Merge branch 'xx-3003/update-id-creation' of gitlab.com:elixxir/client into...

Merge branch 'xx-3003/update-id-creation' of gitlab.com:elixxir/client into XX-3063/PersonalEphemeralTracking

api/authenticatedChannel.go

@@ -114,7 +114,7 @@ func (c *Client) MakePrecannedContact(precannedID uint) contact.Contact {
 	partnerPubKey := e2eGrp.ExpG(precanned.E2eDhPrivateKey, e2eGrp.NewInt(1))
 
 	return contact.Contact{
-		ID:             precanned.ID,
+		ID:             precanned.ReceptionID,
 		DhPubKey:       partnerPubKey,
 		OwnershipProof: nil,
 		Facts:          make([]fact.Fact, 0),

api/client.go

@@ -194,10 +194,10 @@ func Login(storageDir string, password []byte, parameters params.Network) (*Clie
 	cryptoUser := u.GetCryptographicIdentity()
 
 	//start comms
-	c.comms, err = client.NewClientComms(cryptoUser.GetUserID(),
-		rsa.CreatePublicKeyPem(cryptoUser.GetRSA().GetPublic()),
-		rsa.CreatePrivateKeyPem(cryptoUser.GetRSA()),
-		cryptoUser.GetSalt())
+	c.comms, err = client.NewClientComms(cryptoUser.GetTransmissionID(),
+		rsa.CreatePublicKeyPem(cryptoUser.GetTransmissionRSA().GetPublic()),
+		rsa.CreatePrivateKeyPem(cryptoUser.GetTransmissionRSA()),
+		cryptoUser.GetTransmissionSalt())
 	if err != nil {
 		return nil, errors.WithMessage(err, "failed to load client")
 	}
@@ -346,7 +346,7 @@ func (c *Client) GetHealth() interfaces.HealthTracker {
 	return c.network.GetHealthTracker()
 }
 
-// Returns the switchboard for Registration
+// Returns the switchboard for Identity
 func (c *Client) GetSwitchboard() interfaces.Switchboard {
 	jww.INFO.Printf("GetSwitchboard()")
 	return c.switchboard

api/permissioning.go

@@ -16,7 +16,8 @@ import (
 func (c *Client) registerWithPermissioning() error {
 	userData := c.storage.User()
 	//get the users public key
-	pubKey := userData.GetCryptographicIdentity().GetRSA().GetPublic()
+	transmissionPubKey := userData.GetCryptographicIdentity().GetTransmissionRSA().GetPublic()
+	receptionPubKey := userData.GetCryptographicIdentity().GetReceptionRSA().GetPublic()
 
 	//load the registration code
 	regCode, err := c.storage.GetRegCode()
@@ -26,14 +27,15 @@ func (c *Client) registerWithPermissioning() error {
 	}
 
 	//register with permissioning
-	regValidationSignature, err := c.permissioning.Register(pubKey, regCode)
+	transmissionRegValidationSignature, receptionRegValidationSignature, err := c.permissioning.Register(transmissionPubKey, receptionPubKey, regCode)
 	if err != nil {
 		return errors.WithMessage(err, "failed to register with "+
 			"permissioning")
 	}
 
 	//store the signature
-	userData.SetRegistrationValidationSignature(regValidationSignature)
+	userData.SetTransmissionRegistrationValidationSignature(transmissionRegValidationSignature)
+	userData.SetReceptionRegistrationValidationSignature(receptionRegValidationSignature)
 
 	//update the registration status
 	err = c.storage.ForwardRegistrationStatus(storage.PermissioningComplete)

api/user.go

@@ -26,12 +26,6 @@ const (
 
 // createNewUser generates an identity for cMix
 func createNewUser(rng csprng.Source, cmix, e2e *cyclic.Group) user.User {
-	// RSA Keygen (4096 bit defaults)
-	rsaKey, err := rsa.GenerateKey(rng, rsa.DefaultRSABitLen)
-	if err != nil {
-		jww.FATAL.Panicf(err.Error())
-	}
-
 	// CMIX Keygen
 	// FIXME: Why 256 bits? -- this is spec but not explained, it has
 	// to do with optimizing operations on one side and still preserves
@@ -50,24 +44,51 @@ func createNewUser(rng csprng.Source, cmix, e2e *cyclic.Group) user.User {
 		jww.FATAL.Panicf(err.Error())
 	}
 
