Improve the README #566
Improve the README #566
Conversation
tcharding
force-pushed
the
12-16-readme
branch
from
b0a4f54 to
2d3c143
Compare
|
Needs #565 to get green CI. |
README.md
Outdated
| `rust-secp256k1` is a wrapper around [libsecp256k1](https://github.com/bitcoin-core/secp256k1), | ||
| a C library by Pieter Wuille for producing ECDSA signatures using the SECG curve | ||
| `secp256k1`. This library | ||
| a C library by Pieter Wuille for producing ECDSA signatures using the [SECG](https://www.secg.org/) |
There was a problem hiding this comment.
"for producing ECDSA signatures" sounds weird since it can also verify them and also produce/verify schnorr signatures and also perform ECDH and also tweak the keys and probably something I forgot.
"a C library implementing various cryptographic functions using the SECG curve secp256k1" might be good.
There was a problem hiding this comment.
Used as suggested, note this removes Peter's name - this seems correct since it does not appear in the readme of libsecp256k1 (I thought I remembered seeing it there before but not sure).
cc @sipa in case he would like the attribution to remain.
There was a problem hiding this comment.
We could say "created by Pieter Wuille". But I agree that we should follow the README, which presumably attributes it to "the bitcoin core developers" or something.
There was a problem hiding this comment.
Oh yeah, I didn't mean to drop attribution but it's a good question which attribution is the correct one.
| `--cfg=rust_secp_no_symbol_renaming'` to your `RUSTFLAGS` variable. | ||
| If you want to compile this library without using the bundled symbols (which may be required for | ||
| integration into other build systems), you can do so by adding `--cfg=rust_secp_no_symbol_renaming'` | ||
| to your `RUSTFLAGS` variable. | ||
|
|
There was a problem hiding this comment.
Maybe we could add the information about the limitations of this @apoelstra mentioned while we're at it. I think this should be correct. I suggest putting it right after the heading.
Danger: doing this incorrectly may have catastrophic consequences!
This is mainly intended for applications consisting of various programming languages that intend to link the same library to save space or bundles of multiple binaries coming from the same source.
Do not use this to link to a randomsecp256k1library you found in your OS!
Packaging the library into a separate distribution package could be done with care.
E.g. in Debian if you'd havelibsecp256k1with version1.2.3then all the binaries using it must use>= 1.2.3, << 1.2.4, assuming you will only ever release binary-compatible versions of the package.
This is because there are no binary compatibility guarantees and the library is security-critical.
Note also that unless you're packaging the library for an official repository you should prefix your package and the library with a string specific to you. E.g. if you have a set of packages calledmy-awesome-packagesyou should packagelibsecp256k1aslibmy-awesome-packages-secp256k1and depend on that library/package name from your application.
If you do any of this you must make sure that either every component that depends onlibsecp256kis written to depend on the same version (-syscrate not being duplicated in case of Rust) or that the differing components use static bundled version with the different prefixes.
There was a problem hiding this comment.
E.g. in Debian if you'd have libsecp256k1 with version 1.2.3 then all the binaries using it must use >= 1.2.3, << 1.2.4, assuming you will only ever release binary-compatible versions of the package. This is because there are no binary compatibility guarantees and the library is security-critical.
I don't understand this sentence -- there is only one release of libsecp in existence and it is not in any distribution AFAIK. What distributions have actually packaged is random shit. I'm also not sure why, "if there are no binary compatibility guarantees", merely constraining a version number would provide any value.
I'm also not totally sure who "you" is here -- is in the author of the Rust code, or a distribution maintainer, or a libsecp developer, or what?
Other than this, this text looks good.
There was a problem hiding this comment.
and it is not in any distribution AFAIK
Indeed, this is written in case someone wants to package it. But now I'm thinking it may overlooked anyway. I guess some doc like that should go to the upstream library instead.
I'm also not sure why, "if there are no binary compatibility guarantees", merely constraining a version number would provide any value.
If you control all the packages and make sure you won't release version 1.2.3-2 that is binary-incompatible with 1.2.3-1 then it's OK to update the library. (e.g. if you only made cosmetic changes like documentation or fixed something minor inside a function body)
Basically, if you control the library (package) and make sure it doesn't get confused/swapped with something else then it's OK to link to it from a binary you control.
I'm also not totally sure who "you" is here
The author of the binary using libsecp256k1 and potentially distribution maintainer. (I think they are sometimes the same person? I do make my own packages for some of my own projects but that doesn't make me distribution maintainer...)
There was a problem hiding this comment.
How about If you are packaging software that depends on rust-secp256k1, using this flag to link to another package, make sure you stay within the binary compatibility guarantees of that package. For example, in Debian if you need libsecp256k1 1.2.3, make sure your package requires a version strictly >= 1.2.3 << 1,2.4.
secp256k1-sys/README.md
Outdated
| This crate provides Rust definitions for the FFI structures and methods. | ||
| [Full documentation](https://docs.rs/secp256k1_sys/) | ||
|
|
||
| This is the Foreign Function Interface (FFI) to the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) library. |
There was a problem hiding this comment.
This sounds a bit strange the library is not FFI. The library just provides low-level bindings to the C FFI exposed by libsecp256k1
secp256k1-sys/README.md
Outdated
| [Full documentation](https://docs.rs/secp256k1_sys/) | ||
|
|
||
| This is the Foreign Function Interface (FFI) to the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) library. | ||
| Provides bindings (structures and methods) in Rust for interfacing with `libsecp256k1` in a typesafe manner. |
There was a problem hiding this comment.
The -sys crate is not type safe.
There was a problem hiding this comment.
We could drop the "in a typesafe manner" clause, but in fairness, the bindings are typesafe in that they enforce that you use the correct C types, correct number of arguments to functions, etc.
There was a problem hiding this comment.
you use the correct C types
That's questionable at best. If you happen to be on a platform that defines c_int as i32 and you accidentally hard-code i32 in the code your code suddenly becomes non-portable to platforms that have c_int be a different type (presumably i16 or i64.
They are "sort of safe" yes.
tcharding
force-pushed
the
12-16-readme
branch
2 times, most recently
from
0b3e9cb to
791def3
Compare
|
Force push attempts to implement suggestions, will require close review please. |
secp256k1-sys/README.md
Outdated
| software that depends on `rust-secp256k1`, using this flag to link to another package, make sure you | ||
| stay within the binary compatibility guarantees of that package. For example, in Debian if you need | ||
| `libsecp256k1 1.2.3`, make sure your package requires a version strictly`>= 1.2.3 << 1.2.4`. This is | ||
| because there are no binary compatibility guarantees and the library is security-critical. Note also |
There was a problem hiding this comment.
I think the This is because line doesn't make sense, and should be removed.
secp256k1-sys/README.md
Outdated
| that unless you're packaging the library for an official repository you should prefix your package | ||
| and the library with a string specific to you. E.g. if you have a set of packages called | ||
| `my-awesome-packages` you should package `libsecp256k1` as `libmy-awesome-packages-secp256k1` and | ||
| depend on that library/package name from your application. If you do any of this you must make sure |
There was a problem hiding this comment.
I also think we should drop "If you do any of this..." since it's redundant with the existing warnings and isn't very clear.
|
Force pushed suggested changes. |
tcharding
force-pushed
the
12-16-readme
branch
from
791def3 to
a13297a
Compare
|
Will let @Kixunil review the current text before merging. |
|
Friendly bump when you get a chance please @Kixunil. |
|
Rebase only. |
|
|
||
| - Where `<version-code>` is the secp256k1-sys version number underscored: `0_1_2`. | ||
| - Where `<rev>` is the git revision of `libsecp256k1` to checkout. If you do not specify a revision, | ||
| the script will simply clone the repo and use whatever revision the default branch is pointing to. |
There was a problem hiding this comment.
In 04f2c24:
The new text is now different (and incorrect) where before I think it was just a reflow of the old text.
|
GitHub actions seem to be borked
|
tcharding
force-pushed
the
12-16-readme
branch
3 times, most recently
from
c195600 to
b7e667d
Compare
Improve the secp256k1 readme by: - Use a top level markdown header (level 1) - Add a link to the SECG's website (www.secg.org) - Add a link for `secp256k1` to bitcoin.it explaining the curve Improve the secp256k1-sys readme by: - Mirror secp256k1 readme badges, heading, docs link - Basic cleanup - Use 100 column width - Use backticks - Use capitals
|
Changes in force push:
|
|
For HTML rendering of the two readme files see |
|
Oops, I forgot we were gating this one on @Kixunil. But I think the text is definitely an improvement over the existing text in any case. |
|
No problem, looks fine. |
Improve the README files
Improve the secp256k1 readme by:
Use a top level markdown header (level 1)Use HTML for header and badgessecp256k1to bitcoin.it explaining the curveImprove the secp256k1-sys readme by:
rust-secp256k1readme)