Migrate Identity (#1621)

* passkey member identifier

* nit

* incremental progress

* move public identifiers into its own file

* adapt association log

* external identifier

* enforce permissions via data structures

* wip

* wip

* more cleanup

* wip

* cleanup

* more cleanup

* cleanup verified signature

* cleanup id/mod.rs

* cleanup serialization, update protos

* more cleanup

* more cleanup

* continue making improvements

* cleanup

* checking in progress

* continue cleanup

* cleaner approach

* more cleanup

* cleanup

* fix the query

* cleanup

* database adjustments

* rename wallet entry to identity cache

* consent record to root identifier

* cleanup builder.rs

* update consent

* update consent save

* update a few more methods

* two errors left

* xmtp_mls is done, now for the bindings

* continue cleanup

* work on the ffi more

* Update the InboxOwner trait

* rename to PublicIdentifier

* wip

* refactor ffi progress

* mls cleanup

* cleanup

* update the cli example

* continue cleanup

* continue updating

* finish with node/client.rs

* update node consent state

* consent state in node

* more cleaning up

* continue cleanup

* fix typo

* cleanup wasm client

* cleanup

* proto

* fix a test

* revert signature text

* update migration

* update migration

* update migration one more time

* fix

* rework migration approach

* schema gen

* fix

* checking in

* turn off for now

* default ident kind to Ethereum

* update proto

* update nomenclature

* fix consent

* test fix

* test fix

* cleanup

* tweak udl

* taplo

* adjust ffi

* update the udl

* cleanup

* sign

* put the udl in the namespace

* relying partner

* ffi relying partner

* node relying partner

* wasm relying partner

* udl

* remove udl

* java kts file

* api fix

* ignore faulty test

* cleanup

* cleanup

* test fix

* lint

* test fix

* lint

* fix bench

* prettier

* lint

* lint

* fix bench

* lint

* lint

* lint

* cleanup

* update kotlin gen script

* todo done

* re-add udl file to get android build working (#1678)

Co-authored-by: cameronvoell <cameronvoell@users.noreply.github.com>

* remove ffirootidentifier

* remove wasm root identifier

* remove node root identifier

* lint

* cleanup

* fixes for the new tests

* cleanup

* use an env var

* drop address from consent

* lint

* fix

* lint

* lint

* legacy interop tests (#1694)

* legacy interop tests

* test group

* cleanup

* revert bindings_node

* revert bindings_node

* update comment

* Update xmtp_mls/src/client.rs

Co-authored-by: Mojtaba Chenani <chenani@outlook.com>

* Update xmtp_mls/src/identity_updates.rs

Co-authored-by: Mojtaba Chenani <chenani@outlook.com>

* Update xmtp_mls/src/client.rs

Co-authored-by: Cameron Voell <1103838+cameronvoell@users.noreply.github.com>

* Update xmtp_mls/src/client.rs

Co-authored-by: Cameron Voell <1103838+cameronvoell@users.noreply.github.com>

* undo comment

* update can_message

* lint

* fix node tests

* ffi public identifier -> ffi identifier

* cleanup

* cleanup

* just identifier

* bump

* lint

* remove disappearing messages test from node

* disable another test

* more cleanup

* flakiness

---------

Co-authored-by: Cameron Voell <1103838+cameronvoell@users.noreply.github.com>
Co-authored-by: cameronvoell <cameronvoell@users.noreply.github.com>
Co-authored-by: Naomi Plasterer <naomi@xmtp.com>
Co-authored-by: Mojtaba Chenani <chenani@outlook.com>

Author: 4 people

.gitignore

@@ -167,3 +167,6 @@ ecies_bindings_wasm/
 **/tracing-flamegraph.svg
 
 chain_urls.json
+
+# Mise Configs
+.mise.toml

Cargo.lock

@@ -9,6 +9,7 @@ crate-type = ["lib", "cdylib", "staticlib"]
 