+	// RSA Keygen (4096 bit defaults)
+	transmissionRsaKey, err := rsa.GenerateKey(rng, rsa.DefaultRSABitLen)
+	if err != nil {
+		jww.FATAL.Panicf(err.Error())
+	}
+	receptionRsaKey, err := rsa.GenerateKey(rng, rsa.DefaultRSABitLen)
+	if err != nil {
+		jww.FATAL.Panicf(err.Error())
+	}
+
 	// Salt, UID, etc gen
-	salt := make([]byte, SaltSize)
-	n, err := csprng.NewSystemRNG().Read(salt)
+	transmissionSalt := make([]byte, SaltSize)
+	n, err := csprng.NewSystemRNG().Read(transmissionSalt)
+	if err != nil {
+		jww.FATAL.Panicf(err.Error())
+	}
+	if n != SaltSize {
+		jww.FATAL.Panicf("transmissionSalt size too small: %d", n)
+	}
+	transmissionID, err := xx.NewID(transmissionRsaKey.GetPublic(), transmissionSalt, id.User)
+	if err != nil {
+		jww.FATAL.Panicf(err.Error())
+	}
+
+	// Salt, UID, etc gen
+	receptionSalt := make([]byte, SaltSize)
+	n, err = csprng.NewSystemRNG().Read(receptionSalt)
 	if err != nil {
 		jww.FATAL.Panicf(err.Error())
 	}
 	if n != SaltSize {
-		jww.FATAL.Panicf("salt size too small: %d", n)
+		jww.FATAL.Panicf("receptionSalt size too small: %d", n)
 	}
-	userID, err := xx.NewID(rsaKey.GetPublic(), salt, id.User)
+	receptionID, err := xx.NewID(receptionRsaKey.GetPublic(), receptionSalt, id.User)
 	if err != nil {
 		jww.FATAL.Panicf(err.Error())
 	}
 
 	return user.User{
-		ID:               userID.DeepCopy(),
-		Salt:             salt,
-		RSA:              rsaKey,
+		TransmissionID:   transmissionID.DeepCopy(),
+		TransmissionSalt: transmissionSalt,
+		TransmissionRSA:  transmissionRsaKey,
+		ReceptionID:      receptionID.DeepCopy(),
+		ReceptionSalt:    receptionSalt,
+		ReceptionRSA:     receptionRsaKey,
 		Precanned:        false,
 		CmixDhPrivateKey: cmix.NewIntFromBytes(cMixKeyBytes),
 		E2eDhPrivateKey:  e2e.NewIntFromBytes(e2eKeyBytes),
@@ -101,12 +122,15 @@ func createPrecannedUser(precannedID uint, rng csprng.Source, cmix, e2e *cyclic.
 	}
 
 	return user.User{
-		ID:              userID.DeepCopy(),
-		Salt:            salt,
+		TransmissionID:   &userID,
+		TransmissionSalt: salt,
+		ReceptionID:      &userID,
+		ReceptionSalt:    salt,
 		Precanned:        true,
 		E2eDhPrivateKey:  e2e.NewIntFromBytes(e2eKeyBytes),
 		// NOTE: These are dummy/not used
 		CmixDhPrivateKey: cmix.NewInt(1),
-		RSA:              rsaKey,
+		TransmissionRSA:  rsaKey,
+		ReceptionRSA:     rsaKey,
 	}
 }

auth/request.go

@@ -47,7 +47,7 @@ func RequestAuth(partner, me contact.Contact, message string, rng io.Reader,
 	}
 
