Finalise authenticator mixnet comms

nym-vpn-core/Cargo.toml

@@ -92,21 +92,21 @@ uniffi = { version = "0.27.3", features = ["cli"] }
 url = "2.5"
 vergen = { version = "8.3.1", default-features = false }
 
-nym-authenticator-requests = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-bandwidth-controller = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-bin-common = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-client-core = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-config = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-credential-storage = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-credentials = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-crypto = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-explorer-client = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-http-api-client = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-id = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-ip-packet-requests = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-node-requests = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-sdk = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-task = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-topology = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-validator-client = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
-nym-wireguard-types = { git = "https://github.com/nymtech/nym", rev = "a230a9b8b97657dd19f7ab9046b13f4059f4bf45" }
+nym-authenticator-requests = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-bandwidth-controller = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-bin-common = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-client-core = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-config = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-credential-storage = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-credentials = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-crypto = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-explorer-client = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-http-api-client = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-id = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-ip-packet-requests = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-node-requests = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-sdk = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-task = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-topology = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-validator-client = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }
+nym-wireguard-types = { git = "https://github.com/nymtech/nym", rev = "c7fa910516ed877d0c900dd6ef368d2b30becab7" }

nym-vpn-core/crates/nym-authenticator-client/src/error.rs

@@ -15,6 +15,9 @@ pub enum Error {
     #[error("received response with version v{received}, the client is too old and can only understand v{expected}")]
     ReceivedResponseWithNewVersion { expected: u8, received: u8 },
 
+    #[error(transparent)]
+    SdkError(#[from] nym_sdk::Error),
+
     #[error("timeout waiting for connect response from exit gateway (authenticator)")]
     TimeoutWaitingForConnectResponse,
 }

nym-vpn-core/crates/nym-authenticator-client/src/lib.rs

@@ -1,14 +1,13 @@
-use std::sync::Arc;
+use std::{cmp::Ordering, sync::Arc, time::Duration};
 
 use nym_authenticator_requests::v1::{
-    response::{AuthenticatorResponse, AuthenticatorResponseData},
-    AuthenticatorResponseData::request::AuthenticatorRequest,
+    request::AuthenticatorRequest, response::AuthenticatorResponse,
 };
 use nym_sdk::mixnet::{
     MixnetClient, MixnetClientSender, MixnetMessageSender, Recipient, ReconstructedMessage,
     TransmissionLane,
 };
-use nym_wireguard_types::{registration::RegistrationData, ClientMessage};
+use nym_wireguard_types::ClientMessage;
 use tracing::{debug, error};
 
 mod error;
@@ -99,10 +98,12 @@ impl AuthClient {
         authenticator_address: Recipient,
     ) -> Result<u64> {
         let (request, request_id) = match message {
-            ClientMessage::Initial(message) => {
-                AuthenticatorRequest::new_initial_request(message, self.nym_address)
+            ClientMessage::Initial(init_message) => {
+                AuthenticatorRequest::new_initial_request(init_message, self.nym_address)
+            }
+            ClientMessage::Final(gateway_client) => {
+                AuthenticatorRequest::new_final_request(gateway_client, self.nym_address)
             }
-            ClientMessage::Final(message) => {}
         };
         debug!("Sent connect request with version v{}", request.version);
 

nym-vpn-core/nym-vpn-cli/src/main.rs

@@ -162,10 +162,12 @@ async fn run_vpn(args: commands::RunArgs, data_path: Option<PathBuf>) -> Result<
         nym_vpn.dns = args.dns;
         nym_vpn.disable_routing = args.disable_routing;
         nym_vpn.enable_two_hop = args.enable_two_hop;
-        nym_vpn.vpn_config.mixnet_data_path = data_path;
-        nym_vpn.vpn_config.enable_poisson_rate = args.enable_poisson_rate;
-        nym_vpn.vpn_config.disable_background_cover_traffic = args.disable_background_cover_traffic;
-        nym_vpn.vpn_config.enable_credentials_mode = args.enable_credentials_mode;
+        nym_vpn.mixnet_client_config.mixnet_data_path = data_path;
+        nym_vpn.mixnet_client_config.enable_poisson_rate = args.enable_poisson_rate;
+        nym_vpn
+            .mixnet_client_config
+            .disable_background_cover_traffic = args.disable_background_cover_traffic;
+        nym_vpn.mixnet_client_config.enable_credentials_mode = args.enable_credentials_mode;
         nym_vpn.user_agent = Some(bin_info!().into());
         nym_vpn.into()
     };

nym-vpn-core/nym-vpn-lib/src/error.rs

@@ -229,6 +229,9 @@ pub enum Error {
 
     #[error("received invalid response from gateway API")]
     InvalidGatewayAPIResponse,
+
+    #[error(transparent)]
+    AtuenticatorClientError(#[from] nym_authenticator_client::Error),
 }
 
