New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade to new Stronghold
interface
#787
Conversation
The multiple identities example using Napi Stronghold returns a lock acquisition error, that is tracked (in part) here: iotaledger/stronghold.rs#353. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The significant simplification and reduction of code and dependencies is much appreciated.
I'm still not that familiar with Stronghold, and the code is pretty meticulous, so my feedback is mostly nits.
let mut key: EncryptionKey = derive_encryption_key(&password); | ||
password.zeroize(); | ||
|
||
let key_provider = KeyProvider::try_from(key.to_vec()).map_err(StrongholdError::Memory)?; | ||
key.zeroize(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aside: still not happy with how we use derive_encryption_key
/PBKDF2_HMAC_SHA512
with a low number of iterations and fixed salt.
Given the hassle it would be for Stronghold to take on this responsibility, for example by storing the unencrypted salt in the snapshot associated data and running the PBKDF for us (or allowing us to store arbitrary unencrypted associated data ourselves), can we at least increase the iterations? Should be around 120,000, per OWASP. It's been quite a few years since NIST recommended a minimum of 10,000 iterations, and we're currently doing 100. Brute-forcing the snapshot password should take at least some effort.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change would be breaking, so if this PR is really just a patch it should be done elsewhere.
// Technically there is a race condition here between existence check and removal. | ||
// However, the RevokeData procedure does not return an error if the record doesn't exist, so it's fine. | ||
|
||
let exists: bool = client | ||
.record_exists(&location.into()) | ||
.map_err(|err| StrongholdError::Vault(VaultOperation::RecordExists, err)) | ||
.map_err(crate::Error::from)?; | ||
|
||
if !exists { | ||
return Ok(exists); | ||
} | ||
|
||
client | ||
.execute_procedure(procedures::RevokeData { | ||
location: location.into(), | ||
should_gc: true, | ||
}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If RevokeData
is idempotent, is it worth checking record_exists
first at all? I guess it's the difference between acquiring read vs write locks internally? I wouldn't expect this to be a frequent or slow operation though.
Happy to leave it as-is too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree with what you're saying, but if we don't check for existence first, then we cannot accurately return whether the function deleted the key or not (the bool return parameter). So to comply with our interface, I'd leave it as-is.
#[error("failed to load password into key provider")] | ||
Memory(#[source] MemoryError), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: the error message doesn't really match the variant name, perhaps Password
might be more appropriate unless we throw Memory
errors elsewhere? Maybe Password
isn't the best either since a different error is thrown if the password is incorrect.
Probably fine.
I was opposed to changing this because, as you noted, If this is up for debate, the broad options are:
Ideally, yes. We should probably restore the old index and purge both the temporary and DID clients if an error occurs. There are unfortunately many places that can error there... I would be fine leaving a TODO/FIXME there for now though.
Looks like the Ubuntu example is throwing that error too, do we want to exclude that example as an edge-case for now or delay this PR until it's fixed? |
Opened #836 to address the comments from @cycraig, as they are non-essential or constitute breaking changes. The motivation is to get this PR merged sooner than later. Similarly, I've disabled the multiple identites examples in Rust and stronghold-nodejs, because of iotaledger/stronghold.rs#353, and disabled the musl build (opened #837 for the required changes). Both will need to be addressed before the next release. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Integration of Stronghold looks good to me. Check the remarks, if the PrivateKey
-type can be replaced, or would require to much effort. The current solution is Ok.
|
||
let vault: ClientVault = client.vault(stronghold_location.vault_path()); | ||
|
||
let private_key_vec: Vec<u8> = private_key.as_ref().to_vec(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a way to leverage the KeyStore
or Stronghold's NC types in favor of PrivateKey
? It somehow feels wasted to convert the private key to a vec, to just be zeroized and dropped afterwards.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Appreciate the idea! Unfortunately, this would "leak" the stronghold dependency to our Account
which is a no-go for Wasm. If you could factor out these NC types in a separate small crate that is also Wasm compatible, we could reconsider 😉. Perhaps this would improve Wasm memory security, too.
} | ||
|
||
/// Sets whether dropsave is enabled. | ||
pub fn set_dropsave(&mut self, dropsave: bool) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ultra-nit:
pub fn set_dropsave(&mut self, dropsave: bool) { | |
pub fn dropsave_mut(&mut self, dropsave: bool) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mh, this is just a setter, and does not return a mutable reference to dropsave
, so the naming matches Rust conventions. clippy
would probably complain about dropsave_mut
, too.
This reverts commit 2f12afd.
#[error("vault operation `{0}` failed")] | ||
Vault(VaultOperation, #[source] ClientError), | ||
#[error("procedure `{0}` operating on locations {1:?} failed")] | ||
Procedure(ProcedureName, Vec<KeyLocation>, #[source] ProcedureError), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not all procedures will be dealing with KeyLocation
, since this is either an Ed25519
or an X25519
Key for now. For example, when dealing with the procedures related to shared secrets the type is neither. However, we are dealing with random locations in that case. Should we change KeyLocation
or is it fine to have an empty location in these cases?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would changing it to Vec<String>
account for shared secrets? I think Location
alone doesn't have a string representation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the need arises to return errors that include non-KeyLocation
s, then Craig's suggestion is great. Though, I think for debugging it should be helpful enough to include the KeyLocation
s, as the other, temporary locations will probably be completely random or static, and we'll be able to trace the issue based on the procedure name alone, I imagine.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
temporary locations will probably be completely random or static, and we'll be able to trace the issue based on the procedure name alone, I imagine.
I thought so too. For now, I won't change the type, but will change it to String
in case I need it.
* Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de>
* add key_exchange, encrypt_data, decrypt_data to storage and account * add bindings and rust example * add bindings example * Add key_exchange, encrypt_data, decrypt_data to memstore, change encrypt/decrypt data signature * Add nonce to EncryptedData * Add associated data into EncryptedData * remove key_exchange from storage, remove encryption_key type, add algorithm encryption, move key_exchange to encrypt/decrypt functions * remove unnecessary into * Generate random shared secret location * Remove generic crypto error * Add crypto::error::Error as source for new errors * Add encryption option - with cek enum * Add EncryptionOptions to bindings and to memstore * Make PublicKey mandatory in the storage trait, return an error when using a ED25519 key for encryption/decryption * Doc/resolve (#823) * Upgrade to new `Stronghold` interface (#787) * Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de> * add concat_kdf procedure * add concat kdf for memstore * rename Cekalgorithm struct; remove error variant; add constructor to bindings new function * Improve error msg; Add feature to cargo toml; Replace client for resolver * Add ephemeral key for ECDH-ES * Add test for stronghold encryption; Fix rust example; Add feature for account encryption; Improve docs * Sync comments for traits, account, and wasm * Improve docs; Fix Memstore cocat kdf; Remove EncryptionOptions * Add test for storage test suite; Fix padding in Memstore * Rename outdated file * Add exception for encryption methods in MemStore * Fix naming in javascript; Switch back to ThreadRng * Remove useless variable * Improve docs; Make EncryptedData fields pub * Fix readme * Undo removal of files * Fix function call Co-authored-by: Eike Haß <eike-hass@web.de> Co-authored-by: Oliver E. Anderson <oliver.anderson@iota.org> Co-authored-by: Philipp <philipp.gackstatter@iota.org>
* actor: Add builder for `Communicator` * identity: Re-export actor types * actor: Specify `tokio` dep explicitly via git * actor: Specify `tokio` via crates.io * actor: Rename communicator module to actor * actor: Rename communicator structs to actor * actor: Rename `register_command` to `set_handler` * actor: Spawn handler loop internally * actor: Impl dispatch pattern for handler loop * actor: Trait to determine `send_request` ret type * actor: Get request_name based on type parameter * actor: Remove `Identity` prefixes in type names * actor: Finer-grained handler impl for a nicer API * actor: Migrate to new stronghold comms version * actor: Fix account feature conditional guards * actor: Use type map to allow reusing receiver * actor: Update stronghold comms to new version * actor: Impl async handler functions * actor: Separate storage handler & types * actor: Rename StorageHandler & impl resolution * actor: Reexport Keypair * actor: Expand Cargo package info * actor: Only spawn listener if there are addresses * actor: Upgrade stronghold comms lib version * actor: Add dummy comm handler * actor: Expose executor builder API * actor: Impl ffi-compatible handler registration * actor: Use closures instead of function pointers Signed-off-by: PhilippGackstatter <philipp.gackstatter@iota.org> * actor: Let request_name take &self for bindings * actor: Use `Cow` in trait for more flexibility * actor: Use `log` instead of println * actor: Implement `send_named_request` for bindings * actor: Use `ClientMap` for working did resolution * actor: Upgrade to latest stronghold p2p * actor: Impl remote error and deserialization logic * actor: Restructure tests, add SendError test * actor: Use new `StorageError` * actor: Handle all errors in handle invoker task * actor: Define separate request & response types * actor: Expand `StorageError` & impl `Category` * Add licences to all files * Apply cargo and toml formatting * Address clippy lints * Define a type name for the more complex types * Update to latest stronghold p2p version * Let `add_method` take an `async fn` directly * Use consistent names for the generics * Implement `Endpoint` and catch-all handler * Make `Actor` cloneable, inject it into handlers * Inject `PeerId` into every handler * Impl `RequestContext<T>` & dummy didcomm protocol * Add test for other presentation direction * Rename handler registration methods * Refactor handler invocation in prep for hooks * Implement basic `call_hook` method * Update account usages to latest dev * Remove memory leak / circular reference * Impl part of a hook test * Fully impl hook invocation in send_request * Apply new rustfmt granularity * Restructure actor crate * Restructure didcomm parts * Add error handling in `RequestHandler::invoke` * Fix response serialization * Impl hooks for `await_message` * Add await_message hook error test * Migrate to latest dev * Reduce code duplication for handler invocation * Replace `stronghold-p2p` with only `libp2p` * Impl working serialization; add invocation test * Return `RemoteSendError` in `Actor::send_request` * Partially implement didcomm threads * Impl thread routing * Reimplement implicit hooks * Add `StopListening` command * Refactor handler invocation fns * Address clippy lints * Shrink actor state to make cloning cheaper * Improve type safety of `HandlerBuilder` * Store `peer_id` in `ActorState` * Remove one superfluous tokio task and channel pair * Map errors and document `ActorBuilder` * Polish errors * Update copyright to 2022 * Replace `DidCommRequest` with `RequestMessage` * Move message types to p2p module * Match more efficiently on swarm events * Remove `SwarmCommand::GetPeerId` * Return inbound failure when sending response * Rename shutdown method * Remove send_request functions for now * Reorganize crate * Remove `DidCommActor` * Factor out "default" `RequestHandler` impls * Spell out individual exports * Rename `AsyncFn` -> `Handler` * Rename `DidCommHook` -> `Hook` * Move `ActorRequest` to its own module * Reogranize dependencies * Better test name * Implement `RequestMode`, partially * Implement (a)sync `RequestMode` using strategies * Make `InvocationStrategy` methods static * Add `Actor::send_request` * Do not send DCPM in sync mode * Make `ActorRequest` generic over `SyncMode` * Redo the serialization errors (partial) * Finish serialization error refactoring * Add timeout error * Make downcasting & cloning objects fallible * Introduce `HandlerObject` type for readability * Restrict `Endpoint`s to ascii alphabetic and `_` * Fix `Actor::start_listening` * Drain open channels during shutdown * Add `ActorConfig` and timeout * Reorganize imports * Be more specific for non-existent threads * Fix logger in tests and listening * Add actor feature in identity crate * Impl working test remote account * Test thread not found error for async messages * Remove `RequestHandler::object_type_id` (unused) * Inline `InvocationStrategy` methods * Abort request handling on error in async strategy * Impl `FromStr` for `Endpoint` * Only allow handler modification during build phase * Add remote account benchmark * Document public types (partial) * Remove unused errors; remove `Category` * Document the rest * Make p2p module exports explicit * Make remote_account exports explicit * Remove exports from remote_account * Remove commented code in didcomm presentation * Rm unnecessary bounds on `ActorRequest` generics * Test various error scenarios * Remove start_listening test b/c non-deterministic * Add handler finishes after shutdown test * Rename `ActorRequest::request_name` -> `endpoint` * Reduce p2p module visibility * Make `Actor::peer_id` just `&self` * Impl `add_addresses` for improved test reliability * Increase timeout to increase test reliability * Specialize `add_handler` for synchronicity * Fix documentation for `add_handler` functions * Use minor version; use default-features = false * Return `Error::Shutdown` instead of panicking * Document more on the `Actor` type * Move bounds onto `InvocationStrategy` trait * Test subset of serialization errors * Don't require absolute latest tokio version * Bump `libp2p` to `0.43` * Feature gate `ActorBuilder::build` * Add Wasm integration features * Remove superfluous `pub(crate)` in `mod p2p` * Use fn pointers instead of generic closures * Update comment in shutdown test * Address import issues caused by merge * Fix post-merge issues * Let `ActorRequest::endpoint` return `&'static str` * Remove explicit hook endpoint from `add_hook` * Remove TODO on actor protocol version * Factor out `DidComm` specifics into `DidCommActor` * Split `ActorBuilder` into two * Fix docs, remove superfluous functions * Change how items are exported * Refactor into `RawActor` * Refactor actor state repr (partial) * Split `RequestHandler` in two * Return `Endpoint` from `ActorRequest::endpoint` * Remove `RawActor` * Split `ActorRequest` in two * Fix `ActorRequest` docs * Doc/resolve (#823) * Upgrade to new `Stronghold` interface (#787) * Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de> * Fix Stronghold bindings build for musl (#845) * Use Alpine container to build Stronghold for musl * Remove musl setup step * Change musl container to rust:1.60-alpine * Specify shell in CI * Remove shell configuration * Remove node check-latest * Install NodeJs manually for musl * Remove obsolete comment * Point action back at dev branch * Remove unused Dockerfile, switch to rust:1-alpine * Revert `IdentitySetup` modifications * Refactor `Endpoint` * Let `Endpoint` deserialization validate * Document outstanding methods and types * Document and test `OneOrMany(Into)Iter(ator)` * Remove unstable error types from public API * Remove duplicate test assertion * Test newer nightly in CI * Refactor `Actor` to trait approach * Document types * Move poc modules behind test flag * Remove hooks * Rename modules * Remove `primitives` feature flag * Rename `actor` flag to `actor-unstable` * Derive Debug for `System` * Derive `Debug` for `DidCommSystem` * More renaming actor to system * Add missing `async` feature on `identity-iota` * Remove `cfg-if` dep; use `tokio` unconditionally * Bump `libp2p` to `0.45` * Remove hooks from `Endpoint`s, simplify tests * Log warning instead of panicking * Improve log statements * Document and rename `actor_not_found` method * Remove unnecessary tests, document tests more * Add a `yield_now` to allow bg tasks to finish * Remove `listen_on` due to unreliability * Reorg imports to std/crates/internal hierarchy * Return error in base system on async requests * Rename actor to system * Remove unnecessary features and dependencies * Improve `Endpoint` doc * Remove `HookInvocationError` * Rename `add_address` -> `add_peer_address` * Document more, make more things private * Forbid unsafe code, add warning lints * Rename actor to agent * Rename more types to agent, fix docs accordingly * Add DIDComm benchmark * Add required features to run tests * Improve DIDComm test docs * Rename `PeerId` -> `AgentId` * Rename `ActorResult` -> `AgentResult` * Rename mod `actor` to `agent` * Rename `System` to `Agent` * Rename `Actor` to `Handler` * Revert unintended changes * Use agent instead of actor in `identity_iota` * Revert another unintended change * Rename `ACT` generic type to `HND` * Add keywords, remove wasm dependencies * Bump dashmap to `5.3` * Replace more occurences of peer with agent * Use `DidCommRequest` terminology consistently * Annotate types in `AgentBuilder` * Change agent exports * Use only required features * Remove unused ITERATIONS param * Fix docs and implicit agent feature * Use `AgentId` instead of peer id terminology * Improve `DidCommAgent` doc description * Add README as crate description and in docs * Ignore rust doctests Co-authored-by: Eike Haß <eike-hass@web.de> Co-authored-by: Oliver E. Anderson <oliver.anderson@iota.org> Co-authored-by: cycraig <craig.bester@iota.org>
Description of change
Reimplements our
Stronghold
wrapper with the new stronghold interface.Removes the old wrapper completely.
For now, the
Stronghold
wrapper takes care of creating the parent directories of a stronghold snapshot file before attempting to persist it. Stronghold should probably handle this itself, but it currently doesn't.TODO:
build-and-test.yml:207
back todev
Open Questions
Stronghold::new
only take path and password, without dropsave? Should we then add a second methodStronghold::new_with_options
that takes aStrongholdOptions
struct where users can set the dropsave? This would make things easily extendable in the future, but so far it doesn't look like we need a second option, so it's arguably premature optimization.std::fs::OpenOptions::create
. E.g. if it doesn't exist, then an error can be returned.Links to any relevant issues
fixes #785
Type of change
Add an
x
to the boxes that are relevant to your changes.How the change has been tested
Stronghold
wrapper, such asmutate_client
and an error case.dev
version and the current PR to ensure the storage layout from thedev
stronghold snapshot files can continue to be used with the newStronghold
wrapper.dev
that added a key and a service and wrote to a stronghold file. On the current PR, an example was run to ensure the DID could be loaded, sign with the added key, and the service could be removed.identity_account::tests::util::storages
now also returns aStronghold
, so all update tests for the account run once with aMemStore
and once with aStronghold
.Change checklist
Add an
x
to the boxes that are relevant to your changes.