Author

Topic: Open-Transactions v0.88.f: OTMadeEasy, Credentials, Linux Tarball, iPhone suppor (Read 2333 times)

legendary
Activity: 1222
Merit: 1016
Live and Let Live
staff
Activity: 4270
Merit: 1209
I support freedom of choice
Windows developers:  It will be a day or two before the latest version
builds again on Windows, so we suggest you wait a couple days before
grabbing the latest version.

That's it for now, more coming soon!
Come on! We want it Grin
Easy and usable Wink (noob-friendly!)
sr. member
Activity: 440
Merit: 251
It's me again, your buddy Fellow Traveler...

In the 2 months since my last announcement, RADICAL progress has ensued on
the Open-Transactions project.

As our number of contributors has continued to grow, so also our progress
has accelerated!

Let's get right to it...

------------------------------------------------------------


1. "OT MADE EASY" -- NOW IN ALL LANGUAGES !
2. IPHONE SUPPORT
3. LINUX TARBALL
4. OTCRYPTO IS FINALLY COMPLETE
5. CREDENTIALS  !!   <==== Big update.


------------------------------------------------------------


In brief…


1. "OT MADE EASY"  -- Transactions with a single line of code via the
ultra-high-level API, now available in ALL languages, with new sample
scripts in Python, PHP, CSharp.

2. IPHONE SUPPORT -- New iPhone build setup + skeleton project now
available!

3. LINUX TARBALL -- Install OT on Linux, with dependencies, via a SINGLE
COMMAND!

4. OTCRYPTO IS COMPLETE -- The OTCrypto abstraction is now complete.

5. CREDENTIALS  !!  -- Major update, enabling identities from CAs and
blockchains.


------------------------------------------------------------


In detail...



1. "OT MADE EASY" NOW AVAILABLE IN ALL LANGUAGES


OTMadeEasy, the ultra-high-level API, is now available in ALL languages
supported by OT.

Transactions are now officially reduced to a single line of code, in all
languages.


Here are some sample scripts in CSharp, PHP, and Python:

https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/csharp/Main.cs
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/php/php_ot_test.php
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/python/python_ot_test.py

Each of the above scripts demonstrates a few API calls, including a CASH
WITHDRAWAL transaction.
(More sample scripts coming soon.)

*Thanks to contributor BlueWall for the CSharp script.
*(Bluewall is working on an OT integration with OpenSim.)

Here's an article on using the API:
https://github.com/FellowTraveler/Open-Transactions/wiki/Use-Cases

Here is complete working sample code for every possible use case of OT,
using the high-level API:
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/ot/ot_commands.ot


------------------------------------------------------------


2. IPHONE SUPPORT


Thanks to contributor Happywarrior, OT now builds for iOS, and also
supports the iOS keyring.

iOS build setup and skeleton project! (For iPhone / iPad development.)
https://github.com/happywarrior/OTClient-iOS


------------------------------------------------------------


4. LINUX TARBALL


Thanks to contributor randy-waterhouse, we now have a Linux tarball for OT,
meaning it's possible now to install OT on Linux, with dependencies, via a
single command!

https://github.com/randy-waterhouse/opentxs


We still need to get the repository hosted, but here's the command that
will install OT, once the tarball is hosted:
   sudo add-apt-repository ppa:ppa-name ; sudo apt-get opentxs


Note:  repository ppa:ppa-name doesn't exist, it is just an example.
(Anyone interested in hosting it?)


------------------------------------------------------------


5. OTCRYPTO FINALLY FINISHED


The OTCrypto abstraction is now complete. What does this mean?

1. It means the entire OT crypto code is now localized to a single class:
OTCrypto. (All the rest of the code just uses OTCrypto.) This will make it
easy for code audits of the crypto portions. Any volunteers to do the first
crypto audit on OT? Don't all jump at once.

2. It also means that we actually could replace OpenSSL with GPG, or with
any other crypto library. All you'd have to do is make a copy of the
OTCrypto_OpenSSL class named OTCrypto_GPG, and then just use GPG calls for
the method internals, instead of the OpenSSL calls that are there now.

===> Voila! OT using GPG instead of OpenSSL. Any volunteers?


The OTCrypto interface now has fully-implemented methods for:

-- randomizing memory,  (entropy callback coming soon.)
-- calculating digests,
-- converting to-and-from base62
-- and base64,
-- key derivation,
-- secret-key encryption and decryption,
-- public-key encryption and decryption (in RSA envelopes with multiple
recipients),
-- ...and digital signatures and verification.

OT uses this interface exclusively for all its crypto--and technically you
could, too. My goal has always been to make crypto as accessible as
possible to other developers.


BUT WAIT, THERE'S MORE!

We *also* finished abstracting out OTMint and OTToken, where the
UNTRACEABLE DIGITAL CASH is currently implemented using Ben Laurie's
"Lucre" library.

