design-principles
crypto
design-principles | crypto | |
---|---|---|
4 | 3 | |
158 | 25 | |
2.5% | - | |
6.7 | 7.2 | |
10 days ago | 5 months ago | |
Bikeshed | TypeScript | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
design-principles
-
The Risks of WebAssembly
I am skeptical of WebAssembly and component-model myself, but that AssemblyScript page seems alarmist and as can be seen in several issues, dcodeIO (from the AssemblyScript community) was definitely not behaving in good faith: https://github.com/w3ctag/design-principles/issues/322
It seems most of the complaints are that selecting UTF-8 as a primary string encoding is "against the practices of the web", which seems patently absurd. I was definitely expecting more along the lines of object models integrating into componentāmodel, rather than mass-tagging people because of string encodings.
- Do not design around third-party tools unless it breaks the Web
- New principle: Do not design around 3rd party tools unless it breaks the Web
-
An Urgent Notice from AssemblyScript
I don't agree with your representation that sanitisation of isolated surrogates constitutes "corruption". As a high-level point, when passing a string from your component to an external one, the external component receives a sanitised copy of your string - the original string is not modified in-place. So you still have access to your original string if you're relying on the presence of isolated surrogates for some reason.
For fairness, I will link below to your concrete example of "corruption", noting that you claim it will render Wasm "the biggest security disaster man ever created for everything". The fundamental bug is in splitting a string at a point which happens to be between two code points which make up an emoji. This kind of mistake can already cause logic and display errors in other parts of the code (e.g. for languages with non-BMP characters) independent of whether components are involved.
https://github.com/w3ctag/design-principles/issues/322
crypto
- Typescript/WASM library with cryptographic operations based on libsodium, Shamir secret sharing, Merkle trees. Runs on Nodejs and the browser. Feedback is encouraged!
-
The Risks of WebAssembly
From my recent experience with WebAssembly developing a cryptographic library for Nodejs and the browser [1], I have to say that once someone needs to use memory allocation, typed arrays from JS to WASM (I did not manage to make the opposite work) etc. it quickly becomes obvious that there is lack of documentation and build system fragmentation that only hurts community growth IMO. If I was less motivated to finish the undertaking, I would just give up and go with libsodium-wrappers or tweetnacljs.
I started with clang targeting wasm32-unknown-unknown-wasm as my build system but this just did not work with malloc/free, unless I was targeting WASI, but if I targeted WASI I would not be able to run the module in the browser except with a polyfill that was hard to set up with C/TS stack. I ended up with emscripten because it was importing the module with all the right helper functions but there I was getting memory errors on debug mode but not in production. I needed to pass the Uint8Arrays from JS to WASM in a very specific way (with HEAP8), otherwise the pointers were not working properly, but I was not able to find this in the documentation. I only found out from a stackoverflow comment somewhere after two weeks of brain melting (why would Uint8Array(memory.buffer, offset, len).byteOffset not work?).
After I compiled the project successfully and the JS was giving the correct results, I decided to compile with -s SINGLE_FILE command in order to make the package as portable as possible, but this increased the size significantly because it translates the bytes into base64 that are then converted into WASM module from JS. A package manager of a compiled language that outputs cross-env JS that solves these problems automagically would be, IMO again, a game changer for the ecosystem. I believe this is what AssemblyScript tries to achieve but I honestly could not make it work for my project after experimenting with it for one or two days.
I get that a lot of the problems come from the incompatibility of browser and Nodejs APIs and different agendas from the various stakeholders, but I would very much like to see these differences be reconciled so that we can have a good developer experience for cross-platform WASM modules, which will lead to more high-performance components for JS, which is a programming language that affects so many people.
[1] https://github.com/deliberative/crypto
- Show HN: WASM/TS library for Ed25519, Shamir secret sharing, AEAD secret boxes
What are some alternatives?
assemblyscript - A TypeScript-like language for WebAssembly.
rawr-x3dh - TypeScript Implementation of X3DH
interface-types
e2esdk - SDK to build end-to-end encrypted web applications
stringref
json-hash - JCS (JSON Canonicalization Scheme), JSON digests, and JSON Merkle hashes
component-model - Repository for design and specification of the Component Model