Smartphone.rs only allows a single household to register

[Yoekkul]

It appears that the setup step and the register step are joined in the pub fn register(...) function:

not-yet-another-id-code/smartphone/src/smartphone.rs

Line 120 in fd4d942

pub fn register(&mut self, id: &str, ent: &Scalar, mut rng: impl RngCore) -> Result<PublicKey<3>> {

This has as a result that an entitlement can only ever be given to one household (a new public key would be issued each time a new person registers, which does not seem correct)

This issue might be mitigated by saving the public and private keys at the registration station and splitting up the setup and register steps. This might be done in the following way:

Update registration station struct

not-yet-another-id-code/smartphone/src/smartphone.rs

Line 26 in fd4d942

pub struct RegistrationStation {

pub struct RegistrationStation {
    pub pedersen_params: PedersenParams,
    pub blocklist: Vec<(G1Projective, G1Projective)>,
    pub household_registers: HashMap<Box<str>, HouseholdRegister>,
    pub epoch: u64,
    pub pk: PublicKey<3>,
    sk: PrivateKey<3>,
    
}

Update registration station initialization

not-yet-another-id-code/smartphone/src/smartphone.rs

Line 110 in fd4d942

pub fn new(mut rng: impl RngCore) -> Self {

pub fn new(mut rng: impl RngCore) -> Self {
        let sk = PrivateKey::new(&mut rng).unwrap();
        let pk = sk.public_key.clone();
        Self{
            pedersen_params: PedersenParams::new(&mut rng),
            blocklist: Vec::new(),
            household_registers: HashMap::new(),
            epoch: 0u64,
            sk: sk,
            pk: pk,
        }
    }

Add setup function

fn my_setup(&mut self, mut rng:impl RngCore)-> Result<PublicKey<3>> {
    let sk = PrivateKey::new(&mut rng).unwrap();
    let pk = sk.public_key.clone();

    self.sk = sk.clone();
    self.pk = pk.clone();

    Ok(pk)
}

Update Register function

not-yet-another-id-code/smartphone/src/smartphone.rs

Line 120 in fd4d942

pub fn register(&mut self, id: &str, ent: &Scalar, mut rng: impl RngCore) -> Result<PublicKey<3>> {

fn my_register(&mut self, id: &str, ent: &Scalar, mut rng: impl RngCore)-> Result<PublicKey<3>>{
        let revocation = Scalar::random(&mut rng);
        self.household_registers.insert(
            id.into(),
            HouseholdRegister{sk: self.sk.clone(), entitlement: ent.clone(), revocation: revocation}
        ).map_or_else(|| Ok(()), |_| Err(Error::msg("id alredy registered in registration station")))?;
        Ok(self.pk.clone())
    }

---

The following test should highlight how the new code might work

#[test]
    fn multiple_honest_users(){
        let mut rng = ChaCha20Rng::seed_from_u64(42 as u64);
        let mut registration_station = RegistrationStation::new(&mut rng);
        let mut distribution_station = DistributionStation::new(&registration_station.pedersen_params);

        let pk = registration_station.my_setup(&mut rng).unwrap();
        let _ta = registration_station.my_register("foo", &Scalar::from(1234u64), &mut rng).unwrap();
        let _tb = registration_station.my_register("bar", &Scalar::from(4321u64), &mut rng).unwrap();

        let builder = HouseholdPhoneBuilder::new(&pk, &mut rng);
        let builder_b = HouseholdPhoneBuilder::new(&pk, &mut rng);
        
        // Setting up user A
        let (request, state) = builder.issue_request(&mut rng).unwrap();
        let signature = registration_station.sign_issue_request("foo", &request, &mut rng).unwrap();
        let mut phone = builder.unblind(&signature, &state, &registration_station.pedersen_params).unwrap();
        // Setting up user B
        let (request_b, state_b) = builder_b.issue_request(&mut rng).unwrap();
        let signature_b = registration_station.sign_issue_request("bar", &request_b, &mut rng).unwrap();
        let mut phone_b = builder_b.unblind(&signature_b, &state_b, &registration_station.pedersen_params).unwrap();

        let epoch = 1668172689u64;

        // User A receives its goods allotment
        let (proof, r) = phone.create_disclosure_proof(epoch, &registration_station.blocklist, &mut rng).unwrap();
        assert!(distribution_station.verify_entitlement(&phone.credential.attributes[ATTR_IDX_ENTITLEMENT], &proof.com_ent, &r));
        assert!(distribution_station.verify_disclosure_proof(&pk, epoch, &registration_station.blocklist, &proof).unwrap());

        distribution_station.register_record(&proof, &phone.credential.attributes[ATTR_IDX_ENTITLEMENT], &r);

        let audit = distribution_station.create_audit_proof().unwrap();
        let is_valid = audit.verify(&registration_station.pedersen_params, &pk, &registration_station.blocklist, epoch).unwrap();
        assert!(is_valid);


        // User B receives its goods allotment
        let (proof_b, r_b) = phone_b.create_disclosure_proof(epoch, &registration_station.blocklist, &mut rng).unwrap();
        assert!(distribution_station.verify_entitlement(&phone_b.credential.attributes[ATTR_IDX_ENTITLEMENT], &proof_b.com_ent, &r_b));
        assert!(distribution_station.verify_disclosure_proof(&pk, epoch, &registration_station.blocklist, &proof_b).unwrap());
        
        distribution_station.register_record(&proof_b, &phone_b.credential.attributes[ATTR_IDX_ENTITLEMENT], &r_b);


        let audit = distribution_station.create_audit_proof().unwrap();
        let is_valid = audit.verify(&registration_station.pedersen_params, &pk, &registration_station.blocklist, epoch).unwrap();
        let is_valid_b = audit.verify(&registration_station.pedersen_params, &pk, &registration_station.blocklist, epoch).unwrap();
        assert!(is_valid && is_valid_b);
    }