 	// check that the request is being sent from the proper ID
-	if !me.ID.Cmp(storage.GetUser().ID) {
+	if !me.ID.Cmp(storage.GetUser().TransmissionID) {
 		return errors.Errorf("Authenticated channel request " +
 			"can only be sent from user's identity")
 	}
@@ -116,7 +116,7 @@ func RequestAuth(partner, me contact.Contact, message string, rng io.Reader,
 	jww.INFO.Printf("RequestAuth THEIRPUBKEY: %v", partner.DhPubKey.Bytes())
 
 	/*encrypt payload*/
-	requestFmt.SetID(storage.GetUser().ID)
+	requestFmt.SetID(storage.GetUser().TransmissionID)
 	requestFmt.SetMsgPayload(msgPayloadBytes)
 	ecrFmt.SetOwnership(ownership)
 	ecrPayload, mac := cAuth.Encrypt(newPrivKey, partner.DhPubKey,

bindings/ud.go

@@ -44,7 +44,7 @@ func NewUserDiscovery(client *Client)(*UserDiscovery, error){
 // network signatures are malformed or if the username is taken. Usernames
 // cannot be changed after registration at this time. Will fail if the user is
 // already registered.
-// Registration does not go over cmix, it occurs over normal communications
+// Identity does not go over cmix, it occurs over normal communications
 func (ud *UserDiscovery)Register(username string)error{
 	return ud.ud.Register(username)
 }

bindings/user.go

@@ -16,20 +16,36 @@ type User struct {
 	u *user.User
 }
 
-func (u *User) GetID() []byte {
-	return u.u.ID.Marshal()
+func (u *User) GetTransmissionID() []byte {
+	return u.u.TransmissionID.Marshal()
 }
 
-func (u *User) GetSalt() []byte {
-	return u.u.Salt
+func (u *User) GetReceptionID() []byte {
+	return u.u.ReceptionID.Marshal()
 }
 
-func (u *User) GetRSAPrivateKeyPem() []byte {
-	return rsa.CreatePrivateKeyPem(u.u.RSA)
+func (u *User) GetTransmissionSalt() []byte {
+	return u.u.TransmissionSalt
 }
 
-func (u *User) GetRSAPublicKeyPem() []byte {
-	return rsa.CreatePublicKeyPem(u.u.RSA.GetPublic())
+func (u *User) GetReceptionSalt() []byte {
+	return u.u.ReceptionSalt
+}
+
+func (u *User) GetTransmissionRSAPrivateKeyPem() []byte {
+	return rsa.CreatePrivateKeyPem(u.u.TransmissionRSA)
+}
+
+func (u *User) GetTransmissionRSAPublicKeyPem() []byte {
+	return rsa.CreatePublicKeyPem(u.u.TransmissionRSA.GetPublic())
+}
+
+func (u *User) GetReceptionRSAPrivateKeyPem() []byte {
+	return rsa.CreatePrivateKeyPem(u.u.ReceptionRSA)
+}
+
+func (u *User) GetReceptionRSAPublicKeyPem() []byte {
+	return rsa.CreatePublicKeyPem(u.u.ReceptionRSA.GetPublic())
 }
 
 func (u *User) IsPrecanned() bool {

cmd/init.go

@@ -22,9 +22,9 @@ var initCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		client := createClient()
 		user := client.GetUser()
-		jww.INFO.Printf("User: %s", user.ID)
+		jww.INFO.Printf("User: %s", user.TransmissionID)
 		writeContact(user.GetContact())
-		fmt.Printf("%s\n", user.ID)
+		fmt.Printf("%s\n", user.TransmissionID)
 	},
 }
 

cmd/root.go

@@ -49,7 +49,7 @@ var rootCmd = &cobra.Command{
 		client := initClient()
 
 		user := client.GetUser()
-		jww.INFO.Printf("User: %s", user.ID)
+		jww.INFO.Printf("User: %s", user.TransmissionID)
 		writeContact(user.GetContact())
 
