spruceid · chunningham · May 18, 2021 · May 17, 2021 · May 17, 2021
diff --git a/src/auth.rs b/src/auth.rs
@@ -25,7 +25,7 @@ pub enum Action {
     },
     Create {
         orbit_id: Cid,
-        salt: String,
+        parameters: String,
         content: Vec<Cid>,
     },
 }

diff --git a/src/main.rs b/src/main.rs
@@ -210,8 +210,12 @@ async fn batch_put_create(
     auth: AuthWrapper<TezosAuthorizationString>,
 ) -> Result<String, Debug<Error>> {
     match auth.0.action() {
-        Action::Create { orbit_id, salt, .. } => {
-            verify_oid_v0(orbit_id, &auth.0.pkh, salt)?;
+        Action::Create {
+            orbit_id,
+            parameters,
+            ..
+        } => {
+            verify_oid_v0(orbit_id, &auth.0.pkh, parameters)?;
 
             let vm = DIDURL {
                 did: format!("did:pkh:tz:{}", &auth.0.pkh),
@@ -255,8 +259,12 @@ async fn put_create(
     auth: AuthWrapper<TezosAuthorizationString>,
 ) -> Result<String, Debug<Error>> {
     match auth.0.action() {
-        Action::Create { orbit_id, salt, .. } => {
-            verify_oid_v0(orbit_id, &auth.0.pkh, salt)?;
+        Action::Create {
+            orbit_id,
+            parameters,
+            ..
+        } => {
+            verify_oid_v0(orbit_id, &auth.0.pkh, parameters)?;
 
             let vm = DIDURL {
                 did: format!("did:pkh:tz:{}", &auth.0.pkh),
@@ -324,8 +332,11 @@ async fn main() {
     let kepler_config = config.extract::<config::Config>().unwrap();
 
     // ensure KEPLER_DATABASE_PATH exists
-    if kepler_config.database.path.is_dir() {
-        panic!("KEPLER_DATABASE_PATH does not exist or is not a directory");
+    if !kepler_config.database.path.is_dir() {
+        panic!(
+            "KEPLER_DATABASE_PATH does not exist or is not a directory: {}",
+            kepler_config.database.path.to_str().unwrap()
+        );
     }
 
     rocket::custom(config.clone())

diff --git a/src/orbit.rs b/src/orbit.rs
@@ -10,7 +10,7 @@ use libipld::{
     store::DefaultParams,
 };
 use libp2p_core::PeerId;
-use rocket::{futures::stream::StreamExt, tokio::fs};
+use rocket::{futures::stream::StreamExt, http::uri::Absolute, tokio::fs};
 use serde::{Deserialize, Serialize};
 use ssi::did::DIDURL;
 use std::{convert::TryFrom, path::Path};
@@ -147,9 +147,12 @@ where
     })
 }
 
-pub fn verify_oid_v0(oid: &Cid, pkh: &str, salt: &str) -> Result<()> {
-    if &Code::try_from(oid.hash().code())?.digest(format!("{}:{}", salt, pkh).as_bytes())
-        == oid.hash()
+pub fn verify_oid_v0(oid: &Cid, pkh: &str, params: &str) -> Result<()> {
+    let uri = format!("tz:{}{}", pkh, params);
+    // try to parse as a URL with query params
+    Absolute::parse(&uri).map_err(|_| anyhow!("Orbit Parameters Invalid"))?;
+    if &Code::try_from(oid.hash().code())?.digest(uri.as_bytes()) == oid.hash()
+        && oid.codec() == 0x55
     {
         Ok(())
     } else {

diff --git a/src/tz.rs b/src/tz.rs
@@ -95,16 +95,16 @@ fn parse_create(s: &str) -> IResult<&str, Action> {
     tuple((
         map_parser(take_until(" "), parse_cid),
         tag(" CREATE"),
-        space_delimit, // salt (orbit secret + nonce)
+        space_delimit, // parameters
         many1(map_parser(space_delimit, parse_cid)),
     ))(s)
-    .map(|(rest, (orbit_id, _, salt, content))| {
+    .map(|(rest, (orbit_id, _, params, content))| {
         (
             rest,
             Action::Create {
                 orbit_id,
                 content,
-                salt: salt.into(),
+                parameters: params.into(),
             },
         )
     })
@@ -122,11 +122,11 @@ fn serialize_action(action: &Action) -> Result<String> {
         Action::Create {
             orbit_id,
             content,
-            salt,
+            parameters,
         } => Ok([
             &orbit_id.to_string_of_base(Base::Base58Btc)?,
             "CREATE",
-            &salt,
+            &parameters,
             &content
                 .iter()
                 .map(|c| c.to_string_of_base(Base::Base58Btc))