Hybrid conversion #1382
Hybrid conversion #1382
Conversation
ipa-core/src/report/hybrid.rs
Outdated
| pub fn mk_ciphertext(&self) -> &[u8] { | ||
| match self { | ||
| EncryptedHybridGeneralReport::Impression(impression_report) => { | ||
| impression_report.mk_ciphertext() | ||
| } | ||
| EncryptedHybridGeneralReport::Conversion(conversion_report) => { | ||
| conversion_report.mk_ciphertext() | ||
| } | ||
| } | ||
| } | ||
|
|
||
| pub fn encap_key_btt(&self) -> &[u8] { | ||
| match self { | ||
| EncryptedHybridGeneralReport::Impression(impression_report) => { | ||
| impression_report.encap_key_btt() | ||
| } | ||
| EncryptedHybridGeneralReport::Conversion(conversion_report) => { | ||
| conversion_report.encap_key_btt() | ||
| } | ||
| } | ||
| } | ||
|
|
||
| pub fn btt_ciphertext(&self) -> &[u8] { | ||
| match self { | ||
| EncryptedHybridGeneralReport::Impression(impression_report) => { | ||
| impression_report.btt_ciphertext() | ||
| } | ||
| EncryptedHybridGeneralReport::Conversion(conversion_report) => { | ||
| conversion_report.btt_ciphertext() | ||
| } | ||
| } | ||
| } | ||
|
|
||
| pub fn key_id(&self) -> u8 { | ||
| match self { | ||
| EncryptedHybridGeneralReport::Impression(impression_report) => { | ||
| impression_report.key_id() | ||
| } | ||
| EncryptedHybridGeneralReport::Conversion(conversion_report) => { | ||
| conversion_report.key_id() | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
do we actually need access to these on the EncryptedHybridGeneralReport? I think we should only need decrypt and from_bytes (which call into the enum items).
There was a problem hiding this comment.
I saw that mk_ciphertext was needed for UniqueBytes. Not sure about the other ones though (or if we might need other ones later?)
|
|
||
| /// ## Errors | ||
| /// If decryption of the provided oprf report fails. | ||
| pub fn decrypt_from_oprf_report_bytes<P, TS>( |
There was a problem hiding this comment.
we don't need to keep this long term. it would be great if we could get everything to work without this, but if we want to split that into another PR, that's fine.
There was a problem hiding this comment.
yeah, I think I'll just remove this once all the oprf is completely disentangled
Most of this should live in the associated data ( All these fields do not need to persist into the
Our overall goal is to remove the reliance on the OPRF report. The high level flow should be and this diff is primarily concerned with the first two conversions. It's fine to rewrite the existing tests that us OPRF reports to use the new structs that you are creating.
The two underlying structs in that enum do store bytes, so it should be possible to implement Hope that all helps / makes sense. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1382 +/- ##
=======================================
Coverage ? 93.56%
=======================================
Files ? 223
Lines ? 38260
Branches ? 0
=======================================
Hits ? 35797
Misses ? 2463
Partials ? 0 ☔ View full report in Codecov by Sentry. |
| config: HybridQueryParams, | ||
| key_registry: Arc<R>, | ||
| hybrid_info: HybridInfo<'a>, |
There was a problem hiding this comment.
I probably missed that on the previous review, but helper origin is assumed to be known statically to helpers. This should help to avoid the lifetime proliferation and the need to keep it inside query struct
If there is a need for having it, we can assume helper origin is &'static str
There was a problem hiding this comment.
The design doc for this project has the helper origin as part of both HybridConversionInfo and HybridImpressionInfo, so I assume it's needed? I can try static though
There was a problem hiding this comment.
yes, it is definitely needed, but it is assumed to be per MPC ring, i.e. known in advance. We hardcoded it in our Rust implementation, but generally I think &static str would be more appropriate
There was a problem hiding this comment.
Is conversion_site_domain also static? If so, we can remove the lifetime
There was a problem hiding this comment.
Conversion site is dynamic and provided by the submitter when they want to execute this query
|
I'm trying to detangle exactly as much as is needed to get tests to pass, with the goal of doing the rest in the next PR |
| config: HybridQueryParams, | ||
| key_registry: Arc<R>, | ||
| hybrid_info: HybridInfo<'a>, |
There was a problem hiding this comment.
Conversion site is dynamic and provided by the submitter when they want to execute this query
| pub helper_origin: &'a str, | ||
| pub converion_site_domain: &'a str, | ||
| pub helper_origin: &'static str, | ||
| pub conversion_site_domain: &'a str, |
There was a problem hiding this comment.
There can be many conversion sites in publisher queries - we never properly implemented it and I believe just hardcoded both helper origin and conversion site. I think this is fine for now, just wanted to explain it
This d̶i̶f̶f̶ PR finishes the implementation of Hybrid Conversion reports and wraps them up into general Hybrid reports.
The main major change compared to OprfReports is that I wrote the encryption/decryption functions to take a HybridInfo struct as an argument, since there's a lot more info used for conversion reports now.
I'll say this is ready for review now and add some more coverage tomorrow.
Open question: In query/runner/hybrid.rs, I need to pass around HybridInfo structs to do decryption. I’m not totally sure the best way to structure that, since HybridInfo is currently written as an enum, but you would need both the Impression and Conversion types if you wanted to be able to decrypt both types of reports. I could write it to require both, but I’m not sure what makes the most sense given the overall system design. Currently I just comment out the Impression cases to test basic correctness, but that's just temporary until we figure this out.