class TreasureMap(m: int = None, destinations=None, message_kit: nucypher.crypto.kits.PolicyMessageKit = None, public_signature: umbral.signing.Signature = None, hrac: Optional[bytes] = None)

Bases: object

exception NowhereToBeFound(*args, **kwargs)


Called when no known nodes have it.

exception IsDisorienting


Called when an oriented TreasureMap lists fewer than m destinations, which leaves Bob disoriented.

node_id_splitter = <bytestring_splitter.BytestringSplitter object>
exception InvalidSignature

Bases: Exception

Raised when a Signature is not valid.

classmethod splitter()
prepare_for_publication(bob_encrypting_key, bob_verifying_key, alice_stamp, label)
property m
property destinations
add_arrangement(ursula, arrangement)

We need an ID that Bob can glean from knowledge he already has and which Ursula can verify came from Alice. Ursula will refuse to propagate this if it she can’t prove the payload is signed by Alice’s public key, which is included in it,

classmethod from_bytes(bytes_representation, verify=True)

When Bob receives the TreasureMap, he’ll pass a compass (a callable which can verify and decrypt the payload message kit).

class SignedTreasureMap(blockchain_signature=NOT_SIGNED, *args, **kwargs)

Bases: nucypher.policy.collections.TreasureMap

classmethod splitter()
class WorkOrder(bob: nucypher.characters.lawful.Bob, arrangement_id, alice_address: bytes, tasks: dict, receipt_signature, ursula=None, blockhash=None)

Bases: object

class PRETask(capsule, signature, cfrag=None, cfrag_signature=None)

Bases: object

input_splitter = <bytestring_splitter.BytestringSplitter object>
output_splitter = <bytestring_splitter.BytestringSplitter object>
get_specification(ursula_pubkey, alice_address, blockhash, ursula_identity_evidence=b'')
classmethod from_bytes(data: bytes)
attach_work_result(cfrag, cfrag_signature)
HEADER = b'wo:'
classmethod construct_by_bob(arrangement_id, alice_verifying, capsules, ursula, bob)
classmethod from_rest_payload(arrangement_id, rest_payload, ursula, alice_address)

Creates a serialized WorkOrder. Called by Bob requesting reencryption tasks

class WorkOrderHistory

Bases: object

property ursulas

Returns most recent WorkOrders for each Ursula which contain a complete task (with CFrag attached) for this Capsule.

save_work_order(work_order, as_replete=False)
by_capsule(capsule: umbral.pre.Capsule)
class Revocation(arrangement_id: bytes, signer: Optional[nucypher.crypto.signing.SignatureStamp] = None, signature: umbral.signing.Signature = None)

Bases: object

Represents a string used by characters to perform a revocation on a specific Ursula. It’s a bytestring made of the following format: REVOKE-<arrangement id to revoke><signature of the previous string> This is sent as a payload in a DELETE method to the /KFrag/ endpoint.

revocation_splitter = <bytestring_splitter.BytestringSplitter object>
classmethod from_bytes(revocation_bytes)
verify_signature(alice_pubkey: umbral.keys.UmbralPublicKey)

Verifies the revocation was from the provided pubkey.

class IndisputableEvidence(task: WorkOrder.Task, work_order: WorkOrder, delegating_pubkey: umbral.keys.UmbralPublicKey = None, receiving_pubkey: umbral.keys.UmbralPublicKey = None, verifying_pubkey: umbral.keys.UmbralPublicKey = None)

Bases: object

get_proof_challenge_scalar() → umbral.curvebn.CurveBN
evaluation_arguments() → Tuple
class Card(character_flag: Union[ALICE(b’?\xba\x93\xd8V\xb4G\x95’), BOB(b’\xfd(1@\x11\x98k\xd4’)], verifying_key: Union[umbral.keys.UmbralPublicKey, bytes], encrypting_key: Union[bytes, umbral.keys.UmbralPublicKey, None] = None, nickname: Union[bytes, str, None] = None)

Bases: object

” A simple serializable representation of a character’s public materials.

CARD_DIR = PosixPath('/home/docs/.local/share/nucypher/cards')
exception InvalidCard

Bases: Exception

Raised when an invalid, corrupted, or otherwise unsable card is encountered

exception UnknownCard

Bases: Exception

Raised when a card cannot be found in storage

exception UnsignedCard

Bases: Exception

Raised when a card serialization cannot be handled due to the lack of a signature

property character
classmethod from_bytes(card_bytes: bytes)nucypher.policy.identity.Card
classmethod from_hex(hexdata: str)
classmethod from_base64(b64data: str)
classmethod from_dict(card: Dict)
to_dict() → Dict
describe(truncate: int = 16) → Dict
to_json(as_string: bool = True) → Union[dict, str]
classmethod from_character(character: nucypher.characters.base.Character, nickname: Optional[str] = None)nucypher.policy.identity.Card
property verifying_key
property encrypting_key
property id
set_nickname(nickname: str)None
property nickname
property filepath
property is_saved
save(encoder: Callable = <function b64encode>, overwrite: bool = False)pathlib.Path
classmethod lookup(identifier: str, card_dir: Optional[pathlib.Path] = PosixPath('/home/docs/.local/share/nucypher/cards'))pathlib.Path

Resolve a card ID or nickname into a Path object

classmethod load(filepath: Optional[pathlib.Path] = None, identifier: str = None, card_dir: pathlib.Path = None, decoder: Callable = <function b64decode>)nucypher.policy.identity.Card
class Arrangement(alice_verifying_key: umbral.keys.UmbralPublicKey, expiration: maya.core.MayaDT, arrangement_id: bytes)

Bases: object

A contract between Alice and a single Ursula.

splitter = <bytestring_splitter.BytestringSplitter object>
classmethod from_alice(alice: nucypher.characters.lawful.Alice, expiration: maya.core.MayaDT)nucypher.policy.policies.Arrangement
classmethod from_bytes(arrangement_as_bytes: bytes)nucypher.policy.policies.Arrangement
class TreasureMapPublisher(worker, nodes, percent_to_complete_before_release=5, threadpool_size=120, timeout=20)

Bases: object


Drop-in replacement of Twisted’s Logger, patching the emit() method to tolerate inputs with curly braces, i.e., not compliant with PEP 3101.

See Issue #724 and, particularly,

property completed
class MergedReservoir(values: Iterable, reservoir: nucypher.blockchain.eth.agents.StakersReservoir)

Bases: object

A reservoir made of a list of addresses and a StakersReservoir. Draws the values from the list first, then from StakersReservoir, then returns None on subsequent calls.

class PrefetchStrategy(reservoir: nucypher.policy.policies.MergedReservoir, need_successes: int)

Bases: object

Encapsulates the batch draw strategy from a reservoir. Determines how many values to draw based on the number of values that have already led to successes.

class Policy(alice: nucypher.characters.lawful.Alice, label: bytes, expiration: maya.core.MayaDT, bob: Bob, kfrags: Sequence[umbral.kfrags.KFrag], public_key: umbral.keys.UmbralPublicKey, m: int)

Bases: abc.ABC

An edict by Alice, arranged with n Ursulas, to perform re-encryption for a specific Bob.


Drop-in replacement of Twisted’s Logger, patching the emit() method to tolerate inputs with curly braces, i.e., not compliant with PEP 3101.

See Issue #724 and, particularly,

exception NotEnoughUrsulas

Bases: Exception

Raised when a Policy has been used to generate Arrangements with Ursulas insufficient number such that we don’t have enough KFrags to give to each Ursula.

exception EnactmentError

Bases: Exception

Raised if one or more Ursulas failed to enact the policy.

enact(network_middleware:, handpicked_ursulas: Optional[Iterable[nucypher.characters.lawful.Ursula]] = None, publish_treasure_map: bool = True)nucypher.policy.policies.EnactedPolicy

Attempts to enact the policy, returns an EnactedPolicy object on success.

class FederatedPolicy(alice: nucypher.characters.lawful.Alice, label: bytes, expiration: maya.core.MayaDT, bob: Bob, kfrags: Sequence[umbral.kfrags.KFrag], public_key: umbral.keys.UmbralPublicKey, m: int)

Bases: nucypher.policy.policies.Policy

class BlockchainPolicy(value: int, rate: int, payment_periods: int, *args, **kwargs)

Bases: nucypher.policy.policies.Policy

A collection of n Arrangements representing a single Policy

exception InvalidPolicyValue

Bases: ValueError

exception NotEnoughBlockchainUrsulas

Bases: nucypher.policy.policies.Policy.NotEnoughUrsulas

static generate_policy_parameters(n: int, payment_periods: int, value: int = None, rate: int = None)dict
class EnactedPolicy(id: bytes, hrac: bytes, label: bytes, public_key: umbral.keys.UmbralPublicKey, treasure_map: TreasureMap, treasure_map_publisher: nucypher.policy.policies.TreasureMapPublisher, revocation_kit: nucypher.crypto.kits.RevocationKit, alice_verifying_key: umbral.keys.UmbralPublicKey)

Bases: object