misaradmin/synor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
synor/crates/synor-crypto-wasm/README.md
Gulshan Yadav b22c1b89f0 feat: Phase 7 production readiness improvements 
- Add SYNOR_BOOTSTRAP_PEERS env var for runtime seed node configuration
- Implement secrets provider abstraction for faucet wallet key security
  (supports file-based secrets in /run/secrets for production)
- Create WASM crypto crate foundation for web wallet (Ed25519, BIP-39)
- Add DEPLOYMENT.md guide for testnet deployment
- Add SECURITY_AUDIT_SCOPE.md for external security audit preparation
- Document seed node deployment process in synor-network

Security improvements:
- Faucet now auto-detects /run/secrets for secure key storage
- CORS already defaults to specific origins (https://faucet.synor.cc)
- Bootstrap peers now configurable at runtime without recompilation
2026-01-08 07:21:14 +05:30

88 lines
2.3 KiB
Markdown
Raw Blame History

# Synor Crypto WASM
WASM-compatible cryptography library for the Synor web wallet.
## Current Features
- **Ed25519 Signatures**: Full support via `ed25519-dalek` (pure Rust)
- **BIP-39 Mnemonics**: 12-24 word phrases for key generation
- **Bech32m Addresses**: Synor address encoding/decoding
- **BLAKE3/SHA3 Hashing**: Cryptographic hash functions
- **HKDF Key Derivation**: Secure key derivation
## Building
```bash
# Build for web (requires wasm-pack)
wasm-pack build --target web --out-dir pkg
# Build for Node.js
wasm-pack build --target nodejs --out-dir pkg-node
```
## Usage in JavaScript
```javascript
import init, { Keypair, Mnemonic } from 'synor-crypto-wasm';
await init();
// Generate mnemonic
const mnemonic = new Mnemonic(24);
console.log(mnemonic.phrase());
// Create keypair
const keypair = Keypair.fromMnemonic(mnemonic.phrase(), "");
console.log(keypair.address("mainnet"));
// Sign message
const message = new TextEncoder().encode("Hello Synor!");
const signature = keypair.sign(message);
// Verify
const valid = keypair.verify(message, signature);
```
## Dilithium3 Post-Quantum Support
### Current Status: Pending
The native `synor-crypto` crate uses `pqcrypto-dilithium` which relies on C
bindings and does not compile to WASM. Options for WASM-compatible Dilithium3:
1. **pqc-crystals-dilithium** - Pure Rust, may work with WASM
2. **ML-DSA reference** - FIPS 204 standard (formerly Dilithium)
3. **Emscripten build** - Compile C implementation to WASM
### Roadmap
1. [x] Ed25519 basic support
2. [x] BIP-39 mnemonic generation
3. [x] Address encoding
4. [ ] Dilithium3 signatures (requires WASM-compatible library)
5. [ ] Hybrid Ed25519 + Dilithium verification
6. [ ] Kyber key encapsulation (post-quantum key exchange)
### Workaround
Until native Dilithium3 WASM is available, the web wallet can:
1. Use Ed25519-only addresses for now
2. Submit hybrid-signed transactions to a backend that adds Dilithium signatures
3. Or use a WASM module compiled via Emscripten
## Security Notes
- Keys are zeroized on drop
- Uses `getrandom` with `js` feature for secure randomness in browsers
- No side-channel resistance in signature timing (use constant-time ops for production)
## Testing
```bash
# Run Rust tests
cargo test
# Run WASM tests in browser
wasm-pack test --headless --chrome
```
Reference in a new issue View git blame Copy permalink