feat: vat-safe denomHash using noble sha256 #9576
Conversation
Deploying agoric-sdk with
|
| Latest commit: |
58ff687
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://0945a778.agoric-sdk.pages.dev |
| Branch Preview URL: | https://dc-vatsafe-denomhash.agoric-sdk.pages.dev |
dckc
force-pushed
the
dc-vatSafe-denomHash
branch
from
66a8aa2
to
28ee394
Compare
| @@ -0,0 +1,30 @@ | |||
| // @ts-check | |||
| import { sha256 } from '@noble/hashes/sha256'; | |||
There was a problem hiding this comment.
Watch out for bundler support for "exports" since this pattern will only work when the tools account for package exports.
There was a problem hiding this comment.
Not with this package. It’s pretty narrowly prescribed:
https://github.com/paulmillr/noble-hashes/blob/main/package.json#L141-L145
That is, this package cannot be used with bundlers that have not caught up with package exports. There are very few such tools, but node -r esm (loadgen) is among them. Hopefully, there is no risk that this package will get caught up in that, but if you see integration errors to the tune of “I can’t import this”, this is why.
There was a problem hiding this comment.
felgercarb!
loadgen ci failed. :-/
now what do I do? sigh.
There was a problem hiding this comment.
We could fork or PR upstream to package export package relative paths to files with .js extensions. I’m not against forking this into Endo. We do that for Base64. We could harden the library. We would have recourse to fall through to native on XS if that becomes available.
There was a problem hiding this comment.
I’m not against forking this into Endo. We do that for Base64.
I like that idea enough to reify it as an issue:
I'll pursue other options in parallel, so it's not necessarily critical path.
There was a problem hiding this comment.
loadgen fixed with 58ff687
Downstream imports won't get the patch but they don't need it.
| return [...new Uint8Array(buffer)] | ||
| .map(x => x.toString(16).padStart(2, '0')) | ||
| .join(''); |
There was a problem hiding this comment.
Reasonably concise. An intermediate allocation might be avoidable with Array.prototype.map.call(new Uint8Array(buffer), x => x.toString(16).padStart(2, '0').
There was a problem hiding this comment.
turns out @noble/hashes/utils has a bytesToHex, so I'm going with that.
| path = `${portId}/${channelId}`, | ||
| denom, | ||
| }) => { | ||
| const h = sha256.create().update(`${path}/${denom}`).digest(); |
There was a problem hiding this comment.
Could avoid an allocation with digestInto, using the same Uint8Array view for both this and toHex.
dckc
force-pushed
the
dc-vatSafe-denomHash
branch
from
f6d787b
to
ec76c10
Compare
|
@kriskowal @0xpatrickdev PTAAL. It turns out that after I got it working in a Compartment, I changed the Also, I flipped the build-vs-buy switch on |
dckc
force-pushed
the
dc-vatSafe-denomHash
branch
from
ec76c10
to
7e2e90d
Compare
| @@ -0,0 +1,30 @@ | |||
| // @ts-check | |||
| import { sha256 } from '@noble/hashes/sha256'; | |||
There was a problem hiding this comment.
We could fork or PR upstream to package export package relative paths to files with .js extensions. I’m not against forking this into Endo. We do that for Base64. We could harden the library. We would have recourse to fall through to native on XS if that becomes available.
dckc
force-pushed
the
dc-vatSafe-denomHash
branch
from
7e2e90d
to
e33b31c
Compare
turadg
force-pushed
the
dc-vatSafe-denomHash
branch
2 times, most recently
from
0a9b736
to
92a0751
Compare
turadg
added
force:integration
- @noble/hashes dependency - unit test using bundle Co-Authored-By: Turadg Aleahmad <turadg@agoric.com>
turadg
force-pushed
the
dc-vatSafe-denomHash
branch
from
92a0751
to
58ff687
Compare
|
@dckc Out of curiosity, how did you measure the bundle size? I'm wondering if it would be reduced by a roll-your-own const hexForByte = Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0'));
const bytesToHex = bytes => {
let hex = '';
for (let i = 0; i < bytes.length; i += 1) {
hex += hexForByte[bytes[i]];
}
return hex;
};(but I suspect not, since sha256.ts also imports from utils.js so the savings would only manifest with fine-grained tree-shaking) |
silly me knows better than to not show his work IIRC, I bundled orchestration/test/utils/denomHashEx.js (or a slight variation) and used a recent improvement to |
refs: #9211
Description
Prototyping for #9211 suggests we'll want to be derive IBC denoms using a hash of a path such as
transfer/channel-0/uatom->ibc/27394FB092D2ECCD56123C74F36E4C1F926001CEADA9CA97EA622B25F41E5EB2.I tried to use the sha256 function from
@cosmjs/crypto, but I got error's about node'scryptomodule.@cosmjs/cryptoimports an old version of@noble/hashes. The current version seems to be vat-safe.Scaling Considerations
Compute performance: Doing a sha256 computation on XS in pure JS seems a little whacky. We could consider dropping down to C like we do for base64. But since this is a constant time operation, it doesn't seem worthwhile.
Bundle size: A base64 encoded bundle with just this module seems to be around 500k.
Security Considerations
supply chain: this adds a dependency on the current @noble/hashes, which is reasonably popular (3m weekly downloads) and seems to be well audited.
Documentation Considerations
I'm not sure where this shows up in the orchestration API yet.
Testing Considerations
A test that it works in a compartment is included.
Upgrade Considerations
Unrelated to any deployed code.