@aztec/foundation 0.0.1-commit.96bb3f7 → 0.0.1-commit.993d52e
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/array/sorted_array.d.ts +6 -1
- package/dest/array/sorted_array.d.ts.map +1 -1
- package/dest/array/sorted_array.js +18 -15
- package/dest/branded-types/block_number.d.ts +4 -1
- package/dest/branded-types/block_number.d.ts.map +1 -1
- package/dest/branded-types/block_number.js +3 -0
- package/dest/branded-types/index.d.ts +2 -1
- package/dest/branded-types/index.d.ts.map +1 -1
- package/dest/branded-types/index.js +1 -0
- package/dest/branded-types/index_within_checkpoint.d.ts +42 -0
- package/dest/branded-types/index_within_checkpoint.d.ts.map +1 -0
- package/dest/branded-types/index_within_checkpoint.js +59 -0
- package/dest/buffer/buffer16.d.ts +4 -1
- package/dest/buffer/buffer16.d.ts.map +1 -1
- package/dest/buffer/buffer32.d.ts +4 -1
- package/dest/buffer/buffer32.d.ts.map +1 -1
- package/dest/collection/array.d.ts +12 -1
- package/dest/collection/array.d.ts.map +1 -1
- package/dest/collection/array.js +51 -0
- package/dest/config/env_var.d.ts +2 -2
- package/dest/config/env_var.d.ts.map +1 -1
- package/dest/config/index.d.ts +5 -1
- package/dest/config/index.d.ts.map +1 -1
- package/dest/config/index.js +29 -0
- package/dest/config/network_config.d.ts +7 -1
- package/dest/config/network_config.d.ts.map +1 -1
- package/dest/config/network_config.js +2 -1
- package/dest/crypto/ecdsa/signature.d.ts +10 -1
- package/dest/crypto/ecdsa/signature.d.ts.map +1 -1
- package/dest/crypto/poseidon/index.d.ts +1 -2
- package/dest/crypto/poseidon/index.d.ts.map +1 -1
- package/dest/crypto/poseidon/index.js +13 -22
- package/dest/crypto/random/randomness_singleton.d.ts +4 -3
- package/dest/crypto/random/randomness_singleton.d.ts.map +1 -1
- package/dest/crypto/random/randomness_singleton.js +4 -4
- package/dest/crypto/secp256k1-signer/utils.d.ts +12 -1
- package/dest/crypto/secp256k1-signer/utils.d.ts.map +1 -1
- package/dest/crypto/secp256k1-signer/utils.js +26 -0
- package/dest/crypto/sync/poseidon/index.d.ts +1 -2
- package/dest/crypto/sync/poseidon/index.d.ts.map +1 -1
- package/dest/crypto/sync/poseidon/index.js +0 -8
- package/dest/curves/bls12/point.d.ts +10 -1
- package/dest/curves/bls12/point.d.ts.map +1 -1
- package/dest/curves/bn254/field.d.ts +2 -1
- package/dest/curves/bn254/field.d.ts.map +1 -1
- package/dest/curves/bn254/field.js +5 -2
- package/dest/curves/grumpkin/point.d.ts +11 -2
- package/dest/curves/grumpkin/point.d.ts.map +1 -1
- package/dest/error/index.d.ts +4 -4
- package/dest/error/index.d.ts.map +1 -1
- package/dest/eth-signature/eth_signature.d.ts +5 -1
- package/dest/eth-signature/eth_signature.d.ts.map +1 -1
- package/dest/eth-signature/eth_signature.js +7 -2
- package/dest/jest/setup.js +4 -1
- package/dest/json-rpc/client/safe_json_rpc_client.d.ts +2 -1
- package/dest/json-rpc/client/safe_json_rpc_client.d.ts.map +1 -1
- package/dest/json-rpc/client/safe_json_rpc_client.js +1 -1
- package/dest/json-rpc/client/undici.d.ts +1 -1
- package/dest/json-rpc/client/undici.d.ts.map +1 -1
- package/dest/json-rpc/client/undici.js +21 -4
- package/dest/json-rpc/fixtures/class_a.d.ts +3 -3
- package/dest/json-rpc/fixtures/class_a.d.ts.map +1 -1
- package/dest/json-rpc/fixtures/class_b.d.ts +3 -3
- package/dest/json-rpc/fixtures/class_b.d.ts.map +1 -1
- package/dest/json-rpc/server/api_key_auth.d.ts +19 -0
- package/dest/json-rpc/server/api_key_auth.d.ts.map +1 -0
- package/dest/json-rpc/server/api_key_auth.js +57 -0
- package/dest/json-rpc/server/index.d.ts +2 -1
- package/dest/json-rpc/server/index.d.ts.map +1 -1
- package/dest/json-rpc/server/index.js +1 -0
- package/dest/json-rpc/server/safe_json_rpc_server.js +1 -1
- package/dest/log/bigint-utils.d.ts +5 -0
- package/dest/log/bigint-utils.d.ts.map +1 -0
- package/dest/log/bigint-utils.js +21 -0
- package/dest/log/gcloud-logger-config.d.ts +1 -1
- package/dest/log/gcloud-logger-config.d.ts.map +1 -1
- package/dest/log/gcloud-logger-config.js +3 -0
