Improve scrypt params compatibility between different libraries for encrypted JSON#428
Open
Fingerling42 wants to merge 1 commit intoJAMdotTech:masterfrom
Open
Improve scrypt params compatibility between different libraries for encrypted JSON#428Fingerling42 wants to merge 1 commit intoJAMdotTech:masterfrom
Fingerling42 wants to merge 1 commit intoJAMdotTech:masterfrom
Conversation
Since scrypt parameters were hardcoded, this broke JSON encryption/decryption compatibility between the Polkadot JS and Python libraries. Because of this, the ability to configure these parameters and validate them is added. The default scrypt memory limit for decoding is increased. Legacy encode defaults remain unchanged for backward compatibility.
Author
|
@arjanz Could I ask you to look at this PR? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The problem:
@polkadot/keyring now uses a higher default scrypt cost parameter N, which increases the memory required for key derivation to about 128 MB (N=2^17, r=8, p=1). py-polkadot-sdk calls scrypt with maxmem=2**26 (64 MB). Since these parameters are hardcoded, this results in incompatibility between the generated keypair JSON in one library and its decoding in another. In particular, in py-polkadot-sdk decryption of an otherwise valid exported JSON fails with the following error:
The context:
We at Robonomics encountered this issue when trying to export a dapp-generated account to a Python-based integration. Details: airalab/homeassistant-robonomics-integration#90
Proposed solution:
This PR increases the default scrypt memory limit for decoding, adds configurable scrypt parameters to encoding/decoding helpers, and aligns the allowed scrypt parameter presets with @polkadot/keyring. For backward compatibility, the existing legacy encode defaults are left unchanged.
Let me know if this PR is not suitable or if anything needs to be corrected.