Trustee

401

API key is missing or invalid

200 OK

Successfully retrieved the blocks and block data which contain data requests.

Schema

Name

Type

Required

Restrictions

Description

boolean

true

none

blocks

dict<BlockNumber, Block>

true

none

Example

{
    "ok": true,
    "blocks": {
        "1": {
            "header": {
                "number": "1",
                "previousHash": "0ede53fd38d632f3a7d849f8ba8f70c851d772b53cecbc9d858fe7c8af03a858",
                "dataHash": "ee967360a911deb8f6bd77cbb49b334e1837c006c9b6cb2d59d8acd41964a6ac",
            },
        },
        "2": {
            "header": {
                "number": "2",
                "previousHash": "78aecc3976f7b2151ce0574278f816b8e5983e18229fde7b6e7c3ebdf5147baf",
                "dataHash": "3ec339eae416289f4ddd7dc2b69e8edf12ac013089207732ad6156e02dc21fb5",
            },
            "data": {
                "data": ["datum1==", "datum2=="],
            },
        },
    },
}

400 Bad Request

Request is malformed. Make sure:

oldBlockHeight is present in query parameter
oldBlockHeight is a non-negative number
oldBlockHeight is an integer
oldBlockHeight is valid - no larger than the current block height of the ledger

Example 1

{
    "ok": false,
    "message": "query.oldBlockHeight must be a non-negative integer",
}

Example 2

{
    "ok": false,
    "message": "Invalid valid at query.oldBlockHeight. Expected: <=5; given: 10",
}

401 Unauthorized

API key is missing or incorrect.

Example

{
    "ok": false,
    "message": "Unauthorized",
}

GET /encryptions/{token-hash}/encrypted-trustee-shares/{trustee-id}

Description

Retrieves a encrypted trustee share from an Encryption. After detecting a new data request, a trustee should use this endpoint to get its encrypted share from the corresponding Encryption, decrypt it with its decryption key, then post the result with postTrusteeResponse.

Parameters

Name

Type

Required

Description

token-hash

path

true

Hash value of the token

trustee-id

path

TrusteeId

true

Trustee's ID

Example

GET /encryptions/d033713dd14552c060c55746afdb989cfee8e624ae94a932d79fd25630f728a4/encrypted-trustee-shares/trustee1

Responses

Status

Meaning

Description

Schema

200

Succeeded

Inline

400

Bad Request

Request is invalid

401

API key is missing or invalid

404

Not Found

Encryption not found

200 OK

Successfully retrieved the encrypted trustee share.

Schema

Name

Type

Required

Description

boolean

true

none

encryptedTrusteeShare

Base64

true

The encrypted trustee share

Example

{
  "ok": true,
  "encryptedTrusteeShare": "base64_encoded_data"
}

400 Bad Request

Trustee does not exist or does not reference this PAD instance.

Example

{
    "ok": false,
    "message": "Trustee with ID trustee1 does not exist in the PAD instance",
}

401 Unauthorized

API key is missing or incorrect.

Example

{
    "ok": false,
    "message": "Unauthorized",
}

404 Not Found

The encryption does not exist.

Example

{
    "ok": false,
    "message": "Encryption with token hash d033713dd14552c060c55746afdb989cfee8e624ae94a932d79fd25630f728a4 not found",
}

Post trustee response

POST /data-requests/{token}/trustee-responses

Description

Posts a trustee response to the ledger.

After retrieving and finish decrypting its share, the trustee needs to post the result back to the ledger so that eventually, the decryptor can decrypt a secret.

Parameters

Name

Type

Required

Description

token

path

Token

true

ID of the data request

body

SignedTrusteeResponse

true

The decrypted share, along with a digital signature of the trustee and some metadata

Example

POST /data-requests/e3b0c44298fc1c149afbf4c8996fb924/trustee-responses

{
  "trusteeResponse": "{\"padName\":\"my-pad-1.0\",\"token\":\"e3b0c44298fc1c149afbf4c8996fb924\",\"trusteeShare\":\"0110\",\"type\":\"trustee_response\",\"trusteeId\":\"trustee1\"}",
  "signature": {
    "signerMetadata": {
      "id": "trustee1",
      "fullName": "Trustee-1",
      "role": "Trustee"
    },
    "payload": "MEQCIDbFV8FH8ZTbM0wrKPHSk0lrkiIFsP3/GcU4htiGc6XOAiBOqJZgbeUKxPXgIOZGek6ryoJ+jhmwbcJh0+mSHsSiTQ=="
  }
}

Responses

Status

Meaning

Description

Schema

200

Succeeded

400

Bad Request

Data request and trustee response are inconsistent

401

API key is missing or invalid

403

Forbidden

Trustee is not in the instance

404

Not found

Data request not found

409

Conflict

Response has been made before

200 OK

The trustee response is successfully posted.

Example

{
    "ok": true,
    "message": "Successfully posted trustee response",
}

400 Bad request

Request is invalid. Make sure that :

padName in TrusteeResponse is consistent with the PAD instance to which the API key is pointing
token in path and TrusteeResponse are consistent
trusteeId in TrusteeResponse and signature are consistent
role is Trustee in signature
signature in signature is consistent with the payload TrusteeResponse

Example 1

{
    "ok": false,
    "message": "Inconsistent trustee ID",
}

example 2

{
    "ok": false,
    "message": "Inconsistent PAD instance name",
}

example 3

{
    "ok": false,
    "message": "Invalid signature",
}

401 Unauthorized

Api key is missing or invalid.

Example

{
    "ok": false,
    "message": "Unauthorized",
}

403 Forbidden

The trustee is not part of the instance. Recall that the list of trustees is determined by the Operator at instance creation time.

Example

{
    "ok": false,
    "message": "Not a trustee of the instance",
}

404 Not Found

The server cannot find a data request pointed by the token in the path parameter.

Example

{
    "ok": false,
    "message": "Data request not found",
}

409 Conflict

A response from the same trustee has been made for the same data request before.

Example

{
    "ok": false,
    "message": "Trustee response has been made for this request",
}

Post trustee attestation

PUT /trustee-attestations/{trustee-id}

Description

Trustee posts its view of the ledger* with a digital signature. This allows other users to convince themselves that they are seeing the same ledger as trustees, who are the ones handling the data requests. Trustees should attest to the ledger regularly even there is no update on the ledger.

*The ledger view of the trustee includes the ID/name of the PAD instance, the height of the ledger, the current block hash of the ledger and a timestamp when the trustee construct the attestation.

Parameters

Name

Type

Required

Description

trustee-id

path

TrusteeId

true

ID of the trustee

body

TrusteeAttestation

true

The decrypted share, along with a digital signature of the trustee and some metadata

Example

PUT /trustee-attestations/trustee1

{
  "ledgerDigest": "{\"ledgerId\":\"my-pad-1.0\",\"height\":10,\"currentHash\":\"54c0639eb43fcc52cfc4d05546ee35984210a2d3d977e83600288aa\",\"timestamp\":\"2021-09-19T12:41:17.368Z\"}",
  "signature": {
    "signerMetadata": {
      "id": "trustee1",
      "fullName": "Trustee-1",
      "role": "Trustee"
    },
    "payload": "MEQCIDbFV8FH8ZTbM0wrKPHSk0lrkiIFsP3/GcU4htiGc6XOAiBOqJZgbeUKxPXgIOZGek6ryoJ+jhmwbcJh0+mSHsSiTQ=="
  }
}

Responses

Status

Meaning

Description

Schema

200

Succeeded

400

Bad Request

Data request and trustee response are inconsistent

401

API key is missing or invalid

403

Forbidden

Trustee is not in the instance

200 OK

Successfully posted trustee attestation.

Example

{
    "ok": true,
    "message": "Successfully posted trustee attestation",
}

400 Bad request

Request is malformed. Check that:

Trustee IDs in attestation and path parameter are consistent.
padName in attestation is consistent with the PAD instance to which the API key is pointing
The signature is correct
The attestation is correct, in the sense that:
- The block height is non-negative and at most even with the ledger
- currentHash is the block hash at height

Example 1

{
    "ok": false,
    "message": "Inconsistent trustee ID"
}

Example 2

{
    "ok": false,
    "message": "height (10) in attestation is too large; Expected <= 5"
}

Example 3

{
    "ok": false,
    "message": "currentHash in attestation is <some_hash>; Expected <some_other_hash>"
}

401 Unauthorized

Api key is missing or invalid.

