Open-Transactions v0.88.f: OTMadeEasy, Credentials, Linux Tarball, iPhone support and more...
f3llowtraveler
It's me again, your buddy Fellow Traveler...
In the 2 months since my last announcement, RADICAL progress has ensued on the Open-Transactions project.
As our number of contributors has continued to grow, so also our progress has accelerated!
Let's get right to it...
------------------------------------------------------------
1. "OT MADE EASY" -- NOW IN ALL LANGUAGES !
2. IPHONE SUPPORT
3. LINUX TARBALL
4. OTCRYPTO IS FINALLY COMPLETE
5. CREDENTIALS !! <==== Big update.
------------------------------------------------------------
In brief…
1. "OT MADE EASY" -- Transactions with a single line of code via the ultra-high-level API, now available in ALL languages, with new sample scripts in Python, PHP, CSharp.
2. IPHONE SUPPORT -- New iPhone build setup + skeleton project now available!
3. LINUX TARBALL -- Install OT on Linux, with dependencies, via a SINGLE COMMAND!
4. OTCRYPTO IS COMPLETE -- The OTCrypto abstraction is now complete.
5. CREDENTIALS !! -- Major update, enabling identities from CAs and blockchains.
------------------------------------------------------------
In detail...
1. "OT MADE EASY" NOW AVAILABLE IN ALL LANGUAGES
OTMadeEasy, the ultra-high-level API, is now available in ALL languages supported by OT.
Transactions are now officially reduced to a single line of code, in all languages.
Here are some sample scripts in CSharp, PHP, and Python:
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/csharp/Main.cs
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/php/php_ot_test.php
Each of the above scripts demonstrates a few API calls, including a CASH WITHDRAWAL transaction.
(More sample scripts coming soon.)
*Thanks to contributor BlueWall for the CSharp script.
*(Bluewall is working on an OT integration with OpenSim.)
Here's an article on using the API:
https://github.com/FellowTraveler/Open-Transactions/wiki/Use-Cases
Here is complete working sample code for every possible use case of OT, using the high-level API:
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/ot/ot_commands.ot
(From the command line tool)
------------------------------------------------------------
2. IPHONE SUPPORT
Thanks to contributor Happywarrior, OT now builds for iOS, and also supports the iOS keyring.
iOS build setup and skeleton project! (For iPhone / iPad development.)
https://github.com/happywarrior/OTClient-iOS
------------------------------------------------------------
4. LINUX TARBALL
Thanks to contributor randy-waterhouse, we now have a Linux tarball for OT, meaning it's possible now to install OT on Linux, with dependencies, via a single command!
https://github.com/randy-waterhouse/opentxs
We still need to get the repository hosted, but here's the command that will install OT, once the tarball is hosted:
sudo add-apt-repository ppa:ppa-name ; sudo apt-get opentxs
Note: repository ppa:ppa-name doesn't exist, it is just an example.
(Anyone interested in hosting it?)
------------------------------------------------------------
5. OTCRYPTO FINALLY FINISHED
The OTCrypto abstraction is now complete. What does this mean?
1. It means the entire OT crypto code is now localized to a single class: OTCrypto. (All the rest of the code just uses OTCrypto.) This will make it easy for code audits of the crypto portions. Any volunteers to do the first crypto audit on OT? Don't all jump at once.
2. It also means that we actually could replace OpenSSL with GPG, or with any other crypto library. All you'd have to do is make a copy of the OTCrypto_OpenSSL class named OTCrypto_GPG, and then just use GPG calls for the method internals, instead of the OpenSSL calls that are there now.
===> Voila! OT using GPG instead of OpenSSL. Any volunteers?
The OTCrypto interface now has fully-implemented methods for:
-- randomizing memory, (entropy callback coming soon.)
-- calculating digests,
-- converting to-and-from base62
-- and base64,
-- key derivation,
-- secret-key encryption and decryption,
-- public-key encryption and decryption (in RSA envelopes with multiple recipients),
-- ...and digital signatures and verification.
OT uses this interface exclusively for all its crypto--and technically you could, too. My goal has always been to make crypto as accessible as possible to other developers.
BUT WAIT, THERE'S MORE!
We *also* finished abstracting out OTMint and OTToken, where the UNTRACEABLE DIGITAL CASH is currently implemented using Ben Laurie's "Lucre" library.
So for example, if you wanted to remove Lucre (which uses OpenSSL) and REPLACE it with the PGP "Magic Money" digital cash implementation by Pr0duct Cypher, simply make a copy of the OTMint_Lucre and OTToken_Lucre classes, name the copies OTMint_MM and OTToken_MM, and then fix their internals to call the Magic Money library calls instead of the Lucre library calls.
Voila! OT is officially modular enough to work with ANY digital cash algorithm!
===> This also provides a very useful testbed for researchers who would like to test their own digital cash algorithms inside a fully-operational transaction system.
===> Do you know any researchers who work in digital cash? Forward them this email, they may find it useful.
------------------------------------------------------------
3. CREDENTIALS !!
-- We've coded a major change in OTPseudonym, to enable identities that could be anchored via one of many different sources, such as: Certificate Authorities, blockchains, URLs, etc.
From the very beginning, OT has managed identity in a very simple way: The NymID is a hash of the Nym's public key, and any messages must be signed by the corresponding private key.
Though OT will continue to support these "public key-based" Nyms, other options became necessary for various "real world" projects, and these new options have now been added via the OTCredential class.
HOW DOES IT ALL WORK NOW? Two important concepts have been incorporated into the OT identity system, in order to "embrace and extend" all other possible identity systems.
1. Source string.
2. Master credentials and subcredentials.
--------------------
1. Source string.
The NymID is now calculated as a hash of the Nym's source string. In the case of "public key-based" Nyms (classic style OT) the source string remains the public key itself. You hash it to get the ID, as before.
-- But now, alternately, the source string could instead be the unique DN info for a traditional CA-issued Cert.
-- Or, the source string could be a URL…such as a Namecoin address.
-- Or, the source string could instead be a Bitcoin address.
--- Etc. (Many sources are possible, and they all have different properties.)
In all cases, a Nym's credentials must verify through their OWN SOURCE.
For example, if the Nym's source string is based on the unique DN info for a CA-issued cert, then the Nym's master credential must be signed by a Cert with that same DN info, AND the cert must verify through its own CA.
-- Or, if the Nym is based on a Namecoin address, then the Nym's master credential ID should be verifiable through that Namecoin address.
-- Or if the Nym is based on a URL, then the Nym's master credential ID should be posted at that URL.
-- Etc.
Makes sense?
As long as a Nym verifies through its own source, and as long as the source hashes to form the NymID, then we are able to have MANY credentials, and MANY possible sources, for our Nyms…
…and these sources all have different properties! For example:
-- A CA-issued Cert, unlike a plain-jane public key, can be controlled by a central authority. This means, for example, if a commercial venture wishes to revoke the Cert for a specific Nym, and replace it with a new Cert controlling that SAME Nym (perhaps while simultaneously replacing the former employee who originally controlled that Nym, with some new employee) then this can now be done, AND while keeping the Nym's ID unchanged.
-- Alternately, for those who distrust CAs, credential IDs posted to a blockchain will have full censorship-resistance for their digital identity, yet still be publicly revokable. See this project, for example:
https://github.com/bcpki/bitcoin/blob/master/README.md
"The BCPKI-project (blockchain-PKI) establishes the blockchain as a root CA."
My own commercial effort needed this "source" stuff in OT, so we went ahead and added it for the rest of you, too! Speaking of which, please direct all business inquiries to Joh...@monetas.net and all technical inquiries to myself :-)
--------------------
The second piece of the new OT identity code:
2. Master credentials and subcredentials (for a single NymID.)
OT itself now supports its own built-in master credentials which can issue, sign, and revoke sub-credentials.
Each credential now contains THREE KEY PAIRS: A signing key, authentication key, and encryption key.
You can create multiple master credentials per Nym, and multiple sub-credentials per master. The NymID will remain unchanged throughout.
Eventually the idea is to also add sub-credentials for other authentication methods, such as third-party services, 2-factor auth, etc.
===> This new system will make that easy to do :-)
------------------------------------------------------------
IN OTHER NEWS...
Don't forget, we now have a bash test script, which performs a halfway-comprehensive set of unit tests via the command-line tool. (Great for development…)
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/bash/ot_test
We now run all our new code through these tests before any releases.
------------------------------------------------------------
NEW OPENTXS (command line) COMMAND: "showincoming"
"opentxs showincoming" shows all incoming transfers, payments, invoices, receipts, etc.
Next, try commands such as: acceptall, acceptmoney, acceptreceipts, etc.
I also recommend: sendcheque, sendcash.
You can get a lot of mileage out of the command-line tool now, in only a few short commands.
------------------------------------------------------------
As always, commit history:
https://github.com/FellowTraveler/Open-Transactions/commits/master
------------------------------------------------------------
Windows developers: It will be a day or two before the latest version builds again on Windows, so we suggest you wait a couple days before grabbing the latest version.
That's it for now, more coming soon!
Until next time,
-Fellow Traveler
https://github.com/FellowTraveler/Open-Transactions/wiki