aboutsummaryrefslogtreecommitdiff
path: root/spec/srv-spec/protocol.md
diff options
context:
space:
mode:
Diffstat (limited to 'spec/srv-spec/protocol.md')
-rw-r--r--spec/srv-spec/protocol.md12
1 files changed, 11 insertions, 1 deletions
diff --git a/spec/srv-spec/protocol.md b/spec/srv-spec/protocol.md
index 4567f89..7a17004 100644
--- a/spec/srv-spec/protocol.md
+++ b/spec/srv-spec/protocol.md
@@ -1,4 +1,5 @@
<a id="srv-spec.txt-3"></a>
+
# Protocol
In this section we give a detailed specification of the protocol. We
@@ -8,6 +9,7 @@ encoding of the messages is specified in the next section ([SPEC]).
Now we go through the phases of the protocol:
<a id="srv-spec.txt-3.1"></a>
+
## Commitment Phase [COMMITMENTPHASE]
The commit phase lasts from 00:00UTC to 12:00UTC.
@@ -20,6 +22,7 @@ in their permanent state. We call a commit by Alice "authoritative" if it was
included in Alice's vote.
<a id="srv-spec.txt-3.1.1"></a>
+
### Voting During Commitment Phase
During the commit phase, each authority includes in its votes:
@@ -39,6 +42,7 @@ phase, only the first commitment should be taken in account by other
authorities. Any subsequent commitments MUST be ignored.
<a id="srv-spec.txt-3.1.2"></a>
+
### Persistent State During Commitment Phase [STATECOMMIT]
During the commitment phase, authorities save in their persistent state the
@@ -46,6 +50,7 @@ authoritative commits they have received from each authority. Only one commit
per authority must be considered trusted and active at a given time.
<a id="srv-spec.txt-3.2"></a>
+
## Reveal Phase
The reveal phase lasts from 12:00UTC to 00:00UTC.
@@ -54,6 +59,7 @@ Now that the commitments have been agreed on, it's time for authorities to
reveal their random values.
<a id="srv-spec.txt-3.2.1"></a>
+
### Voting During Reveal Phase
During the reveal phase, each authority includes in its votes:
@@ -70,6 +76,7 @@ commitment during the reveal phase or introduce a new commitment,
the new commitment MUST be ignored.
<a id="srv-spec.txt-3.2.2"></a>
+
### Persistent State During Reveal Phase [STATEREVEAL]
During the reveal phase, authorities keep the authoritative commits from the
@@ -82,6 +89,7 @@ MUST wait till the next voting round before including that reveal value in
its votes.
<a id="srv-spec.txt-3.3"></a>
+
## Shared Random Value Calculation At 00:00UTC
Finally, at 00:00UTC every day, authorities compute a fresh shared random
@@ -98,6 +106,7 @@ Apart from that, authorities at 00:00UTC proceed voting normally as they
would in the first round of the commitment phase (section [COMMITMENTPHASE]).
<a id="srv-spec.txt-3.3.1"></a>
+
### Shared Randomness Calculation [SRCALC]
An authority that wants to derive the shared random value SRV, should use
@@ -123,6 +132,7 @@ To maintain consistent ordering in HASHED_REVEALS, all the ID_a | R_a pairs
are ordered based on the R_a value in ascending order.
<a id="srv-spec.txt-3.4"></a>
+
## Bootstrapping Procedure
As described in [CONS], two shared random values are required for the HSDir
@@ -133,6 +143,7 @@ consensus. This should happen after three 00:00UTC consensuses have been
produced, which takes 48 hours.
<a id="srv-spec.txt-3.5"></a>
+
## Rebooting Directory Authorities [REBOOT]
The shared randomness protocol must be able to support directory
@@ -152,4 +163,3 @@ Finally, authorities MUST implement their persistent state in such a way that th
will never commit two different values in the same protocol run, even if they
have to reboot in the middle (assuming that their persistent state file is
kept). A suggested way to structure the persistent state is found at [STATEFORMAT].
-
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion