Upgrade to new Stronghold interface
#787
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PhilippGackstatter
added
the
Rust
10 tasks
|
The multiple identities example using Napi Stronghold returns a lock acquisition error, that is tracked (in part) here: iotaledger/stronghold.rs#353. |
cycraig
approved these changes
May 4, 2022
Comment on lines
+53
to
+57
| let mut key: EncryptionKey = derive_encryption_key(&password); | ||
| password.zeroize(); | ||
|
|
||
| let key_provider = KeyProvider::try_from(key.to_vec()).map_err(StrongholdError::Memory)?; | ||
| key.zeroize(); |
There was a problem hiding this comment.
Aside: still not happy with how we use derive_encryption_key/PBKDF2_HMAC_SHA512 with a low number of iterations and fixed salt.
Given the hassle it would be for Stronghold to take on this responsibility, for example by storing the unencrypted salt in the snapshot associated data and running the PBKDF for us (or allowing us to store arbitrary unencrypted associated data ourselves), can we at least increase the iterations? Should be around 120,000, per OWASP. It's been quite a few years since NIST recommended a minimum of 10,000 iterations, and we're currently doing 100. Brute-forcing the snapshot password should take at least some effort.
There was a problem hiding this comment.
This change would be breaking, so if this PR is really just a patch it should be done elsewhere.
Comment on lines
+233
to
+249
| // Technically there is a race condition here between existence check and removal. | ||
| // However, the RevokeData procedure does not return an error if the record doesn't exist, so it's fine. | ||
|
|
||
| let exists: bool = client | ||
| .record_exists(&location.into()) | ||
| .map_err(|err| StrongholdError::Vault(VaultOperation::RecordExists, err)) | ||
| .map_err(crate::Error::from)?; | ||
|
|
||
| if !exists { | ||
| return Ok(exists); | ||
| } | ||
|
|
||
| client | ||
| .execute_procedure(procedures::RevokeData { | ||
| location: location.into(), | ||
| should_gc: true, | ||
| }) |
There was a problem hiding this comment.
If RevokeData is idempotent, is it worth checking record_exists first at all? I guess it's the difference between acquiring read vs write locks internally? I wouldn't expect this to be a frequent or slow operation though.
Happy to leave it as-is too.
There was a problem hiding this comment.
Agree with what you're saying, but if we don't check for existence first, then we cannot accurately return whether the function deleted the key or not (the bool return parameter). So to comply with our interface, I'd leave it as-is.
Comment on lines
+32
to
+33
| #[error("failed to load password into key provider")] | ||
| Memory(#[source] MemoryError), |
There was a problem hiding this comment.
Nit: the error message doesn't really match the variant name, perhaps Password might be more appropriate unless we throw Memory errors elsewhere? Maybe Password isn't the best either since a different error is thrown if the password is incorrect.
Probably fine.
I was opposed to changing this because, as you noted, If this is up for debate, the broad options are:
Ideally, yes. We should probably restore the old index and purge both the temporary and DID clients if an error occurs. There are unfortunately many places that can error there... I would be fine leaving a TODO/FIXME there for now though.
Looks like the Ubuntu example is throwing that error too, do we want to exclude that example as an edge-case for now or delay this PR until it's fixed? |
This was referenced May 5, 2022
|
Opened #836 to address the comments from @cycraig, as they are non-essential or constitute breaking changes. The motivation is to get this PR merged sooner than later. Similarly, I've disabled the multiple identites examples in Rust and stronghold-nodejs, because of iotaledger/stronghold.rs#353, and disabled the musl build (opened #837 for the required changes). Both will need to be addressed before the next release. |
PhilippGackstatter
added
Breaking change
felsweg-iota
approved these changes
May 6, 2022
|
|
||
| let vault: ClientVault = client.vault(stronghold_location.vault_path()); | ||
|
|
||
| let private_key_vec: Vec<u8> = private_key.as_ref().to_vec(); |
There was a problem hiding this comment.
Is there a way to leverage the KeyStore or Stronghold's NC types in favor of PrivateKey ? It somehow feels wasted to convert the private key to a vec, to just be zeroized and dropped afterwards.
There was a problem hiding this comment.
Appreciate the idea! Unfortunately, this would "leak" the stronghold dependency to our Account which is a no-go for Wasm. If you could factor out these NC types in a separate small crate that is also Wasm compatible, we could reconsider 😉. Perhaps this would improve Wasm memory security, too.
| } | ||
|
|
||
| /// Sets whether dropsave is enabled. | ||
| pub fn set_dropsave(&mut self, dropsave: bool) { |
There was a problem hiding this comment.
ultra-nit:
Suggested change
| pub fn set_dropsave(&mut self, dropsave: bool) { | |
| pub fn dropsave_mut(&mut self, dropsave: bool) { |
There was a problem hiding this comment.
Mh, this is just a setter, and does not return a mutable reference to dropsave, so the naming matches Rust conventions. clippy would probably complain about dropsave_mut, too.
HenriqueNogara
approved these changes
May 6, 2022
This reverts commit 2f12afd.
| #[error("vault operation `{0}` failed")] | ||
| Vault(VaultOperation, #[source] ClientError), | ||
| #[error("procedure `{0}` operating on locations {1:?} failed")] | ||
| Procedure(ProcedureName, Vec<KeyLocation>, #[source] ProcedureError), |
There was a problem hiding this comment.
Not all procedures will be dealing with KeyLocation, since this is either an Ed25519 or an X25519 Key for now. For example, when dealing with the procedures related to shared secrets the type is neither. However, we are dealing with random locations in that case. Should we change KeyLocation or is it fine to have an empty location in these cases?
There was a problem hiding this comment.
Would changing it to Vec<String> account for shared secrets? I think Location alone doesn't have a string representation.
There was a problem hiding this comment.
If the need arises to return errors that include non-KeyLocations, then Craig's suggestion is great. Though, I think for debugging it should be helpful enough to include the KeyLocations, as the other, temporary locations will probably be completely random or static, and we'll be able to trace the issue based on the procedure name alone, I imagine.
There was a problem hiding this comment.
temporary locations will probably be completely random or static, and we'll be able to trace the issue based on the procedure name alone, I imagine.
I thought so too. For now, I won't change the type, but will change it to String in case I need it.
eike-hass
added a commit
that referenced
this pull request
May 13, 2022
* Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de>
HenriqueNogara
pushed a commit
that referenced
this pull request
Jun 6, 2022
* add key_exchange, encrypt_data, decrypt_data to storage and account * add bindings and rust example * add bindings example * Add key_exchange, encrypt_data, decrypt_data to memstore, change encrypt/decrypt data signature * Add nonce to EncryptedData * Add associated data into EncryptedData * remove key_exchange from storage, remove encryption_key type, add algorithm encryption, move key_exchange to encrypt/decrypt functions * remove unnecessary into * Generate random shared secret location * Remove generic crypto error * Add crypto::error::Error as source for new errors * Add encryption option - with cek enum * Add EncryptionOptions to bindings and to memstore * Make PublicKey mandatory in the storage trait, return an error when using a ED25519 key for encryption/decryption * Doc/resolve (#823) * Upgrade to new `Stronghold` interface (#787) * Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de> * add concat_kdf procedure * add concat kdf for memstore * rename Cekalgorithm struct; remove error variant; add constructor to bindings new function * Improve error msg; Add feature to cargo toml; Replace client for resolver * Add ephemeral key for ECDH-ES * Add test for stronghold encryption; Fix rust example; Add feature for account encryption; Improve docs * Sync comments for traits, account, and wasm * Improve docs; Fix Memstore cocat kdf; Remove EncryptionOptions * Add test for storage test suite; Fix padding in Memstore * Rename outdated file * Add exception for encryption methods in MemStore * Fix naming in javascript; Switch back to ThreadRng * Remove useless variable * Improve docs; Make EncryptedData fields pub * Fix readme * Undo removal of files * Fix function call Co-authored-by: Eike Haß <eike-hass@web.de> Co-authored-by: Oliver E. Anderson <oliver.anderson@iota.org> Co-authored-by: Philipp <philipp.gackstatter@iota.org>
PhilippGackstatter
added a commit
that referenced
this pull request
Jun 23, 2022
* actor: Add builder for `Communicator` * identity: Re-export actor types * actor: Specify `tokio` dep explicitly via git * actor: Specify `tokio` via crates.io * actor: Rename communicator module to actor * actor: Rename communicator structs to actor * actor: Rename `register_command` to `set_handler` * actor: Spawn handler loop internally * actor: Impl dispatch pattern for handler loop * actor: Trait to determine `send_request` ret type * actor: Get request_name based on type parameter * actor: Remove `Identity` prefixes in type names * actor: Finer-grained handler impl for a nicer API * actor: Migrate to new stronghold comms version * actor: Fix account feature conditional guards * actor: Use type map to allow reusing receiver * actor: Update stronghold comms to new version * actor: Impl async handler functions * actor: Separate storage handler & types * actor: Rename StorageHandler & impl resolution * actor: Reexport Keypair * actor: Expand Cargo package info * actor: Only spawn listener if there are addresses * actor: Upgrade stronghold comms lib version * actor: Add dummy comm handler * actor: Expose executor builder API * actor: Impl ffi-compatible handler registration * actor: Use closures instead of function pointers Signed-off-by: PhilippGackstatter <philipp.gackstatter@iota.org> * actor: Let request_name take &self for bindings * actor: Use `Cow` in trait for more flexibility * actor: Use `log` instead of println * actor: Implement `send_named_request` for bindings * actor: Use `ClientMap` for working did resolution * actor: Upgrade to latest stronghold p2p * actor: Impl remote error and deserialization logic * actor: Restructure tests, add SendError test * actor: Use new `StorageError` * actor: Handle all errors in handle invoker task * actor: Define separate request & response types * actor: Expand `StorageError` & impl `Category` * Add licences to all files * Apply cargo and toml formatting * Address clippy lints * Define a type name for the more complex types * Update to latest stronghold p2p version * Let `add_method` take an `async fn` directly * Use consistent names for the generics * Implement `Endpoint` and catch-all handler * Make `Actor` cloneable, inject it into handlers * Inject `PeerId` into every handler * Impl `RequestContext<T>` & dummy didcomm protocol * Add test for other presentation direction * Rename handler registration methods * Refactor handler invocation in prep for hooks * Implement basic `call_hook` method * Update account usages to latest dev * Remove memory leak / circular reference * Impl part of a hook test * Fully impl hook invocation in send_request * Apply new rustfmt granularity * Restructure actor crate * Restructure didcomm parts * Add error handling in `RequestHandler::invoke` * Fix response serialization * Impl hooks for `await_message` * Add await_message hook error test * Migrate to latest dev * Reduce code duplication for handler invocation * Replace `stronghold-p2p` with only `libp2p` * Impl working serialization; add invocation test * Return `RemoteSendError` in `Actor::send_request` * Partially implement didcomm threads * Impl thread routing * Reimplement implicit hooks * Add `StopListening` command * Refactor handler invocation fns * Address clippy lints * Shrink actor state to make cloning cheaper * Improve type safety of `HandlerBuilder` * Store `peer_id` in `ActorState` * Remove one superfluous tokio task and channel pair * Map errors and document `ActorBuilder` * Polish errors * Update copyright to 2022 * Replace `DidCommRequest` with `RequestMessage` * Move message types to p2p module * Match more efficiently on swarm events * Remove `SwarmCommand::GetPeerId` * Return inbound failure when sending response * Rename shutdown method * Remove send_request functions for now * Reorganize crate * Remove `DidCommActor` * Factor out "default" `RequestHandler` impls * Spell out individual exports * Rename `AsyncFn` -> `Handler` * Rename `DidCommHook` -> `Hook` * Move `ActorRequest` to its own module * Reogranize dependencies * Better test name * Implement `RequestMode`, partially * Implement (a)sync `RequestMode` using strategies * Make `InvocationStrategy` methods static * Add `Actor::send_request` * Do not send DCPM in sync mode * Make `ActorRequest` generic over `SyncMode` * Redo the serialization errors (partial) * Finish serialization error refactoring * Add timeout error * Make downcasting & cloning objects fallible * Introduce `HandlerObject` type for readability * Restrict `Endpoint`s to ascii alphabetic and `_` * Fix `Actor::start_listening` * Drain open channels during shutdown * Add `ActorConfig` and timeout * Reorganize imports * Be more specific for non-existent threads * Fix logger in tests and listening * Add actor feature in identity crate * Impl working test remote account * Test thread not found error for async messages * Remove `RequestHandler::object_type_id` (unused) * Inline `InvocationStrategy` methods * Abort request handling on error in async strategy * Impl `FromStr` for `Endpoint` * Only allow handler modification during build phase * Add remote account benchmark * Document public types (partial) * Remove unused errors; remove `Category` * Document the rest * Make p2p module exports explicit * Make remote_account exports explicit * Remove exports from remote_account * Remove commented code in didcomm presentation * Rm unnecessary bounds on `ActorRequest` generics * Test various error scenarios * Remove start_listening test b/c non-deterministic * Add handler finishes after shutdown test * Rename `ActorRequest::request_name` -> `endpoint` * Reduce p2p module visibility * Make `Actor::peer_id` just `&self` * Impl `add_addresses` for improved test reliability * Increase timeout to increase test reliability * Specialize `add_handler` for synchronicity * Fix documentation for `add_handler` functions * Use minor version; use default-features = false * Return `Error::Shutdown` instead of panicking * Document more on the `Actor` type * Move bounds onto `InvocationStrategy` trait * Test subset of serialization errors * Don't require absolute latest tokio version * Bump `libp2p` to `0.43` * Feature gate `ActorBuilder::build` * Add Wasm integration features * Remove superfluous `pub(crate)` in `mod p2p` * Use fn pointers instead of generic closures * Update comment in shutdown test * Address import issues caused by merge * Fix post-merge issues * Let `ActorRequest::endpoint` return `&'static str` * Remove explicit hook endpoint from `add_hook` * Remove TODO on actor protocol version * Factor out `DidComm` specifics into `DidCommActor` * Split `ActorBuilder` into two * Fix docs, remove superfluous functions * Change how items are exported * Refactor into `RawActor` * Refactor actor state repr (partial) * Split `RequestHandler` in two * Return `Endpoint` from `ActorRequest::endpoint` * Remove `RawActor` * Split `ActorRequest` in two * Fix `ActorRequest` docs * Doc/resolve (#823) * Upgrade to new `Stronghold` interface (#787) * Rename stronghold module * Postfix old stronghold with `_old` * Migrate to new stronghold interface * Impl did_create properly with client syncing * Add context to `StrongholdError`s * Add `Stronghold` wrapper test * Add `test_key_delete` * Add storage_test_suite setup & did_create test * Re-export test suite feature * Expose test suite in Wasm * Extend `did_create` test, fix index persistence * Test `key_generate` * Move `key_delete` to test suite * Remove test suite from this branch * Add initial test suite and expose to Wasm * rm `Error` postfix from `StrongholdError` variants * Remove duplicate `mod tests` in Wasm * Handle client sync error; document syncing * Use updated stronghold * Use dedicated `load_snapshot` function * Purge client in `did_purge` * Revert cfg_attr shenanigans * Make `Stronghold::client` not async * Remove asyncness from fns where not necessary * Make `mutate_client` not async either * Move test_util mod where it belongs * Remove `source` errors from `Display` impl * Remove `RecordHint` everywhere * Use base crate `MemoryError`; remove engine dep * Revert temporary send/sync change * Document `Stronghold` wrapper * Use same export style as other crates * Create parent directories if they don't exist * Remove outdated TODO * Fix index writing in purge; update stronghold rev * Remove old stronghold wrapper * Reactivate multi identity example * Add `dropsave` getter/setter * Fully qualify `std::any::type_name` * Remove tests which are already in test suite * Reactivate `Send`-assertion test * Return `Stronghold` instance from test `storages` * Test incorrect password returns error * Use `OsRng` instead of `thread_rng` * Bump stronghold revision * Remove unused `getrandom` depenency * Remove unused `actix` dependency * Remove tokio `rt-multi-thread` feature * Prefer `sample_string` over `sample_iter` * Enable `didPurge` test for NAPI stronghold * Simplify `did_create` by using `mutate_client` * Rename doc/state client paths to store keys * Add procedure_error fn to reduce err map code * Remove unnecessary clone * Disable multiple identities example temporarily * Disable musl build * Remove musl target from stronghold-nodejs * use local workflow file * Revert "use local workflow file" This reverts commit 2f12afd. Co-authored-by: Eike Haß <eike-hass@web.de> * Fix Stronghold bindings build for musl (#845) * Use Alpine container to build Stronghold for musl * Remove musl setup step * Change musl container to rust:1.60-alpine * Specify shell in CI * Remove shell configuration * Remove node check-latest * Install NodeJs manually for musl * Remove obsolete comment * Point action back at dev branch * Remove unused Dockerfile, switch to rust:1-alpine * Revert `IdentitySetup` modifications * Refactor `Endpoint` * Let `Endpoint` deserialization validate * Document outstanding methods and types * Document and test `OneOrMany(Into)Iter(ator)` * Remove unstable error types from public API * Remove duplicate test assertion * Test newer nightly in CI * Refactor `Actor` to trait approach * Document types * Move poc modules behind test flag * Remove hooks * Rename modules * Remove `primitives` feature flag * Rename `actor` flag to `actor-unstable` * Derive Debug for `System` * Derive `Debug` for `DidCommSystem` * More renaming actor to system * Add missing `async` feature on `identity-iota` * Remove `cfg-if` dep; use `tokio` unconditionally * Bump `libp2p` to `0.45` * Remove hooks from `Endpoint`s, simplify tests * Log warning instead of panicking * Improve log statements * Document and rename `actor_not_found` method * Remove unnecessary tests, document tests more * Add a `yield_now` to allow bg tasks to finish * Remove `listen_on` due to unreliability * Reorg imports to std/crates/internal hierarchy * Return error in base system on async requests * Rename actor to system * Remove unnecessary features and dependencies * Improve `Endpoint` doc * Remove `HookInvocationError` * Rename `add_address` -> `add_peer_address` * Document more, make more things private * Forbid unsafe code, add warning lints * Rename actor to agent * Rename more types to agent, fix docs accordingly * Add DIDComm benchmark * Add required features to run tests * Improve DIDComm test docs * Rename `PeerId` -> `AgentId` * Rename `ActorResult` -> `AgentResult` * Rename mod `actor` to `agent` * Rename `System` to `Agent` * Rename `Actor` to `Handler` * Revert unintended changes * Use agent instead of actor in `identity_iota` * Revert another unintended change * Rename `ACT` generic type to `HND` * Add keywords, remove wasm dependencies * Bump dashmap to `5.3` * Replace more occurences of peer with agent * Use `DidCommRequest` terminology consistently * Annotate types in `AgentBuilder` * Change agent exports * Use only required features * Remove unused ITERATIONS param * Fix docs and implicit agent feature * Use `AgentId` instead of peer id terminology * Improve `DidCommAgent` doc description * Add README as crate description and in docs * Ignore rust doctests Co-authored-by: Eike Haß <eike-hass@web.de> Co-authored-by: Oliver E. Anderson <oliver.anderson@iota.org> Co-authored-by: cycraig <craig.bester@iota.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of change
Reimplements our
Strongholdwrapper with the new stronghold interface.Removes the old wrapper completely.
For now, the
Strongholdwrapper takes care of creating the parent directories of a stronghold snapshot file before attempting to persist it. Stronghold should probably handle this itself, but it currently doesn't.TODO:
build-and-test.yml:207back todevOpen Questions
Stronghold::newonly take path and password, without dropsave? Should we then add a second methodStronghold::new_with_optionsthat takes aStrongholdOptionsstruct where users can set the dropsave? This would make things easily extendable in the future, but so far it doesn't look like we need a second option, so it's arguably premature optimization.std::fs::OpenOptions::create. E.g. if it doesn't exist, then an error can be returned.Links to any relevant issues
fixes #785
Type of change
Add an
xto the boxes that are relevant to your changes.How the change has been tested
Strongholdwrapper, such asmutate_clientand an error case.devversion and the current PR to ensure the storage layout from thedevstronghold snapshot files can continue to be used with the newStrongholdwrapper.devthat added a key and a service and wrote to a stronghold file. On the current PR, an example was run to ensure the DID could be loaded, sign with the added key, and the service could be removed.identity_account::tests::util::storagesnow also returns aStronghold, so all update tests for the account run once with aMemStoreand once with aStronghold.Change checklist
Add an
xto the boxes that are relevant to your changes.