From 29720cd152bd12f08b155895fddfc0ad65eaca7a Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Fri, 16 Oct 2015 19:00:36 +0100 Subject: [PATCH 1/3] Initial attempt at describing the event redaction algorithm --- specification/event_signing.rst | 60 +++++++++++++++++++++++++++++++-- 1 file changed, 57 insertions(+), 3 deletions(-) diff --git a/specification/event_signing.rst b/specification/event_signing.rst index bde58f0c..2f61566e 100644 --- a/specification/event_signing.rst +++ b/specification/event_signing.rst @@ -190,9 +190,63 @@ in the event JSON in a ``hash`` object under a ``sha256`` key. event_json_object["unsigned"] = unsigned return event_json_object -Then all non-essential keys are stripped from the event object, and the -resulting object which included the ``hash`` key is signed using the JSON -signing algorithm +The event is then stripped of all non-essential keys both at the top level and +within the ``content`` object. Essential top-level keys given below; any +top-level keys not in this list are removed. + +.. code:: + + auth_events + depth + event_id + hashes + membership + origin + origin_server_ts + prev_events + prev_state + room_id + sender + signatures + state_key + type + +A new ``content`` object is constructed for the resulting event that contains +only the essential keys of the original event. If the original event lacked a +``content`` object at all, a new blank one is created for it. + +The keys that are considered essential for the ``content`` object depend on the +the ``type`` of the event. These are: + +.. code:: + + type is "m.room.aliases": + aliases + + type is "m.room.create": + creator + + type is "m.room.history_visibility": + history_visibility + + type is "m.room.join_rules": + join_rule + + type is "m.room.member": + membership + + type is "m.room.power_levels": + ban + events + events_default + kick + redact + state_default + users + users_default + +The resulting stripped object with the new ``content`` object and the original +``hashes`` key is then signed using the JSON signing algorithm. .. code:: python From bfa9937bdc1c7025cb5265da3bf5d22b3a78d152 Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Mon, 19 Oct 2015 17:28:31 +0100 Subject: [PATCH 2/3] Minor wording updates --- specification/event_signing.rst | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/specification/event_signing.rst b/specification/event_signing.rst index 2f61566e..9f33c796 100644 --- a/specification/event_signing.rst +++ b/specification/event_signing.rst @@ -191,8 +191,8 @@ in the event JSON in a ``hash`` object under a ``sha256`` key. return event_json_object The event is then stripped of all non-essential keys both at the top level and -within the ``content`` object. Essential top-level keys given below; any -top-level keys not in this list are removed. +within the ``content`` object. Any top-level keys not in he following list MUST +be removed: .. code:: @@ -212,8 +212,9 @@ top-level keys not in this list are removed. type A new ``content`` object is constructed for the resulting event that contains -only the essential keys of the original event. If the original event lacked a -``content`` object at all, a new blank one is created for it. +only the essential keys of the original ``content`` object. If the original +event lacked a ``content`` object at all, a new empty JSON object is created +for it. The keys that are considered essential for the ``content`` object depend on the the ``type`` of the event. These are: @@ -246,7 +247,7 @@ the ``type`` of the event. These are: users_default The resulting stripped object with the new ``content`` object and the original -``hashes`` key is then signed using the JSON signing algorithm. +``hashes`` key is then signed using the JSON signing algorithm outlined below: .. code:: python From 9252b3e1a29c4c105aaa169e4c03a2ff6ac3a1d8 Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Mon, 19 Oct 2015 17:44:09 +0100 Subject: [PATCH 3/3] Fix typo s/he/the/ --- specification/event_signing.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/specification/event_signing.rst b/specification/event_signing.rst index 9f33c796..3ad3d8a7 100644 --- a/specification/event_signing.rst +++ b/specification/event_signing.rst @@ -191,8 +191,8 @@ in the event JSON in a ``hash`` object under a ``sha256`` key. return event_json_object The event is then stripped of all non-essential keys both at the top level and -within the ``content`` object. Any top-level keys not in he following list MUST -be removed: +within the ``content`` object. Any top-level keys not in the following list +MUST be removed: .. code::