 [dependencies]
 futures.workspace = true
+hex.workspace = true
 parking_lot.workspace = true
 prost.workspace = true
 thiserror.workspace = true

bindings_ffi/Cargo.toml

@@ -10,9 +10,9 @@ use xmtp_common::{
     bench::{bench_async_setup, BENCH_ROOT_SPAN},
     tmp_path,
 };
-use xmtp_id::InboxOwner;
+use xmtp_id::associations::test_utils::WalletTestExt;
 use xmtp_mls::utils::test::HISTORY_SYNC_URL;
-use xmtpv3::generate_inbox_id;
+use xmtpv3::identity::FfiIdentifier;
 
 #[macro_use]
 extern crate tracing;
@@ -52,8 +52,9 @@ fn create_ffi_client(c: &mut Criterion) {
             || {
                 bench_async_setup(|| async {
                     let wallet = xmtp_cryptography::utils::generate_local_wallet();
+                    let ident = wallet.identifier();
                     let nonce = 1;
-                    let inbox_id = generate_inbox_id(wallet.get_address(), nonce).unwrap();
+                    let inbox_id = ident.inbox_id(nonce).unwrap();
                     let path = tmp_path();
                     let (url, is_secure) = network_url();
                     let api = xmtpv3::mls::connect_to_backend(url, is_secure)
@@ -62,20 +63,21 @@ fn create_ffi_client(c: &mut Criterion) {
                     (
                         api,
                         inbox_id,
-                        wallet.get_address(),
+                        wallet.identifier(),
                         nonce,
                         path,
                         span.clone(),
                     )
                 })
             },
-            |(api, inbox_id, address, nonce, path, span)| async move {
+            |(api, inbox_id, ident, nonce, path, span)| async move {
+                let ffi_ident: FfiIdentifier = ident.into();
                 xmtpv3::mls::create_client(
                     api,
                     Some(path),
                     Some(vec![0u8; 32]),
                     &inbox_id,
-                    address,
+                    ffi_ident,
                     nonce,
                     None,
                     Some(HISTORY_SYNC_URL.to_string()),
@@ -99,9 +101,11 @@ fn cached_create_ffi_client(c: &mut Criterion) {
     let _ = fdlimit::raise_fd_limit();
     let mut benchmark_group = c.benchmark_group("create_client_from_cached");
     let wallet = xmtp_cryptography::utils::generate_local_wallet();
+    let ident = wallet.identifier();
     let nonce = 1;
-    let inbox_id = generate_inbox_id(wallet.get_address(), nonce).unwrap();
-    let address = wallet.get_address();
+    let inbox_id = ident.inbox_id(nonce).unwrap();
+    let ffi_ident: FfiIdentifier = ident.into();
+    let address = wallet.identifier();
     let path = tmp_path();
     let (url, is_secure) = network_url();
     let api = runtime.block_on(async {
@@ -113,7 +117,7 @@ fn cached_create_ffi_client(c: &mut Criterion) {
             Some(path.clone()),
             Some(vec![0u8; 32]),
             &inbox_id.clone(),
-            address.clone(),
+            ffi_ident,
             nonce,
             None,
             Some(HISTORY_SYNC_URL.to_string()),
@@ -138,13 +142,14 @@ fn cached_create_ffi_client(c: &mut Criterion) {
                     span.clone(),
                 )
             },
-            |(api, inbox_id, address, nonce, path, history_sync, span)| async move {
+            |(api, inbox_id, ident, nonce, path, history_sync, span)| async move {
+                let ffi_ident: FfiIdentifier = ident.into();
                 xmtpv3::mls::create_client(
                     api,
                     Some(path),
                     Some(vec![0u8; 32]),
                     &inbox_id,
-                    address,
+                    ffi_ident,
                     nonce,
                     None,
                     Some(history_sync),

bindings_ffi/benches/create_client.rs

@@ -1,7 +1,6 @@
 use std::process::Command;
 
 fn main() {
-    uniffi::generate_scaffolding("./src/xmtpv3.udl").expect("Building the UDL file failed");
     Command::new("make")
         .args(["libxmtp-version"])
         .status()

bindings_ffi/build.rs

@@ -71,4 +71,3 @@ unzip -o LibXMTPKotlinFFI.zip
 cd ../../..
 
 cp -r $BINDINGS_PATH/src/uniffi/$PROJECT_NAME/jniLibs/* ~/XMTP/xmtp-android/library/src/main/jniLibs
-

bindings_ffi/gen_kotlin.sh

@@ -0,0 +1,105 @@
+use std::fmt::Display;
+use xmtp_cryptography::signature::IdentifierValidationError;
+use xmtp_id::associations::{ident, Identifier};
+
+use crate::GenericError;
+
+#[derive(uniffi::Record, Hash, PartialEq, Eq, Clone)]
+pub struct FfiIdentifier {
+    pub identifier: String,
+    pub identifier_kind: FfiIdentifierKind,
+    pub relying_partner: Option<String>,
+}
+
+#[derive(uniffi::Enum, Hash, PartialEq, Eq, Clone)]
+pub enum FfiIdentifierKind {
+    Ethereum,
+    Passkey,
+}
+
+impl FfiIdentifier {
+    pub fn inbox_id(&self, nonce: u64) -> Result<String, GenericError> {
+        let ident: Identifier = self.clone().try_into().map_err(GenericError::from_error)?;
+        Ok(ident.inbox_id(nonce)?)
+    }
+}
+
+impl Display for FfiIdentifier {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self.identifier_kind {
+            FfiIdentifierKind::Ethereum => write!(f, "{}", self.identifier),
+            FfiIdentifierKind::Passkey => write!(f, "{}", hex::encode(&self.identifier)),
+        }
+    }
+}
+
+#[allow(unused)]
+#[uniffi::export]
+pub fn generate_inbox_id(
+    account_identifier: FfiIdentifier,
+    nonce: u64,
+) -> Result<String, GenericError> {
+    account_identifier.inbox_id(nonce)
+}
+
+impl From<Identifier> for FfiIdentifier {
+    fn from(ident: Identifier) -> Self {
+        match ident {
+            Identifier::Ethereum(ident::Ethereum(addr)) => Self {
+                identifier: addr,
+                identifier_kind: FfiIdentifierKind::Ethereum,
+                relying_partner: None,
+            },
+            Identifier::Passkey(ident::Passkey {
+                key,
+                relying_partner,
+            }) => Self {
+                identifier: hex::encode(key),
+                identifier_kind: FfiIdentifierKind::Passkey,
+                relying_partner,
+            },
+        }
+    }
+}
+
+impl TryFrom<FfiIdentifier> for Identifier {
+    type Error = IdentifierValidationError;
+    fn try_from(ident: FfiIdentifier) -> Result<Self, Self::Error> {
+        let ident = match ident.identifier_kind {
+            FfiIdentifierKind::Ethereum => Self::eth(ident.identifier)?,
+            FfiIdentifierKind::Passkey => {
+                Self::passkey_str(&ident.identifier, ident.relying_partner)?
+            }
+        };
+        Ok(ident)
+    }
+}
+
+pub trait IdentityExt<T, U> {
+    fn to_internal(self) -> Result<Vec<U>, IdentifierValidationError>;
+}
+
+impl IdentityExt<FfiIdentifier, Identifier> for Vec<FfiIdentifier> {
+    fn to_internal(self) -> Result<Vec<Identifier>, IdentifierValidationError> {
+        let ident: Result<Vec<_>, IdentifierValidationError> =
+            self.into_iter().map(|ident| ident.try_into()).collect();
+        ident
+    }
+}
+
+pub trait FfiCollectionExt<T> {
+    fn to_ffi(self) -> Vec<T>;
+}
+impl FfiCollectionExt<FfiIdentifier> for Vec<Identifier> {
+    fn to_ffi(self) -> Vec<FfiIdentifier> {
+        self.into_iter().map(Into::into).collect()
+    }
+}
+pub trait FfiCollectionTryExt<T> {
+    fn to_internal(self) -> Result<Vec<T>, IdentifierValidationError>;
+}
+impl FfiCollectionTryExt<Identifier> for Vec<FfiIdentifier> {
+    fn to_internal(self) -> Result<Vec<Identifier>, IdentifierValidationError> {
+        self.into_iter().map(|ident| ident.try_into()).collect()
+    }
+}