Example

{
    "ok": false,
    "message": "Unauthorized",
}

403 Forbidden

The trustee is not part of the instance. Recall that the list of trustees is determined by the Operator at instance creation time.

Example

{
    "ok": false,
    "message": "Not a trustee of the instance",
}

Schemas

ApiResponse

Example

{
  "ok": true,
  "message": "string"
}

Schema

Name

Type

Required

Description

boolean

true

The request is successful or not

message

string

true

none

BlockNumber

ID of a block. It is an incremental index starting from 0. For example, if a ledger has height 10, then it has blocks 0, 1, ..., 9. The next block has block number 10.

Schema

Type

Restrictions

integer

Non-negative

Block

Blocks are put sequentially as a blockchain to form a ledger. It consists of the header (which contains the chaining information) and optionally the data (from which data requests and trustee and validator responses can be extracted).

Example 1

{
    "header": {
        "number": "1",
        "previousHash": "0ede53fd38d632f3a7d849f8ba8f70c851d772b53cecbc9d858fe7c8af03a858",
        "dataHash": "ee967360a911deb8f6bd77cbb49b334e1837c006c9b6cb2d59d8acd41964a6ac",
    },
}

Example 2

{
    "header": {
        "number": "2",
        "previousHash": "78aecc3976f7b2151ce0574278f816b8e5983e18229fde7b6e7c3ebdf5147baf",
        "dataHash": "3ec339eae416289f4ddd7dc2b69e8edf12ac013089207732ad6156e02dc21fb5",
    },
    "data": {
        "data": ["datum1==", "datum2=="],
    },
}

Schema

Name

Type

Required

Description

header

BlockHeader

true

none

data

BlockData

false

none

BlockHeader

Block header contains metadata of a block. They are sufficient to prove the blocks form a chain without the need of block data, because the previousHash field in the schema refers to the hash of the previous block header, instead of the entire previous block. Thus, if the block data is irrelevant (for example not containing any data request when one is asking for them), it can be skipped.

If the block number is 0, the number and previousHash fields are empty. dataHash is computed with the same block's data. Refer to code samples on how to compute hash of a block header.

Example 1

{
    "dataHash": "b24fd1a8c0c37f388f67ce6583710e3b1e5cfa79e652f764e92ee412299ac6c5",
}

Example 2

{
    "number": "1",
    "previousHash": "0ede53fd38d632f3a7d849f8ba8f70c851d772b53cecbc9d858fe7c8af03a858",
    "dataHash": "ee967360a911deb8f6bd77cbb49b334e1837c006c9b6cb2d59d8acd41964a6ac",
}

Schema

Name

Type

Required

Description

number

BlockNumber

false

Block number of the current block

previousHash

false

Hash of the previous block's header

dataHash

true

Hash of this block's data

BlockData

Block data contains "transactions". In PAD, these are the data requests and trustee and validator responses. See code samples to see how block data are decoded.

Example

{
    "data": ["datum1==", "datum2=="],
}

Schema

Name

Type

Required

Description

data

array<Base64>

true

none

Base64

A base64-encoded binary data.

Example

"aGVsbG8gd29ybGQ="

Schema

Type

Restrictions

string

none

Sha256

A Sha256 hash value as a hexidecimal string.

Example

"d033713dd14552c060c55746afdb989cfee8e624ae94a932d79fd25630f728a4"

Schema

Type

Restrictions

string

/[0-9a-fA-F]{64}/

TrusteeId

ID of a trustee. It contains only alphanumerical characters, underscores (_) and dashes (-). It has length inclusively between 3 and 30.

Example

trustee1

Schema

Type

Restrictions

string

[a-zA-Z0-9-_]{3,30}

Token

A 128-bit random string kept secret between the encryptor and decryptor after encryption stage and before data request stage. It identifies a data request. Its hash value identifies an encryption. The decryptor posts it on the ledger at data request stage.

