iden3 / go-backup Goto Github PK
View Code? Open in Web Editor NEWIdentity Backup and Recovery Library
License: GNU General Public License v3.0
Identity Backup and Recovery Library
License: GNU General Public License v3.0
FF library used, goff, is for 64 bit architectures. There is a patch in https://github.com/iden3/go-iden3-crypto/tree/master/ff that works for 32 bit.
secret
: Move it to go-iden3-crypto
because it uses modular integerff
: Merge into go-iden3-crypto
: where we already have an ff.filecrypt
: Move it to go-iden3-core
.backuplib
: Move it to go-iden3-core
with changes so that it's easy to useTickets
from iden3-mobile
, or walletIt is a go convention to use camel case instead of snake case: https://golang.org/doc/effective_go.html#mixed-caps
I see that there are many constants defined in filecrypt, I think those
constants can stay in uppercase with underscores. Another instance where I
think snake case can be accepted is in variables when writing algorithms that
come from mathematical notation.
Currently encryption outputs a file. We should change this to return a []byte, and then turn this into a file if necessary. Same for decryption.
filecrypt/filecrypt_utils.go
checkError
is a function used to panic if an error
is not nil. This function is used in functions that return errors, so instead
of panicking, the error should be returned. I understand it's very tiresome to
add the snippet:
if err != nil {
return err
}
f, err := open(fname)
if err != nil {
return fmt.Errorf("opening file: %w", err)
}
everywhere, but it's the way go works, and there's no way (yet) to avoid this.
By batch number I refer to a way to keep track of the group of shares that go together to recover Key
In go-iden3-core
we use an interface for the storage. In production the
storage uses disk files, so doing a gob.Encode
on the storage struct will not
keep the DB data. The storage needs to be iterated in order to serialize it and
deserialize it. I think it would fit better the backup api to work with []byte
as input and output for encryption/decryption instead of interface{}
.
For big blobs, appart from []byte
it would be good to consume the data to be
backed in a streaming way, either consuming an io.Reader
or returning an
io.Writer
to avoid having all the data in memory (and do streaming instead).
For smaller pieces of data we can also JSON and automate the encoding / decoding
with a special wrapper over Encrypt/Decrypt
that could be called
EncryptJSON/DecryptJSON
.
io.Reader
struct DB {}
func (db *DB) Read(n int) ([]byte, error) {
}
func main() {
filecrypt.Encrypt(..., db)
}
io.Writer
struct DB {}
func (db *DB) Dump(w io.Writer) {
for {
k, v
w.Write(k, v)
}
}
struct FileCryptBlock {}
func (f *FileCryptBlock) Write([]byte) error {
f.
}
func (f *FileCrypt) GetWriter() (io.Writer, error) {
return FileCryptBlock
}
Filecrypt API simplification proposal. Right now the FileCrypt stores
content in a list that needs to be iterated completely to access a single
element. I would suggest the following changes
ListBlocks() ([][]byte)
: Returns the list of block identifiersEncrypt(identifier []byte, blob []byte, ...)
: Encrypt the binaryidentifier
.Decrypt(identifier []byte, ...) []byte
: Decrypt the blockidentifier
.In go the convention is to call constructor functions starting with New
. I
think func (hdr *fchdr) FillHdr(...)
should be rewritten as func NewHdr(...)
, and func (hdr *fchdr) fromBytes(...)
as func NewHdrFromBytes(...)
.
The entire filecrypt file is not authenticated. This means that there's no
way to detect tampering of the Key Header, Encryption Header, and non-encrypted
filecrypt blocks.
Should go-backup library be integrated into https://github.com/iden3/go-iden3-crypto and https://github.com/iden3/go-iden3-core libraries, or it should be an independent library?
It seems reasonable that most of go-backup library could be integrated within crypto library as there are many features that could be reused such as Shamir's Secret Sharing, block encapsulation, encryption/decryption... Downsides are that crypto library is acvitvely being used and would impose some restrictions on the sort of changes we can do.
In any case, the decision on how to proceed needs to be taken soon.
User should be the one to serialize data before encrypting.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.