nexus
/
nip
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nip/src/nimpak/chunks.nim

624 lines
20 KiB
Nim
Raw Blame History

# SPDX-License-Identifier: LSL-1.0
# Copyright (c) 2026 Markus Maiwald
# Stewardship: Self Sovereign Society Foundation
#
# This file is part of the Nexus Sovereign Core.
# See legal/LICENSE_SOVEREIGN.md for license terms.
## NCA Content-Addressable Chunks Format Handler
##
## This module implements the NCA (Nexus Content-Addressable) chunk format for
## Merkle-tree based content-addressable storage. NCA chunks provide efficient
## deduplication, integrity verification, and optional compression.
##
## Format: .nca (Nexus Content-Addressable chunk)
## - BLAKE3 Merkle tree hash support for chunk verification
## - Optional zstd compression with hash verification on uncompressed content
## - Chunk-level deduplication and retrieval system
## - Merkle proof generation and verification for integrity
import std/[os, json, times, strutils, sequtils, tables, options, algorithm]
import ./types_fixed
import ./formats
import ./cas
type
NcaError* = object of NimPakError
chunkHash*: string
ChunkValidationResult* = object
valid*: bool
errors*: seq[ValidationError]
warnings*: seq[string]
MerkleTree* = object
## Merkle tree for chunk verification
leaves*: seq[string] ## Leaf hashes
nodes*: seq[seq[string]] ## Internal node hashes by level
root*: string ## Root hash
const
NCA_MAGIC* = "NCA\x01" ## Magic bytes for NCA format
MAX_CHUNK_SIZE* = 1024 * 1024 ## 1MB maximum chunk size
MIN_CHUNK_SIZE* = 1024 ## 1KB minimum chunk size
# =============================================================================
# Merkle Tree Implementation
# =============================================================================
proc calculateMerkleHash(left: string, right: string): string =
## Calculate hash of two child nodes
let combined = left & right
calculateBlake3(combined.toOpenArrayByte(0, combined.len - 1).toSeq())
proc buildMerkleTree*(hashes: seq[string]): MerkleTree =
## Build Merkle tree from leaf hashes
if hashes.len == 0:
return MerkleTree(leaves: @[], nodes: @[], root: "")
var tree = MerkleTree(leaves: hashes, nodes: @[])
var currentLevel = hashes
# Build tree bottom-up
while currentLevel.len > 1:
var nextLevel: seq[string] = @[]
# Process pairs of nodes
for i in countup(0, currentLevel.len - 1, 2):
if i + 1 < currentLevel.len:
# Pair exists
let parentHash = calculateMerkleHash(currentLevel[i], currentLevel[i + 1])
nextLevel.add(parentHash)
else:
# Odd node, promote to next level
nextLevel.add(currentLevel[i])
tree.nodes.add(currentLevel)
currentLevel = nextLevel
# Root iotthe last remaining node
if currentLevel.len > 0:
tree.root = currentLevel[0]
tree.nodes.add(currentLevel)
return tree
proc generateMerkleProof*(tree: MerkleTree, leafIndex: int): MerkleProof =
## Generate Merkle proof for a specific leaf
if leafIndex >= tree.leaves.len:
return MerkleProof(path: @[], indices: @[])
var proof = MerkleProof(path: @[], indices: @[])
var currentIndex = leafIndex
# Traverse from leaf to root
for level in 0..<tree.nodes.len - 1:
let levelNodes = tree.nodes[level]
let siblingIndex = if currentIndex mod 2 == 0: currentIndex + 1 else: currentIndex - 1
if siblingIndex < levelNodes.len:
proof.path.add(levelNodes[siblingIndex])
proof.indices.add(siblingIndex)
currentIndex = currentIndex div 2
return proof
proc verifyMerkleProof*(proof: MerkleProof, leafHash: string, rootHash: string): bool =
## Verify Merkle proof against root hash
if proof.path.len == 0:
return leafHash == rootHash
var currentHash = leafHash
for i, siblingHash in proof.path:
let siblingIndex = proof.indices[i]
let currentIndex = if i == 0: 0 else: proof.indices[i - 1] div 2
if currentIndex mod 2 == 0:
# Current node is left child
currentHash = calculateMerkleHash(currentHash, siblingHash)
else:
# Current node is right child
currentHash = calculateMerkleHash(siblingHash, currentHash)
return currentHash == rootHash
# =============================================================================
# NCA Chunk Creation and Management
# =============================================================================
proc createNcaChunk*(hash: string, data: seq[byte], compressed: bool = true): NcaChunk =
## Factory method to create NCA chunk with proper defaults
NcaChunk(
hash: hash,
data: data,
compressed: compressed,
merkleProof: MerkleProof(path: @[], indices: @[]),
