constantine
axiom
constantine | axiom | |
---|---|---|
14 | 7 | |
254 | 40 | |
- | - | |
8.4 | 7.0 | |
6 days ago | 6 months ago | |
Nim | Nim | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
constantine
-
A beginner's guide to constant-time cryptography (2017)
Percival cache attacks on Hyperthreading.
I go over some examples here: https://github.com/mratsim/constantine/issues/358#issuecomme...
-
D Programming Language
`when myCondition():` instead of `if myCondition:` is done at compile-time.
Alternatively you can use a `static:` code block to force compile time evaluation. Or tag a function {.compileTime.} or tag function inputs with `static` modifier.
It is possible to create a compiler or an assembler running fully in Nim macros as well:
- https://github.com/mratsim/constantine/blob/master/constanti... (all that file runs at compile-time)
You can also implement Continuation-Passing-Style transformation at compile-time:
- Fast constant-time pairing or elliptic curve based cryptography (Nim/C)
-
Matrix Multiplication Using Only Addition
At a glance this sounds like a re-discovery of addition chains and using them to construct Pippenger algorithm. But applied to matrices instead of group elements.
See: https://github.com/mratsim/constantine/issues/37
-
Elliptic Curve Cryptography Explained
I usually explain extension fields as similar to complex numbers with regards to reals.
I've collected a lot of extension fields references while working on my own implementation: https://github.com/mratsim/constantine/tree/master/constanti...
The best likely being
- Arithmetic of Finite Fields
- Constant-Time Big Numbers: An Introduction
-
just a question that has been lingering on my mind
Regarding your first question, you don't need to attack the hard-drive, for non constant-time crypto you can read power consumption or electromagnetic traces when the secret key is used to reconstruct it: - https://github.com/mratsim/constantine/wiki/Constant-time-arithmetics
-
Const [pdf]
Unfortunate name collision with my constant-time pairing-based cryptography library :/.
https://github.com/mratsim/constantine
-
DSL for Zero Knowledge Proofs
KZG for sure yes, I actually already started implementing them: https://github.com/mratsim/constantine/tree/c2d716b/research/kzg_poly_commit
-
How is Elliptic Curve Cryptography Encryption Fast?
I have a small write-up on various details of elliptic curve crypto implementation here: https://github.com/mratsim/constantine/tree/master/constantine/elliptic
axiom
-
What Are You Building? Share Your Projects
I'm creating a hobby operating system in Nim (early stages). After an initial attempt[0] I decided to start over[1] and document my journey in building it[2]. The focus for me is on learning low-level systems programming and enjoying the journey, rather than building something production ready.
[0] https://github.com/khaledh/axiom
[1] https://github.com/khaledh/fusion
[2] https://0xc0ffee.netlify.app/osdev/01-intro.html
-
D Programming Language
> kernel developers do not allow third party runtimes in the kernel. Even meager Rust's "panic" runtime is a contentious
Much in Linux is contentious :-) which is why the module system is nice. A kernel module for C code requires no permission from Linux-core unless you need it distributed with the kernel (which, yes, might be required for "credibility" - but critically also might not). It may require many decls to access various kernel APIs, but those can be (semi-)automated or just done as-needed. So, Linux kernel policy is not so relevant (at best) which is what I meant by "no special support" (admittedly brief). Kernel coding is always a bit trickier, and you may need to build up some support code to make integration nice, though as well as decl generators.
> Can one disable runtime in Nim completely -- no GC, no exceptions?
To answer your question, and as discussed elsewhere in this subthread, Nim has many options for memory management.. only stdlib seq/string really needs automatic methods. One can disable the runtime completely via os:standalone and statically check that no exceptions are raised with Nim's effect system (and there are also both setjmp & goto based exception impls which may/may not be workable in Linux/BSD kernel module settings). As "proof more by example", a few people have written OS kernels in Nim recently[1,2] and there was another toy kernel long ago[3].
People have also written OS kernels in Go which "has a GC and runtime".[4] So, I acknowledge it's not quite the same example, but I also see no fundamental blockers for kernel modules.
[1] https://github.com/khaledh/axiom
[2] https://prosepoetrycode.potterpcs.net/2023/01/a-barebones-ke...
[3] https://github.com/dom96/nimkernel
[4] https://github.com/mit-pdos/biscuit/
-
Was Rust Worth It?
I gave Rust a few chances, and always came out hating its complexity. I needed a systems programming language to develop a hobby OS[1], and Nim hit the sweet spot of being very ergonomic, optional GC, and great interop with C. I can drop down to assembly any time I want, or write a piece of C code to do something exotic, but the rest of the system is pure Nim. It's also quite fast.
[1] https://github.com/khaledh/axiom
-
Nim v2.0 Released
I've used both to work on a hobby OS project (Nim[1], Zig[2]). I very much prefer Nim. Code is succinct, elegant, and lets you focus on your core logic rather than fighting the language.
Zig is nice and I like its optionals support and error handling approach. But I was put off by its noisy syntax, e.g. !?[]u8 to represent an error union of an optional pointer to a many-pointer of uint8. Also having to prepare and weave allocators throughout most of the code that needs to dynamically allocate (which is most of the code) gets in the way of the main logic. Even little things like string concatenation or formatting becomes a chore. Zig also doesn't have dynamic dispatch, which makes polymorphic code hard to write; you have to work around it through some form of duck typing. In the end I realized that Zig is not for me.
[1] https://github.com/khaledh/axiom
-
Ask HN: Why did Nim not catch-on like wild fire as Rust did?
Niceness is subjective, but Nim is just as valid an addition to that group. Nim compiles to C and has had an --os=standalone mode for like 10 years from its git history, and as mentioned else-thread (https://news.ycombinator.com/item?id=36506087) can be used for Linux kernel modules. Multiple people have written "stub OSes" in it (https://github.com/dom96/nimkernel & further along https://github.com/khaledh/axiom).
While it can use clang as a backend, Nim does not rely upon LLVM support like Zig or Rust (pre-gcc-rust working). Use on embedded devices is fairly popular: https://forum.nim-lang.org/search?q=embedded (or web search).
Latency-wise, for a time, video game programming was a perceived "adoption niche" or maybe "hook" for Nim and games often have stringent frame rendering deadlines. If you are interested in video games, you might appreciate https://github.com/shish/rosettaboy which covers all but Ada in your list with Nim being fastest (on one CPU/version/compiler/etc). Note, however, that cross-PL comparisons are often done by those with much "porting energy" but limited familiarity with any but a few of the PLs. A better way to view it is that "Nim responds well to optimization effort" (like C/Ada/C++/Rust/Zig).
-
Writing a Simple Operating System – From Scratch [pdf]
If anyone is interested, I have a couple of implementations of booting under UEFI and getting a bunch of info about the system (don't expect a functioning system, they just boot and dump some info):
Nim: https://github.com/khaledh/axiom
Zig: https://github.com/khaledh/axiom-zig (this one goes into depth in disassembling ACPI DSDT bytecode)
-
Assembly Nights
I wasn't ready to share it yet, but here it goes[1]. It's at a very early stage, but should give you an idea of how to get things up and running under Nim.
I didn't avoid malloc. I provided a simple bump pointer based heap to get things going. Later I'll have to separate things into a UEFI bootloader and a proper kernel image, each with its own allocator (the bootloader will use UEFI memory allocation services, and the kernel will have its own heap).
[1] https://github.com/khaledh/axiom
What are some alternatives?
blst - Multilingual BLS12-381 signature library
NimForUE - Nim plugin for UE5 with native performance, hot reloading and full interop that sits between C++ and Blueprints. This allows you to do common UE workflows like for example to extend any UE class in Nim and extending it again in Blueprint if you wish so without restarting the editor. The final aim is to be able to do in Nim what you can do in C++
nim-stint - Stack-based arbitrary-precision integers - Fast and portable with natural syntax for resource-restricted devices.
axiom-zig - A 64-bit kernel implemented in Zig
secp256k1 - Optimized C library for EC operations on curve secp256k1
rosettaboy - A gameboy emulator in several different languages
noir - Noir is a domain specific language for zero knowledge proofs
nimkernel - A small kernel written in Nim
Practical-Cryptography-for-Developers-Book - Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Signatures, ECDSA, EdDSA
math-compiler - A simple intel/AMD64 assembly-language compiler for mathematical operations
mbedTLS - An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
linux - Linux kernel source tree