1// Copyright 2022 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.internal.federatedcompute.v1; 18 19import "fcp/protos/federatedcompute/common.proto"; 20import "fcp/secagg/shared/secagg_messages.proto"; 21import "google/protobuf/duration.proto"; 22 23option java_package = "com.google.internal.federatedcompute.v1"; 24option java_multiple_files = true; 25 26service SecureAggregations { 27 // A request sent by the client after completing local (on-device) task 28 // computation to notify the server that the client has Aggregation data to 29 // upload via the Secure Aggregation protocol. If a client's result is no 30 // longer needed (e.g. the reporting goal was already reached for the task), 31 // the server will respond with an ABORTED error in the operation status. The 32 // operation is completed successfully when the Secure Aggregation protocol is 33 // ready to begin. 34 rpc StartSecureAggregation(StartSecureAggregationRequest) 35 returns (StartSecureAggregationResponse) {} 36 37 // A request sent by the client indicating the client is ending its 38 // participation in the Secure Aggregation protocol. 39 // 40 // Clients must only call this if they've previously called 41 // `StartSecureAggregation`. 42 // 43 // If clients have already received a `StartSecureAggregationResponse` 44 // they should use the `ForwardingInfo` from the 45 // `StartSecureAggregationResponse.secagg_protocol_forwarding_info` 46 // response field to construct the URI for this request. Otherwise, clients 47 // should use the same `ForwardingInfo` as was used to construct the 48 // `StartSecureAggregation` request URI. 49 rpc AbortSecureAggregation(AbortSecureAggregationRequest) 50 returns (AbortSecureAggregationResponse) { 51 } 52 53 // A request sent by the client to advertise its pair of public keys. The 54 // server responds with a list of the (pairs of) public keys of all other 55 // participating clients. 56 // 57 // Clients should use the `ForwardingInfo` from the 58 // `StartSecureAggregationResponse.secagg_protocol_forwarding_info` 59 // response field to construct the URI for this request. 60 // 61 // If the returned operation is not complete, clients should poll for status 62 // at the rate specified in the AdvertiseKeysMetadata. 63 rpc AdvertiseKeys(AdvertiseKeysRequest) 64 returns (AdvertiseKeysResponse) { 65 } 66 67 // A request sent by the client to secret-share its 68 // own noise_sk and prf_sk with all the other clients (encrypting shares for 69 // client j with their own enc_pk). The server responds with the client's 70 // shares of the keys of each other client that sent a ShareKeysRequest. 71 // 72 // Clients should use the `ForwardingInfo` from the 73 // `StartSecureAggregationResponse.secagg_protocol_forwarding_info` 74 // response field to construct the URI for this request. 75 // 76 // If the returned operation is not complete, clients should poll for status 77 // at the rate specified in the ShareKeysMetadata. 78 rpc ShareKeys(ShareKeysRequest) returns (ShareKeysResponse) { 79 } 80 81 // A request sent by the client indicating the successful upload of the 82 // client's masked and unmasked results. The server responds with a list of 83 // clients that did not successfully upload their results (and therefore are 84 // considered dead). 85 // 86 // Clients should use the `ForwardingInfo` from the 87 // `StartSecureAggregationResponse.secagg_protocol_forwarding_info` 88 // response field to construct the URI for this request. 89 // 90 // If the returned operation is not complete, clients should poll for status 91 // at the rate specified in the SubmitSecureAggregationResultMetadata. 92 rpc SubmitSecureAggregationResult(SubmitSecureAggregationResultRequest) 93 returns (SubmitSecureAggregationResultResponse) { 94 } 95 96 // A request sent by the client containing information for each other client 97 // j. For each client j, The client provides either the share of noise_sk (if 98 // client j is dead) OR share of prf_sk (if client j is still alive). 99 // 100 // If a client's aggregation result is no longer needed for the aggregation 101 // (e.g. the reporting goal was already reached for the task), the server will 102 // respond with an ABORTED error. 103 // 104 // Clients should use the `ForwardingInfo` from the 105 // `StartSecureAggregationResponse.secagg_protocol_forwarding_info` 106 // response field to construct the URI for this request. 107 rpc Unmask(UnmaskRequest) returns (UnmaskResponse) { 108 } 109} 110 111// --- StartSecureAggregation --- 112message StartSecureAggregationRequest { 113 // The id of the aggregation session this client participates in. This value 114 // was returned by the server when the client was assigned a task. 115 // 116 // Note that HTTP clients set this value in the request URL instead of the 117 // request body. 118 string aggregation_id = 1 119 ; 120 121 // The authorization token returned by the server when the client was assigned 122 // a task. 123 // 124 // Note that HTTP clients set this value in the request URL instead of the 125 // request body. 126 string authorization_token = 2 127 ; 128} 129 130message StartSecureAggregationMetadata {} 131 132message StartSecureAggregationResponse { 133 // Information to construct the URI to use for continuing the secure 134 // aggregation protocol. 135 ForwardingInfo secagg_protocol_forwarding_info = 1; 136 137 // Per-aggregand information. 138 map<string, SecureAggregandExecutionInfo> secure_aggregands = 2; 139 140 // Protocol execution information. 141 SecureAggregationProtocolExecutionInfo protocol_execution_info = 3; 142 143 // Information about where to upload masked result. 144 ByteStreamResource masked_result_resource = 4; 145 146 // Information about where to upload unmasked result (e.g. metrics). 147 ByteStreamResource nonmasked_result_resource = 5; 148 149 // Unique token that the client must include in the subsequent protocol 150 // requests. 151 string client_token = 6; 152} 153 154// Per-aggregand configuration information. 155message SecureAggregandExecutionInfo { 156 // Modulus for secure aggregation. 157 // 158 // The secure aggregation protocol will compute the sum modulo this modulus. 159 // 160 // To achieve equivalence with non-modular summation, the modulus must be 161 // larger than the sum of all client inputs, given the number of clients 162 // participating in the aggregation shard. 163 uint64 modulus = 1; 164} 165 166// Dynamic configuration of the Secure Aggregation protocol. 167message SecureAggregationProtocolExecutionInfo { 168 // Number of clients that a client may exchange data with while running 169 // Secure Aggregation protocol. In the case of a full graph SecAgg protocol 170 // this is a total number of clients that started the protocol. 171 // In the case of subgraph SecAgg protocol this is a number of neighbours 172 // that each client has. 173 int32 expected_number_of_clients = 1; 174 175 // Secure Aggregation client completion threshold. This is a parameter 176 // communicated by the server side of Secure Aggregation protocol to each 177 // client to establish Shamir sharing of secrets. 178 // Additionally, at least `minimum_surviving_clients_for_reconstruction` out 179 // of the initial `expected_number_of_clients` must 'survive' in order for 180 // the protocol to continue on the client side; otherwise the client will 181 // abort its connection. 182 int32 minimum_surviving_clients_for_reconstruction = 2; 183} 184 185// --- AbortSecureAggregation --- 186message AbortSecureAggregationRequest { 187 // The id of the aggregation session this client participates in. This value 188 // was returned by the server when the client was assigned a task. 189 // 190 // Note that HTTP clients set this value in the request URL instead of the 191 // request body. 192 string aggregation_id = 1 193 ; 194 195 // The client token returned by the server when the client was assigned a 196 // task. 197 // 198 // Note that HTTP clients set this value in the request URL instead of the 199 // request body. 200 string client_token = 2 201 ; 202 203 // Status code and optional message for why the secure aggregation protocol 204 // was aborted. 205 Status status = 3; 206} 207 208message AbortSecureAggregationResponse {} 209 210// --- AdvertiseKeys --- 211message AdvertiseKeysRequest { 212 // The id of the aggregation session this client participates in. This value 213 // was returned by the server when the client was assigned a task. 214 // 215 // Note that HTTP clients set this value in the request URL instead of the 216 // request body. 217 string aggregation_id = 1 218 ; 219 220 // The client token returned by the server when the client was assigned a 221 // task. 222 // 223 // Note that HTTP clients set this value in the request URL instead of the 224 // request body. 225 string client_token = 2 226 ; 227 228 // A pair of public keys for this client. 229 fcp.secagg.AdvertiseKeys advertise_keys = 3; 230} 231 232message AdvertiseKeysMetadata { 233 // The suggested duration between instances of polling the AdvertiseKeys LRO. 234 google.protobuf.Duration polling_interval = 1; 235} 236 237message AdvertiseKeysResponse { 238 // Information from the server so that the client can participate in the 239 // ShareKeys protocol stage. Contains a list of pairs of public keys, as well 240 // as the logging ID for the SecAgg execution. 241 fcp.secagg.ShareKeysRequest share_keys_server_request = 1; 242} 243 244// --- ShareKeys --- 245message ShareKeysRequest { 246 // The id of the aggregation session this client participates in. This value 247 // was returned by the server when the client was assigned a task. 248 // 249 // Note that HTTP clients set this value in the request URL instead of the 250 // request body. 251 string aggregation_id = 1 252 ; 253 254 // The client token returned by the server when the client was assigned a 255 // task. 256 // 257 // Note that HTTP clients set this value in the request URL instead of the 258 // request body. 259 string client_token = 2 260 ; 261 262 // Information about the client's participation in the ShareKeys protocol 263 // stage. Contains a list of encrypted pairs of key shares (one for each other 264 // client). 265 fcp.secagg.ShareKeysResponse share_keys_client_response = 3; 266} 267 268message ShareKeysMetadata { 269 // The suggested duration between instances of polling the ShareKeys LRO. 270 google.protobuf.Duration polling_interval = 1; 271} 272 273message ShareKeysResponse { 274 // Information from the server so that the client can submit its masked 275 // result. Contains a list of shares of other clients' keys encrypted and 276 // intended for the client who receives this message. 277 fcp.secagg.MaskedInputCollectionRequest 278 masked_input_collection_server_request = 1; 279} 280 281// --- SubmitSecureAggregationResult --- 282message SubmitSecureAggregationResultRequest { 283 // The id of the aggregation session this client participates in. This value 284 // was returned by the server when the client was assigned a task. 285 // 286 // Note that HTTP clients set this value in the request URL instead of the 287 // request body. 288 string aggregation_id = 1 289 ; 290 291 // The client token returned by the server when the client was assigned a 292 // task. 293 // 294 // Note that HTTP clients set this value in the request URL instead of the 295 // request body. 296 string client_token = 2 297 ; 298 299 // Name of the resource to which the masked result was uploaded. The blob 300 // uploaded at masked_input_resource name must contain a serialized 301 // fcp.secagg.MaskedInputCollectionResponse message. 302 string masked_result_resource_name = 3; 303 304 // Name of the resource to which the nonmasked result was uploaded. 305 string nonmasked_result_resource_name = 4; 306} 307 308message SubmitSecureAggregationResultMetadata { 309 // The suggested duration between instances of polling the 310 // SubmitSecureAggregationResult LRO. 311 google.protobuf.Duration polling_interval = 1; 312} 313 314message SubmitSecureAggregationResultResponse { 315 // Information from the server so that the client can participate in the 316 // Unmasking protocol stage. 317 fcp.secagg.UnmaskingRequest unmasking_server_request = 1; 318} 319 320// --- Unmask --- 321message UnmaskRequest { 322 // The id of the aggregation session this client participates in. This value 323 // was returned by the server when the client was assigned a task. 324 // 325 // Note that HTTP clients set this value in the request URL instead of the 326 // request body. 327 string aggregation_id = 1 328 ; 329 330 // The client token returned by the server when the client was assigned a 331 // task. 332 // 333 // Note that HTTP clients set this value in the request URL instead of the 334 // request body. 335 string client_token = 2 336 ; 337 338 // Information about the client's participation in the Unmasking protocol 339 // stage. 340 fcp.secagg.UnmaskingResponse unmasking_client_response = 3; 341} 342 343message UnmaskResponse {} 344