cloudflare / voprf-ts

A TypeScript library for Oblivious Pseudorandom Functions
BSD 3-Clause "New" or "Revised" License
28 stars 12 forks source link

Switch to @noble/curves #25

Closed paulmillr closed 1 year ago

paulmillr commented 1 year ago

curves recently got out. This could be an opportunity to:

  1. Make API synchronous
  2. Improve compatibility with environments where EC is not available in native webcrypto
  3. Add support for additional curves, such as secp256k1, or any other curve, including custom ones.

As a side note, you're using hash-to-curve which is also implemented in curves. We will probably publish an audit of the library some time soon.

I have started working on the pull request for voprf-ts, and now half-way there. Would you folks accept it?

armfazh commented 1 year ago

Hi, what about providing a group interface (./src/group.ts) so we can plug different implementations of group, say sjcl and noble.

paulmillr commented 1 year ago

@armfazh right now my fork has all calls to sjcl replaced with calls to curves. The interfaces (Scalar, Elt) are similar, however i've replaced calls to sjcl.bn with native bigint, which means the type are not exact.

How should this be resolved?

Also, should I continue? I don't want to continue if you aren't going to merge this.

paulmillr commented 1 year ago

sjcl seems like piece of shit library, probably 20x slower than noble while having much more code

paulmillr commented 1 year ago

I'm talking about this:

    private constructor(public readonly g: Group, private readonly k: sjcl.bn) {

getting replaced with k: bigint.

paulmillr commented 1 year ago

@armfazh OK, just understood what you've meant. You want to have voprf-ts not depend on any crypto library, right?

This makes sense and could allow easy noble plug-in. However, where would you place noble-based group.ts though? Is it this repo? I don't want to place an abstraction into noble-curves directly because we have enough abstractions of our own and the new one would only be useful for voprf-ts.

armfazh commented 1 year ago

The PR like any other piece of code must pass through a code review process. So I cannot guarantee anything in advance.

OTOH, I like the idea of using something that is faster, and also secure. The properties of sjcl are well-known.

We can work together to get the changes needed to have noble as a plug-able lib. Feel free to email me for details.

paulmillr commented 1 year ago

After our discussion: what's the decision? Should I pursue this, and if everything is ok after pr review, you would merge it; or you would prefer to keep sjcl?

armfazh commented 1 year ago

Please go for it, it's ok moving to noble.

paulmillr commented 1 year ago

=> #26

sublimator commented 1 year ago

@armfazh

We can work together to get the changes needed to have noble as a plug-able lib. Feel free to email me for details.

I am potentially down to help with that

sublimator commented 1 year ago

@armfazh

Feel free to email me for details.

I emailed you ;)

armfazh commented 1 year ago

Completed in #38