- package/dest/log/libp2p_logger.d.ts +5 -2
- package/dest/log/libp2p_logger.d.ts.map +1 -1
- package/dest/log/libp2p_logger.js +14 -4
- package/dest/log/log-filters.d.ts +17 -4
- package/dest/log/log-filters.d.ts.map +1 -1
- package/dest/log/log-filters.js +26 -12
- package/dest/log/pino-logger-server.d.ts +9 -0
- package/dest/log/pino-logger-server.d.ts.map +1 -0
- package/dest/log/pino-logger-server.js +18 -0
- package/dest/log/pino-logger.d.ts +37 -8
- package/dest/log/pino-logger.d.ts.map +1 -1
- package/dest/log/pino-logger.js +121 -28
- package/dest/queue/base_memory_queue.d.ts +2 -2
- package/dest/queue/base_memory_queue.d.ts.map +1 -1
- package/dest/queue/semaphore.d.ts +5 -1
- package/dest/queue/semaphore.d.ts.map +1 -1
- package/dest/retry/index.d.ts +11 -1
- package/dest/retry/index.d.ts.map +1 -1
- package/dest/retry/index.js +11 -0
- package/dest/serialize/buffer_reader.d.ts +14 -4
- package/dest/serialize/buffer_reader.d.ts.map +1 -1
- package/dest/serialize/buffer_reader.js +26 -4
- package/dest/serialize/serialize.d.ts +19 -1
- package/dest/serialize/serialize.d.ts.map +1 -1
- package/dest/serialize/serialize.js +31 -0
- package/dest/timer/date.d.ts +23 -1
- package/dest/timer/date.d.ts.map +1 -1
- package/dest/timer/date.js +29 -0
- package/dest/transport/transport_client.js +2 -2
- package/dest/trees/balanced_merkle_tree_root.d.ts +17 -0
- package/dest/trees/balanced_merkle_tree_root.d.ts.map +1 -0
- package/dest/trees/{balanced_merkle_tree.js → balanced_merkle_tree_root.js} +2 -17
- package/dest/trees/hasher.d.ts +3 -1
- package/dest/trees/hasher.d.ts.map +1 -1
- package/dest/trees/hasher.js +10 -5
- package/dest/trees/index.d.ts +4 -4
- package/dest/trees/index.d.ts.map +1 -1
- package/dest/trees/index.js +3 -3
- package/dest/trees/membership_witness.d.ts +11 -1
- package/dest/trees/membership_witness.d.ts.map +1 -1
- package/dest/trees/membership_witness.js +9 -0
- package/dest/trees/merkle_tree_calculator.d.ts +1 -1
- package/dest/trees/merkle_tree_calculator.d.ts.map +1 -1
- package/dest/trees/merkle_tree_calculator.js +2 -2
- package/dest/trees/sibling_path.d.ts +2 -1
- package/dest/trees/sibling_path.d.ts.map +1 -1
- package/dest/trees/sibling_path.js +2 -2
- package/dest/trees/unbalanced_merkle_tree_calculator.d.ts +2 -2
- package/dest/trees/unbalanced_merkle_tree_calculator.d.ts.map +1 -1
- package/dest/trees/unbalanced_merkle_tree_calculator.js +1 -1
- package/dest/trees/{unbalanced_merkle_tree.d.ts → unbalanced_merkle_tree_root.d.ts} +3 -7
- package/dest/trees/unbalanced_merkle_tree_root.d.ts.map +1 -0
- package/dest/trees/{unbalanced_merkle_tree.js → unbalanced_merkle_tree_root.js} +8 -52
- package/dest/trees/unbalanced_tree_store.d.ts +5 -1
- package/dest/trees/unbalanced_tree_store.d.ts.map +1 -1
- package/dest/trees/unbalanced_tree_store.js +49 -1
- package/dest/types/index.d.ts +4 -2
- package/dest/types/index.d.ts.map +1 -1
- package/dest/types/index.js +3 -0
- package/package.json +25 -4
- package/src/array/sorted_array.ts +22 -17
- package/src/branded-types/block_number.ts +5 -0
- package/src/branded-types/index.ts +1 -0
- package/src/branded-types/index_within_checkpoint.ts +88 -0
- package/src/collection/array.ts +52 -0
- package/src/config/env_var.ts +49 -10
- package/src/config/index.ts +32 -0
- package/src/config/network_config.ts +1 -0
- package/src/crypto/poseidon/index.ts +13 -23
- package/src/crypto/random/randomness_singleton.ts +9 -5
- package/src/crypto/secp256k1-signer/utils.ts +32 -0
- package/src/crypto/sync/poseidon/index.ts +0 -9
- package/src/curves/bn254/field.ts +6 -2
- package/src/eth-signature/eth_signature.ts +7 -1
- package/src/jest/setup.mjs +4 -1
- package/src/json-rpc/client/safe_json_rpc_client.ts +2 -0
- package/src/json-rpc/client/undici.ts +21 -3
- package/src/json-rpc/server/api_key_auth.ts +63 -0
- package/src/json-rpc/server/index.ts +1 -0
- package/src/json-rpc/server/safe_json_rpc_server.ts +1 -1
- package/src/log/bigint-utils.ts +25 -0
- package/src/log/gcloud-logger-config.ts +5 -0
- package/src/log/libp2p_logger.ts +12 -5
- package/src/log/log-filters.ts +29 -11
- package/src/log/pino-logger-server.ts +25 -0
- package/src/log/pino-logger.ts +142 -38
- package/src/queue/base_memory_queue.ts +1 -1
- package/src/queue/semaphore.ts +5 -0
- package/src/retry/index.ts +18 -0
- package/src/serialize/buffer_reader.ts +36 -9
- package/src/serialize/serialize.ts +32 -0
- package/src/timer/date.ts +42 -0
- package/src/transport/transport_client.ts +2 -2
- package/src/trees/{balanced_merkle_tree.ts → balanced_merkle_tree_root.ts} +2 -18
- package/src/trees/hasher.ts +9 -0
- package/src/trees/index.ts +3 -3
- package/src/trees/membership_witness.ts +8 -0
- package/src/trees/merkle_tree_calculator.ts +2 -2
- package/src/trees/sibling_path.ts +2 -2
- package/src/trees/unbalanced_merkle_tree_calculator.ts +1 -2
- package/src/trees/{unbalanced_merkle_tree.ts → unbalanced_merkle_tree_root.ts} +8 -66
- package/src/trees/unbalanced_tree_store.ts +57 -2
- package/src/types/index.ts +6 -1
- package/dest/trees/balanced_merkle_tree.d.ts +0 -22
- package/dest/trees/balanced_merkle_tree.d.ts.map +0 -1
- package/dest/trees/unbalanced_merkle_tree.d.ts.map +0 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { Barretenberg } from '@aztec/bb.js';
|
|
2
2
|
|
|
3
3
|
import { Fr } from '../../curves/bn254/field.js';
|
|
4
4
|
import { type Fieldable, serializeToFields } from '../../serialize/serialize.js';
|
|
@@ -10,9 +10,9 @@ import { type Fieldable, serializeToFields } from '../../serialize/serialize.js'
|
|
|
10
10
|
*/
|
|
11
11
|
export async function poseidon2Hash(input: Fieldable[]): Promise<Fr> {
|
|
12
12
|
const inputFields = serializeToFields(input);
|
|
13
|
-
await
|
|
14
|
-
const api =
|
|
15
|
-
const response = api.poseidon2Hash({
|
|
13
|
+
await Barretenberg.initSingleton();
|
|
14
|
+
const api = Barretenberg.getSingleton();
|
|
15
|
+
const response = await api.poseidon2Hash({
|
|
16
16
|
inputs: inputFields.map(i => i.toBuffer()),
|
|
17
17
|
});
|
|
18
18
|
return Fr.fromBuffer(Buffer.from(response.hash));
|
|
@@ -27,19 +27,9 @@ export async function poseidon2Hash(input: Fieldable[]): Promise<Fr> {
|
|
|
27
27
|
export async function poseidon2HashWithSeparator(input: Fieldable[], separator: number): Promise<Fr> {
|
|
28
28
|
const inputFields = serializeToFields(input);
|
|
29
29
|
inputFields.unshift(new Fr(separator));
|
|
30
|
-
await
|
|
31
|
-
const api =
|
|
32
|
-
const response = api.poseidon2Hash({
|
|
33
|
-
inputs: inputFields.map(i => i.toBuffer()),
|
|
34
|
-
});
|
|
35
|
-
return Fr.fromBuffer(Buffer.from(response.hash));
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
export async function poseidon2HashAccumulate(input: Fieldable[]): Promise<Fr> {
|
|
39
|
-
const inputFields = serializeToFields(input);
|
|
40
|
-
await BarretenbergSync.initSingleton();
|
|
41
|
-
const api = BarretenbergSync.getSingleton();
|
|
42
|
-
const response = api.poseidon2HashAccumulate({
|
|
30
|
+
await Barretenberg.initSingleton();
|
|
31
|
+
const api = Barretenberg.getSingleton();
|
|
32
|
+
const response = await api.poseidon2Hash({
|
|
43
33
|
inputs: inputFields.map(i => i.toBuffer()),
|
|
44
34
|
});
|
|
45
35
|
return Fr.fromBuffer(Buffer.from(response.hash));
|
|
@@ -54,9 +44,9 @@ export async function poseidon2Permutation(input: Fieldable[]): Promise<Fr[]> {
|
|
|
54
44
|
const inputFields = serializeToFields(input);
|
|
55
45
|
// We'd like this assertion but it's not possible to use it in the browser.
|
|
56
46
|
// assert(input.length === 4, 'Input state must be of size 4');
|
|
57
|
-
await
|
|
58
|
-
const api =
|
|
59
|
-
const response = api.poseidon2Permutation({
|
|
47
|
+
await Barretenberg.initSingleton();
|
|
48
|
+
const api = Barretenberg.getSingleton();
|
|
49
|
+
const response = await api.poseidon2Permutation({
|
|
60
50
|
inputs: inputFields.map(i => i.toBuffer()),
|
|
61
51
|
});
|
|
62
52
|
// We'd like this assertion but it's not possible to use it in the browser.
|
|
@@ -75,9 +65,9 @@ export async function poseidon2HashBytes(input: Buffer): Promise<Fr> {
|
|
|
75
65
|
inputFields.push(Fr.fromBuffer(fieldBytes));
|
|
76
66
|
}
|
|
77
67
|
|
|
78
|
-
await
|
|
79
|
-
const api =
|
|
80
|
-
const response = api.poseidon2Hash({
|
|
68
|
+
await Barretenberg.initSingleton();
|
|
69
|
+
const api = Barretenberg.getSingleton();
|
|
70
|
+
const response = await api.poseidon2Hash({
|
|
81
71
|
inputs: inputFields.map(i => i.toBuffer()),
|
|
82
72
|
});
|
|
83
73
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { createLogger } from '../../log/pino-logger.js';
|
|
1
|
+
import { type Logger, type LoggerBindings, createLogger } from '../../log/pino-logger.js';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* A number generator which is used as a source of randomness in the system. If the SEED env variable is set, the
|
|
@@ -12,9 +12,13 @@ export class RandomnessSingleton {
|
|
|
12
12
|
private static instance: RandomnessSingleton;
|
|
13
13
|
|
|
14
14
|
private counter = 0;
|
|
15
|
-
private
|
|
15
|
+
private log: Logger;
|
|
16
16
|
|
|
17
|
-
private constructor(
|
|
17
|
+
private constructor(
|
|
18
|
+
private readonly seed?: number,
|
|
19
|
+
bindings?: LoggerBindings,
|
|
20
|
+
) {
|
|
21
|
+
this.log = createLogger('foundation:randomness_singleton', bindings);
|
|
18
22
|
if (seed !== undefined) {
|
|
19
23
|
this.log.debug(`Using pseudo-randomness with seed: ${seed}`);
|
|
20
24
|
this.counter = seed;
|
|
@@ -23,10 +27,10 @@ export class RandomnessSingleton {
|
|
|
23
27
|
}
|
|
24
28
|
}
|
|
25
29
|
|
|
26
|
-
public static getInstance(): RandomnessSingleton {
|
|
30
|
+
public static getInstance(bindings?: LoggerBindings): RandomnessSingleton {
|
|
27
31
|
if (!RandomnessSingleton.instance) {
|
|
28
32
|
const seed = process.env.SEED ? Number(process.env.SEED) : undefined;
|
|
29
|
-
RandomnessSingleton.instance = new RandomnessSingleton(seed);
|
|
33
|
+
RandomnessSingleton.instance = new RandomnessSingleton(seed, bindings);
|
|
30
34
|
}
|
|
31
35
|
|
|
32
36
|
return RandomnessSingleton.instance;
|
|
@@ -210,3 +210,35 @@ export function recoverPublicKey(hash: Buffer32, signature: Signature, opts: Rec
|
|
|
210
210
|
const publicKey = sig.recoverPublicKey(hash.buffer).toHex(false);
|
|
211
211
|
return Buffer.from(publicKey, 'hex');
|
|
212
212
|
}
|
|
213
|
+
|
|
214
|
+
/** Arbitrary hash used for testing signature recoverability. */
|
|
215
|
+
const PROBE_HASH = Buffer32.fromBuffer(keccak256(Buffer.from('signature-recoverability-probe')));
|
|
216
|
+
|
|
217
|
+
/**
|
|
218
|
+
* Generates a random valid ECDSA signature that is recoverable to some address.
|
|
219
|
+
* Since Signature.random() produces real signatures via secp256k1 signing, the result is always
|
|
220
|
+
* recoverable, but we verify defensively by checking tryRecoverAddress.
|
|
221
|
+
*/
|
|
222
|
+
export function generateRecoverableSignature(): Signature {
|
|
223
|
+
for (let i = 0; i < 100; i++) {
|
|
224
|
+
const sig = Signature.random();
|
|
225
|
+
if (tryRecoverAddress(PROBE_HASH, sig) !== undefined) {
|
|
226
|
+
return sig;
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
throw new Secp256k1Error('Failed to generate a recoverable signature after 100 attempts');
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
/**
|
|
233
|
+
* Generates a random signature where ECDSA address recovery fails.
|
|
234
|
+
* Uses random r/s values (not from real signing) so that r is unlikely to be a valid secp256k1 x-coordinate.
|
|
235
|
+
*/
|
|
236
|
+
export function generateUnrecoverableSignature(): Signature {
|
|
237
|
+
for (let i = 0; i < 100; i++) {
|
|
238
|
+
const sig = new Signature(Buffer32.random(), Buffer32.random(), 27);
|
|
239
|
+
if (tryRecoverAddress(PROBE_HASH, sig) === undefined) {
|
|
240
|
+
return sig;
|
|
241
|
+
}
|
|
242
|
+
}
|
|
243
|
+
throw new Secp256k1Error('Failed to generate an unrecoverable signature after 100 attempts');
|
|
244
|
+
}
|
|
@@ -34,15 +34,6 @@ export function poseidon2HashWithSeparator(input: Fieldable[], separator: number
|
|
|
34
34
|
return Fr.fromBuffer(Buffer.from(response.hash));
|
|
35
35
|
}
|
|
36
36
|
|
|
37
|
-
export function poseidon2HashAccumulate(input: Fieldable[]): Fr {
|
|
38
|
-
const inputFields = serializeToFields(input);
|
|
39
|
-
const api = BarretenbergSync.getSingleton();
|
|
40
|
-
const response = api.poseidon2HashAccumulate({
|
|
41
|
-
inputs: inputFields.map(i => i.toBuffer()),
|
|
42
|
-
});
|
|
43
|
-
return Fr.fromBuffer(Buffer.from(response.hash));
|
|
44
|
-
}
|
|
45
|
-
|
|
46
37
|
/**
|
|
47
38
|
* Runs a Poseidon2 permutation.
|
|
48
39
|
* @param input the input state. Expected to be of size 4.
|
|
@@ -118,14 +118,18 @@ abstract class BaseField {
|
|
|
118
118
|
}
|
|
119
119
|
|
|
120
120
|
cmp(rhs: BaseField): -1 | 0 | 1 {
|
|
121
|
-
|
|
122
|
-
return this.asBigInt === rhsBigInt ? 0 : this.asBigInt < rhsBigInt ? -1 : 1;
|
|
121
|
+
return BaseField.cmpAsBigInt(this.asBigInt, rhs.asBigInt);
|
|
123
122
|
}
|
|
124
123
|
|
|
125
124
|
static cmp(lhs: BaseField, rhs: BaseField): -1 | 0 | 1 {
|
|
126
125
|
return lhs.cmp(rhs);
|
|
127
126
|
}
|
|
128
127
|
|
|
128
|
+
// Actual bigint comparison. Arguments must have been validated previously.
|
|
129
|
+
static cmpAsBigInt(lhs: bigint, rhs: bigint): -1 | 0 | 1 {
|
|
130
|
+
return lhs === rhs ? 0 : lhs < rhs ? -1 : 1;
|
|
131
|
+
}
|
|
132
|
+
|
|
129
133
|
isZero(): boolean {
|
|
130
134
|
return this.asBigInt === 0n;
|
|
131
135
|
}
|
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
import { Buffer32 } from '@aztec/foundation/buffer';
|
|
2
2
|
import { BufferReader, serializeToBuffer } from '@aztec/foundation/serialize';
|
|
3
3
|
|
|
4
|
+
import { secp256k1 } from '@noble/curves/secp256k1';
|
|
4
5
|
import { z } from 'zod';
|
|
5
6
|
|
|
7
|
+
import { randomBytes } from '../crypto/random/index.js';
|
|
6
8
|
import { hasHexPrefix, hexToBuffer } from '../string/index.js';
|
|
7
9
|
|
|
8
10
|
/**
|
|
@@ -77,8 +79,12 @@ export class Signature {
|
|
|
77
79
|
return new Signature(Buffer32.fromBuffer(hexToBuffer(sig.r)), Buffer32.fromBuffer(hexToBuffer(sig.s)), sig.yParity);
|
|
78
80
|
}
|
|
79
81
|
|
|
82
|
+
/** Generates a random valid ECDSA signature with a low s-value by signing a random message with a random key. */
|
|
80
83
|
static random(): Signature {
|
|
81
|
-
|
|
84
|
+
const privateKey = randomBytes(32);
|
|
85
|
+
const message = randomBytes(32);
|
|
86
|
+
const { r, s, recovery } = secp256k1.sign(message, privateKey);
|
|
87
|
+
return new Signature(Buffer32.fromBigInt(r), Buffer32.fromBigInt(s), recovery ? 28 : 27);
|
|
82
88
|
}
|
|
83
89
|
|
|
84
90
|
static empty(): Signature {
|
package/src/jest/setup.mjs
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { parseBooleanEnv } from '@aztec/foundation/config';
|
|
1
2
|
import { overwriteLoggingStream, pinoPrettyOpts } from '@aztec/foundation/log';
|
|
2
3
|
|
|
3
4
|
import pretty from 'pino-pretty';
|
|
@@ -6,4 +7,6 @@ import pretty from 'pino-pretty';
|
|
|
6
7
|
// file so we don't mess up with dependencies in non-testing environments,
|
|
7
8
|
// since pino-pretty messes up with browser bundles.
|
|
8
9
|
// See also https://www.npmjs.com/package/pino-pretty?activeTab=readme#user-content-usage-with-jest
|
|
9
|
-
|
|
10
|
+
if (!parseBooleanEnv(process.env.LOG_JSON)) {
|
|
11
|
+
overwriteLoggingStream(pretty(pinoPrettyOpts));
|
|
12
|
+
}
|
|
@@ -24,6 +24,7 @@ export type SafeJsonRpcClientOptions = {
|
|
|
24
24
|
batchWindowMS?: number;
|
|
25
25
|
maxBatchSize?: number;
|
|
26
26
|
maxRequestBodySize?: number;
|
|
27
|
+
extraHeaders?: Record<string, string>;
|
|
27
28
|
onResponse?: (res: {
|
|
28
29
|
response: any;
|
|
29
30
|
headers: { get: (header: string) => string | null | undefined };
|
|
@@ -129,6 +130,7 @@ export function createSafeJsonRpcClient<T extends object>(
|
|
|
129
130
|
const { response, headers } = await fetch(
|
|
130
131
|
host,
|
|
131
132
|
rpcCalls.map(({ request }) => request),
|
|
133
|
+
config.extraHeaders,
|
|
132
134
|
);
|
|
133
135
|
|
|
134
136
|
if (config.onResponse) {
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { promisify } from 'node:util';
|
|
2
|
+
import { gunzip as gunzipCb, gzip as gzipCb } from 'node:zlib';
|
|
1
3
|
import { Agent, type Dispatcher } from 'undici';
|
|
2
4
|
|
|
3
5
|
import { createLogger } from '../../log/pino-logger.js';
|
|
