wallet-core/contrib/alloy/taler-sync.als

53 lines
1.1 KiB
Alloy
Raw Normal View History

2020-09-25 13:37:38 +02:00
/*
Simple Alloy4 model for Taler backup&sync.
*/
sig AnastasisMasterSecret { }
// Key pair that each wallet has.
sig WalletDeviceKey { }
sig SyncProvider { }
// Key pair to access the sync account.
sig SyncAccountKey { }
// Abstraction of what's in a sync blob
sig SyncBlobHeader {
// Access matrix, abstracts the DH
// suggested by Christian (https://bugs.gnunet.org/view.php?id=6077#c16959)
// The DH will yield the symmetric blob encryption key for the "inner blob"
access: AnastasisMasterSecret -> WalletDeviceKey,
}
sig SyncAccount {
account_key: SyncAccountKey,
prov: SyncProvider,
hd: SyncBlobHeader,
}
sig WalletState {
device_key: WalletDeviceKey,
anastasis_key: AnastasisMasterSecret,
enrolled: set SyncAccount,
}
fact DifferentDeviceKeys {
all disj w1, w2: WalletState | w1.device_key != w2.device_key
}
fact AnastasisKeyConsistent {
all disj w1, w2: WalletState, s: SyncAccount |
s in (w1.enrolled & w2.enrolled) implies
w1.anastasis_key = w2.anastasis_key
}
fact NoBoringInstances {
#WalletState >= 2
all w: WalletState | #w.enrolled >= 1
}
run {} for 5