Skip to main content

Module enter

Module enter 

Source
Expand description

cargo run stress enter: run many login/registration flows against PHC.

Each iteration runs the real auth + enter flow — AuthStartEP, AuthCompleteEP, EnterEP — but forges the Yivi disclosure that normally comes from the user’s Yivi app: we mint the SessionResult the Yivi server would have returned and sign it with the Yivi server signing key (the auth server only checks that signature, so a locally-signed one is accepted). The EnterEP call is what reads and writes PHC’s object_store, so this stresses that store under realistic load.

Structs§

Args 🔒
Timing 🔒
Per-stage wall-clock of one enter flow.

Enums§

Mode 🔒
What an enter flow does once it has its attributes. Login expects the account to already exist, so run a Register pass with the same --total first: identities are deterministic in the iteration index, so the same range logs back in.
Outcome 🔒
The result of one enter flow, for the summary.

Constants§

BANNABLE_ATTR 🔒
IDENTIFYING_ATTR 🔒

Functions§

auth_start_req 🔒
Builds the AuthStartReq every flow uses: disclose the identifying + bannable attribute.
enter_with_disclosure 🔒
One timed enter flow using a precomputed disclosure: AuthStart (for a fresh sealed state) → AuthCompleteEnterEP. No signing happens here, so the timing reflects the server’s work.
fetch_sprequest 🔒
One AuthStart to learn the disclosure session request — the Yivi attribute identifiers the auth server asks for. Identical for every flow, so fetch it once and build every forged disclosure from it.
precompute_disclosures 🔒
Signs one disclosure per identity, in parallel across all cores. RSA signing dominates a single thread (it’s what made the load generator the bottleneck), so it happens here — up front and untimed — rather than inside the measured loop.
sprequest_unverified 🔒
Reads the sprequest (disclosure session request) out of the auth server’s disclosure_request JWT without verifying its signature: we made no claim to authenticate it — we only need to learn which Yivi attribute identifiers it asks for, to forge a matching response.
stage 🔒
Sorts samples and prints one name: p50 / p95 / max line.
summarize 🔒
Prints outcome counts, throughput, and per-stage latency percentiles. The per-stage split is the point: auth-complete is the auth server’s crypto (verify the disclosure, sign the attributes), while enter is PHC’s object_store reads/writes (plus its pseudonym crypto).
value_for 🔒
The value identity i discloses for attribute ati. Deterministic in i, so a register pass then a login pass over the same range line up.