Replaces eosjs-ecc with elliptic #37
Conversation
bradlhart
force-pushed
the
remove-eosjs-ecc-references
branch
from
ec213cd to
ead38bb
Compare
package.json
Outdated
| @@ -22,7 +22,8 @@ | |||
| "bip38": "^2.0.2", | |||
| "bs58": "^4.0.1", | |||
| "classnames": "^2.2.6", | |||
| "eosjs": "^20.0.0", | |||
| "elliptic": "6.5.2", | |||
| "eosjs": "20.0.4-e2c667e.0", | |||
There was a problem hiding this comment.
2 things here
- We don't want to be merging any of this to master. Merging to master is only what we do once we want to release the product (which we don't yet). Please change the base of this branch to
develop. - We will never reference an edge release of eosjs in a
masterPR. I think this is just a consequence of point Update README.md #1, but I wanted to acknowledge the issue separately just to ensure the training...
There was a problem hiding this comment.
Switched the PR to use develop instead of master. Branch/commit were started from develop locally.
src/store/auths/authsActions.ts
Outdated
| @@ -81,7 +83,9 @@ export const authAdd = (nickname: string, privateKey: string, passphrase: string | |||
| throw new Error('Invalid Passphrase') | |||
| } | |||
|
|
|||
| if (!isValidPrivate(privateKey)) { | |||
| try { | |||
| PrivateKey.fromString(privateKey).toElliptic() | |||
There was a problem hiding this comment.
it'll fail on the first part; you can remove .toElliptic()
There was a problem hiding this comment.
src/utils/Api.ts
Outdated
| @@ -17,7 +17,7 @@ export default class Api { | |||
| private chainId: string | |||
|
|
|||
| constructor(abis: HexAbi[], publicKeys: string[], chainId: string) { | |||
| this.rpc = new JsonRpc(null) // provide null chainURL to ensure vault isn't reaching out to chain for info | |||
| this.rpc = new JsonRpc('') // provide null chainURL to ensure vault isn't reaching out to chain for info | |||
There was a problem hiding this comment.
Why must this be empty string? What was changed that required this? Was that change really necessary?
Also, if this is necessary, let's move this into the function as a default arg value to make the function robust against bad input and not burden clients with having to know to add this arg to their calls.
There was a problem hiding this comment.
I've made PRs on eosjs to resolve the issue on eosjs side (two options to either allow or error)
EOSIO/eosjs#631
EOSIO/eosjs#632
As for this package, I believe changing it to an empty string is the better option since the JsonRpc constructor is expecting a string for endpoint with TS. Using null instead is not good practice and is circumventing type checking. I'm updating to change "provide null chainURL" to "provide empty chainURL" though.
src/utils/Api.ts
Outdated
| @@ -17,7 +17,7 @@ export default class Api { | |||
| private chainId: string | |||
|
|
|||
| constructor(abis: HexAbi[], publicKeys: string[], chainId: string) { | |||
| this.rpc = new JsonRpc(null) // provide null chainURL to ensure vault isn't reaching out to chain for info | |||
| this.rpc = new JsonRpc('') // provide empty chainURL to ensure vault isn't reaching out to chain for info | |||
There was a problem hiding this comment.
Can we just remove this value altogether? This still makes me uncomfortable because it looks like you have to pass an empty string where we used to have to pass null. If there's no value, there should just be no value, and we should default the value or deal with no value internally. Using a value as a non-value is not high on the coolness scale... :)
package.json
Outdated
| @@ -22,7 +22,8 @@ | |||
| "bip38": "^2.0.2", | |||
| "bs58": "^4.0.1", | |||
| "classnames": "^2.2.6", | |||
There was a problem hiding this comment.
Let's lock these deps
| @@ -96,7 +100,7 @@ export const authAdd = (nickname: string, privateKey: string, passphrase: string | |||
| auths.push({ | |||
| nickname, | |||
| encryptedPrivateKey: await encrypt(privateKey, passphrase), | |||
| publicKey: privateToPublic(privateKey), | |||
There was a problem hiding this comment.
BTW, one option for avoiding breaking this API is to move these toElliptic() and fromElliptic() to a separate EcConversions API, and just keep them completely separate from the primarily API. Then the primary API remains pristine...
There was a problem hiding this comment.
OK, we've now beaten this horse. I agree that we should just put the PublicKey, PrivateKey, and Signature classes in the jssig file and allow people to grab them directly if they choose to. They're just helper functions, and I think that draws that line clearly enough.
jlamarr22
force-pushed
the
remove-eosjs-ecc-references
branch
2 times, most recently
from
910bf0e to
4925d4e
Compare
jlamarr22
force-pushed
the
remove-eosjs-ecc-references
branch
2 times, most recently
from
25ce6e5 to
ec6262e
Compare
src/store/auths/authsActions.ts
Outdated
| @@ -105,6 +110,19 @@ export const authAdd = (nickname: string, privateKey: string, passphrase: string | |||
| } | |||
| } | |||
|
|
|||
| export const recoverPublicKey = (privateKey: string, data: string) => { | |||
There was a problem hiding this comment.
This would ideally be a helper in eosjs or somewhere else since it's so convoluted and requires quite a bit of elliptic knowledge, which could be abstracted away from the consumer.
Changes JsonRpc usages to new eosjs version standard Peer review changes and last ecc reference Locking dependencies bump resolutions Fix issues lock dependencies bump Set RPC to null instead of hard-coding Abstract logic in to auth utils Fix tests Add tests
jlamarr22
force-pushed
the
remove-eosjs-ecc-references
branch
from
ec6262e to
ba3b852
Compare
Change Description
Updated to replace eosjs-ecc references with elliptic. Adjusted tests.
Additionally updated to bump eosjs version to edge. Changed usages of eosjs JsonRpc.
API Changes
Documentation Additions