Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trait-based cryptographic routines API to delegate implementation to downstream crates #1213

Closed
blasrodri opened this issue Oct 17, 2022 · 5 comments · Fixed by #1238
Closed
Assignees
Labels
enhancement New feature or request

Comments

@blasrodri
Copy link
Contributor

blasrodri commented Oct 17, 2022

Description

The goal is to be able to introduce an abstraction that encapsulates a set of everyday cryptographic operations needed
which do not necessarily share the exact underlying implementation details. This is precisely the case when we want to extend the functionality of the Light Client Verifier to support different light clients. Ideally, this could be used within any chain to verify the state of any other chain.

Based on this pr/discussions we've identified a few elements that we want to resolve:

  • an agreed-upon interface (see below for a proposed one by @tony-iqlusion)
  • reduce or eliminate the number of dependencies that are introduced
  • be generic enough on the definition of methods/types so that we're not constraint to a specific implementation (see the discussion about returning a boolean in the signature verification)

Proposed interface;

// https://github.com/informalsystems/tendermint-rs/pull/1138#issuecomment-1161835971

use digest::FixedOutput;
use digest::{consts::U32, Digest};
use tendermint::signature::Signer;
use tendermint::signature::Verifier;

pub trait CryptoProvider {
    type Sha256: Digest + FixedOutput<OutputSize = U32>;

    type EcdsaSecp256k1Signer: Signer<k256::ecdsa::Signature>;
    type EcdsaSecp256k1Verifier: Verifier<k256::ecdsa::Signature>;

    type Ed25519Signer: Signer<ed25519::Signature>;
    type Ed25519Verifier: Verifier<ed25519::Signature>;
}

Definition of "done"

The trait is merged into the main branch, all tests are passed, and there is an external implementation of the trait
for another light client that is successfully implemented using this interface.

@blasrodri blasrodri added the enhancement New feature or request label Oct 17, 2022
@adizere
Copy link
Member

adizere commented Oct 18, 2022

Copying @thanethomson and @mzabaluev as potentially having feedback on this API. Thanks Blas for shepherding this!

@blasrodri
Copy link
Contributor Author

I drafted an implementation of the trait for something similar to what Seun initially proposed. At least this proves that the design of the CryptoProvider is generic enough for us.

@mzabaluev
Copy link
Contributor

The design looks good to me. It enshrines digest (rust-crypto) as the framework that the host must implement the crypto routines through, but tendermint already depends on signature and most implementations in practice are from rust-crypto as well.

@mzabaluev
Copy link
Contributor

An update: I have discarded the CryptoProvider super-trait in #1238.

All crypto functions are available for an alternative implementation in terms of digest and signature traits. We only provide some type aliases and utility traits where the rust-crypto API is being more difficult to use than it should be.

@mzabaluev mzabaluev changed the title Adding a HostFunctions/CryptoProvider trait to delegate implementation to downstream crates Trait-based cryptographic routines API to delegate implementation to downstream crates Dec 15, 2022
@mzabaluev mzabaluev self-assigned this Jan 25, 2023
@blasrodri
Copy link
Contributor Author

🎊🎊❤️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants