feat(argon2): vendor hash-wasm v4.12.0 as @bitgo/argon2#8482
Merged
pranavjain97 merged 3 commits intomasterfrom Apr 14, 2026
Merged
feat(argon2): vendor hash-wasm v4.12.0 as @bitgo/argon2#8482pranavjain97 merged 3 commits intomasterfrom
pranavjain97 merged 3 commits intomasterfrom
Conversation
pranavjain97
force-pushed
the
WCN-29-vendor-hash-wasm
branch
from
f1d0990 to
221ebac
Compare
Vendor the argon2 subset of hash-wasm as a new @bitgo/argon2 module, following the same pattern as @bitgo/sjcl. The pre-built UMD bundle (~29KB) contains argon2 and blake2b WASM binaries embedded as base64 with zero runtime dependencies. Exports: argon2id, argon2i, argon2d, argon2Verify with full TypeScript type definitions. Includes verify-vendor.sh script for reproducible re-vendoring from npm. WCN-29 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> TICKET: WCN-29
pranavjain97
force-pushed
the
WCN-29-vendor-hash-wasm
branch
from
221ebac to
671b89c
Compare
Contributor
zahin-mohammad
requested changes
Apr 13, 2026
Contributor
There was a problem hiding this comment.
Review: Supply Chain, Auditability & Release Risks
The vendoring approach (following @bitgo/sjcl precedent) is sound in principle, and the motivation — migrating from PBKDF2-SHA256 to Argon2id — is the right move. However, there are gaps that should be addressed before merging, given this is cryptographic code in a financial SDK.
Supply Chain Risk (HIGH)
- The vendored bundle contains opaque base64-encoded WASM binaries that cannot be reviewed from the diff. Trust is anchored entirely to an npm tarball from a single maintainer.
verify-vendor.shverifies against npm, not against a reproducible source build. A compromised npm publish would pass verification. Pin the expected SHA256 and trace provenance to a specific git commit.
Auditability (HIGH)
- No RFC 9106 known-answer test vectors. The test suite verifies behavioral properties but never asserts exact output against published reference vectors. A subtly broken or backdoored WASM implementation would pass all current tests. This is the single most important gap to close.
- Hand-written
index.d.tswith"include": []in tsconfig means types are never validated against the JS exports.
Release Integration (MEDIUM)
"private": truewill block npm publish if downstream packages depend on this.- Missing standard monorepo scripts (
build,test,lint,clean), no ESM support, not added to root workspaces. Buffertype inindex.d.tswithout@types/nodedependency breaks browser-only TS consumers.
See inline comments for specifics on each file.
- Add known-answer tests pinning exact hex outputs for argon2id/i/d, cross-validated against argon2-cffi (C reference implementation) - Add PROVENANCE.md with SHA256 hash and git commit for audit trail - Update verify-vendor.sh to check pinned hash before npm comparison - Remove Buffer from IDataType (Node-only, breaks browser TS projects) - Add type-check smoke test to catch index.d.ts drift from JS exports - Add test/verify scripts to package.json - Include PROVENANCE.md in npm package files WCN-29 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> TICKET: WCN-29
pranavjain97
force-pushed
the
WCN-29-vendor-hash-wasm
branch
from
dfae16d to
0b1a2ad
Compare
zahin-mohammad
approved these changes
Apr 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Vendor the argon2 subset of hash-wasm as a new @bitgo/argon2 module, following the same pattern as @bitgo/sjcl. The pre-built UMD bundle (~29KB) contains argon2 and blake2b WASM binaries embedded as base64 with zero runtime dependencies.
Exports: argon2id, argon2i, argon2d, argon2Verify with full TypeScript type definitions. Includes verify-vendor.sh script for reproducible re-vendoring from npm.
This module is a prerequisite for migrating BitGoJS encryption from SJCL (PBKDF2-SHA256 @ 10k iterations, ~1ms per guess on modern hardware) to Argon2id, which is memory-hard and GPU-resistant.
TICKET: WCN-29