Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

elliptic -> @noble/* #59

Merged
merged 25 commits into from
Apr 2, 2024
Merged

elliptic -> @noble/* #59

merged 25 commits into from
Apr 2, 2024

Conversation

nicolasbrugneaux
Copy link
Contributor

@nicolasbrugneaux nicolasbrugneaux commented Jan 11, 2024
edited
Loading

Description

elliptic is deprecated and old, we're replacing it with an audited and maintained pkg called @noble/curves

The goal of the PR is also to replace most "handcrafted cryptography" by audited and maintained libraries.

[Closes #22]

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jan 11, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 10bf4d8

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 19 packages
Name Type
@celo/cryptographic-utils Minor
@celo/wallet-base Minor
@celo/utils Major
@celo/base Minor
@celo/wallet-hsm Minor
@celo/wallet-hsm-azure Minor
@celo/wallet-hsm-aws Minor
@celo/wallet-rpc Minor
@celo/wallet-hsm-gcp Minor
@celo/wallet-ledger Minor
@celo/wallet-remote Minor
@celo/wallet-local Minor
@celo/governance Patch
@celo/explorer Patch
@celo/celocli Patch
@celo/connect Patch
@celo/contractkit Patch
@celo/keystores Patch
@celo/phone-utils Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@socket-security Socket Security
Copy link

socket-security bot commented Jan 12, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@aws-sdk/[email protected] None +1 3.59 MB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 3.15 MB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 183 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 454 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 256 kB aws-sdk-bot
npm/@aws-sdk/[email protected] environment 0 17.4 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 40.5 kB aws-sdk-bot
npm/@aws-sdk/[email protected] environment 0 27 kB aws-sdk-bot
npm/@aws-sdk/[email protected] shell 0 22.3 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 32.2 kB aws-sdk-bot
npm/@aws-sdk/[email protected] environment, filesystem 0 28.7 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 70.9 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 16.4 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 57 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 17.9 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 18.5 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 18.9 kB aws-sdk-bot
npm/@aws-sdk/[email protected] environment 0 17.5 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 73.4 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 38.6 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 17.7 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 25.5 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 24 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 26.4 kB aws-sdk-bot
npm/@aws-sdk/[email protected] filesystem 0 246 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 16.1 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 44 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 18 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 19.1 kB aws-sdk-bot
npm/@aws-sdk/[email protected] None 0 24.1 kB aws-sdk-bot
npm/@noble/[email protected] None 0 613 kB paulmillr
npm/@noble/[email protected] None +1 2.16 MB paulmillr
npm/@oclif/[email protected] environment, network +4 439 kB salesforce-releases
npm/@scure/[email protected] None 0 58.7 kB paulmillr
npm/@scure/[email protected] None 0 374 kB paulmillr
npm/@sigstore/[email protected] None 0 92.6 kB bdehamer
npm/@sigstore/[email protected] None +1 112 kB bdehamer
npm/@types/[email protected] None 0 31.6 kB types
npm/@types/[email protected] None 0 3.67 kB types
npm/[email protected] None 0 541 kB hargasinski
npm/[email protected] Transitive: network +16 417 kB salesforce-releases
npm/[email protected] None 0 66.1 kB dominik_g
npm/[email protected] None 0 73.1 kB ethan_arrowood

🚮 Removed packages: npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected], npm/@celo/[email protected], npm/@oclif/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@nicolasbrugneaux nicolasbrugneaux self-assigned this Jan 16, 2024
@nicolasbrugneaux nicolasbrugneaux marked this pull request as ready for review January 18, 2024 09:51
@nicolasbrugneaux nicolasbrugneaux requested a review from a team as a code owner January 18, 2024 09:51
@nicolasbrugneaux nicolasbrugneaux force-pushed the elliptic-more-like-byelliptic branch from 97f268e to 0e116b8 Compare January 18, 2024 17:33
@nicolasbrugneaux
Copy link
Contributor Author

Running into issues with the sdk/wallets/wallet-aws-hsm tests. Kinda stuck on it atm

@nicolasbrugneaux nicolasbrugneaux changed the title WIP: elliptic -> @noble/* elliptic -> @noble/* Jan 24, 2024
@nicolasbrugneaux nicolasbrugneaux mentioned this pull request Jan 24, 2024
Closed
@aaronmgdr
Copy link
Member

probably worth a patch bump changeset stating that elipitical was removed

@nicolasbrugneaux nicolasbrugneaux force-pushed the elliptic-more-like-byelliptic branch from f3a5e80 to 1814ea2 Compare January 24, 2024 17:13
@nicolasbrugneaux
Copy link
Contributor Author

Hi @kobigurk I'm kindly requesting you to have a look at this pull-request as your expertise would be greatly appreciated!

@arthurgousset
Copy link
Contributor

Asked for an owner (re point of contact with Kobi) on Slack.

@arthurgousset
Copy link
Contributor

@mcortesi suggested I contact @kobigurk directly with Telegram.

@nicolasbrugneaux
Merge branch 'master' into elliptic-more-like-byelliptic
93f59c6
@nicolasbrugneaux
Merge branch 'master' into elliptic-more-like-byelliptic
c29fafb
@nicolasbrugneaux
fix: web3 resolution
ff8b1bf
@nicolasbrugneaux
Refactor: dependencies dedup (such as keccaak, bip, etc) (#139)
1c6d202 
* test: add bls regression tests

* refactor: more deps gone

* refactor: types

* refactor: getWordList

* refactor: more deps gone

* fix: utils

* fix: keccak hash

* fix: various buffer fixes

* fix: force keccak to consider string as bytes

* chore: update docs

* fix: type

* refactor: rlp -> @ethereumjs/rlp

* refactor: eth-lib removal wip

* refactor: eth-lib removal

* chore: regenerate docs

* fix: ensure no 0x-prefixed string is passed to hextobytes

* fix: update snapshot

* fix: ensure r,s,v are 0x prefixed

* chore: regenerate docs

* test: bls

* test: some more signing-utils tests

* chore: regenerate docs

* chore: regenerate docs

* fix: web3 resolution

* fix: ledger SignMessage

* chore: add note

* chore: regenerate docs
@nicolasbrugneaux
chore: remove comment
cec4db7
@nicolasbrugneaux
chore: changesets
9004f38
@nicolasbrugneaux
chore: changesets wording
e354920
@nicolasbrugneaux
chore: changesets wording
9f907ac
@nicolasbrugneaux nicolasbrugneaux requested review from aaronmgdr and a team and removed request for aaronmgdr April 2, 2024 09:25
@nicolasbrugneaux nicolasbrugneaux enabled auto-merge (squash) April 2, 2024 11:06
@nicolasbrugneaux nicolasbrugneaux merged commit 38b2631 into master Apr 2, 2024
18 checks passed
@nicolasbrugneaux nicolasbrugneaux deleted the elliptic-more-like-byelliptic branch April 2, 2024 12:07
@github-actions github-actions bot mentioned this pull request Apr 2, 2024
Merged
@github-actions github-actions bot mentioned this pull request Jul 24, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aaronmgdr aaronmgdr aaronmgdr approved these changes

@shazarre shazarre shazarre approved these changes

@kobigurk kobigurk Awaiting requested review from kobigurk

Assignees

@nicolasbrugneaux nicolasbrugneaux

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security issue: insecure cryptography is used
4 participants
@nicolasbrugneaux @aaronmgdr @arthurgousset @shazarre