chainsafe / bls-keystore Goto Github PK

A github and npm tags would help

After merging #6.

Extract the functionality used in https://github.com/ChainSafe/lodestar/pull/1110/files/c25b0165ac81f2fbcdef5cc6f383af82b052742d#diff-0f27f9fb8dc6f56bc2af257db4c0c97d into its own bls-walletstore NPM package

Ideally we pull this out into a bls-walletstore library
ChainSafe/lodestar#1110 (comment)

I tested generateKeystore with the path m/12381/3600/asdf/0 and it actually returned a keystore. From what I've read here (https://github.com/ethereum/EIPs/blob/master/EIPS/eip-2334.md) the path must contain only integers and forward slashes (aside from the initial m at the beginning)

I think the version should be locked, because it can be changed in the future by hacker etc.

when upgrading this package in https://github.com/chainsafe/bls-keygen-app, I saw the following warning

warning @chainsafe/bls-keystore > [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.

We also have a few dependabot PRs that have popped up so it would probably be good to try and upgrade other deps where possible/needed.

If you generate keystore and then try to import it as an object

Keystore.fromObject(JSON.parse(keystore.stringify()));

It generates error:
Error: .crypto.cipher.message: should match pattern "^([A-Fa-f0-9]{2}){32}$"

For example, a generated keystore looks like

{
  "version": 4,
  "uuid": "9c2ed357-910f-4c0d-95be-3959abb7ba23",
  "path": "m/12381/3600/0/0/0",
  "pubkey": "0c71111d4d27fe2cf9a2163c48a75a2f715cf12bbb2b609a8d1a1a00d8f18f4d",
  "crypto": {
    "kdf": {
      "function": "pbkdf2",
      "params": {
        "dklen": 32,
        "c": 262144,
        "prf": "hmac-sha256",
        "salt": "ab057cd3192eff53fbe13dcd2aa91bdc000f12b44b26cbf0bdddd142c6c6b663"
      },
      "message": ""
    },
    "checksum": {
      "function": "sha256",
      "params": {},
      "message": "cc29ccff7e37dab8c2229360693b3bdd66e3d74d999b56fc52cb35a06022b3b6"
    },
    "cipher": {
      "function": "aes-128-ctr",
      "params": {
        "iv": "54492a730ca676c52eaf4712938e8356"
      },
      "message": "42c1608033a60f93e562a3bba591ebdffa772e8824331f4405f64388c277c29099487c77fb17325ef37be4cf19c24e5b"
    }
  }
}

It appears the cipher.message should be hashed?

trying to batch decrypt, but it takes the same amount of time as decrypt individually.
how do I get faster?

Use EIP 2335 password Control codes removal as defined in https://eips.ethereum.org/EIPS/eip-2335

The C0, C1, and Delete control codes are not valid characters in the password and should therefore be stripped from the password. C0 are the control codes between 0x00 - 0x1F (inclusive) and C1 codes lie between 0x80 and 0x9F (inclusive). Delete, commonly known as “backspace”, is the UTF-8 character 7F which must also be stripped. Note that space (Sp UTF-8 0x20) is a valid character in passwords despite it being a pseudo-control character.