 		// Set up reception handler
@@ -103,7 +103,7 @@ var rootCmd = &cobra.Command{
 		// Set it to myself
 		if recipientID == nil {
 			jww.INFO.Printf("sending message to self")
-			recipientID = user.ID
+			recipientID = user.ReceptionID
 			recipientContact = user.GetContact()
 		}
 
@@ -565,7 +565,7 @@ func init() {
 	viper.BindPFlag("log", rootCmd.PersistentFlags().Lookup("log"))
 
 	rootCmd.Flags().StringP("regcode", "", "",
-		"Registration code (optional)")
+		"Identity code (optional)")
 	viper.BindPFlag("regcode", rootCmd.Flags().Lookup("regcode"))
 
 	rootCmd.Flags().StringP("message", "m", "", "Message to send")

cmd/ud.go

@@ -34,7 +34,7 @@ var udCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		client := initClient()
 		user := client.GetUser()
-		jww.INFO.Printf("User: %s", user.ID)
+		jww.INFO.Printf("User: %s", user.TransmissionID)
 		writeContact(user.GetContact())
 
 		// Set up reception handler

globals/statusEvents.go

@@ -7,9 +7,9 @@
 
 package globals
 
-//Registration
+//Identity
 const REG_KEYGEN = 1       //Generating Cryptographic Keys
-const REG_PRECAN = 2       //Doing a Precanned Registration (Not Secure)
+const REG_PRECAN = 2       //Doing a Precanned Identity (Not Secure)
 const REG_UID_GEN = 3      //Generating User ID
 const REG_PERM = 4         //Validating User Identity With Permissioning Server
 const REG_NODE = 5         //Registering with Nodes

interfaces/user/user.go

@@ -17,9 +17,12 @@ import (
 
 type User struct {
 	//General Identity
-	ID        *id.ID
-	Salt      []byte
-	RSA       *rsa.PrivateKey
+	TransmissionID   *id.ID
+	TransmissionSalt []byte
+	TransmissionRSA  *rsa.PrivateKey
+	ReceptionID      *id.ID
+	ReceptionSalt    []byte
+	ReceptionRSA     *rsa.PrivateKey
 	Precanned        bool
 
 	//cmix Identity
@@ -33,7 +36,7 @@ type User struct {
 
 func (u User) GetContact() contact.Contact {
 	return contact.Contact{
-		ID:       u.ID.DeepCopy(),
+		ID:       u.ReceptionID.DeepCopy(),
 		DhPubKey: u.E2eDhPublicKey,
 		Facts:    make([]fact.Fact, 0),
 	}

network/manager.go

@@ -77,7 +77,7 @@ func NewManager(session *storage.Session, switchboard *switchboard.Switchboard,
 		Health:           health.Init(instance, params.NetworkHealthTimeout),
 		NodeRegistration: make(chan network.NodeGateway, params.RegNodesBufferLen),
 		Instance:         instance,
-		Uid:              session.User().GetCryptographicIdentity().GetUserID(),
+		Uid:              session.User().GetCryptographicIdentity().GetReceptionID(),
 	}
 
 	//create sub managers

network/message/sendCmix.go

@@ -142,7 +142,7 @@ func (m *Manager) SendCMIX(msg format.Message, param params.CMIX) (id.Round, err
 }
 
 // Signals to the node registration thread to register a node if keys are
-// missing. Registration is triggered automatically when the node is first seen,
+// missing. Identity is triggered automatically when the node is first seen,
 // so this should on trigger on rare events.
 func handleMissingNodeKeys(instance *network.Instance,
 	newNodeChan chan network.NodeGateway, nodes []*id.ID) {

network/message/sendUnsafe.go

@@ -52,7 +52,7 @@ func (m *Manager) SendUnsafe(msg message.Send, param params.Unsafe) ([]id.Round,
 		msgCmix := format.NewMessage(m.Session.Cmix().GetGroup().GetP().ByteLen())
 		msgCmix.SetContents(p)
 		msgCmix.SetRecipientID(msg.Recipient)
-		e2e.SetUnencrypted(msgCmix, m.Session.User().GetCryptographicIdentity().GetUserID())
+		e2e.SetUnencrypted(msgCmix, m.Session.User().GetCryptographicIdentity().GetTransmissionID())
 		wg.Add(1)
 		go func(i int) {
 			var err error

network/node/register.go

@@ -55,7 +55,7 @@ func StartRegistration(instance *network.Instance, session *storage.Session, rng
 func registerNodes(session *storage.Session, rngGen *fastRNG.StreamGenerator, comms RegisterNodeCommsInterface,
 	stop *stoppable.Single, c chan network.NodeGateway) {
 	u := session.User()
-	regSignature := u.GetRegistrationValidationSignature()
+	regSignature := u.GetTransmissionRegistrationValidationSignature()
 	uci := u.GetCryptographicIdentity()
 	cmix := session.Cmix()
 
@@ -104,7 +104,7 @@ func registerWithNode(comms RegisterNodeCommsInterface, ngw network.NodeGateway,
 	var transmissionKey *cyclic.Int
 	// TODO: should move this to a precanned user initialization
 	if uci.IsPrecanned() {
-		userNum := int(uci.GetUserID().Bytes()[7])
+		userNum := int(uci.GetTransmissionID().Bytes()[7])
 		h := sha256.New()
 		h.Reset()
 		h.Write([]byte(strconv.Itoa(int(4000 + userNum))))
@@ -126,8 +126,8 @@ func registerWithNode(comms RegisterNodeCommsInterface, ngw network.NodeGateway,
 
 		// Confirm received nonce
 		jww.INFO.Println("Register: Confirming received nonce")
-		err = confirmNonce(comms, uci.GetUserID().Bytes(),
-			nonce, uci.GetRSA(), gatewayID)
+		err = confirmNonce(comms, uci.GetTransmissionID().Bytes(),
+			nonce, uci.GetTransmissionRSA(), gatewayID)
 		if err != nil {
 			errMsg := fmt.Sprintf("Register: Unable to confirm nonce: %v", err)
 			return errors.New(errMsg)
@@ -154,7 +154,7 @@ func requestNonce(comms RegisterNodeCommsInterface, gwId *id.ID, regHash []byte,
 	data := h.Sum(nil)
 
 	// Sign DH pubkey
-	clientSig, err := rsa.Sign(rng, uci.GetRSA(), sha, data, opts)
+	clientSig, err := rsa.Sign(rng, uci.GetTransmissionRSA(), sha, data, opts)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -169,8 +169,8 @@ func requestNonce(comms RegisterNodeCommsInterface, gwId *id.ID, regHash []byte,
 	}
 	nonceResponse, err := comms.SendRequestNonceMessage(host,
 		&pb.NonceRequest{
-			Salt:            uci.GetSalt(),
-			ClientRSAPubKey: string(rsa.CreatePublicKeyPem(uci.GetRSA().GetPublic())),
+			Salt:            uci.GetTransmissionSalt(),
+			ClientRSAPubKey: string(rsa.CreatePublicKeyPem(uci.GetTransmissionRSA().GetPublic())),
 			ClientSignedByServer: &messages.RSASignature{
 				Signature: regHash,
 			},

permissioning/register.go

@@ -14,8 +14,8 @@ import (
 	"gitlab.com/xx_network/crypto/signature/rsa"
 )
 
-func (perm *Permissioning) Register(publicKey *rsa.PublicKey, registrationCode string) ([]byte, error) {
-	return register(perm.comms, perm.host, publicKey, registrationCode)
+func (perm *Permissioning) Register(transmissionPublicKey, receptionPublicKey *rsa.PublicKey, registrationCode string) ([]byte, []byte, error) {
+	return register(perm.comms, perm.host, transmissionPublicKey, receptionPublicKey, registrationCode)
 }
 