Example

"0fe5ff17c6ee6efa8ca385587b1e1ac2"

Schema

Type

Restrictions

string

/[0-9a-fA-Z]{32}/

PadName

ID of a PAD instance. Its length must be inclusively between 4 and 30. It should contains only lowercase letters, digits, periods (.) or dashes (-). It must start with a lowercase letter.

It is seldom used as a request parameter because the API key in the request already identifies a PAD instance.

Example

"my-pad-1.0"

Schema

Type

Restrictions

string

/[a-z][a-z0-9.-]{3,29}/

TrusteeResponse

A trustee response to a data request. It contains the decrypted trustee share for the decryptor to perform a full decryption on a secret. It also consists of metadata for identifying the corresponding data request.

Example

{
    "padName": "my-pad-1.0",
    "token": "e3b0c44298fc1c149afbf4c8996fb924",
    "trusteeShare": "0110",
    "type": "trustee_response",
    "trusteeId": "trustee1",
}

Schema

Name

Type

Required

Restrictions

Description

padName

PadName

true

none

The instance where the data request is posted

token

Token

true

none

The ID of the data request

trusteeShare

Base64

true

none

The decrypted trustee share

type

enum

true

none

Type of response

trusteeId

TrusteeId

true

none

ID of the responding trustee

Enumerated Values

Property

Value

type

"trustee_response"

SignedTrusteeResponse

A trustee response attached with a digital signature for everyone to validate the response's integrity.

Note that the trustee response is represented as a string (instead of an object). This ensures that there is a unified way to verify the signature.

Example

{
  "trusteeResponse": "{\"padName\":\"my-pad-1.0\",\"token\":\"e3b0c44298fc1c149afbf4c8996fb924\",\"trusteeShare\":\"0110\",\"type\":\"trustee_response\",\"trusteeId\":\"trustee1\"}",
  "signature": {
    "signerMetadata": {
      "id": "string",
      "fullName": "string",
      "role": "Trustee"
    },
    "payload": "MEQCIDbFV8FH8ZTbM0wrKPHSk0lrkiIFsP3/GcU4htiGc6XOAiBOqJZgbeUKxPXgIOZGek6ryoJ+jhmwbcJh0+mSHsSiTQ=="
  }
}

Schema

Name

Type

Required

Description

trusteeResponse

string<TrusteeResponse>

true

none

signature

Signature

true

none

Participant

Metadata of a participant in PAD. It can currently be used to describe a trustee or a validator.

Example

{
  "id": "trustee1",
  "fullName": "Trustee-1",
  "role": "Trustee"
}

Schema

Name

Type

Required

Description

TrusteeId or ValidatorId

true

/[0-9a-zA-Z-_]{3,30}/

fullName

string

true

/Trustee-[0-9a-zA-Z_]+/ or /Validator-[0-9a-zA-Z_]+/

role

enum

true

none

Enumerated Values

Property

Value

role

Trustee

role

Validator

role

Server

Signature

A digital signature. It consists of the metadata of the signer, including its ID, and the signature payload encoded in base64.

Schema

{
  "signerMetadata": {
    "id": "string",
    "fullName": "string",
    "role": "Trustee",
  },
  "payload": "MEQCIDbFV8FH8ZTbM0wrKPHSk0lrkiIFsP3/GcU4htiGc6XOAiBOqJZgbeUKxPXgIOZGek6ryoJ+jhmwbcJh0+mSHsSiTQ==",
}

Schema

Name

Type

Required

Description

signerMetadata

Participant

false

none

payload

Base64

false

none

DateTime

A timestamp in ISO 8601 format.

Example

"2021-05-05T13:53:19.275Z"

Schema

Type

Restrictions

string

LedgerDigest

A succinct representation of the ledger, which consists of the PAD instance name, the height and the then block hash of its ledger, and the timestamp when this digest is generated.

Example

{
    "ledgerId": "my-pad-1.0",
    "height": 10,
    "currentHash": "54c0639eb43fcc52cfc4d05546ee35984210a2d3d977e83600288aa",
    "timestamp":"2021-09-19T12:41:17.368Z",
}

Schema

Name

Type

Required

Restrictions

Description

ledgerId

PadName

true

none

The PAD instance's name

height

BlockHeight

true

none

Block height of the ledger

currentHash