Consider switching from wasm to pure js

FiloSottile / typage

A TypeScript implementation of the age file encryption format, based on libsodium.

BSD 3-Clause "New" or "Revised" License

105 stars 14 forks source link

Consider switching from wasm to pure js #20

Closed paulmillr closed 4 months ago

paulmillr commented 5 months ago

Libsodium takes a whole lot of space.

There's https://github.com/paulmillr/noble-ciphers which has chacha in pure js and is quite fast. It's unclear what are the priorities of typage.

FiloSottile commented 4 months ago

Hello! I actually experimented with it in https://github.com/FiloSottile/typage/tree/noble and it benchmarked 8x slower. https://bsky.app/profile/filippo.abyssdomain.expert/post/3kgy4fp3vqt2d Is that expected, or maybe something you'd want to look into?

Part of the goal of typage was to demonstrate how to build age on top of libsodium, but once that's done we don't have to stay on libsodium forever.

FiloSottile commented 4 months ago

@humphd, based on your experience with sops-age, if I were to switch away from libsodium.js would it be more beneficial or more annoying-due-to-breakage to remove the top-level async initializer (which is an artifact of how libsodium.js worked), like in https://github.com/FiloSottile/typage/tree/noble? I suppose I could also retain it as a compatibility wrapper 🤔

paulmillr commented 4 months ago

It's unclear how the benchmark was done. There are things which are very slow in JS. Other ones are very fast:

ECC is terribly slow
Scrypt is maybe 1.5-2x slower
SHA256 is very fast, while Blake is considerably slower, because all of its performance comes from parallelization/SIMD (can't be done in JS)
Ciphers are reasonably fast
Hex encoding is actually slow! It should probably be speed-up (easy to do)

For example, if a common "use-case" of age is decrypting 10mb files once per second, then ECC doesn't matter; but speed of ciphers matters.

So. What's the minimum acceptable speed? What's the common use-case you can imagine?

FiloSottile commented 4 months ago

IIRC it was just the test suite, not a rigorous benchmark. The tests are mostly small files, so it tracks with ECC being slow. Maybe using WebCrypto when available (https://github.com/FiloSottile/typage/issues/19) fixes that.

What's the minimum acceptable speed? What's the common use-case you can imagine?

That's the thing with general purpose libraries: who knows! Lots of folks use age with things like SOPS to encrypt secrets in config files, so lots of small files is not uncommon.

paulmillr commented 4 months ago

I see you're adding padding manually -- base64nopad is available, perhaps it would work?

FiloSottile commented 4 months ago

Ah sweet, thank you for the reminder, that's actually why I had sent paulmillr/scure-base#29 :)

humphd commented 4 months ago

@humphd, based on your experience with sops-age, if I were to switch away from libsodium.js would it be more beneficial or more annoying-due-to-breakage to remove the top-level async initializer (which is an artifact of how libsodium.js worked), like in https://github.com/FiloSottile/typage/tree/noble? I suppose I could also retain it as a compatibility wrapper 🤔

It wouldn't matter for what I'm doing, since it gets hidden in other async calls anyway.

paulmillr commented 4 months ago

Compared to 0.1.5, it's now 19x smaller:

age-0.1.5.js: 1.46MB
- minified: 963.3KB
- minified + gzipped: 299.74KB
age-noble.js: 77.73KB
- minified: 38.5KB
- minified + gzipped: 13.93KB