syntax = "proto3";

package lss;

service LightningStorage {
  // Trivial call to test connectivity
  rpc Ping(PingRequest) returns (PingReply);
  // Info
  rpc Info(InfoRequest) returns (InfoReply);
  // Put a collection of key-value pairs
  rpc Put(PutRequest) returns (PutReply);
  // Get a range of key-value pairs
  rpc Get(GetRequest) returns (GetReply);
}

message PingRequest {
  string message = 1;
}

message PingReply {
  string message = 1;
}

message InfoRequest {
}

message InfoReply {
  string version = 1;
  // Server public key, used for shared secret derivation
  bytes server_id = 2;
}

message Auth {
  // Client public key, used for shared secret derivation
  bytes client_id = 1;
  // SHA256 of the shared secret
  bytes token = 2;
}

message PutRequest {
  Auth auth = 1;
  repeated KeyValue kvs = 2;
  // Client HMAC of (0x01, key, version (big endian 8 bytes), value) with ECDH(server key, client key).
  // This protects against an MITM replaying a request with a different version/value.
  bytes hmac = 3;
}

message PutReply {
  bool success = 1;
  // Server HMAC of (0x02, key, version (big endian 8 bytes), value) with ECDH(server key, client key).
  // This is a confirmation by the server that the data was persisted.
  bytes hmac = 2;
  // Any detected version conflicts.
  // If the key does not exist, the version is -1.
  repeated KeyValue conflicts = 10;
}

message KeyValue {
  string key = 1;
  int64 version = 2;
  bytes value = 3;
}

message GetRequest {
  Auth auth = 1;
  string key_prefix = 2;
  // A nonce to be used for the reply HMAC, to prevent replay
  bytes nonce = 3;
}

message GetReply {
  repeated KeyValue kvs = 1;
  // Server HMAC of (key, version (big endian 8 bytes), value) and nonce with ECDH(server key, client key).
  // This is a confirmation by the server that the latest version was returned.
  bytes hmac = 2;
}