Open saklani opened 7 months ago
hi 👋 there's a couple of things i notice here, but the main thing is that this function doesn't accept a node:buffer as an argument. it's a Uint8Array.
perhaps you could test using something like
const sign = await Arweave.crypto.sign(key, new Uint8Array([1,2,3,4]) )
ah, if you wish the result to be the same each time, you need to take away the randomness added by default by salting. you can do this like so:
const sign = await Arweave.crypto.sign(key, new Uint8Array([1,2,3,4]), {saltLength: 0} )
i'm not a Deno or Bun guy, but if Deno & Bun are producing consistent results, perhaps they are using a default saltLength = 0. this is what nodejs uses:
crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN (default) sets it to the maximum permissible value.
Hey! Thanks for the help.
It seems that crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN is undefined
for bun.
For deno and node it is -2
.
But the output don't change if I explicitly set the saltLength
.
import Arweave from "arweave";
import { readFileSync } from "node:fs";
import crypto from "node:crypto";
async function test() {
const arweave = Arweave.init({});
const keyfile = JSON.parse(readFileSync("./keyfile.json").toString());
const sign = await arweave.crypto.sign(
keyfile,
new Uint8Array([1, 2, 3, 4]),
{ saltLength: -2 }
); // Explicit for bun
const result = [];
for (const i of sign.values()) {
result.push(i);
}
console.log(result);
}
test();
I'll try to narrow it down more, seems a bun/deno issue.
I'm reopening this as I'd like to further investigate patching this. Supporting bun/deno would be nice!
Cool I'll link the associated issues for tracking: https://github.com/oven-sh/bun/issues/8831 https://github.com/oven-sh/bun/issues/8832
Currently,
arweave.crypto.sign()
returns different results in runtimes other than node like bun and deno.Minimum Reproducible Example
Node v21.6.0
(changes every time)Bun v1.0.26
(consistent)Deno v1.40.4
(consistent)A lot of downstream libraries seem to be using the crypto driver from this library Including
warp-contracts/warp-arbundles
. This is creating a bit problem since trying to sign a bundled data item seems to fail on non-node runtimes.Any help with regards to this issue will be appreciated.