nucypher.policy¶

Submodules¶

class TreasureMap(m: int = None, destinations=None, message_kit: nucypher.crypto.kits.PolicyMessageKit = None, public_signature: umbral.signing.Signature = None, hrac: Optional[bytes] = None)¶

Bases: object

ID_LENGTH = 32¶

exception NowhereToBeFound(*args, **kwargs)¶

Bases: nucypher.network.middleware.RestMiddleware.NotFound

Called when no known nodes have it.

exception IsDisorienting¶

Bases: nucypher.network.nodes.Learner.NotEnoughNodes

Called when an oriented TreasureMap lists fewer than m destinations, which leaves Bob disoriented.

node_id_splitter = <bytestring_splitter.BytestringSplitter object>¶

exception InvalidSignature¶

Bases: Exception

Raised when a Signature is not valid.

classmethod splitter()¶

prepare_for_publication(bob_encrypting_key, bob_verifying_key, alice_stamp, label)¶

property m¶

property destinations¶

nodes_as_bytes()¶

add_arrangement(ursula, arrangement)¶

public_id() → str ¶: We need an ID that Bob can glean from knowledge he already has and which Ursula can verify came from Alice. Ursula will refuse to propagate this if it she can’t prove the payload is signed by Alice’s public key, which is included in it,

classmethod from_bytes(bytes_representation, verify=True)¶

public_verify()¶

orient(compass)¶: When Bob receives the TreasureMap, he’ll pass a compass (a callable which can verify and decrypt the payload message kit).

check_for_sufficient_destinations()¶

class SignedTreasureMap(blockchain_signature=NOT_SIGNED, *args, **kwargs)¶

Bases: nucypher.policy.collections.TreasureMap

classmethod splitter()¶

include_blockchain_signature(blockchain_signer)¶

verify_blockchain_signature(checksum_address)¶

class WorkOrder(bob: nucypher.characters.lawful.Bob, arrangement_id, alice_address: bytes, tasks: dict, receipt_signature, ursula=None, blockhash=None)¶

Bases: object

class PRETask(capsule, signature, cfrag=None, cfrag_signature=None)¶

Bases: object

input_splitter = <bytestring_splitter.BytestringSplitter object>¶

output_splitter = <bytestring_splitter.BytestringSplitter object>¶

get_specification(ursula_pubkey, alice_address, blockhash, ursula_identity_evidence=b'')¶

classmethod from_bytes(data: bytes)¶

attach_work_result(cfrag, cfrag_signature)¶

HEADER = b'wo:'¶

classmethod construct_by_bob(arrangement_id, alice_verifying, capsules, ursula, bob)¶

classmethod from_rest_payload(arrangement_id, rest_payload, ursula, alice_address)¶

payload()¶: Creates a serialized WorkOrder. Called by Bob requesting reencryption tasks

complete(cfrags_and_signatures)¶

sanitize()¶

class WorkOrderHistory¶

Bases: object

property ursulas¶

most_recent_replete(capsule)¶: Returns most recent WorkOrders for each Ursula which contain a complete task (with CFrag attached) for this Capsule.

save_work_order(work_order, as_replete=False)¶

by_checksum_address(checksum_address)¶

by_capsule(capsule: umbral.pre.Capsule)¶

class Revocation(arrangement_id: bytes, signer: Optional[nucypher.crypto.signing.SignatureStamp] = None, signature: umbral.signing.Signature = None)¶

Bases: object

Represents a string used by characters to perform a revocation on a specific Ursula. It’s a bytestring made of the following format: REVOKE-<arrangement id to revoke><signature of the previous string> This is sent as a payload in a DELETE method to the /KFrag/ endpoint.

revocation_splitter = <bytestring_splitter.BytestringSplitter object>¶

classmethod from_bytes(revocation_bytes)¶

verify_signature(alice_pubkey: umbral.keys.UmbralPublicKey)¶: Verifies the revocation was from the provided pubkey.

class IndisputableEvidence(task: WorkOrder.Task, work_order: WorkOrder, delegating_pubkey: umbral.keys.UmbralPublicKey = None, receiving_pubkey: umbral.keys.UmbralPublicKey = None, verifying_pubkey: umbral.keys.UmbralPublicKey = None)¶

Bases: object

get_proof_challenge_scalar() → umbral.curvebn.CurveBN¶

precompute_values() → bytes ¶

evaluation_arguments() → Tuple¶

class Card(character_flag: Union[ALICE(b’?\xba\x93\xd8V\xb4G\x95’), BOB(b’\xfd(1@\x11\x98k\xd4’)], verifying_key: Union[umbral.keys.UmbralPublicKey, bytes], encrypting_key: Union[bytes, umbral.keys.UmbralPublicKey, None] = None, nickname: Union[bytes, str, None] = None)¶

Bases: object

” A simple serializable representation of a character’s public materials.

TRUNCATE = 16¶

CARD_DIR = PosixPath('/home/docs/.local/share/nucypher/cards')¶

exception InvalidCard¶

Bases: Exception

Raised when an invalid, corrupted, or otherwise unsable card is encountered

exception UnknownCard¶

Bases: Exception

Raised when a card cannot be found in storage

exception UnsignedCard¶

Bases: Exception

Raised when a card serialization cannot be handled due to the lack of a signature

property character¶

classmethod from_bytes(card_bytes: bytes) → nucypher.policy.identity.Card ¶

classmethod from_hex(hexdata: str)¶

to_hex() → str ¶

classmethod from_base64(b64data: str)¶

to_base64() → str ¶

to_qr_code()¶

classmethod from_dict(card: Dict)¶

to_dict() → Dict¶

describe(truncate: int = 16) → Dict¶

to_json(as_string: bool = True) → Union[dict, str]¶

classmethod from_character(character: nucypher.characters.base.Character, nickname: Optional[str] = None) → nucypher.policy.identity.Card ¶

property verifying_key¶

property encrypting_key¶

property id¶

set_nickname(nickname: str) → None ¶

property nickname¶

property filepath¶

property is_saved¶

save(encoder: Callable = <function b64encode>, overwrite: bool = False) → pathlib.Path ¶

classmethod lookup(identifier: str, card_dir: Optional[pathlib.Path] = PosixPath('/home/docs/.local/share/nucypher/cards')) → pathlib.Path ¶: Resolve a card ID or nickname into a Path object

classmethod load(filepath: Optional[pathlib.Path] = None, identifier: str = None, card_dir: pathlib.Path = None, decoder: Callable = <function b64decode>) → nucypher.policy.identity.Card ¶

delete() → None ¶

class Arrangement(alice_verifying_key: umbral.keys.UmbralPublicKey, expiration: maya.core.MayaDT, arrangement_id: bytes)¶

Bases: object

A contract between Alice and a single Ursula.

ID_LENGTH = 32¶

splitter = <bytestring_splitter.BytestringSplitter object>¶

classmethod from_alice(alice: nucypher.characters.lawful.Alice, expiration: maya.core.MayaDT) → nucypher.policy.policies.Arrangement ¶

classmethod from_bytes(arrangement_as_bytes: bytes) → nucypher.policy.policies.Arrangement ¶

class TreasureMapPublisher(worker, nodes, percent_to_complete_before_release=5, threadpool_size=120, timeout=20)¶

Bases: object

log¶

Drop-in replacement of Twisted’s Logger, patching the emit() method to tolerate inputs with curly braces, i.e., not compliant with PEP 3101.

See Issue #724 and, particularly, https://github.com/nucypher/nucypher/issues/724#issuecomment-600190455

property completed¶

start()¶

block_until_success_is_reasonably_likely()¶

block_until_complete()¶

class MergedReservoir(values: Iterable, reservoir: nucypher.blockchain.eth.agents.StakersReservoir)¶

Bases: object

A reservoir made of a list of addresses and a StakersReservoir. Draws the values from the list first, then from StakersReservoir, then returns None on subsequent calls.

class PrefetchStrategy(reservoir: nucypher.policy.policies.MergedReservoir, need_successes: int)¶

Bases: object

Encapsulates the batch draw strategy from a reservoir. Determines how many values to draw based on the number of values that have already led to successes.

class Policy(alice: nucypher.characters.lawful.Alice, label: bytes, expiration: maya.core.MayaDT, bob: Bob, kfrags: Sequence[umbral.kfrags.KFrag], public_key: umbral.keys.UmbralPublicKey, m: int)¶

Bases: abc.ABC

An edict by Alice, arranged with n Ursulas, to perform re-encryption for a specific Bob.

POLICY_ID_LENGTH = 16¶

log¶

Drop-in replacement of Twisted’s Logger, patching the emit() method to tolerate inputs with curly braces, i.e., not compliant with PEP 3101.

See Issue #724 and, particularly, https://github.com/nucypher/nucypher/issues/724#issuecomment-600190455

exception NotEnoughUrsulas¶

Bases: Exception

Raised when a Policy has been used to generate Arrangements with Ursulas insufficient number such that we don’t have enough KFrags to give to each Ursula.

exception EnactmentError¶

Bases: Exception

Raised if one or more Ursulas failed to enact the policy.

enact(network_middleware: nucypher.network.middleware.RestMiddleware, handpicked_ursulas: Optional[Iterable[nucypher.characters.lawful.Ursula]] = None, publish_treasure_map: bool = True) → nucypher.policy.policies.EnactedPolicy ¶: Attempts to enact the policy, returns an EnactedPolicy object on success.

class FederatedPolicy(alice: nucypher.characters.lawful.Alice, label: bytes, expiration: maya.core.MayaDT, bob: Bob, kfrags: Sequence[umbral.kfrags.KFrag], public_key: umbral.keys.UmbralPublicKey, m: int)¶: Bases: nucypher.policy.policies.Policy

class BlockchainPolicy(value: int, rate: int, duration_periods: int, *args, **kwargs)¶

Bases: nucypher.policy.policies.Policy

A collection of n Arrangements representing a single Policy

exception InvalidPolicyValue¶: Bases: ValueError

exception NotEnoughBlockchainUrsulas¶: Bases: nucypher.policy.policies.Policy.NotEnoughUrsulas

static generate_policy_parameters(n: int, duration_periods: int, value: int = None, rate: int = None) → dict ¶

class EnactedPolicy(id: bytes, hrac: bytes, label: bytes, public_key: umbral.keys.UmbralPublicKey, treasure_map: TreasureMap, treasure_map_publisher: nucypher.policy.policies.TreasureMapPublisher, revocation_kit: nucypher.crypto.kits.RevocationKit, alice_verifying_key: umbral.keys.UmbralPublicKey)¶

Bases: object

publish_treasure_map()¶