@@ -5,8 +7,14 @@ import { NoRetryError } from '../../retry/index.js';
|
|
|
5
7
|
import { jsonStringify } from '../convert.js';
|
|
6
8
|
import type { JsonRpcFetch } from './fetch.js';
|
|
7
9
|
|
|
10
|
+
const gzip = promisify(gzipCb);
|
|
11
|
+
const gunzip = promisify(gunzipCb);
|
|
12
|
+
|
|
8
13
|
const log = createLogger('json-rpc:json_rpc_client:undici');
|
|
9
14
|
|
|
15
|
+
/** Minimum request size in bytes to trigger compression. */
|
|
16
|
+
const COMPRESSION_THRESHOLD = 1024;
|
|
17
|
+
|
|
10
18
|
export { Agent };
|
|
11
19
|
|
|
12
20
|
export function makeUndiciFetch(client = new Agent()): JsonRpcFetch {
|
|
@@ -14,14 +22,18 @@ export function makeUndiciFetch(client = new Agent()): JsonRpcFetch {
|
|
|
14
22
|
log.trace(`JsonRpcClient.fetch: ${host}`, { host, body });
|
|
15
23
|
let resp: Dispatcher.ResponseData;
|
|
16
24
|
try {
|
|
25
|
+
const jsonBody = Buffer.from(jsonStringify(body));
|
|
26
|
+
const shouldCompress = jsonBody.length >= COMPRESSION_THRESHOLD;
|
|
17
27
|
resp = await client.request({
|
|
18
28
|
method: 'POST',
|
|
19
29
|
origin: new URL(host),
|
|
20
30
|
path: '/',
|
|
21
|
-
body:
|
|
31
|
+
body: shouldCompress ? await gzip(jsonBody) : jsonBody,
|
|
22
32
|
headers: {
|
|
23
33
|
...extraHeaders,
|
|
24
34
|
'content-type': 'application/json',
|
|
35
|
+
...(shouldCompress && { 'content-encoding': 'gzip' }),
|
|
36
|
+
'accept-encoding': 'gzip',
|
|
25
37
|
},
|
|
26
38
|
});
|
|
27
39
|
} catch (err) {
|
|
@@ -31,13 +43,19 @@ export function makeUndiciFetch(client = new Agent()): JsonRpcFetch {
|
|
|
31
43
|
|
|
32
44
|
let responseJson: any;
|
|
33
45
|
const responseOk = resp.statusCode >= 200 && resp.statusCode <= 299;
|
|
46
|
+
const contentEncoding = resp.headers['content-encoding'];
|
|
34
47
|
try {
|
|
35
|
-
|
|
48
|
+
if (contentEncoding === 'gzip') {
|
|
49
|
+
const jsonBuffer = await gunzip(await resp.body.arrayBuffer());
|
|
50
|
+
responseJson = JSON.parse(jsonBuffer.toString('utf-8'));
|
|
51
|
+
} else {
|
|
52
|
+
responseJson = await resp.body.json();
|
|
53
|
+
}
|
|
36
54
|
} catch {
|
|
37
55
|
if (!responseOk) {
|
|
38
56
|
throw new Error('HTTP ' + resp.statusCode);
|
|
39
57
|
}
|
|
40
|
-
throw new Error(`Failed to parse body as JSON: ${await resp.body.text()}`);
|
|
58
|
+
throw new Error(`Failed to parse body as JSON. encoding: ${contentEncoding}, body: ${await resp.body.text()}`);
|
|
41
59
|
}
|
|
42
60
|
|
|
43
61
|
if (!responseOk) {
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { timingSafeEqual } from 'crypto';
|
|
2
|
+
import type Koa from 'koa';
|
|
3
|
+
|
|
4
|
+
import { sha256 } from '../../crypto/sha256/index.js';
|
|
5
|
+
import { createLogger } from '../../log/index.js';
|
|
6
|
+
|
|
7
|
+
const log = createLogger('json-rpc:api-key-auth');
|
|
8
|
+
|
|
9
|
+
/**
|
|
10
|
+
* Computes the SHA-256 hash of a string and returns it as a Buffer.
|
|
11
|
+
* @param input - The input string to hash.
|
|
12
|
+
* @returns The SHA-256 hash as a Buffer.
|
|
13
|
+
*/
|
|
14
|
+
export function sha256Hash(input: string): Buffer {
|
|
15
|
+
return sha256(Buffer.from(input));
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* Creates a Koa middleware that enforces API key authentication on all requests
|
|
20
|
+
* except the health check endpoint (GET /status).
|
|
21
|
+
*
|
|
22
|
+
* The API key can be provided via the `x-api-key` header or the `Authorization: Bearer <key>` header.
|
|
23
|
+
* Comparison is done by hashing the provided key with SHA-256 and comparing against the stored hash.
|
|
24
|
+
*
|
|
25
|
+
* @param apiKeyHash - The SHA-256 hash of the expected API key as a Buffer.
|
|
26
|
+
* @returns A Koa middleware that rejects requests without a valid API key.
