From 4c3fa8db0f16cbc5b8782f9dfe8ff1d895919030 Mon Sep 17 00:00:00 2001 From: bry Date: Fri, 13 Sep 2024 10:03:21 -0500 Subject: [PATCH 1/8] remove payer and add escrow_key --- src/service/iot_config.proto | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index 7e7f3e24..ac1004fd 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -18,9 +18,8 @@ import "region.proto"; // are signed by the config service to allow the recipient to validate // the authenticity of the data returned. // -// - Every key called `owner`, `payer` and `delegate_keys` are binary -// encoded public keys, Rust encoding example here: -// https://github.com/helium/helium-crypto-rs/blob/main/src/public_key.rs#L347-L354 +// - Every key called `owner`, and `delegate_keys` are solana pubkeys +// https://docs.rs/solana-sdk/1.18.0/solana_sdk/pubkey/struct.Pubkey.html // // == DevAddrs == // @@ -45,8 +44,8 @@ message org_v1 { uint64 oui = 1; // Org admin key bytes owner = 2; - // Key only used for DC payments - bytes payer = 3; + // Used to infer escrow address for DC payments + string escrow_key = 3; // List of keys allowed some specific actions, see services. repeated bytes delegate_keys = 4; // Is org locked because of no payment @@ -158,7 +157,7 @@ message org_create_helium_req_v1 { } bytes owner = 1; - bytes payer = 2; + string escrow_key = 2; // Number of device address needed // Even number required, minimum of 8 uint64 devaddrs = 3; @@ -173,7 +172,7 @@ message org_create_helium_req_v1 { message org_create_roamer_req_v1 { bytes owner = 1; - bytes payer = 2; + string escrow_key = 2; uint32 net_id = 3; // in milliseconds since unix epoch uint64 timestamp = 4; @@ -197,7 +196,7 @@ message org_update_req_v1 { message update_v1 { oneof update { bytes owner = 1; - bytes payer = 2; + string escrow_key = 2; delegate_key_update_v1 delegate_key = 3; // count of devaddrs to add, in even numbers uint64 devaddrs = 4; @@ -654,7 +653,7 @@ service org { // Create Org on any network (auth admin only) rpc create_roamer(org_create_roamer_req_v1) returns (org_res_v1); // Update any Org (Helium or Roaming) - // Modify payer and add/remove delegate keys (owner/admin) + // Modify escrow_key and add/remove delegate keys (owner/admin) // Modify owner and add/remove devaddr constraints (auth admin only) rpc update(org_update_req_v1) returns (org_res_v1); // Disable an org, this sends a stream route delete update to HPR From 306b526e1cab036f17373f68e8c4e01a5d6f199b Mon Sep 17 00:00:00 2001 From: bry Date: Wed, 20 Nov 2024 15:00:00 -0600 Subject: [PATCH 2/8] Prune legacy code --- src/service/iot_config.proto | 75 ++---------------------------------- 1 file changed, 3 insertions(+), 72 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index ac1004fd..1c03e34a 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -48,8 +48,10 @@ message org_v1 { string escrow_key = 3; // List of keys allowed some specific actions, see services. repeated bytes delegate_keys = 4; + // Is org approved on chain + bool approved = 5; // Is org locked because of no payment - bool locked = 5; + bool locked = 6; } // Device address range, ex: 16#00000001 to 16#0000000A @@ -149,69 +151,6 @@ message org_list_res_v1 { message org_get_req_v1 { uint64 oui = 1; } -message org_create_helium_req_v1 { - enum helium_net_id { - type0_0x00003c = 0; - type3_0x60002d = 1; - type6_0xc00053 = 2; - } - - bytes owner = 1; - string escrow_key = 2; - // Number of device address needed - // Even number required, minimum of 8 - uint64 devaddrs = 3; - // in milliseconds since unix epoch - uint64 timestamp = 4; - bytes signature = 5; - repeated bytes delegate_keys = 6; - // pubkey binary of the signing keypair - bytes signer = 7; - helium_net_id net_id = 8; -} - -message org_create_roamer_req_v1 { - bytes owner = 1; - string escrow_key = 2; - uint32 net_id = 3; - // in milliseconds since unix epoch - uint64 timestamp = 4; - bytes signature = 5; - repeated bytes delegate_keys = 6; - // pubkey binary of the signing keypair - bytes signer = 7; -} - -message org_update_req_v1 { - message delegate_key_update_v1 { - bytes delegate_key = 1; - action_v1 action = 2; - } - - message devaddr_constraint_update_v1 { - devaddr_constraint_v1 constraint = 1; - action_v1 action = 2; - } - - message update_v1 { - oneof update { - bytes owner = 1; - string escrow_key = 2; - delegate_key_update_v1 delegate_key = 3; - // count of devaddrs to add, in even numbers - uint64 devaddrs = 4; - // devaddr constraints to explicitly add or remove - devaddr_constraint_update_v1 constraint = 5; - } - } - - uint64 oui = 1; - repeated update_v1 updates = 2; - uint64 timestamp = 3; - bytes signer = 4; - bytes signature = 5; -} - message org_res_v1 { org_v1 org = 1; uint32 net_id = 2; @@ -648,14 +587,6 @@ service org { rpc list(org_list_req_v1) returns (org_list_res_v1); // Get Org (no auth) rpc get(org_get_req_v1) returns (org_res_v1); - // Create Org on Helium Network (auth admin only) - rpc create_helium(org_create_helium_req_v1) returns (org_res_v1); - // Create Org on any network (auth admin only) - rpc create_roamer(org_create_roamer_req_v1) returns (org_res_v1); - // Update any Org (Helium or Roaming) - // Modify escrow_key and add/remove delegate keys (owner/admin) - // Modify owner and add/remove devaddr constraints (auth admin only) - rpc update(org_update_req_v1) returns (org_res_v1); // Disable an org, this sends a stream route delete update to HPR // for all associated routes (auth admin only) rpc disable(org_disable_req_v1) returns (org_disable_res_v1); From 2008ff9fb09203b156df38d5330c580f5f4ac882 Mon Sep 17 00:00:00 2001 From: bry Date: Thu, 21 Nov 2024 13:53:06 -0600 Subject: [PATCH 3/8] add address to org_v1 --- src/service/iot_config.proto | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index 1c03e34a..eb1041d7 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -42,16 +42,18 @@ enum action_v1 { // Define an organisation message org_v1 { uint64 oui = 1; + // On chain address + bytes address = 2; // Org admin key - bytes owner = 2; + bytes owner = 3; // Used to infer escrow address for DC payments - string escrow_key = 3; + string escrow_key = 4; // List of keys allowed some specific actions, see services. - repeated bytes delegate_keys = 4; + repeated bytes delegate_keys = 5; // Is org approved on chain - bool approved = 5; + bool approved = 6; // Is org locked because of no payment - bool locked = 6; + bool locked = 7; } // Device address range, ex: 16#00000001 to 16#0000000A From d439ed9d1a0d089d7c57b731b8038e9063d7563b Mon Sep 17 00:00:00 2001 From: bry Date: Wed, 11 Dec 2024 12:59:33 -0600 Subject: [PATCH 4/8] deprecate org_v1 --- src/service/iot_config.proto | 162 +++++++++++++++++++++++++++++++++-- 1 file changed, 156 insertions(+), 6 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index eb1041d7..f81e4012 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -18,7 +18,11 @@ import "region.proto"; // are signed by the config service to allow the recipient to validate // the authenticity of the data returned. // -// - Every key called `owner`, and `delegate_keys` are solana pubkeys +// - org_v1 Every key called `owner`, `payer` and `delegate_keys` are binary +// encoded public keys, Rust encoding example here: +// https://github.com/helium/helium-crypto-rs/blob/main/src/public_key.rs#L347-L354 +// +// - org_v2 Every key called `owner`, and `delegate_keys` are solana pubkeys // https://docs.rs/solana-sdk/1.18.0/solana_sdk/pubkey/struct.Pubkey.html // // == DevAddrs == @@ -39,8 +43,23 @@ enum action_v1 { remove = 1; } -// Define an organisation +// Define an organization +// Deprecated: Use org_v2 instead message org_v1 { + option deprecated = true; + + uint64 oui = 1; + // Org admin key + bytes owner = 2; + // Key only used for DC payments + bytes payer = 3; + // List of keys allowed some specific actions, see services. + repeated bytes delegate_keys = 4; + // Is org locked because of no payment + bool locked = 5; +} + +message org_v2 { uint64 oui = 1; // On chain address bytes address = 2; @@ -139,9 +158,13 @@ message route_v1 { // Service Message Definitions // ------------------------------------------------------------------ -message org_list_req_v1 {} +message org_list_req_v1 { + option deprecated = true; +} message org_list_res_v1 { + option deprecated = true; + repeated org_v1 orgs = 1; // in seconds since unix epoch uint64 timestamp = 2; @@ -151,9 +174,104 @@ message org_list_res_v1 { bytes signature = 4; } -message org_get_req_v1 { uint64 oui = 1; } +message org_list_req_v2 {} + +message org_list_res_v2 { + repeated org_v2 orgs = 1; + // in seconds since unix epoch + uint64 timestamp = 2; + // pubkey binary of the signing keypair + bytes signer = 3; + // Signature over the response by the config service + bytes signature = 4; +} + +message org_get_req_v1 { + option deprecated = true; + + uint64 oui = 1; +} + +message org_get_req_v2 { uint64 oui = 1; } + +message org_create_helium_req_v1 { + option deprecated = true; + + enum helium_net_id { + type0_0x00003c = 0; + type3_0x60002d = 1; + type6_0xc00053 = 2; + } + + bytes owner = 1; + bytes payer = 2; + // Number of device address needed + // Even number required, minimum of 8 + uint64 devaddrs = 3; + // in milliseconds since unix epoch + uint64 timestamp = 4; + bytes signature = 5; + repeated bytes delegate_keys = 6; + // pubkey binary of the signing keypair + bytes signer = 7; + helium_net_id net_id = 8; +} + +message org_create_roamer_req_v1 { + option deprecated = true; + + bytes owner = 1; + bytes payer = 2; + uint32 net_id = 3; + // in milliseconds since unix epoch + uint64 timestamp = 4; + bytes signature = 5; + repeated bytes delegate_keys = 6; + // pubkey binary of the signing keypair + bytes signer = 7; +} + +message org_update_req_v1 { + option deprecated = true; + + message delegate_key_update_v1 { + option deprecated = true; + + bytes delegate_key = 1; + action_v1 action = 2; + } + + message devaddr_constraint_update_v1 { + option deprecated = true; + + devaddr_constraint_v1 constraint = 1; + action_v1 action = 2; + } + + message update_v1 { + option deprecated = true; + + oneof update { + bytes owner = 1; + bytes payer = 2; + delegate_key_update_v1 delegate_key = 3; + // count of devaddrs to add, in even numbers + uint64 devaddrs = 4; + // devaddr constraints to explicitly add or remove + devaddr_constraint_update_v1 constraint = 5; + } + } + + uint64 oui = 1; + repeated update_v1 updates = 2; + uint64 timestamp = 3; + bytes signer = 4; + bytes signature = 5; +} message org_res_v1 { + option deprecated = true; + org_v1 org = 1; uint32 net_id = 2; repeated devaddr_constraint_v1 devaddr_constraints = 3; @@ -165,6 +283,18 @@ message org_res_v1 { bytes signature = 6; } +message org_res_v2 { + org_v2 org = 1; + uint32 net_id = 2; + repeated devaddr_constraint_v1 devaddr_constraints = 3; + // in seconds since unix epoch + uint64 timestamp = 4; + // pubkey binary of the signing keypair + bytes signer = 5; + // Signature over the