207 lines
5.0 KiB
Protocol Buffer
207 lines
5.0 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package arbiter.user_agent;
|
|
|
|
import "client.proto";
|
|
import "evm.proto";
|
|
import "google/protobuf/empty.proto";
|
|
|
|
enum KeyType {
|
|
KEY_TYPE_UNSPECIFIED = 0;
|
|
KEY_TYPE_ED25519 = 1;
|
|
KEY_TYPE_ECDSA_SECP256K1 = 2;
|
|
KEY_TYPE_RSA = 3;
|
|
}
|
|
|
|
// --- SDK client management ---
|
|
|
|
enum SdkClientError {
|
|
SDK_CLIENT_ERROR_UNSPECIFIED = 0;
|
|
SDK_CLIENT_ERROR_ALREADY_EXISTS = 1;
|
|
SDK_CLIENT_ERROR_NOT_FOUND = 2;
|
|
SDK_CLIENT_ERROR_HAS_RELATED_DATA = 3; // hard-delete blocked by FK (client has grants or transaction logs)
|
|
SDK_CLIENT_ERROR_INTERNAL = 4;
|
|
}
|
|
|
|
message SdkClientRevokeRequest {
|
|
int32 client_id = 1;
|
|
}
|
|
|
|
message SdkClientEntry {
|
|
int32 id = 1;
|
|
bytes pubkey = 2;
|
|
arbiter.client.ClientInfo info = 3;
|
|
int32 created_at = 4;
|
|
}
|
|
|
|
message SdkClientList {
|
|
repeated SdkClientEntry clients = 1;
|
|
}
|
|
|
|
message SdkClientRevokeResponse {
|
|
oneof result {
|
|
google.protobuf.Empty ok = 1;
|
|
SdkClientError error = 2;
|
|
}
|
|
}
|
|
|
|
message SdkClientListResponse {
|
|
oneof result {
|
|
SdkClientList clients = 1;
|
|
SdkClientError error = 2;
|
|
}
|
|
}
|
|
|
|
message AuthChallengeRequest {
|
|
bytes pubkey = 1;
|
|
optional string bootstrap_token = 2;
|
|
KeyType key_type = 3;
|
|
}
|
|
|
|
message AuthChallenge {
|
|
int32 nonce = 2;
|
|
reserved 1;
|
|
}
|
|
|
|
message AuthChallengeSolution {
|
|
bytes signature = 1;
|
|
}
|
|
|
|
enum AuthResult {
|
|
AUTH_RESULT_UNSPECIFIED = 0;
|
|
AUTH_RESULT_SUCCESS = 1;
|
|
AUTH_RESULT_INVALID_KEY = 2;
|
|
AUTH_RESULT_INVALID_SIGNATURE = 3;
|
|
AUTH_RESULT_BOOTSTRAP_REQUIRED = 4;
|
|
AUTH_RESULT_TOKEN_INVALID = 5;
|
|
AUTH_RESULT_INTERNAL = 6;
|
|
}
|
|
|
|
message UnsealStart {
|
|
bytes client_pubkey = 1;
|
|
}
|
|
|
|
message UnsealStartResponse {
|
|
bytes server_pubkey = 1;
|
|
}
|
|
message UnsealEncryptedKey {
|
|
bytes nonce = 1;
|
|
bytes ciphertext = 2;
|
|
bytes associated_data = 3;
|
|
}
|
|
|
|
message BootstrapEncryptedKey {
|
|
bytes nonce = 1;
|
|
bytes ciphertext = 2;
|
|
bytes associated_data = 3;
|
|
}
|
|
|
|
enum UnsealResult {
|
|
UNSEAL_RESULT_UNSPECIFIED = 0;
|
|
UNSEAL_RESULT_SUCCESS = 1;
|
|
UNSEAL_RESULT_INVALID_KEY = 2;
|
|
UNSEAL_RESULT_UNBOOTSTRAPPED = 3;
|
|
}
|
|
|
|
enum BootstrapResult {
|
|
BOOTSTRAP_RESULT_UNSPECIFIED = 0;
|
|
BOOTSTRAP_RESULT_SUCCESS = 1;
|
|
BOOTSTRAP_RESULT_ALREADY_BOOTSTRAPPED = 2;
|
|
BOOTSTRAP_RESULT_INVALID_KEY = 3;
|
|
}
|
|
|
|
enum VaultState {
|
|
VAULT_STATE_UNSPECIFIED = 0;
|
|
VAULT_STATE_UNBOOTSTRAPPED = 1;
|
|
VAULT_STATE_SEALED = 2;
|
|
VAULT_STATE_UNSEALED = 3;
|
|
VAULT_STATE_ERROR = 4;
|
|
}
|
|
|
|
message SdkClientConnectionRequest {
|
|
bytes pubkey = 1;
|
|
arbiter.client.ClientInfo info = 2;