 // client.Comms should implement this interface
@@ -26,20 +26,21 @@ type registrationMessageSender interface {
 //register registers the user with optional registration code
 // Returns an error if registration fails.
 func register(comms registrationMessageSender, host *connect.Host,
-	publicKey *rsa.PublicKey, registrationCode string) ([]byte, error) {
+	transmissionPublicKey, receptionPublicKey *rsa.PublicKey, registrationCode string) ([]byte, []byte, error) {
 
 	response, err := comms.
 		SendRegistrationMessage(host,
 			&pb.UserRegistration{
 				RegistrationCode:         registrationCode,
-				ClientRSAPubKey:  string(rsa.CreatePublicKeyPem(publicKey)),
+				ClientRSAPubKey:          string(rsa.CreatePublicKeyPem(transmissionPublicKey)),
+				ClientReceptionRSAPubKey: string(rsa.CreatePublicKeyPem(receptionPublicKey)),
 			})
 	if err != nil {
-		err = errors.Wrap(err, "sendRegistrationMessage: Unable to contact Registration Server!")
-		return nil, err
+		err = errors.Wrap(err, "sendRegistrationMessage: Unable to contact Identity Server!")
+		return nil, nil, err
 	}
 	if response.Error != "" {
-		return nil, errors.Errorf("sendRegistrationMessage: error handling message: %s", response.Error)
+		return nil, nil, errors.Errorf("sendRegistrationMessage: error handling message: %s", response.Error)
 	}
-	return response.ClientSignedByServer.Signature, nil
+	return response.ClientSignedByServer.Signature, response.ClientReceptionSignedByServer.Signature, nil
 }

permissioning/register_test.go

@@ -38,6 +38,10 @@ func (s *MockRegistrationSender) SendRegistrationMessage(host *connect.Host, mes
 			Nonce:     []byte("nonce"),
 			Signature: []byte("sig"),
 		},
+		ClientReceptionSignedByServer: &messages.RSASignature{
+			Nonce:     []byte("receptionnonce"),
+			Signature: []byte("receptionsig"),
+		},
 		Error: s.errInReply,
 	}, s.errSendRegistration
 }
@@ -64,13 +68,16 @@ func TestRegisterWithPermissioning(t *testing.T) {
 	}
 
 	regCode := "flooble doodle"
-	sig, err := register(&sender, sender.getHost, key.GetPublic(), regCode)
+	sig1, sig2, err := register(&sender, sender.getHost, key.GetPublic(), key.GetPublic(), regCode)
 	if err != nil {
 		t.Error(err)
 	}
-	if string(sig) != "sig" {
+	if string(sig1) != "sig" {
 		t.Error("expected signature to be 'sig'")
 	}
+	if string(sig2) != "receptionsig" {
+		t.Error("expected signature to be 'receptionsig'")
+	}
 	if sender.host.String() != sender.getHost.String() {
 		t.Errorf("hosts differed. expected %v, got %v", sender.host, sender.getHost)
 	}
@@ -98,7 +105,7 @@ func TestRegisterWithPermissioning_ResponseErr(t *testing.T) {
 	var sender MockRegistrationSender
 	sender.succeedGetHost = true
 	sender.errInReply = "failure occurred on permissioning"
-	_, err = register(&sender, nil, key.GetPublic(), "")
+	_, _, err = register(&sender, nil, key.GetPublic(), key.GetPublic(), "")
 	if err == nil {
 		t.Error("no error if registration fails on permissioning")
 	}
@@ -115,7 +122,7 @@ func TestRegisterWithPermissioning_ConnectionErr(t *testing.T) {
 	var sender MockRegistrationSender
 	sender.succeedGetHost = true
 	sender.errSendRegistration = errors.New("connection problem")
-	_, err = register(&sender, nil, key.GetPublic(), "")
+	_, _, err = register(&sender, nil, key.GetPublic(), key.GetPublic(), "")
 	if err == nil {
 		t.Error("no error if e.g. context deadline exceeded")
 	}

storage/ephemeral/store.go

+///////////////////////////////////////////////////////////////////////////////
+// Copyright © 2021 xx network SEZC                                          //
+//                                                                           //
+// Use of this source code is governed by a license that can be found in the //
+// LICENSE file                                                              //
+///////////////////////////////////////////////////////////////////////////////
+package ephemeral
+
+import (
+	"github.com/pkg/errors"
+	jww "github.com/spf13/jwalterweatherman"
+	"gitlab.com/elixxir/client/storage/versioned"
+	"sync"
+	"time"
+)
+
+const (
+	storePrefix = "ephemeralTimestamp"
+    ephemeralVersion = 0
+    timestampKey = "timestampKeyStore"
+)
+
+type Store struct {
+	kv        *versioned.KV
+	// Timestamp of last check for ephemeral Ids
+	timestamp time.Time
+	mux       sync.RWMutex
+}
+
+// NewStore creates a new store.
+func NewStore(kv *versioned.KV) (*Store, error) {
+	kv = kv.Prefix(storePrefix)
+	s := &Store{
+		kv:        kv,
+		timestamp: time.Time{},
+	}
+
+	return s, s.save()
+}
+
+// loads the ephemeral storage object
+func LoadStore(kv *versioned.KV) (*Store, error) {
+	kv = kv.Prefix(storePrefix)
+	s := &Store{
+		timestamp: time.Time{},
+		kv:        kv,
+	}
+
+	obj, err := kv.Get(timestampKey)
+	if err != nil {
+		return nil, err
+	}
+
+	if err = s.unmarshal(obj.Data); err != nil {
+		return nil, err
+	}
+
+	return s, nil
+}
+
+// Returns the stored timestamp. If a timestamp is empty, we check disk.
+// If the disk's timestamp is empty. we return an error.
+// Otherwise, we return the valid timestamp found
+func (s *Store) GetTimestamp() (time.Time, error) {
+	s.mux.RLock()
+	defer 	s.mux.RUnlock()
+
+	ts := s.timestamp
+
+	// Check that t
+	if ts.Equal(time.Time{}) {
+		obj, err := s.kv.Get(timestampKey)
+		if err != nil {
+			return time.Time{}, err
+		}
+
+		ts = time.Time{}
+		if err := ts.UnmarshalBinary(obj.Data); err != nil {
+			return time.Time{}, err
+		}
+
+		// If still an empty time object, then no timestamp exists
+		if ts.Equal(time.Time{}) {
+			return time.Time{}, errors.Errorf("No timestamp has been found")
+		}
+	}
+
+	return ts, nil
+}
+
+// Updates the stored time stamp with the time passed in
+func (s *Store) UpdateTimestamp(ts time.Time) error {
+	s.mux.Lock()
+	defer s.mux.Unlock()
+
+
+	s.timestamp = ts
+
+	if err := s.save(); err != nil {
+		jww.FATAL.Panicf("Failed to update timestamp of last check for ephemeral IDs")
+	}
+
+	return nil
+}
+
+// stores the ephemeral store
+func (s *Store) save() error {
+
+	data, err := s.marshal()
+	if err != nil {
+		return err
+	}
+
+	obj := versioned.Object{
+		Version:   ephemeralVersion,
+		Timestamp: time.Now(),
+		Data:      data,
+	}
+
+	return s.kv.Set(timestampKey, &obj)
+}
+
+// builds a byte representation of the store
+func (s *Store) marshal() ([]byte, error) {
+	return s.timestamp.MarshalBinary()
+}
+
+// restores the data for a store from the byte representation of the store
+func (s *Store) unmarshal(b []byte) error {
+	ts := time.Time{}
+	if err := ts.UnmarshalBinary(b); err != nil {
+		return err
+	}
+
+	s.timestamp = ts
+
+	return nil
+}

storage/ephemeral/store_test.go

+///////////////////////////////////////////////////////////////////////////////
+// Copyright © 2021 xx network SEZC                                          //
+//                                                                           //
+// Use of this source code is governed by a license that can be found in the //
+// LICENSE file                                                              //
+///////////////////////////////////////////////////////////////////////////////
+package ephemeral
+
+