Versions Compared

Version Old Version 9 New Version Current
Changes made by

Yuval Carmel

Yuval Carmel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The protobuf3 messages defined in this section are the building blocks of the inter FinP2P node Router communication.

Terminology

...

The FinID token is a JWT generated by a Governance nodeRouter. It provides proof that the owner Node Router identity was verified and certified by the Governance nodeRouter.

The Token includes critical Node Router information that is used and validated during FinP2P protocol. This information is signed by the Governance nodeRouter.

Token Claims

As part of the claims, this token includes:

  • Cluster ID. the cluster ID for this Organization ID. And Organization can belong to different cluster. For each cluster, an organization registers a different, system wide unique, Org ID.

  • Organization Public FinID. By adding the Organization FinID, we can always verify that the Node Router presenting the FinID Token is in fact the real owner of the token by verifying signatures.

  • Organization Information details: Name, email address, etc.

The JWT token must be signed by a Governance NodeRouter.

Code Block
header:{
  "alg": "ES256",
  "kid": < Id of the key used to sing this token >,
  "typ": "JWT"
},
payload:{
  // JWT Claims
  "iss": < Governance issuer >,
  // OrgID alwasy start witht he prefix "ORG:"
  "sub": < Org Resource ID >,
  "aud":["randezvous", < others >],
  "iat": < time this token was generated >
  "exp": < Expiration Time for this FinID Token >,
  "jti": < FinID Token Unique Identifier >
  
  // FinID Token Claims
  // ClusterID always starts with the prefix "CLR:"
  "clusterid": < Cluster ID for this Org ID >,
  "finid":{
  },
  "orginfo":{
    "createdAt": < time this organization was created >
    "name": < Organization Name >,
    "email": < Organization Admin email address>,
    <other info>
  }
}

...

This ID identifies a Cluster of FinP2P nodesRouters. A Cluster is defined as a group of organizations sharing the same distributed ledger.

...

<organization id>:<resource type>:<resource>

Field

Description

Notes

organization id

The identifier of the organization responsible to manage the resource

An OrgID has always a prefix of ORG:<id>,
i.e. ORG:MyOrgID

resource type

The type of the resource. Resource type is specified with an ID. The specification reserves the following IDs range:

  • 0-99: unused

  • 100-999: reserved for FinP2P

  • 1000- : Undefined

In this specification we define:

  • 101: user. A resource identifying a user of the system

  • 102: asset. A resource identifying an asset.

If an Implementation wants to specify a resource not defined in this specification it must use the undefined range. Undefined range is not part of the specification but it may be monitored to avoid overlapping.

id

The id field is the internal identification of the resource. Organizations may have different methods to identify their resource.

ResourceID Proto3 Representation

...

Code Block
message SignatureTemplate {
    repeated HashGroup hashGroups = 1;
    bytes hash = 2; // combined hash value of all hash groups
}

message HashGroup {
    bytes hash = 1;
    repeated HashField fields = 2;
}

message HashField {
    string name = 1;
    enum Type {
        UNKNOWN = 0;
        STRING  = 1;
        INT  = 2;
        BYTES  = 3;
    }
    Type type = 2;
    bytes value = 3;
}

Supported types:

Types

Format

Samples

String

UTF-8, UTF-16

INT

int64

UID

byte

Network interface

This specification defines 2 logical layers that interacts with each other. The first Layer is FinP2P-Core where al the Business logic is implemented and services defined. the second Layer is FinP2P-Netowrk. this network layer is actually the layer that implements the gRPC protocol as specified in this document.

...

Note on the To field:

On broadcast requests to the same cluster, the cluster ID must be specified. This will provide the FinP2P-Network a hint about the group of nodes Routers to be addressed.

The Balance task shows an example

...

For this specification we define:

Code

Description

Notes

0

The request was handled successfully

1-999

An error has occurred.

See task for error descriptions

Code Block
message Status: {
  uint32 code = 1; // A status code representing success|warning|error
  string message = 2; // message or sructure adding more information about the status code
}

...

Note: During advertising, Each node Router advertise its resource ID and FinID ( see below Advertise)

...

Services are the function defined on the messages FinP2P-Network shares with other nodesRouters.

Following FinP2P Services for detailed description about the network functional services.

Advertise Service

A node Router use this task to advertise to the network the Node Router capabilities, supported resources, new address, etc

The Advertise message has always the Rendezvous cluster as destination. Other FinP2P nodes Routers may also be targeted.

Code Block
service AdvertiseService {
  rpc Advertise(SignedAdvertiseRequest) returns (SignedAdvertiseResponse) {}
}

...

The advertisement packet includes multiple units that can be sent one by one or all in a single packet. The only required field is the Identity field.

At any time a FinP2P Node Router can send this packet to update its information.

...

Address

Network Address of this NodeRouter.

Code Block
message Address {
  string address = 1; // ip address | name // Name is a DNS resolvable name
  uint32 port = 2; // listen port
}
Resources

A FinP2P Node Router advertise its resources with an initial ACL list. This ACL list is used to protect the visibility of the resources and allow only Organizations on the ACL to be able to read.

...

The capability structure enumerate the supported capabilities of this nodeRouter.

Code Block
message Capability {
  Version finp2pVersion = 1;
  (TBD)
}

...