-
Notifications
You must be signed in to change notification settings - Fork 314
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace ed25519 with libsodium #242
Comments
Agree that However, I think it's worth to consider using the elliptic package instead. It's a pure JS implementation, so it doesn't require pre-built binaries. On my tests it gave me up to 50x performance increase in some cases comparing to the default @johansten Could you please add this package to your benchmark code? To my mind, it's better to use pure JS lib instead of binary wrappers if the performance is roughly the same. The browser code will work faster too in this case. Edit: Just checked bundles generated by Webpack. Apparently, Webpack always includes the |
The I think replacing ed25519 is a good idea. I don't have any opinion about a replacement library, so I'm happy with any defensible position you take @johansten. |
How? |
Searching their repo, it's only imported in tests, am I looking at the right thing? https://github.com/dchest/tweetnacl-js/search?l=JavaScript&q=crypto&type= |
@morleyzhi |
Ah so it does. The browser bundle won't include that import though. |
I've checked out elliptic a bit and it is promising; it gave me a 5-6x speedup. The problem I have with it now is that it adds ~200 kB to the bundle size. I've done some "light" manual tree-shaking, and gotten it down to around half of that, with more to go. |
@johansten |
@orbitlens I can't find elliptic in the js-stellar-base output bundle. There's the whole crc package, all of lodash, and a full sha.js. There's a serious need of tree shaking. I'm not sure how that'd work without restructuring the whole build process though. |
@johansten I'm using Webpack to build application bundles. It has built-in tree shaking and works fine with ES5+. However, by default the bundle includes example.js const {Keypair} = require('stellar-base')
Keypair.random() example-webpack-config.js const path = require('path'),
webpack = require('webpack')
const settings = {
mode: 'production',
entry: {
'bundle': [path.join(__dirname, './app.js')]
},
output: {
path: path.join(__dirname, './distr/'),
filename: '[name].js',
publicPath: '/distr/'
},
module: {
rules: [
{
test: /\.js?$/,
loader: 'babel-loader',
exclude: /node_modules/
}
]
}
}
module.exports = settings It's possible to turn off Webpack's |
You sir are the winner! Found one piece of elliptic hiding in the Stargazer webpack bundle. |
What's the best change to make based on this? |
Dependencies are always going to be a nightmare. I just noticed I have three different versions of |
Many thanks to @morleyzhi for removing dependencies like Agree with @johansten. It seems like One more thing to consider, BigInt has made it to Stage 3. It is already supported in NodeJS 10.8.0+, recent Chrome and Opera. It may be wise to wait a few months and see which library is going to adopt this new standard, some packages (like BigInteger.js lib) have already upgraded. Native BigInt will be much faster than any third-party implementation. A few more thoughts regarding the structure of the dependencies that will allow to squeeze out 200-300 KB more from the bundle:
I'm volunteering to implement those proposals if we all agree on that. |
Gotcha, it sounds like we should wait to see how the |
I like those ideas to reduce the bundle size. I don't think As far as tree-shaking is concerned: I worked on this a few weeks ago but came to the conclusion that it requires a lot of complicated changes, and I'm not positive the output will be worth it. Especially if we can just write Lodash out of the packages. Here's the rough todo list for that, which has to be done to all 3 libs:
You have to very precisely manage your codebase to get tree-shaking working, and I wasn't confident at the time that I could do that in a reasonable amount of time. |
Bignumber.js and BN aren't entirely equal, are they? BN is primarily for large integers and operations on them, Bignumber is for exact math w/ decimals. Edit: I was going to sleep, but now I have to port my all-js reference implementation of ed25519 to BigInt :) |
@morleyzhi It's true, tree shaking requires a lot of consideration, and we need to carefully refactor the code to support it. As I said, I can help you with all other things. This task list of yours doesn't seem to me like it requires a particularly complex refactor. Yes, a lot of work, but it's quite standard. Therefore, if we all agree that it should be done, I can start to work on this tomorrow. @johansten Strictly speaking, most operations require only integer arithmetic, decimals are required only in price approximation ( |
@orbitlens
|
This was closed here: stellar/js-stellar-base@bd6c268 |
ed25519
hasn't been updated in years and is lagging behind what's otherwise available:https://github.com/future-tense/ed25519-dalek#benchmarks
ed25519
might have been a good choice in terms of a smaller binary size, but this only used for node anyway, so the extra bloat doesn't matter as much.I'd suggest libsodium/sodium-native, since that's an actual npm package, and since signature verification isn't that big of a deal; I'd be surprised if most people even know it's in the SDK.
I'd also suggest using the native bindings for key generation, instead of only using it for signing and verification.
Can do the work, just want a go/no-go
The text was updated successfully, but these errors were encountered: