The network-wide peer relationship layer is used to manage connectivity and permissions. Peers keep the distributed graph of relationships, basically a Web of Trust. That graph is used is used to prioritize connections from known peers and avoid Sybil attacks. Also, TrustGraph may be used at the application level in various ways such as prioritization of service execution on authorized peers or a tighter connection of a single company’s peers.
/. is the main project with all trust graph logic and in-memory storage as a default
identity directory is an abstracted cryptographical layer (key pairs, signature, etc.)
wasm is a package that provides fce API and could be compiled to a Wasm file. It is used SQLite as storage and could be used only with SQLite Wasm file near.
js is a npm package that allows you to create and serialize certificates
``` // Generate a new key pair let root_kp = KeyPair::generate();
// Generate a key for which a certificate will be issued let issued_for = KeyPair::generate();
// A time when the certificate will be issued and whet it will be expired let now = Duration::fromsecs(SystemTime::now().durationsince(UNIXEPOCH).unwrap().assecs() as u64) let expiresat = Duration::fromsecs(SystemTime::now().durationsince(UNIXEPOCH).unwrap().as_secs() as u64 + 10000)
// Create a certificate let mut cert = Certificate::issueroot(&rootkp, issuedfor.publickey(), expires_at, now);
// We can add more keys to extend created certificate
// The method requires currenttime to check if the old certificate is valid
let newkey = KeyPair::generate();
let newcert = Certificate::issue(
&issuedfor,
newkey.publickey(),
&cert,
expiresat,
now,
currenttime(),
)?;
// Create new trust graph instance let st = Box::new(InMemoryStorage::new()); let mut graph = TrustGraph::new(st);
// Add root weights. Basic keys that certificates should start with graph.addrootweight(rootkp.publickey().into(), 1);
// Add the certificate to a trust graph // currenttime is to check if certificate is still valid // Could throw an error if the certificate is expired or malformed graph.add(newcert, current_time()).unwrap();
// We can check a weight of a key based on certificates we added and root weights // If one public key have multiple trusts, we will get the maximum let w = graph.weight(newkey.publickey()).unwrap().unwrap();
// Every trust or chain of trusts could be revoked by owners of keys in certificates
let revoke = Revoke::create(&issuedfor, newkey.publickey(), currenttime()); graph.revoke(revoke).unwrap(); ```