|
|
27
|
+
*/
|
|
28
|
+
export function getApiKeyAuthMiddleware(
|
|
29
|
+
apiKeyHash: Buffer,
|
|
30
|
+
): (ctx: Koa.Context, next: () => Promise<void>) => Promise<void> {
|
|
31
|
+
return async (ctx: Koa.Context, next: () => Promise<void>) => {
|
|
32
|
+
// Allow health check through without auth
|
|
33
|
+
if (ctx.path === '/status' && ctx.method === 'GET') {
|
|
34
|
+
return next();
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
const providedKey = ctx.get('x-api-key') || ctx.get('authorization')?.replace(/^Bearer\s+/i, '');
|
|
38
|
+
if (!providedKey) {
|
|
39
|
+
log.warn(`Rejected admin RPC request from ${ctx.ip}: missing API key`);
|
|
40
|
+
ctx.status = 401;
|
|
41
|
+
ctx.body = {
|
|
42
|
+
jsonrpc: '2.0',
|
|
43
|
+
id: null,
|
|
44
|
+
error: { code: -32000, message: 'Unauthorized: invalid or missing API key' },
|
|
45
|
+
};
|
|
46
|
+
return;
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
const providedHashBuf = sha256Hash(providedKey);
|
|
50
|
+
if (!timingSafeEqual(apiKeyHash, providedHashBuf)) {
|
|
51
|
+
log.warn(`Rejected admin RPC request from ${ctx.ip}: invalid API key`);
|
|
52
|
+
ctx.status = 401;
|
|
53
|
+
ctx.body = {
|
|
54
|
+
jsonrpc: '2.0',
|
|
55
|
+
id: null,
|
|
56
|
+
error: { code: -32000, message: 'Unauthorized: invalid or missing API key' },
|
|
57
|
+
};
|
|
58
|
+
return;
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
await next();
|
|
62
|
+
};
|
|
63
|
+
}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Converts bigint values to strings recursively in a log object to avoid serialization issues.
|
|
3
|
+
*/
|
|
4
|
+
export function convertBigintsToStrings(obj: unknown): unknown {
|
|
5
|
+
if (typeof obj === 'bigint') {
|
|
6
|
+
return String(obj);
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
if (Array.isArray(obj)) {
|
|
10
|
+
return obj.map(item => convertBigintsToStrings(item));
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
if (obj !== null && typeof obj === 'object') {
|
|
14
|
+
if (typeof (obj as any).toJSON === 'function') {
|
|
15
|
+
return convertBigintsToStrings((obj as any).toJSON());
|
|
16
|
+
}
|
|
17
|
+
const result: Record<string, unknown> = {};
|
|
18
|
+
for (const key in obj) {
|
|
19
|
+
result[key] = convertBigintsToStrings((obj as Record<string, unknown>)[key]);
|
|
20
|
+
}
|
|
21
|
+
return result;
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
return obj;
|
|
25
|
+
}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import type { pino } from 'pino';
|
|
2
2
|
|
|
3
|
+
import { convertBigintsToStrings } from './bigint-utils.js';
|
|
4
|
+
|
|
3
5
|
/* eslint-disable camelcase */
|
|
4
6
|
|
|
5
7
|
const GOOGLE_CLOUD_TRACE_ID = 'logging.googleapis.com/trace';
|
|
@@ -15,6 +17,9 @@ export const GoogleCloudLoggerConfig = {
|
|
|
15
17
|
messageKey: 'message',
|
|
16
18
|
formatters: {
|
|
17
19
|
log(object: Record<string, unknown>): Record<string, unknown> {
|
|
20
|
+
// Convert bigints to strings recursively to avoid serialization issues
|
|
21
|
+
object = convertBigintsToStrings(object) as Record<string, unknown>;
|
|
22
|
+
|
|
18
23
|
// Add trace context attributes following Cloud Logging structured log format described
|
|
19
24
|
// in https://cloud.google.com/logging/docs/structured-logging#special-payload-fields
|
|
20
25
|
const { trace_id, span_id, trace_flags, ...rest } = object;
|
package/src/log/libp2p_logger.ts
CHANGED
|
@@ -2,15 +2,17 @@ import type { ComponentLogger, Logger } from '@libp2p/interface';
|
|
|
2
2
|
|
|
3
3
|
import { getLogLevelFromFilters } from './log-filters.js';
|
|
4
4
|
import type { LogLevel } from './log-levels.js';
|
|
5
|
-
import { logFilters, logger } from './pino-logger.js';
|
|
5
|
+
import { type LoggerBindings, logFilters, logger } from './pino-logger.js';
|
|
6
6
|
|
|
7
7
|
/**
|
|
8
8
|
* Creates a libp2p compatible logger that wraps our pino logger.
|
|
9
9
|
* This adapter implements the ComponentLogger interface required by libp2p.
|
|
10
|
+
* @param namespace - Base namespace for the logger
|
|
11
|
+
* @param bindings - Optional bindings to pass to the logger (actor, instanceId)
|
|
10
12
|
*/
|
|
11
|
-
export function createLibp2pComponentLogger(namespace: string): ComponentLogger {
|
|
13
|
+
export function createLibp2pComponentLogger(namespace: string, bindings?: LoggerBindings): ComponentLogger {
|
|
12
14
|
return {
|
|
13
|
-
forComponent: (component: string) => createLibp2pLogger(`${namespace}:${component}
|
|
15
|
+
forComponent: (component: string) => createLibp2pLogger(`${namespace}:${component}`, bindings),
|
|
14
16
|
};
|
|
15
17
|
}
|
|
16
18
|
|
|
@@ -24,9 +26,14 @@ function replaceFormatting(message: string) {
|
|
|
24
26
|
return message.replace(/(%p|%a)/g, '%s');
|
|
25
27
|
}
|
|
26
28
|
|
|
27
|
-
function createLibp2pLogger(component: string): Logger {
|
|
29
|
+
function createLibp2pLogger(component: string, bindings?: LoggerBindings): Logger {
|
|
28
30
|
// Create a direct pino logger instance for libp2p that supports string interpolation
|
|
29
|
-
const
|
|
31
|
+
const actor = bindings?.actor;
|
|
32
|
+
const instanceId = bindings?.instanceId;
|
|
33
|
+
const log = logger.child(
|
|
34
|
+
{ module: component, ...(actor && { actor }), ...(instanceId && { instanceId }) },
|
|
35
|
+
{ level: getLogLevelFromFilters(logFilters, component) },
|
|
36
|
+
);
|
|
30
37
|
|
|
31
38
|
const logIfEnabled = (level: LogLevel, message: string, ...args: unknown[]) => {
|
|
32
39
|
if (!log.isLevelEnabled(level)) {
|
package/src/log/log-filters.ts
CHANGED
|
@@ -19,22 +19,40 @@ export function getLogLevelFromFilters(filters: LogFilters, module: string): Log
|
|
|
19
19
|
return undefined;
|
|
20
20
|
}
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
22
|
+
/**
|
|
23
|
+
* Parses the LOG_LEVEL env string into a default level and per-module filter overrides.
