/Cargo.toml

@@ -22,6 +22,7 @@ tracing.workspace = true
 url.workspace = true
 
 calimero-context = { path = "../context" }
+calimero-crypto = { path = "../crypto" }
 calimero-blobstore = { path = "../store/blobs" }
 calimero-network = { path = "../network" }
 calimero-node-primitives = { path = "../node-primitives" }

crates/node/src/interactive_cli/identity.rs

@@ -75,7 +75,7 @@ impl IdentityCommand {
             }
             IdentitySubcommands::New => {
                 // Handle the "new" subcommand
-                let identity = node.ctx_manager.new_identity();
+                let identity = node.ctx_manager.new_private_key();
                 println!("{ind} Private Key: {}", identity.cyan());
                 println!("{ind} Public Key: {}", identity.public_key().cyan());
             }

crates/node/src/lib.rs

@@ -15,6 +15,7 @@ use calimero_blobstore::{BlobManager, FileSystem};
 use calimero_context::config::ContextConfig;
 use calimero_context::ContextManager;
 use calimero_context_config::ProposalAction;
+use calimero_crypto::SharedKey;
 use calimero_network::client::NetworkClient;
 use calimero_network::config::NetworkConfig;
 use calimero_network::types::{NetworkEvent, PeerId};
@@ -34,7 +35,7 @@ use calimero_store::db::RocksDB;
 use calimero_store::key::ContextMeta as ContextMetaKey;
 use calimero_store::Store;
 use camino::Utf8PathBuf;
-use eyre::{bail, eyre, Result as EyreResult};
+use eyre::{bail, eyre, OptionExt, Result as EyreResult};
 use libp2p::gossipsub::{IdentTopic, Message, TopicHash};
 use libp2p::identity::Keypair;
 use rand::{thread_rng, Rng};
@@ -335,6 +336,16 @@ impl Node {
             return Ok(());
         }
 
+        let Some(sender_key) = self.ctx_manager.get_sender_key(&context_id, &author_id)? else {
+            return self.initiate_sync(context_id, source).await;
+        };
+
+        let shared_key = SharedKey::from_sk(&sender_key);
+
+        let artifact = &shared_key
+            .decrypt(artifact, [0; 12])
+            .ok_or_eyre("failed to decrypt message")?;
+
         let Some(outcome) = self
             .execute(
                 &mut context,
@@ -368,11 +379,22 @@ impl Node {
             .await
             != 0
         {
+            let sender_key = self
+                .ctx_manager
+                .get_sender_key(&context.id, &executor_public_key)?
+                .ok_or_eyre("expected own identity to have sender key")?;
+
+            let shared_key = SharedKey::from_sk(&sender_key);
+
+            let artifact_encrypted = shared_key
+                .encrypt(outcome.artifact.clone(), [0; 12])
+                .ok_or_eyre("encryption failed")?;
+
             let message = to_vec(&BroadcastMessage::StateDelta {
                 context_id: context.id,
                 author_id: executor_public_key,
                 root_hash: context.root_hash,
-                artifact: outcome.artifact.as_slice().into(),
+                artifact: artifact_encrypted.as_slice().into(),
             })?;
 
             let _ignored = self