chainsafe / bls-keystore Goto Github PK
View Code? Open in Web Editor NEWImplementation of bls keystore - EIP 2335
License: MIT License
Implementation of bls keystore - EIP 2335
License: MIT License
A github and npm tags would help
After merging #6.
Extract the functionality used in https://github.com/ChainSafe/lodestar/pull/1110/files/c25b0165ac81f2fbcdef5cc6f383af82b052742d#diff-0f27f9fb8dc6f56bc2af257db4c0c97d into its own bls-walletstore
NPM package
Ideally we pull this out into a bls-walletstore library
ChainSafe/lodestar#1110 (comment)
I tested generateKeystore with the path m/12381/3600/asdf/0
and it actually returned a keystore. From what I've read here (https://github.com/ethereum/EIPs/blob/master/EIPS/eip-2334.md) the path must contain only integers and forward slashes (aside from the initial m at the beginning)
I think the version should be locked, because it can be changed in the future by hacker etc.
when upgrading this package in https://github.com/chainsafe/bls-keygen-app, I saw the following warning
warning @chainsafe/bls-keystore > [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
We also have a few dependabot PRs that have popped up so it would probably be good to try and upgrade other deps where possible/needed.
If you generate keystore and then try to import it as an object
Keystore.fromObject(JSON.parse(keystore.stringify()));
It generates error:
Error: .crypto.cipher.message: should match pattern "^([A-Fa-f0-9]{2}){32}$"
For example, a generated keystore looks like
{
"version": 4,
"uuid": "9c2ed357-910f-4c0d-95be-3959abb7ba23",
"path": "m/12381/3600/0/0/0",
"pubkey": "0c71111d4d27fe2cf9a2163c48a75a2f715cf12bbb2b609a8d1a1a00d8f18f4d",
"crypto": {
"kdf": {
"function": "pbkdf2",
"params": {
"dklen": 32,
"c": 262144,
"prf": "hmac-sha256",
"salt": "ab057cd3192eff53fbe13dcd2aa91bdc000f12b44b26cbf0bdddd142c6c6b663"
},
"message": ""
},
"checksum": {
"function": "sha256",
"params": {},
"message": "cc29ccff7e37dab8c2229360693b3bdd66e3d74d999b56fc52cb35a06022b3b6"
},
"cipher": {
"function": "aes-128-ctr",
"params": {
"iv": "54492a730ca676c52eaf4712938e8356"
},
"message": "42c1608033a60f93e562a3bba591ebdffa772e8824331f4405f64388c277c29099487c77fb17325ef37be4cf19c24e5b"
}
}
}
It appears the cipher.message should be hashed?
trying to batch decrypt, but it takes the same amount of time as decrypt individually.
how do I get faster?
Use EIP 2335 password Control codes removal as defined in https://eips.ethereum.org/EIPS/eip-2335
The C0, C1, and Delete control codes are not valid characters in the password and should therefore be stripped from the password. C0 are the control codes between 0x00 - 0x1F (inclusive) and C1 codes lie between 0x80 and 0x9F (inclusive). Delete, commonly known as “backspace”, is the UTF-8 character 7F which must also be stripped. Note that space (Sp UTF-8 0x20) is a valid character in passwords despite it being a pseudo-control character.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.