Review Kagome crypto

[drskalman]

This include algorithms used in BABE signature, BABE VRF, GRANDPA, Header hash.

[lamafab]

• (?) Currently library is un-audited.
• @drskalman is looking into it.
• Should Soramtisu change the library?

[drskalman]

The only crypto algorithm in the spec to be implemented by the Kagome at the time of delivery are sign and verify as such, the only crypto is happening in:

• Babe.
• Grandpa.

So I need to check:

• [X] schnorrkel/sr25519
  • [X] Babe signing.
  • [X] Babe verification.
  • [X] Babe sign VRF.
  • [X] Babe Verify VRF.
• [ ] ed25519
  • [ ] Grandpa Signing.
  • [ ] Grandpa verification.

[drskalman]

David's list:

• [X] blake2
• [ ] ed25519
• [X] Schnorr's vrf and sr25519 (bindings over Web3’s schnorrkel library)
• [X] twox
• [ ] keccak not required by current spec.
• [ ] sha 1,256,3 not required by current spec.

[drskalman]

Hashers are headers can be found in :

kagome/core/crypto/hasher.hpp

blake2b has been implemented in house? from scratch?:

kagome/core/crypto/blake2/blake2b.c

It is good to know its origin so we don't need to re-audit it.

[drskalman]

xxhash is imported from original implementation:

kagome/core/crypto/twox/twox.cpp::#include%20<xxhash/xxhash.h>

It uses the original hunter package of xxhash which is the official implementation xxhash.

[drskalman]

ed25519 implementation has not been audited but it's been used in hyperledger. It is good to have an audit at some point. https://docs.hunter.sh/en/latest/packages/pkg/iroha-ed25519.html

[drskalman]

All done, following issues are filed which came up in the course of review process:

• [ ] https://github.com/soramitsu/kagome/issues/549
• [ ] https://github.com/soramitsu/kagome/issues/550
• [ ] https://github.com/soramitsu/kagome/issues/551
• [ ] https://github.com/soramitsu/kagome/issues/552
• [ ] https://github.com/soramitsu/kagome/issues/553
• [ ] https://github.com/soramitsu/kagome/issues/554
• [ ] https://github.com/soramitsu/kagome/issues/555