format: NcaChunk,
cryptoAlgorithms: CryptoAlgorithms(
hashAlgorithm: "BLAKE3",
signatureAlgorithm: "Ed25519",
version: "1.0"
)
)
proc createNcaChunkFromData*(data: seq[byte]g, ompressed: bool = true): Result[NcaChunk, NcaError] =
## Create NCA chunk from raw data with automatic hash calculation
try:
if data.len == 0:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Cannot create chunk from empty data",
chunkHash: ""
))
if data.len > MAX_CHUNK_SIZE:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Chunk size exceeds maximum: " & $data.len & " > " & $MAX_CHUNK_SIZE,
chunkHash: ""
))
let hash = calculateBlake3(data)
let chunk = createNcaChunk(hash, data, compressed)
return ok[NcaChunk, NcaError](chunk)
except Exception as e:
return err[NcaChunk, NcaError](NcaError(
code: UnknownError,
msg: "Failed to create NCA chunk: " & e.msg,
chunkHash: ""
))
# =============================================================================
# NCA Binary Format Serialization
# =============================================================================
proc serializeNcaChunk*(chunk: NcaChunk): seq[byte] =
## Serialize NCA chunk to binary format with magic header
var result: seq[byte] = @[]
# Magic bytes
result.add(NCA_MAGIC.toOpenArrayByte(0, NCA_MAGIC.len - 1).toSeq())
# Version (1 byte)
result.add(0x01'u8)
# Flags (1 byte): bit 0 = compressed
var flags: uint8 = 0
if chunk.compressed:
flags = flags or 0x01
result.add(flags)
# Hash algorithm length and data
let hashAlgo = chunk.cryptoAlgorithms.hashAlgorithm
result.add(hashAlgo.len.uint8)
result.add(hashAlgo.toOpenArrayByte(0, hashAlgo.len - 1).toSeq())
# Hash length and data
let hasnk.hash.toOpenArrayByte(0, chunk.hash.len - 1).toSeq()
result.add((hashBytes.len shr 8).uint8) # High byte
result.add((hashBytes.len and 0xFF).uint8) # Low byte
result.add(hashBytes)
# Data length and data
let dataLen = chunk.data.len
result.add((dataLen shr 24).uint8)
result.add((dataLen shr 16).uint8)
result.add((dataLen shr 8).uint8)
result.add((dataLen and 0xFF).uint8)
result.add(chunk.data)
# Merkle proof length and data
let proofJson = %*{
"path": chunk.merkleProof.path,
"indices": chunk.merkleProof.indices
}
let proofData = ($proofJson).toOpenArrayByte(0, ($proofJson).len - 1).toSeq()
result.add((proofData.len shr 8).uint8) # High byte
result.add((proofData.len and 0xFF).uint8) # Low byte
result.add(proofData)
return result
proc deserializeNcaChunk*(data: seq[byte]): Result[NcaChunk, NcaError] =
## Deserialize NCA chunk from binary format
try:
if data.len < NCA_MAGIC.len + 2:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: too small",
chunkHash: ""
))
var offset = 0
# Check magic bytes
let magic = cast[string](data[offset..<offset + NCA_MAGIC.len])
if magic != NCA_MAGIC:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: bad magic bytes",
chunkHash: ""
))
offset += NCA_MAGIC.len
# Version
let version = data[offset]
if version != 0x01:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Unsupported NCA chunk version: " & $version,
chunkHash: ""
))
offset += 1
# Flags
let flags = data[offset]
let compressed = (flags and 0x01) != 0
offset += 1
# Hash algorithm
let hashAlgoLen = data[offset].int
offset += 1
if offset + hashAlgoLen > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated hash algorithm",
chunkHash: ""
))
let hashAlgo = cast[string](data[offset..<offset + hashAlgoLen])
offset += hashAlgoLen
# Hash
if offset + 2 > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated hash length",
chunkHash: ""
))
let hashLen = (data[offset].int shl 8) or data[offset + 1].int
offset += 2
if offset + hashLen > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated hash",
chunkHash: ""
))
let hash = cast[string](data[offset..<offset + hashLen])
offset += hashLen
# Data
if offset + 4 > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated data length",
chunkHash: ""
))
let dataLen = (data[offset].int shl 24) or (data[offset + 1].int shl 16) or
(data[offset + 2].int shl 8) or data[offset + 3].int
offset += 4
if offset + dataLen > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated data",
chunkHash: ""
))
let chunkData = data[offset..<offset + dataLen]
offset += dataLen
# Merkle proof
if offset + 2 > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated proof length",
chunkHash: ""
))
let proofLen = (data[offset].int shl 8) or data[offset + 1].int
offset += 2
if offset + proofLen > data.len:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: truncated proof",
chunkHash: ""
))
var merkleProof = MerkleProof(path: @[], indices: @[])
if proofLen > 0:
let proofData = cast[string](data[offset..<offset + proofLen])
try:
let proofJson = parseJson(proofData)
merkleProof.path = proofJson["path"].getElems().mapIt(it.getStr())
merkleProof.indices = proofJson["indices"].getElems().mapIt(it.getInt())
except JsonParsingError:
return err[NcaChunk, NcaError](NcaError(
code: InvalidMetadata,
msg: "Invalid NCA chunk: malformed Merkle proof",
chunkHash: hash
))
let chunk = NcaChunk(
hash: hash,
data: chunkData,
compressed: compressed,
merkleProof: merkleProof,
format: NcaChunk,
cryptoAlgorithms: CryptoAlgorithms(
hashAlgorithm: hashAlgo,
signatureAlgorithm: "Ed25519",
version: "1.0"
)
)
return ok[NcaChunk, NcaError](chunk)
except Exception as e:
return err[NcaChunk, NcaError](NcaError(
code: UnknownError,
msg: "Failed to deserialize NCA chunk: " & e.msg,
chunkHash: ""
))
# =============================================================================
# NCA File Operations
# =============================================================================
proc saveNcaChunk*(chunk: NcaChunk, filePath: string): Result[void, NcaError] =
## Save NCA chunk to file in binary format
try:
let serialized = serializeNcaChunk(chunk)
# Ensure the file has the correct .nca extension
let finalPath = if filePath.endsWith(".nca"): filePath else: filePath & ".nca"
# Ensure parent directory exists
let parentDir = finalPath.parentDir()
if not dirExists(parentDir):
createDir(parentDir)
writeFile(finalPath, cast[string](serialized))
return ok[void, NcaError]()
except IOError as e:
return err[void, NcaError](NcaError(
code: FileWriteError,
msg: "Failed to save NCA chunk: " & e.msg,
chunkHash: chunk.hash
))
proc loadNcaChunk*(filePath: string): Result[NcaChunk, NcaError] =
## Load NCA chunk from file
try:
if not fileExists(filePath):
return err[NcaChunk, NcaError](NcaError(
code: PackageNotFound,
msg: "NCA chunk file not found: " & filePath,
chunkHash: ""
))
let fileData = readFile(filePath)
let binaryData = fileData.toOpenArrayByte(0, fileData.len - 1).toSeq()
return deserializeNcaChunk(binaryData)
except IOError as e:
return err[NcaChunk, NcaError](NcaError(
code: FileReadError,
msg: "Failed to load NCA chunk: " & e.msg,
chunkHash: ""
))
# =============================================================================
# Chunk Validation
# =============================================================================
proc validateNcaChunk*(chunk: NcaChunk): ChunkValidationResult =
## Validate NCA chunk format and content
var result = ChunkValidationResult(valid: true, errors: @[], warnings: @[])
# Validate hash
if chunk.hash.len == 0:
result.errors.add(ValidationError(
field: "hash",
message: "Chunk hash cannot be empty",
suggestions: @["Calculate chunk hash"]
))
result.valid = false
# Validate data
if chunk.data.len == 0:
result.warnings.add("Chunk contains no data")
if chunk.data.len > MAX_CHUNK_SIZE:
result.errors.add(ValidationError(
field: "data",
message: "Chunk size exceeds maximum: " & $chunk.data.len,
suggestions: @["Split into smaller chunks"]
))
result.valid = false
if chunk.data.len < MIN_CHUNK_SIZE and chunk.data.len > 0:
result.warnings.add("Chunk size is very small: " & $chunk.data.len & " bytes")
# Validate hash integrity
let calculatedHash = calculateBlake3(chunk.data)
if calculatedHash != chunk.hash:
result.errors.add(ValidationError(
field: "hash",
message: "Hash mismatch: calculated " & calculatedHash & " != stored " & chunk.hash,
suggestions: @["Recalculate hash", "Check data integrity"]
))
result.valid = false
# Validate Merkle proof structure
if chunk.merkleProof.path.len != chunk.merkleProof.indices.len:
result.errors.add(ValidationError(
field: "merkleProof",
message: "Merkle proof path and indices length mismatch",
suggestions: @["Regenerate Merkle proof"]
))
result.valid = false
# Validate cryptographic algorithms
if not isQuantumResistant(chunk.cryptoAlgorithms):
result.warnings.add("Using non-quantum-resistant algorithms: " &
chunk.cryptoAlgorithms.hashAlgorithm)
return result
# =============================================================================
# Chunk Deduplication and Retrieval
# =============================================================================
proc storeNcaChunkInCas*(chunk: NcaChunk, cas: CasManager): Result[string, NcaError] =
## Store NCA chunk in content-addressable storage
try:
let serialized = serializeNcaChunk(chunk)
let storeResult = cas.storeObject(serialized)
if storeResult.isErr:
return err[string, NcaError](NcaError(
code: CasError,
msg: "Failed to store chunk in CAS: " & storeResult.getError().msg,
chunkHash: chunk.hash
))
let casObject = storeResult.get()
return ok[string, NcaError](casObject.hash)
except Exception as e:
return err[string, NcaError](NcaError(
code: UnknownError,
msg: "Failed to store NCA chunk: " & e.msg,
chunkHash: chunk.hash
))
proc retrieveNcaChunkFromCas*(hash: string, cas: CasManager): Result[NcaChunk, NcaError] =
## Retrieve NCA chunk from content-addressable storage
try:
let retrieveResult = cas.retrieveObject(hash)
if retrieveResult.isErr:
return err[NcaChunk, NcaError](NcaError(
code: CasError,
msg: "Failed to retrieve chunk from CAS: " & retrieveResult.getError().msg,
chunkHash: hash
))
let data = retrieveResult.get()
return deserializeNcaChunk(data)
except Exception as e:
return err[NcaChunk, NcaError](NcaError(
code: UnknownError,
msg: "Failed to retrieve NCA chunk: " & e.msg,
chunkHash: hash
))
# =============================================================================
# Large File Chunking
# =============================================================================
proc chunkLargeFile*(filePath: string, chunkSize: int = 64 * 1024): Result[seq[NcaChunk], NcaError] =
## Split large file into NCA chunks with Merkle tree
try:
if not fileExists(filePath):
return err[seq[NcaChunk], NcaError](NcaError(
code: PackageNotFound,
msg: "File not found: " & filePath,
chunkHash: ""
))
let file = open(filePath, fmRead)
defer: file.close()
var chunks: seq[NcaChunk] = @[]
var buffer = newSeq[byte](chunkSize)
var chunkHashes: seq[string] = @[]
while true:
let bytesRead = file.readBytes(buffer, 0, chunkSize)
if bytesRead == 0:
break
let chunkData = buffer[0..<bytesRead]
let chunkResult = createNcaChunkFromData(chunkData, compressed = true)
if chunkResult.isErr:
return err[seq[NcaChunk], NcaError](chunkResult.getError())
let chunk = chunkResult.get()
chunks.add(chunk)
chunkHashes.add(chunk.hash)
# Build Merkle tree for all chunks
let merkleTree = buildMerkleTree(chunkHashes)
# Add Merkle proofs to chunks
for i, chunk in chunks.mpairs:
chunk.merkleProof = generateMerkleProof(merkleTree, i)
return ok[seq[NcaChunk], NcaError](chunks)
except IOError as e:
return err[seq[NcaChunk], NcaError](NcaError(
code: FileReadError,
msg: "Failed to chunk file: " & e.msg,
chunkHash: ""
))
proc reconstructFileFromChunks*(chunks: seq[NcaChunk], outputPath: string,
rootHash: string = ""): Result[void, NcaError] =
## Reconstruct file from NCA chunks with Merkle verification
try:
# Verify Merkle proofs if root hash provided
if rootHash.len > 0:
for chunk in chunks:
if not verifyMerkleProof(chunk.merkleProof, chunk.hash, rootHash):
return err[void, NcaError](NcaError(
code: ChecksumMismatch,
msg: "Merkle proof verification failed for chunk: " & chunk.hash,
chunkHash: chunk.hash
))
# Ensure parent directory exists
let parentDir = outputPath.parentDir()
if not dirExists(parentDir):
createDir(parentDir)
let outputFile = open(outputPath, fmWrite)
defer: outputFile.close()
# Write chunks in order
for chunk in chunks:
discard outputFile.writeBuffer(chunk.data.unsafeAddr, chunk.data.len)
return ok[void, NcaError]()
except IOError as e:
return err[void, NcaError](NcaError(
code: FileWriteError,
msg: "Failed to reconstruct file: " & e.msg,
chunkHash: ""
))
# =============================================================================
# Utility Functions
# =============================================================================
proc getNcaInfo*(chunk: NcaChunk): string =
## Get human-readable chunk information
result = "NCA Chunk: " & chunk.hash & "\n"
result.add("Size: " & $chunk.data.len & " bytes\n")
result.add("Compressed: " & $chunk.compressed & "\n")
result.add("Algorithm: " & chunk.cryptoAlgorithms.hashAlgorithm & "\n")
result.add("Merkle Proof: " & $chunk.merkleProof.path.len & " nodes\n")
proc calculateBlake3*(data: seq[byte]): string =
## Calculate BLAKE3 hash - imported from CAS module
cas.calculateBlake3(data)
proc calculateBlake2b*(data: seq[byte]): string =
## Calculate BLAKE2b hash - imported from CAS module
cas.calculateBlake2b(data)
Reference in New Issue View Git Blame Copy Permalink