Implement EIP 1024 encryption methods #9893
Comments
jam10o-new
added
F8-enhancement 🎊
|
What's the motivation behind using a different curve? I think currently it's really nice that security-wise, ethereum pretty much relies only on keccak & secp256k1. Using another curve requires additional (potentially unsafe) crypto libraries (or using bindings, which we would really want to avoid) and complicates the case with public keys (a need to communicate them somehow). |
|
Hi @tomusdrw this suggestion was made by crypto-experts (I am not a crypto-expert) who suggest that using the same curve for signing and encryption increases the surface area of attack. The nacl library, which is the library suggested in the EIP, is one of the most well audited crypto libraries available. While there is no official rust version of nacl, I know of one developer who has already begun writing the necessary nacl functions in rust. |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done This issue now has a funding of 1000.0 DAI (1000.0 USD @ $1.0/DAI) attached to it.
|
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done Work has been started. These users each claimed they can complete the work by 11 months ago. 1) shamardy has started work. I would like to work on this issue. In addition to the 3 required methods for requesting an accounts encryption public key, encrypting and decrypting data. I think there should be a method for the generation of curve25519 keypairs from the Ethereum private key. Also which namespace do we use for these methods, do we use the eth_ namespace? I have already implemented eip1024. Learn more on the Gitcoin Issue Details page. |
|
@topealabi thanks for the details, I wonder however what's the reasoning behind having that implemented in the node itself - it's not part of the protocol, it's strictly something that is used on top. For the record, I'd be really hesitant of using
|
|
Haha @tomusdrw I know the developer of If you are still weary we can use a library like ring or rust-crypto for the encryption as long as we can decrypt using another key manger like Metamask. The whole point of this is to be cross-client. Other than that we are happy to take your guidance on where this should live in the Parity stack. |
|
Hey @topealabi do you have a preference for who works on this? It looks like @shamardy and @zachzundel both commented pretty quickly. |
|
Hey @ceresstation, you surely meant @zachzundel as @tomusdrw works at Parity and is overlooking this issue. Please make sure we are carefully aligned on the task/tools before starting any work on this. |
|
Yep, thanks for catching that @Tbaut, just updated, @topealabi @tomusdrw I'll leave it to you both to confirm a candidate :) |
|
Hey @zachzundel looks like @topealabi accepted you, you're good to go :) |
|
Hi @topealabi , should I use nacl-mini or another library? |
|
@zachzundel I think we should use ring, also the Parity folks have promised to provide guidance with this so perhaps we can create a slack channel on gitcoin for higher throughput communication |
|
@tomusdrw is currently OOO, hence the non-responsiveness, please wait for his guidance before starting anything. |
|
Thanks @Tbaut |
|
@zachzundel I'm fine with both TBH (main point is to avoid bringing any dynamically linked libs). The encryption part should be considered heavily experimental though, cause the code is not audited or tested in wild. |
We've (Hyperledger IndySDK core dev team) been building similar functionality in rust to this based on sodium-oxide which wraps libsodium through FFI calls. Are you looking for a pure rust implementation of nacl? I haven't found one of these yet. |
|
@zachzundel Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
Yes, sorry, I am still working on this. I will plan on having a WIP PR out this weekend. |
|
@zachzundel Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
1 similar comment
|
@zachzundel Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done @zachzundel due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
Sorry! I am still working on this!! If I haven’t made any progress in a
couple days I will release it back to the Gitcoin pool
…On Wed, Dec 12, 2018 at 10:16 Gitcoin.co Bot ***@***.***> wrote:
Issue Status: 1. Open 2. *Started* 3. Submitted 4. Done
------------------------------
@zachzundel <https://github.com/zachzundel> due to inactivity, we have
escalated this issue
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817> to
Gitcoin's moderation team. Let us know if you believe this has been done in
error!
- reminder (3 days)
- escalation to mods (6 days)
Funders only: Snooze warnings for 1 day
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817?snooze=1>
| 3 days
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817?snooze=3>
| 5 days
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817?snooze=5>
| 10 days
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817?snooze=10>
| 100 days
<https://gitcoin.co/issue/paritytech/parity-ethereum/9893/1817?snooze=100>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#9893 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AC8zTZbYxWBuuS8pmaRkWPyb3IztOa23ks5u4TnagaJpZM4YY4Q7>
.
|
|
@zachzundel awesome, let us know how we can help |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done @zachzundel due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
hey @zachzundel any updates here? |
|
I am going to relinquish this issue back into the Gitcoin pool. I don't have the time to sort it out. |
|
I would like to continue the work on this issue. I already applied to work on this from gitcoin here #9893 (comment). |
|
Thanks for your efforts @zachzundel @shamardy I will work with the Gitcoin team to get you on-boarded |
|
@shamardy Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
@shamardy @topealabi how are things going here? |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done @shamardy due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
@ceresstation @topealabi Still working on this issue. Should have a PR ready for review in a week. |
|
@shamardy Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done @shamardy due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
|
Hello all, I am currently implementing EIP-1024 here. So far the encryption and generating public key is implemented. Is this bounty still alive? |
|
Ok now done with test. |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done Work for 1000.0 DAI (1000.0 USD @ $1.0/DAI) has been submitted by: @ceresstation please take a look at the submitted work:
|
|
@topealabi @ceresstation I am bit hesitant to accept this EIP in the repo; there's the matter of post-bounty maintenance of the submitted code ofc. Furthermore, the EIP itself is not on the roadmap for upcoming HFs. |
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done The funding of 1000.0 DAI (1000.0 USD @ $1.0/DAI) attached to this issue has been approved & issued to @hskang9.
|
adria0
added
the
A3-stale 🍃
and others
Current Behavior
Geth does not currently provide any encryption methods
Parity currently provides a data encryption method using elliptic curve secp256k1.
Wanted Behavior
A new encryption method that works across different key management softwares. For example a sender could encrypt data with their MetaMask wallet and the receiver could decrypt it with Parity. This new encryption method will use curve25519 as specified in EIP 1024.
EIP 1024 uses a well audited library called nacl. The rust implementation of the necessary nacl functions can be found here
##Definition of Done
You have successfully completed this bounty, when:
The text was updated successfully, but these errors were encountered: