migrate off libsodium #1722
migrate off libsodium #1722
Conversation
dynst
force-pushed
the
desalinate
branch
9 times, most recently
from
db7bc41 to
28c2583
Compare
|
This conflicts with #1720 but let's get that one merged first. |
dynst
force-pushed
the
desalinate
branch
2 times, most recently
from
033cdf5 to
c4da581
Compare
|
This seems like really low-hanging fruit for a massive reduction in bundle size, is it not gonna make it into 0.35? |
|
Looks straight forward at first glance. However, I would be very surprised if the pure-JS implementation of Argon2 is as fast as the WebAssembly one. So this PR has the potential to hit existing users hard. Which then leads to the questions: who uses CosmJS pro private key encryption at all? Should we remove that functionality alltogether? |
|
I thought if it was going to be removed it already would've been. Releasing a slower version could make for a good scream test. Maybe mark all the types with https://www.typescriptlang.org/docs/handbook/jsdoc-supported-types.html#deprecated Or just switch to |
This removes a WebAssembly dependency and a huge chunk of bundle size https://bundlephobia.com/package/@cosmjs/[email protected]
(The other, even more huge chunk is cosmos/cosmjs-types#98)
Closes #584
Closes #907
Closes #964
Closes #1031
Closes #1478
Closes #1585
Related: #1479
Technically, now that there's no longer a quirky requirement to
await sodium.readyat the start of every function, asynchronous methods could be made synchronous now after this PR.Considered but rejected a faster alternative to
@noble/hashesArgon2id https://bundlephobia.com/package/[email protected] https://www.npmjs.com/package/@node-rs/argon2But hopefully it just gets standardized in Web Crypto someday and then implemented by Node.js. https://twiss.github.io/webcrypto-modern-algos/#argon2