bindings_ffi/src/identity.rs

@@ -1,21 +1,32 @@
-use xmtp_cryptography::signature::{RecoverableSignature, SignatureError};
+use crate::identity::FfiIdentifier;
+use xmtp_cryptography::signature::{
+    IdentifierValidationError, RecoverableSignature, SignatureError,
+};
+use xmtp_id::associations::Identifier;
 
 // TODO proper error handling
-#[derive(Debug, thiserror::Error)]
+#[derive(uniffi::Error, Debug, thiserror::Error)]
 pub enum SigningError {
     #[error("This is a generic error")]
     Generic,
 }
 
+#[derive(uniffi::Error, Debug, thiserror::Error)]
+pub enum IdentityValidationError {
+    #[error("Error: {0:?}")]
+    Generic(String),
+}
+
 impl From<uniffi::UnexpectedUniFFICallbackError> for SigningError {
     fn from(_: uniffi::UnexpectedUniFFICallbackError) -> Self {
         Self::Generic
     }
 }
 
 // A simplified InboxOwner passed to Rust across the FFI boundary
+#[uniffi::export(with_foreign)]
 pub trait FfiInboxOwner: Send + Sync {
-    fn get_address(&self) -> String;
+    fn get_identifier(&self) -> Result<FfiIdentifier, IdentityValidationError>;
     fn sign(&self, text: String) -> Result<Vec<u8>, SigningError>;
 }
 
@@ -30,8 +41,12 @@ impl RustInboxOwner {
 }
 
 impl xmtp_mls::InboxOwner for RustInboxOwner {
-    fn get_address(&self) -> String {
-        self.ffi_inbox_owner.get_address().to_lowercase()
+    fn get_identifier(&self) -> Result<Identifier, IdentifierValidationError> {
+        let ident = self
+            .ffi_inbox_owner
+            .get_identifier()
+            .map_err(|err| IdentifierValidationError::Generic(err.to_string()))?;
+        ident.try_into()
     }
 
     fn sign(&self, text: &str) -> Result<RecoverableSignature, SignatureError> {

bindings_ffi/src/inbox_owner.rs

@@ -1,22 +1,18 @@
 #![recursion_limit = "256"]
 #![warn(clippy::unwrap_used)]
+pub mod identity;
 pub mod inbox_owner;
 pub mod logger;
 pub mod mls;
 
 pub use crate::inbox_owner::SigningError;
-use inbox_owner::FfiInboxOwner;
 pub use mls::*;
 use std::error::Error;
+use xmtp_cryptography::signature::IdentifierValidationError;
 
 extern crate tracing as log;
 
-pub use ffi::*;
-#[allow(clippy::all)]
-mod ffi {
-    use super::*;
-    uniffi::include_scaffolding!("xmtpv3");
-}
+uniffi::setup_scaffolding!("xmtpv3");
 
 #[derive(uniffi::Error, thiserror::Error, Debug)]
 #[uniffi(flat_error)]
@@ -63,6 +59,8 @@ pub enum GenericError {
     ApiClientBuild(#[from] xmtp_api_grpc::GrpcBuilderError),
     #[error(transparent)]
     Grpc(#[from] xmtp_api_grpc::GrpcError),
+    #[error(transparent)]
+    AddressValidation(#[from] IdentifierValidationError),
 }
 
 #[derive(uniffi::Error, thiserror::Error, Debug)]