 // Result type based on our error type

nym-vpn-core/nym-vpn-lib/src/wg_gateway_client.rs

@@ -4,12 +4,14 @@
 use crate::error::Result;
 use crate::mixnet_connect::SharedMixnetClient;
 use nym_authenticator_client::AuthClient;
-use nym_authenticator_requests::v1::response::{AuthenticatorResponse, AuthenticatorResponseData};
+use nym_authenticator_requests::v1::response::{
+    AuthenticatorResponseData, PendingRegistrationResponse,
+};
 use nym_crypto::asymmetric::encryption;
 use nym_crypto::asymmetric::x25519::KeyPair;
 use nym_gateway_directory::Recipient;
 use nym_node_requests::api::v1::gateway::client_interfaces::wireguard::models::{
-    ClientMessage, ClientRegistrationResponse, InitMessage, PeerPublicKey,
+    ClientMessage, InitMessage, PeerPublicKey,
 };
 use nym_wireguard_types::registration::RegistrationData;
 use nym_wireguard_types::GatewayClient;
@@ -56,12 +58,15 @@ impl WgGatewayClient {
         let init_message = ClientMessage::Initial(InitMessage {
             pub_key: PeerPublicKey::new(self.keypair.public_key().to_bytes().into()),
         });
-        let mixnet_client = self.mixnet_client.lock().await.unwrap();
         let response = auth_client.send(init_message, auth_recipient).await?;
-        let AuthenticatorResponseData::PendingRegistration(RegistrationData {
-            nonce,
-            gateway_data,
-            wg_port,
+        let AuthenticatorResponseData::PendingRegistration(PendingRegistrationResponse {
+            reply:
+                RegistrationData {
+                    nonce,
+                    gateway_data,
+                    wg_port,
+                },
+            ..
         }) = response.data
         else {
             return Err(crate::error::Error::InvalidGatewayAPIResponse);
@@ -80,9 +85,8 @@ impl WgGatewayClient {
             gateway_data.private_ip,
             nonce,
         ));
-        let AuthenticatorResponseData::Registered =
-            auth_client.send(finalized_message, auth_recipient).await?
-        else {
+        let response = auth_client.send(finalized_message, auth_recipient).await?;
+        let AuthenticatorResponseData::Registered(_) = response.data else {
             return Err(crate::error::Error::InvalidGatewayAPIResponse);
         };
         let gateway_data = GatewayData {

nym-vpn-core/nym-vpnd/src/service/error.rs

@@ -190,6 +190,8 @@ impl From<&nym_vpn_lib::error::Error> for ConnectionFailedError {
             | nym_vpn_lib::error::Error::ImportCredentialError(_)
             | nym_vpn_lib::error::Error::IpPacketRouterClientError(_)
             | nym_vpn_lib::error::Error::FailedWireguardRegistration
+            | nym_vpn_lib::error::Error::InvalidGatewayAPIResponse
+            | nym_vpn_lib::error::Error::AtuenticatorClientError(_)
             | nym_vpn_lib::error::Error::BadWireguardEvent => {
                 ConnectionFailedError::Unhandled(format!("unhandled error: {err:#?}"))
             }

nym-vpn-core/nym-vpnd/src/service/vpn_service.rs

@@ -397,17 +397,18 @@ impl NymVpnService {
         let mut nym_vpn =
             nym_vpn_lib::NymVpn::new_mixnet_vpn(config.entry_point, config.exit_point);
         nym_vpn.gateway_config = gateway_directory::Config::new_from_env();
-        nym_vpn.vpn_config.mixnet_data_path = Some(self.data_dir.clone());
+        nym_vpn.mixnet_client_config.mixnet_data_path = Some(self.data_dir.clone());
         nym_vpn.dns = options.dns;
         nym_vpn.disable_routing = options.disable_routing;
         nym_vpn.enable_two_hop = options.enable_two_hop;
         // TODO: add user agent to options struct so we can pass it from the connected client if we
         // want to
         nym_vpn.user_agent = Some(bin_info!().into());
-        nym_vpn.vpn_config.enable_poisson_rate = options.enable_poisson_rate;
-        nym_vpn.vpn_config.disable_background_cover_traffic =
-            options.disable_background_cover_traffic;
-        nym_vpn.vpn_config.enable_credentials_mode = options.enable_credentials_mode;
+        nym_vpn.mixnet_client_config.enable_poisson_rate = options.enable_poisson_rate;
+        nym_vpn
+            .mixnet_client_config
+            .disable_background_cover_traffic = options.disable_background_cover_traffic;
+        nym_vpn.mixnet_client_config.enable_credentials_mode = options.enable_credentials_mode;
 
         let handle = nym_vpn_lib::spawn_nym_vpn_with_new_runtime(nym_vpn.into()).unwrap();