Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Compiler v2 #6

Open
wants to merge 31 commits into
base: main
Choose a base branch
from
Open

Compiler v2 #6

Show file tree
Hide file tree
Changes from 30 commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
11b24bb
[compiler-v2] add aptos crypto libraries
welbon Sep 9, 2024
eb119ca
[compiler-v2] add aptos crypto libraries
welbon Sep 9, 2024
0a0f30b
[compiler-v2] add aptos crypto libraries
welbon Sep 9, 2024
8cea51a
fix compile
nkysg Sep 9, 2024
ebabdf4
[compiler-v2] add aptos crypto libraries
welbon Sep 9, 2024
7f41318
[compiler-v2] Fixed compiler error
welbon Sep 9, 2024
a7e0740
[compiler-v2] declare package name to lib
welbon Sep 9, 2024
b0d95f6
[compiler-v2] export CryptoHasher
welbon Sep 10, 2024
acf1e65
[compiler-v2] export aptos_crypto::hash
welbon Sep 10, 2024
e1f350a
[compiler-v2] remove aptos-crytpo hash for debug
welbon Sep 10, 2024
4cb6458
[compiler-v2] add aptos-crytpo hash DummyHasher, CryptoHasher for debug
welbon Sep 10, 2024
0f12f1e
[compiler-v2] add aptos-cryto to compile-v2 module for debug
welbon Sep 10, 2024
b0556b3
[compiler-v2] add aptos-cryto to compile-v2 module for debug
welbon Sep 10, 2024
fd7322b
[compiler-v2] fixed some project error
welbon Sep 10, 2024
fe66294
[compiler-v2] fixed all errors
welbon Sep 11, 2024
0970efe
[compiler-v2] fixed crypto hasher macro derive
welbon Sep 11, 2024
48d79ec
[compiler-v2] fixed crypto hasher macro derive
welbon Sep 11, 2024
9fae41d
[compiler-v2] fixed crypto hasher macro derive
welbon Sep 11, 2024
257ed3c
[compiler-v2] fixed crypto hasher macro derive
welbon Sep 11, 2024
d593443
[compiler-v2] fixed crypto hasher macro derive
welbon Sep 11, 2024
00a04ba
[compiler-v2] add JSONSchema
welbon Sep 11, 2024
95a42b4
[compiler-v2] fixed compiler error for tiny-keccak select 'sha3'
welbon Sep 11, 2024
cce8225
Fix compiler
sanlee42 Sep 11, 2024
d3c5100
[compiler-v2] fixed compiler error for DummyHasher
welbon Sep 11, 2024
2e8b552
re-export some crates and constants (#7)
simonjiao Sep 24, 2024
5ab5176
fix ed25519 fuzzing (#8)
nkysg Sep 28, 2024
e5e9057
add HashValue::from_hex_literal (#9)
nkysg Oct 6, 2024
ca832cc
HashValue supoort from<u64> && as_ref<u8> (#10)
nkysg Oct 9, 2024
17607ac
update openrpc-schema (#11)
nkysg Nov 1, 2024
69ccde1
fix HashValue break serde (#12)
nkysg Nov 22, 2024
a14be64
Fix HashValue serde json (#13)
nkysg Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2,227 changes: 1,597 additions & 630 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

82 changes: 77 additions & 5 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,82 @@
[workspace]
resolver = "2"

members = [
"crates/diem-crypto",
"crates/aptos-crypto",
"crates/aptos-crypto-derive",
"crypto",
"crypto/crypto-macro",
]

default-members = [
"crypto",
]
default-members = ["crypto"]

[workspace.dependencies]
aes-gcm = "0.10.3"
anyhow = "1.0.71"
ark-bn254 = "0.4.0"
ark-bls12-381 = "0.4.0"
ark-ec = "0.4.0"
ark-ff = "0.4.0"
ark-groth16 = "0.4.0"
ark-serialize = "0.4.0"
ark-std = { version = "0.4.0", features = ["getrandom"] }
base64 = "0.13.0"
bcs = { git = "https://github.com/aptos-labs/bcs.git", rev = "d31fab9d81748e2594be5cd5cdf845786a30562d" }
blake2 = "0.10.4"
blst = "0.3.11"
blake2-rfc = "0.2.18"
bulletproofs = { version = "4.0.0" }
bytes = { version = "1.4.0", features = ["serde"] }
byteorder = "1.4.3"
bitvec = "1.0.1"
criterion = "0.3.5"
curve25519-dalek = "3"
curve25519-dalek-ng = "4"
digest = "0.9.0"
ed25519-dalek = { version = "1.0.1", features = ["std", "serde"] }
ff = { version = "0.13", features = ["derive"] }
hex = { version = "0.4.3", features = ["serde"] }
hkdf = "0.10.0"
libsecp256k1 = "0.7.0"
merlin = "3"
more-asserts = "0.3.0"
neptune = { version = "13.0.0", default_features = false }
num-bigint = { version = "0.3.2", features = ["rand"] }
num-integer = "0.1.42"
once_cell = "1.10.0"
openrpc-schema = { git = "https://github.com/starcoinorg/openrpc-rs", rev = "1f2f7d3495e3bd3ef3b6fcf7c4e0602cad090d5e" }
p256 = { version = "0.13.2" }
poseidon-ark = { git = "https://github.com/arnaucube/poseidon-ark.git", rev = "6d2487aa1308d9d3860a2b724c485d73095c1c68" }
proc-macro2 = "1.0.18"
proptest = "1.4.0"
proptest-derive = "0.4.0"
quote = "1.0.6"
rand = "0.7.3"
rand_core = "0.5.1"
ring = { version = "0.16.20", features = ["std"] }
serde = "1.0.193"
serde_json = { version = "1.0.81", features = [
"preserve_order",
"arbitrary_precision",
] } # Note: arbitrary_precision is required to parse u256 in JSON
trybuild = "1.0.80"
serde-name = "0.1.1"
serde_bytes = "0.11.6"
sha2 = "0.9.3"
sha2_0_10_6 = { package = "sha2", version = "0.10.6" }
sha3 = "0.9.1"
signature = "2.1.0"
static_assertions = "1.1.0"
thiserror = "1.0.37"
tiny-keccak = { version = "2.0.2", features = ["sha3"] }
typenum = "1.17.0"
x25519-dalek = "1.2.0"
starcoin-crypto = { path = "crypto" }
starcoin-crypto-macro = { path = "crypto/crypto-macro" }
aptos-crypto = { path = "crates/aptos-crypto", features = ["fuzzing"] }
aptos-crypto-derive = { path = "crates/aptos-crypto-derive" }
syn = { version = "1.0.30", features = ["derive"] }


[profile.dev]
panic = "unwind"
Expand All @@ -16,4 +85,7 @@ panic = "unwind"
debug = false
panic = "unwind"
debug-assertions = false
codegen-units = 1
codegen-units = 1

[patch.crates-io]
x25519-dalek = { git = "https://github.com/aptos-labs/x25519-dalek", branch = "zeroize_v1" }
Comment on lines +90 to +91
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Critical: Update x25519-dalek dependency to use the new official repository

The x25519-dalek repository has been archived and officially moved to curve25519-dalek. Using a custom fork of an archived repository poses security risks:

  1. The fork is 61 commits behind the last version of the archived repository
  2. The official codebase has moved to curve25519-dalek
  3. The fork's only change is removing a version lock on zeroize, which could introduce compatibility issues

Recommendation:

  • Migrate to the new official repository at curve25519-dalek instead of using the archived x25519-dalek fork
  • If specific version constraints are needed for zeroize, handle them in your project's Cargo.toml directly
🔗 Analysis chain

Security review needed for custom x25519-dalek fork.

Using a custom fork of a cryptographic implementation requires careful consideration:

  1. Verify the changes in the "zeroize_v1" branch
  2. Ensure the fork is actively maintained
  3. Document the reason for using this fork

Let me analyze the output we received. The GitHub API response shows:

  1. The fork was last updated on Oct 9, 2024
  2. The zeroize_v1 branch contains only one commit ahead of the base, which removes the version lock on the zeroize dependency (from =1.3 to 1)
  3. The fork is behind by 61 commits from the upstream repository
  4. The upstream repository has an archival notice (from commit message)

Let me get more context about the archival status and any migration notes.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check the fork's commit history and diff from upstream
gh repo view aptos-labs/x25519-dalek --json updatedAt,defaultBranchRef
gh api /repos/aptos-labs/x25519-dalek/compare/dalek-cryptography:main...aptos-labs:zeroize_v1

Length of output: 13203

Script:

#!/bin/bash
# Check the README for archival notice and migration path
curl -s https://raw.githubusercontent.com/dalek-cryptography/x25519-dalek/main/README.md | grep -A 5 -i "archiv\|deprecat\|migrat"

# Check if there's any security advisory
gh api /repos/dalek-cryptography/x25519-dalek/security-advisories

Length of output: 434

24 changes: 24 additions & 0 deletions crates/aptos-crypto-derive/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
[package]
name = "aptos-crypto-derive"
description = "Custom derives for `aptos-crypto`"
version = "0.0.3"

authors = ["Aptos Labs <[email protected]>"]
edition = "2021"
homepage = "https://aptoslabs.com"
license = "Apache-2.0"
publish = false
repository = "https://github.com/aptos-labs/aptos-core"
rust-version = "1.75.0"


[lib]
proc-macro = true

[dependencies]
proc-macro2 = "1.0.38"
quote = "1.0.18"
syn = { version = "1.0.92", features = ["derive", "extra-traits"] }

[dev-dependencies]
anyhow = "1.0.71"
21 changes: 21 additions & 0 deletions crates/aptos-crypto-derive/src/hasher.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
// Copyright © Aptos Foundation
// Parts of the project are originally copyright © Meta Platforms, Inc.
// SPDX-License-Identifier: Apache-2.0

/// Converts a camel-case string to snake-case
pub fn camel_to_snake(text: &str) -> String {
let mut out = String::with_capacity(text.len());
let mut first = true;
text.chars().for_each(|c| {
if !first && c.is_uppercase() {
out.push('_');
out.extend(c.to_lowercase());
} else if first {
first = false;
out.extend(c.to_lowercase());
} else {
out.push(c);
}
});
out
}
Loading