|
|
24
|
+
*
|
|
25
|
+
* Format: `<default_level>;<level>:<module1>,<module2>;<level>:<module3>;...`
|
|
26
|
+
* - First segment (before the first `;`) is the default log level for all modules.
|
|
27
|
+
* - Remaining segments are `level:module` pairs: apply the given level to the listed modules (comma-separated).
|
|
28
|
+
* - Later filters override earlier ones for overlapping module matches.
|
|
29
|
+
* - The `aztec:` prefix is stripped from module names; spaces are trimmed.
|
|
30
|
+
*
|
|
31
|
+
* @example
|
|
32
|
+
* ```ts
|
|
33
|
+
* parseLogLevel('debug;warn:module1,module2;error:module3', 'info')
|
|
34
|
+
* // => ['debug', [['module3', 'error'], ['module2', 'warn'], ['module1', 'warn']]]
|
|
35
|
+
* ```
|
|
36
|
+
*/
|
|
37
|
+
export function parseLogLevelEnvVar(
|
|
38
|
+
logLevelEnvVar: string | undefined,
|
|
39
|
+
defaultLevel: LogLevel,
|
|
40
|
+
): [LogLevel, LogFilters] {
|
|
41
|
+
if (!logLevelEnvVar) {
|
|
42
|
+
return [defaultLevel, []];
|
|
25
43
|
}
|
|
44
|
+
const [level] = logLevelEnvVar.split(';', 1);
|
|
45
|
+
assertValidLogLevel(level);
|
|
46
|
+
return [level, parseFilters(logLevelEnvVar.slice(level.length + 1))];
|
|
26
47
|
}
|
|
27
48
|
|
|
28
|
-
|
|
29
|
-
if (!
|
|
30
|
-
|
|
49
|
+
function assertValidLogLevel(level: string): asserts level is LogLevel {
|
|
50
|
+
if (!LogLevels.includes(level as LogLevel)) {
|
|
51
|
+
throw new Error(`Invalid log level: ${level}`);
|
|
31
52
|
}
|
|
32
|
-
const [level] = env.split(';', 1);
|
|
33
|
-
assertLogLevel(level);
|
|
34
|
-
return [level, parseFilters(env.slice(level.length + 1))];
|
|
35
53
|
}
|
|
36
54
|
|
|
37
|
-
|
|
55
|
+
function parseFilters(definition: string | undefined): LogFilters {
|
|
38
56
|
if (!definition) {
|
|
39
57
|
return [];
|
|
40
58
|
}
|
|
@@ -48,7 +66,7 @@ export function parseFilters(definition: string | undefined): LogFilters {
|
|
|
48
66
|
throw new Error(`Invalid log filter statement: ${statement}`);
|
|
49
67
|
}
|
|
50
68
|
const sanitizedLevel = level.trim().toLowerCase();
|
|
51
|
-
|
|
69
|
+
assertValidLogLevel(sanitizedLevel);
|
|
52
70
|
for (const module of modules.split(',')) {
|
|
53
71
|
filters.push([
|
|
54
72
|
module
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { AsyncLocalStorage } from 'node:async_hooks';
|
|
2
|
+
|
|
3
|
+
import { type LoggerBindings, addLogBindingsHandler, removeLogBindingsHandler } from './pino-logger.js';
|
|
4
|
+
|
|
5
|
+
/** AsyncLocalStorage for logger bindings context propagation (Node.js only). */
|
|
6
|
+
const bindingsStorage = new AsyncLocalStorage<LoggerBindings>();
|
|
7
|
+
|
|
8
|
+
/** Returns the current bindings from AsyncLocalStorage, if any. */
|
|
9
|
+
export function getBindings(): LoggerBindings | undefined {
|
|
10
|
+
return bindingsStorage.getStore();
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
/**
|
|
14
|
+
* Runs a callback within a bindings context. All loggers created within the callback
|
|
15
|
+
* will automatically inherit the bindings (actor, instanceId) via the log bindings handler.
|
|
16
|
+
*/
|
|
17
|
+
export async function withLoggerBindings<T>(bindings: LoggerBindings, callback: () => Promise<T>): Promise<T> {
|
|
18
|
+
const handler = () => bindingsStorage.getStore();
|
|
19
|
+
addLogBindingsHandler(handler);
|
|
20
|
+
try {
|
|
21
|
+
return await bindingsStorage.run(bindings, callback);
|
|
22
|
+
} finally {
|
|
23
|
+
removeLogBindingsHandler(handler);
|
|
24
|
+
}
|
|
25
|
+
}
|