Skip to content
This repository has been archived by the owner on Mar 7, 2024. It is now read-only.

WIP: updated deps #13

Closed
wants to merge 3 commits into from
Closed

WIP: updated deps #13

wants to merge 3 commits into from

Conversation

gilescope
Copy link

could just do sha2 if this is too racey.

@gilescope gilescope mentioned this pull request Oct 12, 2021
Merged
bkchr
bkchr reviewed Oct 12, 2021
View reviewed changes
Cargo.toml Outdated
hmac = "0.11.0"
schnorrkel = "0.9.1"
zeroize = { version = "1.0.0", default-features = false }
schnorrkel = "0.10.1"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't use that in Substrate. So, we first should check this and make sure nothing breaks.

Copy link
Author

@gilescope gilescope Oct 12, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its used with salt.zeroize(); in fn seed_from_entropyto try and zero the password after. (that is used in a couple of places in substrate)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand your answer.

Copy link
Author

@gilescope gilescope Oct 12, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I commit the above suggestion, then the crate won't compile because zeroize is referenced:

substrate-bip39/src/lib.rs

Line 58 in c56994c

salt.zeroize();

Maybe I misunderstood your initial comment.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I meant that we don't use schnorrkel 0.10.1 in Substrate while that is already released since quite some time. Before we merge this, we should ensure that we can bump schnorrkel in Substrate as well and nothing breaks.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok finally got a combo of this, substrate and schnorrkle that can play nicely together (I think). Let's see how the substrate pr looks...
related PRs: w3f/schnorrkel#76 , paritytech/substrate#10025

@gilescope gilescope mentioned this pull request Oct 13, 2021
Closed
@gilescope gilescope changed the title updated deps WIP: updated deps Oct 14, 2021
@nuke-web3
Copy link
Contributor

if #17 is done, using workspace defined deps from the SDK would likely resolve any need to keep this updated ind.

@andresilva
Copy link
Contributor

Done in paritytech/polkadot-sdk#3579.

@andresilva andresilva closed this Mar 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bkchr bkchr bkchr left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gilescope @nuke-web3 @andresilva @bkchr