From a5de2efcc341a80fc493ee85b2b1fd1cb58f26ca Mon Sep 17 00:00:00 2001
From: Pavel Karpy <carpawell@nspcc.ru>
Date: Fri, 5 Jul 2024 20:54:51 +0300
Subject: [PATCH] object/replicate: Add signature to the replication RPC

Object signing now may be requested to ensure a replication copy was received.
Closes #299.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
---
 object/service.proto | 11 +++++++++++
 proto-docs/object.md |  2 ++
 2 files changed, 13 insertions(+)

diff --git a/object/service.proto b/object/service.proto
index c7a292b..80f9955 100644
--- a/object/service.proto
+++ b/object/service.proto
@@ -721,10 +721,21 @@ message ReplicateRequest {
 
   // Signature of `object.object_id.value` field.
   neo.fs.v2.refs.Signature signature = 2;
+
+  // Optional flag that requires server side to attach signature of just
+  // replicated object to ensure it has been received correctly. Signature
+  // must be calculated with an exposed to network map public key that
+  // corresponds to the object receiver.
+  bool sign_object = 3;
 }
 
 // Replicate RPC response
 message ReplicateResponse {
   // Operation execution status with one of the enumerated codes.
   neo.fs.v2.status.Status status = 1;
+
+  // Deterministic ECDSA with SHA-256 hashing (RFC 6979) signature of
+  // replicated object. Must be attached if request was made with
+  // `sign_object` flag set.
+  bytes object_signature = 2;
 }
diff --git a/proto-docs/object.md b/proto-docs/object.md
index a20791b..6c0f9db 100644
--- a/proto-docs/object.md
+++ b/proto-docs/object.md
@@ -721,6 +721,7 @@ Replicate RPC request
 | ----- | ---- | ----- | ----------- |
 | object | [Object](#neo.fs.v2.object.Object) |  | Object to be replicated. |
 | signature | [neo.fs.v2.refs.Signature](#neo.fs.v2.refs.Signature) |  | Signature of `object.object_id.value` field. |
+| sign_object | [bool](#bool) |  | Optional flag that requires server side to attach signature of just replicated object to ensure it has been received correctly. Signature must be calculated with an exposed to network map public key that corresponds to the object receiver. |
 
 
 <a name="neo.fs.v2.object.ReplicateResponse"></a>
@@ -732,6 +733,7 @@ Replicate RPC response
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | status | [neo.fs.v2.status.Status](#neo.fs.v2.status.Status) |  | Operation execution status with one of the enumerated codes. |
+| object_signature | [bytes](#bytes) |  | Deterministic ECDSA with SHA-256 hashing (RFC 6979) signature of replicated object. Must be attached if request was made with `sign_object` flag set. |
 
 
 <a name="neo.fs.v2.object.SearchRequest"></a>