|
|
}
|
|
|
|
message SdkClientConnectionResponse {
|
|
bool approved = 1;
|
|
bytes pubkey = 2;
|
|
}
|
|
|
|
message SdkClientConnectionCancel {
|
|
bytes pubkey = 1;
|
|
}
|
|
|
|
message WalletAccess {
|
|
int32 wallet_id = 1;
|
|
int32 sdk_client_id = 2;
|
|
}
|
|
|
|
message SdkClientWalletAccess {
|
|
int32 id = 1;
|
|
WalletAccess access = 2;
|
|
}
|
|
|
|
message SdkClientGrantWalletAccess {
|
|
repeated WalletAccess accesses = 1;
|
|
}
|
|
|
|
message SdkClientRevokeWalletAccess {
|
|
repeated int32 accesses = 1;
|
|
}
|
|
|
|
message ListWalletAccessResponse {
|
|
repeated SdkClientWalletAccess accesses = 1;
|
|
}
|
|
|
|
message UserAgentEvmSignTransactionRequest {
|
|
int32 client_id = 1;
|
|
arbiter.evm.EvmSignTransactionRequest request = 2;
|
|
}
|
|
|
|
message UserAgentRequest {
|
|
int32 id = 16;
|
|
oneof payload {
|
|
AuthChallengeRequest auth_challenge_request = 1;
|
|
AuthChallengeSolution auth_challenge_solution = 2;
|
|
UnsealStart unseal_start = 3;
|
|
UnsealEncryptedKey unseal_encrypted_key = 4;
|
|
google.protobuf.Empty query_vault_state = 5;
|
|
google.protobuf.Empty evm_wallet_create = 6;
|
|
google.protobuf.Empty evm_wallet_list = 7;
|
|
arbiter.evm.EvmGrantCreateRequest evm_grant_create = 8;
|
|
arbiter.evm.EvmGrantDeleteRequest evm_grant_delete = 9;
|
|
arbiter.evm.EvmGrantListRequest evm_grant_list = 10;
|
|
SdkClientConnectionResponse sdk_client_connection_response = 11;
|
|
SdkClientRevokeRequest sdk_client_revoke = 12;
|
|
google.protobuf.Empty sdk_client_list = 13;
|
|
BootstrapEncryptedKey bootstrap_encrypted_key = 14;
|
|
SdkClientGrantWalletAccess grant_wallet_access = 15;
|
|
SdkClientRevokeWalletAccess revoke_wallet_access = 17;
|
|
google.protobuf.Empty list_wallet_access = 18;
|
|
UserAgentEvmSignTransactionRequest evm_sign_transaction = 19;
|
|
}
|
|
}
|
|
message UserAgentResponse {
|
|
optional int32 id = 16;
|
|
oneof payload {
|
|
AuthChallenge auth_challenge = 1;
|
|
AuthResult auth_result = 2;
|
|
UnsealStartResponse unseal_start_response = 3;
|
|
UnsealResult unseal_result = 4;
|
|
VaultState vault_state = 5;
|
|
arbiter.evm.WalletCreateResponse evm_wallet_create = 6;
|
|
arbiter.evm.WalletListResponse evm_wallet_list = 7;
|
|
arbiter.evm.EvmGrantCreateResponse evm_grant_create = 8;
|
|
arbiter.evm.EvmGrantDeleteResponse evm_grant_delete = 9;
|
|
arbiter.evm.EvmGrantListResponse evm_grant_list = 10;
|
|
SdkClientConnectionRequest sdk_client_connection_request = 11;
|
|
SdkClientConnectionCancel sdk_client_connection_cancel = 12;
|
|
SdkClientRevokeResponse sdk_client_revoke_response = 13;
|
|
SdkClientListResponse sdk_client_list_response = 14;
|
|
BootstrapResult bootstrap_result = 15;
|
|
ListWalletAccessResponse list_wallet_access_response = 17;
|
|
arbiter.evm.EvmSignTransactionResponse evm_sign_transaction = 18;
|
|
}
|
|
}
|