From 2d5cc85034740da96e942eb77aa451f92bb15176 Mon Sep 17 00:00:00 2001 From: Daniel Hardman Date: Fri, 2 Aug 2024 18:04:55 +0200 Subject: [PATCH 1/3] fix KERI-WP reference Signed-off-by: Daniel Hardman --- spec/spec.md | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/spec/spec.md b/spec/spec.md index 6709256..c79ca95 100644 --- a/spec/spec.md +++ b/spec/spec.md @@ -1886,7 +1886,7 @@ When network bandwidth is less constrained, a gossip protocol might provide full #### Immunity and Availability -It can be shown that for any set of N witnesses, (see [[ref: KERI-WP ]]) there is a threshold M < N that guarantees that at most one sufficient agreement occurs or none at all despite a dishonest controller but where at most F* = N-M of the witnesses are potentially unavailable and at most F < M is duplicitous. This guarantee means that the agreement is deemed immune (from failure due to faulty F or F*). To elaborate, given at most F* potentially unavailable or F potentially duplicitous witnesses, an immune agreement requires that M be a sufficient majority of N and guarantees as a result that the service may either only produce a sufficient agreement for one version of each event or none at all despite a dishonest or exploited controller. The following table provides values of N, M, F, and F* that satisfy this immunity constraint. +It can be shown (see [KERI-WP](#KERI-WP)) that for any set of N witnesses, there is a threshold M < N that guarantees that at most one sufficient agreement occurs or none at all, despite a dishonest controller — but where at most F* = N-M of the witnesses are potentially unavailable and at most F < M is duplicitous. This guarantee means that the agreement is deemed immune (from failure due to faulty F or F*). The To elaborate, given at most F* potentially unavailable or F potentially duplicitous witnesses, an immune agreement requires that M be a sufficient majority of N and guarantees as a result that the service may either only produce a sufficient agreement for one version of each event or none at all despite a dishonest or exploited controller. The following table provides values of N, M, F, and F* that satisfy this immunity constraint. | F | N | 3F+1 | (N+F+1)/2 | N-F | M | F*=N-M | |--:|---:|-----:|----------:|----:|----:|-------:| @@ -2710,23 +2710,15 @@ To Nullify set the `url` to the empty string `""`. [[spec]] -[1]. Samuel M. Smith, Composable Event Streaming Representation (CESR), 2022 +1. Samuel M. Smith, [Composable Event Streaming Representation (CESR)](https://github.com/trustoverip/tswg-cesr-specification), 2022 -[1]: https://github.com/trustoverip/tswg-cesr-specification +2. C. Bormann, P. Hoffman, [Concise Binary Object Representation (CBOR)](https://www.rfc-editor.org/rfc/rfc8949.html), 2020 -[2]. C. Bormann, P. Hoffman, Concise Binary Object Representation (CBOR), 2020 +3. Sadayuki Furuhashi, [MessagePack](https://github.com/msgpack/msgpack/blob/master/spec.md), 2008 -[2]: https://www.rfc-editor.org/rfc/rfc8949.html +4. Samuel M. Smith, [Key Event Receipt Infrastructure](https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/KERI_WP_2.x.web.pdf), 2021 -[3]. Sadayuki Furuhashi, MessagePack, 2008 - -[3]: https://github.com/msgpack/msgpack/blob/master/spec.md - -[4]. Samuel M. Smith, Key Event Receipt Infrstructue, 2021 - -[4]: https://arxiv.org/abs/1907.02143 - -[5]. Samuel M. Smith, Universay Identifier Theory, 2020 +[5]. Samuel M. Smith, Universal Identifier Theory, 2020 [5]: https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf From 7fe4789d6318848ea434258efd736e58a98476d7 Mon Sep 17 00:00:00 2001 From: Daniel Hardman Date: Fri, 2 Aug 2024 18:16:46 +0200 Subject: [PATCH 2/3] make other bibl refs referencable Signed-off-by: Daniel Hardman --- spec/spec.md | 104 +++++++++++++-------------------------------------- 1 file changed, 26 insertions(+), 78 deletions(-) diff --git a/spec/spec.md b/spec/spec.md index c79ca95..52fa39a 100644 --- a/spec/spec.md +++ b/spec/spec.md @@ -2718,106 +2718,54 @@ To Nullify set the `url` to the empty string `""`. 4. Samuel M. Smith, [Key Event Receipt Infrastructure](https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/KERI_WP_2.x.web.pdf), 2021 -[5]. Samuel M. Smith, Universal Identifier Theory, 2020 +5. Samuel M. Smith, [Universal Identifier Theory](https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf), 2020 -[5]: https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf +6. Samuel M. Smith, [Decentralized Autonomic Data (DAD) and the three R's of Key Management](https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/DecentralizedAutonomicData.pdf), 2018 -[6]. Samuel M. Smith, Decentralized Autonomic Data (DAD) and the three R's of Key Management, 2018 +7. David Wilkinson, Jorge F Willemsen, [Invasion percolation: a new form of percolation theory](https://www.physics.purdue.edu/flow/MMproject/Wilkinson1983.pdf), 1983 -[6]: https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/DecentralizedAutonomicData.pdf +8. [Information-Theoretic and Perfect Security](https://en.wikipedia.org/wiki/Information-theoretic_security) -[7]. David Wilkinson, Jorge F Willemsen, Invasion percolation: a new form of percolation theory, 1983 +9. [Cryptographically-secure pseudorandom number generator](https://en.wikipedia.org/wiki/Cryptographically-secure_pseudorandom_number_generator) -[7]: https://www.physics.purdue.edu/flow/MMproject/Wilkinson1983.pdf +10. [Information Theory](https://en.wikipedia.org/wiki/Information_theory) -[8]. Information-Theoretic and Perfect Security +11. [Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete](https://cr.yp.to/hash/collisioncost-20090823.pdf? -[8]: https://en.wikipedia.org/wiki/Information-theoretic_security +12. Jean-Philippe Aumasson, [Too Much Crypto](https://eprint.iacr.org/2019/1492.pdf), 2021 -[9]. Cryptographically-secure pseudorandom number generator +13. [One-way Function](https://en.wikipedia.org/wiki/One-way_function) -[9]: https://en.wikipedia.org/wiki/Cryptographically-secure_pseudorandom_number_generator +14. [One-way Function](http://www.crypto-it.net/eng/theory/one-way-function.html) -[10]. Information Theory +15. [Public-key Cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) -[10]: https://en.wikipedia.org/wiki/Information_theory +16. Marc Girault, [Self-certified public keys](https://link.springer.com/content/pdf/10.1007%2F3-540-46416-6_42.pdf) -[11]. Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete? +17. M. Kaminsky, E. Banks, [SFS-HTTP: Securing the Web with Self-Certifying URLs](https://pdos.csail.mit.edu/kaminsky/sfs-http.ps), 1999 -[11]: https://cr.yp.to/hash/collisioncost-20090823.pdf +18. David Mazieres, [Self-certifying File System](https://pdos.csail.mit.edu/kaminsky/sfs-http.ps), 2000 -[12]. Jean-Philippe Aumasson, Too Much Crypto, 2021 +19. David Mazieres, M. Kaashoek, [Escaping the Evils of Centralized Control with self-certifying pathnames](https://dl.acm.org/doi/pdf/10.1145/319195.319213), 2000 -[12]: https://eprint.iacr.org/2019/1492.pdf +20. [Certificate Revocation List](https://en.wikipedia.org/wiki/Certificate_revocation_list) -[13]. One-way Function +21. [Verifiable Data Structures](https://github.com/google/trillian/blob/master/docs/papers/VerifiableDataStructures.pdf) -[13]: https://en.wikipedia.org/wiki/One-way_function +22. [Ricardian contract](https://en.wikipedia.org/wiki/Ricardian_contract) -[14]. One-way Function +23. [Namespace](https://en.wikipedia.org/wiki/Namespace) -[14]: http://www.crypto-it.net/eng/theory/one-way-function.html +24. [Eclipse Attack](https://www.gemini.com/cryptopedia/eclipse-attacks-defense-bitcoin) -[15]. Public-key Cryptography +25. [Percolation Theory](https://en.wikipedia.org/wiki/Percolation_theory) -[15]: https://en.wikipedia.org/wiki/Public-key_cryptography +26. [First Passage Percolation](https://en.wikipedia.org/wiki/First_passage_percolation) -[16]. Marc Girault, Self-certified public keys +27. [Invasion Percolation](https://www.physics.purdue.edu/flow/MMproject/Wilkinson1983.pdf) -[16]: https://link.springer.com/content/pdf/10.1007%2F3-540-46416-6_42.pdf +28. [Uniform Resource Locator](https://en.wikipedia.org/wiki/URL) -[17]. M. Kaminsky, E. Banks, SFS-HTTP: Securing the Web with Self-Certifying URLs, 1999 +29. [QR Code](https://en.wikipedia.org/wiki/QR_code) -[17]: https://pdos.csail.mit.edu/kaminsky/sfs-http.ps - -[18]. David Mazieres, Self-certifying File System, 2000 - -[18]: https://pdos.csail.mit.edu/kaminsky/sfs-http.ps - -[19]. David Mazieres, M. Kaashoek, Escaping the Evils of Centralized Control with self-certifying pathnames, 2000 - -[19]: https://dl.acm.org/doi/pdf/10.1145/319195.319213 - -[20]. Certificate Revocation List - -[20]: https://en.wikipedia.org/wiki/Certificate_revocation_list - -[21]. Verifiable Data Structures - -[21]: https://github.com/google/trillian/blob/master/docs/papers/VerifiableDataStructures.pdf - -[22]. Ricardian contract - -[22]: https://en.wikipedia.org/wiki/Ricardian_contract - -[23]. Namespace - -[23]: https://en.wikipedia.org/wiki/Namespace - -[24]. Eclipse Attack - -[24]: https://www.gemini.com/cryptopedia/eclipse-attacks-defense-bitcoin - -[25]. Percolation Theory - -[25]: https://en.wikipedia.org/wiki/Percolation_theory - -[26]. First Passage Percolation - -[26]: https://en.wikipedia.org/wiki/First_passage_percolation - -[27]. Invasion Percolation - -[27]: https://www.physics.purdue.edu/flow/MMproject/Wilkinson1983.pdf - -[28]. Uniform Resource Locator - -[28]: https://en.wikipedia.org/wiki/URL - -[29]. QR Code - -[29]: https://en.wikipedia.org/wiki/QR_code - -[30]. Data Matrix - -[30]: https://en.wikipedia.org/wiki/Data_Matrix +30. [Data Matrix](https://en.wikipedia.org/wiki/Data_Matrix) From e5ed625b77353ca232b044fdffc745122598f1e7 Mon Sep 17 00:00:00 2001 From: Daniel Hardman Date: Fri, 2 Aug 2024 18:24:11 +0200 Subject: [PATCH 3/3] fix #204 Signed-off-by: Daniel Hardman --- spec/spec.md | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/spec/spec.md b/spec/spec.md index 52fa39a..eac53ce 100644 --- a/spec/spec.md +++ b/spec/spec.md @@ -1886,19 +1886,9 @@ When network bandwidth is less constrained, a gossip protocol might provide full #### Immunity and Availability -It can be shown (see [KERI-WP](#KERI-WP)) that for any set of N witnesses, there is a threshold M < N that guarantees that at most one sufficient agreement occurs or none at all, despite a dishonest controller — but where at most F* = N-M of the witnesses are potentially unavailable and at most F < M is duplicitous. This guarantee means that the agreement is deemed immune (from failure due to faulty F or F*). The To elaborate, given at most F* potentially unavailable or F potentially duplicitous witnesses, an immune agreement requires that M be a sufficient majority of N and guarantees as a result that the service may either only produce a sufficient agreement for one version of each event or none at all despite a dishonest or exploited controller. The following table provides values of N, M, F, and F* that satisfy this immunity constraint. +It can be [shown](#KERI-WP) that for any set of N witnesses, there is a threshold M < N that guarantees that at most one sufficient agreement occurs or none at all, despite a dishonest controller — but where at most F* = N-M of the witnesses are potentially unavailable and at most F < M is duplicitous. This guarantee means that the agreement is deemed immune (from failure due to faulty F or F*). A Controller MAY choose to use the KAWA algorthm to achieve immunity. -| F | N | 3F+1 | (N+F+1)/2 | N-F | M | F*=N-M | -|--:|---:|-----:|----------:|----:|----:|-------:| -| 1 | 4 | 4 | 3 | 3 | 3 | 1 | -| 1 | 6 | 4 | 4 | 5 | 4,5 | 2,1 | -| 2 | 7 | 7 | 5 | 5 | 5 | 2 | -| 2 | 9 | 7 | 6 | 7 | 6,7 | 3,2 | -| 3 | 10 | 10 | 7 | 7 | 7 | 7 | -| 3 | 12 | 10 | 8 | 9 | 8,9 | 4,3 | - - -Given the immune constraint is satisfied, the service may not produce multiple divergent but proper KERL). In order to be deemed proper, an agreement must have been verified as consistent with all prior events by every non-faulty witness who is a party to that agreement. Thus, any user of the service, be it a validator, watcher, juror, or judge, will be able to obtain either a proper event agreement on demand from some witness or none at all. Any non-faulty witness with a proper agreement will keep that agreement in its KERL and provide it on demand. Consequently, the availability of a proper event at a witness is tantamount to the availability of a proper log (KERL) of all prior events consistent with that event at that witness, and thereby, high availability of the service is assured. +Given the immune constraint is satisfied, the service may not produce multiple divergent but proper KERL. In order to be deemed proper, an agreement must have been verified as consistent with all prior events by every non-faulty witness who is a party to that agreement. Thus, any user of the service, be it a validator, watcher, juror, or judge, will be able to obtain either a proper event agreement on demand from some witness or none at all. Any non-faulty witness with a proper agreement will keep that agreement in its KERL and provide it on demand. Consequently, the availability of a proper event at a witness is tantamount to the availability of a proper log (KERL) of all prior events consistent with that event at that witness, and thereby, high availability of the service is assured. #### Security Properties