Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete expired KeyPackage, rotate KeyPackages #541

Closed
wants to merge 3 commits into from
Closed

Delete expired KeyPackage, rotate KeyPackages #541

wants to merge 3 commits into from

Conversation

Bren2010
Copy link
Contributor

We still need to rotate the KeyPackage if there haven't been any Welcome messages processed in the last X months, but I'm not sure the best way to implement that check?

@Bren2010 Bren2010 requested a review from a team February 26, 2024 05:59
richardhuaaa
richardhuaaa approved these changes Feb 26, 2024
View reviewed changes
Copy link
Contributor

@richardhuaaa richardhuaaa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! How do we plan to delete the key material from the old key package on the client once the new package is uploaded? Is the idea to pipe an expiry into MLS for the old package at the time that the new one is created?

xmtp_mls/migrations/2024-02-23-182644_add_expiration/up.sql Outdated Show resolved Hide resolved
@richardhuaaa
Copy link
Contributor

For the CI issue, just run cargo fmt at the root of the repo and commit the change!

tuddman
tuddman suggested changes Feb 29, 2024
View reviewed changes
Cargo.toml
Comment on lines +33 to 37
openmls = { git = "https://github.com/Bren2010/openmls", rev = "3992d09" }
openmls_basic_credential = { git = "https://github.com/Bren2010/openmls", rev = "3992d09" }
openmls_rust_crypto = { git = "https://github.com/Bren2010/openmls", rev = "3992d09" }
openmls_traits = { git = "https://github.com/Bren2010/openmls", rev = "3992d09" }
prost = "^0.12"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't a PR be put up against https://github.com/xmtp/openmls with any necessary changes here?
(Rather than changing the base repo on which we're using. )
Without more context here for why this change is necessary, I would advise on holding off on merging this until:

  • It's clear here why we should switch to using Brendan's fork, or
  • we wait for the changes to land in xmtp/openmls and we retain that dependency.

cc @neekolas @richardhuaaa

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a PR here: xmtp/openmls#20

The Cargo.toml here was just changed temporarily

@Bren2010 Bren2010 force-pushed the brendan/expiration branch from ee291c5 to 85112a0 Compare March 11, 2024 17:02
@Bren2010
Copy link
Contributor Author

Looks great! How do we plan to delete the key material from the old key package on the client once the new package is uploaded? Is the idea to pipe an expiry into MLS for the old package at the time that the new one is created?

My idea was just to just leave all KeyPackages in storage until they expire, based on the thought that they might still be used.

@nplasterer nplasterer mentioned this pull request Apr 11, 2024
Closed
38 tasks
@nplasterer nplasterer mentioned this pull request Jun 25, 2024
Open
33 tasks
@nplasterer nplasterer closed this Oct 3, 2024
@nplasterer nplasterer deleted the brendan/expiration branch October 3, 2024 19:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tuddman tuddman tuddman requested changes

@richardhuaaa richardhuaaa richardhuaaa approved these changes

Assignees
No one assigned
Labels
Client App
Projects
V3 Backlog
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Bren2010 @richardhuaaa @tuddman @nplasterer @bwcDvorak