So for example, if you wanted to remove Lucre (which uses OpenSSL) and
REPLACE it with the PGP "Magic Money" digital cash implementation by
Pr0duct Cypher, simply make a copy of the OTMint_Lucre and OTToken_Lucre
classes, name the copies OTMint_MM and OTToken_MM, and then fix their
internals to call the Magic Money library calls instead of the Lucre
library calls.

Voila! OT is officially modular enough to work with ANY chaumian cash
algorithm!

===> This also provides a very useful testbed for researchers who would
like to test their own digital cash algorithms inside a fully-operational
transaction system.


------------------------------------------------------------


3. CREDENTIALS


  -- We've coded a major change in OTPseudonym, to enable identities that
could be anchored via one of many different sources, such as: Certificate
Authorities, blockchains, URLs, etc.

From the very beginning, OT has managed identity in a very simple way: The
NymID is a hash of the Nym's public key, and any messages must be signed by
the corresponding private key.

Though OT will continue to support these "public key-based" Nyms, other
options became necessary for various "real world" projects, and these new
options have now been added via the OTCredential class.

HOW DOES IT ALL WORK NOW?  Two important concepts have been incorporated
into the OT identity system, in order to "embrace and extend" all other
possible identity systems.

1. Source string.
2. Master credentials and subcredentials.

--------------------

1. Source string.


The NymID is now calculated as a hash of the Nym's source string. In the
case of "public key-based" Nyms (classic style OT) the source string
remains the public key itself. You hash it to get the ID, as before.

-- But now, alternately, the source string could instead be the unique DN
info for a traditional CA-issued Cert.
-- Or, the source string could be a URL…such as a Namecoin address.
-- Or, the source string could instead be a Bitcoin address.
--- Etc.  (Many sources are possible, and they all have different
properties.)

In all cases, a Nym's credentials must verify through their OWN SOURCE.

For example, if the Nym's source string is based on the unique DN info for
a CA-issued cert, then the Nym's master credential must be signed by a Cert
with that same DN info, AND the cert must verify through its own CA.

-- Or, if the Nym is based on a Namecoin address, then the Nym's master
credential ID should be verifiable through that Namecoin address.
-- Or if the Nym is based on a URL, then the Nym's master credential ID
should be posted at that URL.
-- Etc.  Makes sense?

As long as a Nym verifies through its own source, and as long as the source
hashes to form the NymID, then we are able to have MANY credentials, and
MANY potential types of sources, for our Nyms…

…and these sources all have different properties! For example:

-- A CA-issued Cert, unlike a plain-jane public key, can be controlled by a
central authority. This means, for example, if a commercial venture wishes
to revoke the Cert for a specific Nym, and replace it with a new Cert
controlling that SAME Nym (perhaps while simultaneously replacing the
former employee who originally controlled that Nym, with some new employee)
then this can now be done, AND while keeping the Nym's ID unchanged.

-- Alternately, for those who distrust CAs, credential IDs posted to a
blockchain will have full censorship-resistance for their digital identity,
yet still be publicly revokable. See this project, for example:
https://github.com/bcpki/bitcoin/blob/master/README.md

"The BCPKI-project (blockchain-PKI) establishes the blockchain as a root
CA."


My own commercial effort needed this "source" stuff in OT, so we went ahead
and added it for the rest of you, too! Speaking of which, please direct all
business inquiries to [email protected] and all technical inquiries to
myself  :-)


--------------------


The second piece of the new OT identity code:


2. Master credentials and subcredentials (for a single NymID.)


OT itself now supports its own built-in master credentials which can issue,
sign, and revoke sub-credentials.

Each credential now contains THREE KEY PAIRS: A signing key, authentication
key, and encryption key.

You can create multiple master credentials per Nym, and multiple
sub-credentials per master. The NymID will remain unchanged throughout.

Eventually the idea is to also add sub-credentials for other authentication
methods, such as third-party services, 2-factor auth, etc.

===> This new system will make that easy to do :-)



------------------------------------------------------------


IN OTHER NEWS...

Don't forget, we now have a bash test script, which performs a
halfway-comprehensive set of unit tests via the command-line tool. (Great
for development…)
https://github.com/FellowTraveler/Open-Transactions/blob/master/scripts/tests/bash/ot_test

We now run all our new code through these tests before any releases.


------------------------------------------------------------


NEW OPENTXS (command line) COMMAND:  "showincoming"


"opentxs showincoming" shows all incoming transfers, payments, invoices,
receipts, etc.

Next, try commands such as:  acceptall, acceptmoney, acceptreceipts, etc.

I also recommend:  sendcheque, sendcash.

You can get a lot of mileage out of the command-line tool now, in only a
few short commands.

------------------------------------------------------------

As always, commit history:

https://github.com/FellowTraveler/Open-Transactions/commits/master


------------------------------------------------------------

Windows developers:  It will be a day or two before the latest version
builds again on Windows, so we suggest you wait a couple days before
grabbing the latest version.

That's it for now, more coming soon!

Until next time,

-Fellow Traveler
https://github.com/FellowTraveler/Open-Transactions/wiki
Jump to: