-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use Keccak256 when hashing for signing #3138
base: main
Are you sure you want to change the base?
Conversation
b93dd87
to
3988cf1
Compare
3988cf1
to
5fa8dd4
Compare
0db975d
to
034f0a0
Compare
034f0a0
to
7fade4e
Compare
Testnet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have only one objection to the PR.
We agree that SHA-3 is almost the same as Keccak256.
However, the implementations are distinct.
Could you put a runtime comparison of the relative speed of SHA-3 vs Keccak256?
@@ -167,7 +166,7 @@ impl Serialize for CryptoHash { | |||
if serializer.is_human_readable() { | |||
serializer.serialize_str(&self.to_string()) | |||
} else { | |||
serializer.serialize_newtype_struct("CryptoHash", &self.0) | |||
serializer.serialize_newtype_struct("CryptoHash", &self.0 .0) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe CryptoHash
deserves an as_bytes
method to avoid the .0 .0
.
@@ -396,6 +393,20 @@ where | |||
} | |||
} | |||
|
|||
// Temporary struct to extend `Keccak256` with `io::Write`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Temporary struct to extend `Keccak256` with `io::Write`. | |
/// Temporary struct to extend `Keccak256` with `io::Write`. |
|
||
integers | ||
} | ||
|
||
/// Returns the bytes that represent the `integers` in little-endian. | ||
fn u64_array_to_le_bytes(integers: [u64; 4]) -> [u8; 32] { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we still using this? (And should we be using this at all?)
@@ -1026,15 +1026,15 @@ mod tests { | |||
fn chain_ids() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might be helpful to add root chains 1 and 2 here as well: They are probably used in a few READMEs, so this serves as documentation where one can look up the hash. It might also simplify any future changes to how chain IDs are computed.
@@ -1333,22 +1333,23 @@ async fn test_multiple_messages_from_different_applications() -> anyhow::Result< | |||
|
|||
// The registration message for the first destination chain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// The registration message for the first destination chain | |
// The registration message for the second destination chain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or we could rename first_message
and second_message
to message0
and message1
and the destination chains similarly. (But keep the *_registration_message
s.)
}, | ||
}; | ||
|
||
// The registration message for the second destination chain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// The registration message for the second destination chain | |
// The registration message for the first destination chain |
How is it relevant for the decision? We're not making a switch because of the performance reasons. |
Motivation
We want to verify Linera blocks on Ethereum (and other EVMs) but they don't have opcodes/precompiles for Sha256 that we're using .
Proposal
Replace Sha256 with Keccak256.
Notice that I'm only changing hashing scheme used in
CryptoHash
struct - i.e. there are still places in the code where we use sha266 (like for example linera views and cache).Test Plan
Release Plan
This is backwards incompatible change.
Links
Closes #3125