response by the config service + bytes signature = 6; +} + message org_disable_req_v1 { uint64 oui = 1; // in milliseconds since unix epoch @@ -586,9 +716,29 @@ message region_params_res_v1 { service org { // List Org (no auth) - rpc list(org_list_req_v1) returns (org_list_res_v1); + rpc list(org_list_req_v1) returns (org_list_res_v1) { + option deprecated = true; + }; + rpc list_v2(org_list_req_v2) returns (org_list_res_v2); // Get Org (no auth) - rpc get(org_get_req_v1) returns (org_res_v1); + rpc get(org_get_req_v1) returns (org_res_v1) { + option deprecated = true; + }; + rpc get_v2(org_get_req_v2) returns (org_res_v2); + // Create Org on Helium Network (auth admin only) + rpc create_helium(org_create_helium_req_v1) returns (org_res_v1) { + option deprecated = true; + }; + // Create Org on any network (auth admin only) + rpc create_roamer(org_create_roamer_req_v1) returns (org_res_v1) { + option deprecated = true; + }; + // Update any Org (Helium or Roaming) + // Modify payer and add/remove delegate keys (owner/admin) + // Modify owner and add/remove devaddr constraints (auth admin only) + rpc update(org_update_req_v1) returns (org_res_v1) { + option deprecated = true; + }; // Disable an org, this sends a stream route delete update to HPR // for all associated routes (auth admin only) rpc disable(org_disable_req_v1) returns (org_disable_res_v1); From e4d4c3ead73f1b52755a36d18b6a8bdcbe538e6b Mon Sep 17 00:00:00 2001 From: bry Date: Fri, 20 Dec 2024 13:12:41 -0600 Subject: [PATCH 5/8] fix --- src/service/iot_config.proto | 28 +++------------------------- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index f81e4012..ce155308 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -232,8 +232,6 @@ message org_create_roamer_req_v1 { } message org_update_req_v1 { - option deprecated = true; - message delegate_key_update_v1 { option deprecated = true; @@ -716,29 +714,9 @@ message region_params_res_v1 { service org { // List Org (no auth) - rpc list(org_list_req_v1) returns (org_list_res_v1) { - option deprecated = true; - }; - rpc list_v2(org_list_req_v2) returns (org_list_res_v2); + rpc list(org_list_req_v2) returns (org_list_res_v2); // Get Org (no auth) - rpc get(org_get_req_v1) returns (org_res_v1) { - option deprecated = true; - }; - rpc get_v2(org_get_req_v2) returns (org_res_v2); - // Create Org on Helium Network (auth admin only) - rpc create_helium(org_create_helium_req_v1) returns (org_res_v1) { - option deprecated = true; - }; - // Create Org on any network (auth admin only) - rpc create_roamer(org_create_roamer_req_v1) returns (org_res_v1) { - option deprecated = true; - }; - // Update any Org (Helium or Roaming) - // Modify payer and add/remove delegate keys (owner/admin) - // Modify owner and add/remove devaddr constraints (auth admin only) - rpc update(org_update_req_v1) returns (org_res_v1) { - option deprecated = true; - }; + rpc get(org_get_req_v2) returns (org_res_v2); // Disable an org, this sends a stream route delete update to HPR // for all associated routes (auth admin only) rpc disable(org_disable_req_v1) returns (org_disable_res_v1); @@ -784,7 +762,7 @@ service route { // List Filters for a Route (auth delegate_keys/owner/admin) rpc list_skfs(route_skf_list_req_v1) returns (stream skf_v1); - // List Filters for a DevAddr (auth delegate_keys/owner/admin + // List Filters for a DevAddr (auth delegate_keys/owner/admin) rpc get_skfs(route_skf_get_req_v1) returns (stream skf_v1); // Update Filters for an Org (auth delegate_keys/owner/admin) rpc update_skfs(route_skf_update_req_v1) returns (route_skf_update_res_v1); From c9c0e0e9f650fd507e894e3d1dc19ac631a18311 Mon Sep 17 00:00:00 2001 From: bry Date: Tue, 25 Feb 2025 14:58:59 -0600 Subject: [PATCH 6/8] add back v1 defs and deprecate --- src/service/iot_config.proto | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index ce155308..95757607 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -714,9 +714,29 @@ message region_params_res_v1 { service org { // List Org (no auth) - rpc list(org_list_req_v2) returns (org_list_res_v2); + rpc list(org_list_req_v1) returns (org_list_res_v1) { + option deprecated = true; + } + rpc list_v2(org_list_req_v2) returns (org_list_res_v2); // Get Org (no auth) - rpc get(org_get_req_v2) returns (org_res_v2); + rpc get(org_get_req_v1) returns (org_res_v1) { + option deprecated = true; + } + rpc get_v2(org_get_req_v2) returns (org_res_v2); + // Create Org on Helium Network (auth admin only) + rpc create_helium(org_create_helium_req_v1) returns (org_res_v1) { + option deprecated = true; + } + // Create Org on any network (auth admin only) + rpc create_roamer(org_create_roamer_req_v1) returns (org_res_v1) { + option deprecated = true; + } + // Update any Org (Helium or Roaming) + // Modify payer and add/remove delegate keys (owner/admin) + // Modify owner and add/remove devaddr constraints (auth admin only) + rpc update(org_update_req_v1) returns (org_res_v1) { + option deprecated = true; + } // Disable an org, this sends a stream route delete update to HPR // for all associated routes (auth admin only) rpc disable(org_disable_req_v1) returns (org_disable_res_v1); From 8bb89fe12546abab154ffd5f5aa312c33f464879 Mon Sep 17 00:00:00 2001 From: bry Date: Tue, 15 Apr 2025 11:13:19 -0500 Subject: [PATCH 7/8] address pr comment --- src/service/iot_config.proto | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index 95757607..8b94b5e7 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -194,6 +194,8 @@ message org_get_req_v1 { message org_get_req_v2 { uint64 oui = 1; } +// moved on chain and managed by +// pure solana instructions/transactions message org_create_helium_req_v1 { option deprecated = true; @@ -217,6 +219,8 @@ message org_create_helium_req_v1 { helium_net_id net_id = 8; } +// moved on chain and managed by +// pure solana instructions/transactions message org_create_roamer_req_v1 { option deprecated = true; @@ -231,7 +235,11 @@ message org_create_roamer_req_v1 { bytes signer = 7; } +// moved on chain and managed by +// pure solana instructions/transactions message org_update_req_v1 { + option deprecated = true; + message delegate_key_update_v1 { option deprecated = true; From fa860691e7ee276b3d041aaf3fe25d0f9a7227b4 Mon Sep 17 00:00:00 2001 From: bry Date: Tue, 15 Apr 2025 11:41:19 -0500 Subject: [PATCH 8/8] clang_format --- src/service/iot_config.proto | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/service/iot_config.proto b/src/service/iot_config.proto index 8b94b5e7..4dab0fd0 100644 --- a/src/service/iot_config.proto +++ b/src/service/iot_config.proto @@ -158,9 +158,7 @@ message route_v1 { // Service Message Definitions // ------------------------------------------------------------------ -message org_list_req_v1 { - option deprecated = true; -} +message org_list_req_v1 { option deprecated = true; } message org_list_res_v1 { option deprecated = true; @@ -727,9 +725,7 @@ service org { } rpc list_v2(org_list_req_v2) returns (org_list_res_v2); // Get Org (no auth) - rpc get(org_get_req_v1) returns (org_res_v1) { - option deprecated = true; - } + rpc get(org_get_req_v1) returns (org_res_v1) { option deprecated = true; } rpc get_v2(org_get_req_v2) returns (org_res_v2); // Create Org on Helium Network (auth admin only) rpc create_helium(org_create_helium_req_v1) returns (org_res_v1) {