From d842b405615e0f8be355fa9d2363969ad8a8f6c4 Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Tue, 17 Dec 2024 10:38:01 +0100 Subject: [PATCH 01/18] fix: messing around. --- Cargo.lock | 386 ++++++++++++++++++++------- Cargo.toml | 5 + demo/hsm/Cargo.toml | 21 ++ demo/hsm/src/action_stream/mod.rs | 1 + demo/hsm/src/action_stream/random.rs | 18 ++ demo/hsm/src/hsm/hashi_corp_vault.rs | 74 +++++ demo/hsm/src/hsm/mod.rs | 1 + demo/hsm/src/lib.rs | 59 ++++ demo/hsm/src/main.rs | 10 + 9 files changed, 482 insertions(+), 93 deletions(-) create mode 100644 demo/hsm/Cargo.toml create mode 100644 demo/hsm/src/action_stream/mod.rs create mode 100644 demo/hsm/src/action_stream/random.rs create mode 100644 demo/hsm/src/hsm/hashi_corp_vault.rs create mode 100644 demo/hsm/src/hsm/mod.rs create mode 100644 demo/hsm/src/lib.rs create mode 100644 demo/hsm/src/main.rs diff --git a/Cargo.lock b/Cargo.lock index 8eebfc680..d47dca924 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -213,7 +213,7 @@ dependencies = [ "alloy-transport", "futures", "futures-util", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -291,7 +291,7 @@ dependencies = [ "alloy-primitives 0.7.7", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tracing", ] @@ -311,7 +311,7 @@ dependencies = [ "async-trait", "auto_impl", "futures-utils-wasm", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -324,7 +324,7 @@ dependencies = [ "k256", "serde_json", "tempfile", - "thiserror", + "thiserror 1.0.69", "tracing", "url", ] @@ -505,7 +505,7 @@ dependencies = [ "jsonwebtoken 9.3.0", "rand 0.8.5", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -522,7 +522,7 @@ dependencies = [ "itertools 0.13.0", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -535,7 +535,7 @@ dependencies = [ "alloy-serde", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -558,7 +558,7 @@ dependencies = [ "auto_impl", "elliptic-curve 0.13.8", "k256", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -574,7 +574,7 @@ dependencies = [ "elliptic-curve 0.13.8", "k256", "rand 0.8.5", - "thiserror", + "thiserror 1.0.69", "yubihsm", ] @@ -662,7 +662,7 @@ dependencies = [ "futures-utils-wasm", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tower 0.4.13", "tracing", @@ -1055,7 +1055,7 @@ dependencies = [ "aptos-metrics-core", "lz4", "once_cell", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1085,7 +1085,7 @@ dependencies = [ "serde_json", "serde_merge", "serde_yaml 0.8.26", - "thiserror", + "thiserror 1.0.69", "url", ] @@ -1163,7 +1163,7 @@ dependencies = [ "sha3 0.9.1", "signature 2.2.0", "static_assertions", - "thiserror", + "thiserror 1.0.69", "tiny-keccak", "typenum", "x25519-dalek", @@ -1316,7 +1316,7 @@ dependencies = [ "aptos-types", "futures", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1378,7 +1378,7 @@ dependencies = [ "once_cell", "rayon", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1420,7 +1420,7 @@ dependencies = [ "itertools 0.12.1", "once_cell", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1548,7 +1548,7 @@ dependencies = [ "siphasher", "smallvec", "tempfile", - "thiserror", + "thiserror 1.0.69", "tiny-keccak", ] @@ -1782,7 +1782,7 @@ dependencies = [ "proptest-derive", "rayon", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1849,7 +1849,7 @@ dependencies = [ "hex", "ledger-apdu", "ledger-transport-hid", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -1934,7 +1934,7 @@ dependencies = [ "rand 0.7.3", "rayon", "serde", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-stream", ] @@ -1948,7 +1948,7 @@ dependencies = [ "async-trait", "futures", "serde", - "thiserror", + "thiserror 1.0.69", "tokio", ] @@ -2096,7 +2096,7 @@ dependencies = [ "serde", "serde_bytes", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-retry", "tokio-stream", @@ -2175,7 +2175,7 @@ dependencies = [ "aptos-types", "bcs 0.1.4", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -2276,7 +2276,7 @@ dependencies = [ "reqwest 0.11.27", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "url", ] @@ -2332,7 +2332,7 @@ dependencies = [ "once_cell", "proptest", "rayon", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -2387,7 +2387,7 @@ dependencies = [ "crossbeam-channel", "once_cell", "serde", - "thiserror", + "thiserror 1.0.69", "tokio", "tonic 0.11.0", "tonic-reflection 0.11.0", @@ -2411,7 +2411,7 @@ dependencies = [ "rand 0.7.3", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -2422,7 +2422,7 @@ dependencies = [ "mirai-annotations", "serde", "static_assertions", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -2460,7 +2460,7 @@ dependencies = [ "proptest-derive", "rayon", "serde", - "thiserror", + "thiserror 1.0.69", "threadpool", ] @@ -2520,7 +2520,7 @@ dependencies = [ "enum_dispatch", "futures", "pin-project 1.1.7", - "thiserror", + "thiserror 1.0.69", "tokio", ] @@ -2578,7 +2578,7 @@ dependencies = [ "serde_yaml 0.8.26", "strum 0.24.1", "strum_macros 0.24.3", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -2598,7 +2598,7 @@ dependencies = [ "once_cell", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "ureq", ] @@ -3756,7 +3756,7 @@ version = "0.1.4" source = "git+https://github.com/aptos-labs/bcs.git?rev=d31fab9d81748e2594be5cd5cdf845786a30562d#d31fab9d81748e2594be5cd5cdf845786a30562d" dependencies = [ "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -3766,7 +3766,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "85b6598a2f5d564fb7855dc6b06fd1c38cff5a72bd8b863a4d021938497b440a" dependencies = [ "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -3805,7 +3805,7 @@ dependencies = [ "byteorder", "ff 0.13.0", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -4035,7 +4035,7 @@ dependencies = [ "cid", "dashmap 6.1.0", "multihash", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -4250,7 +4250,7 @@ dependencies = [ "serde", "serde_json", "serde_with", - "thiserror", + "thiserror 1.0.69", "tiny-keccak", "tokio", "tokio-stream", @@ -4296,7 +4296,7 @@ dependencies = [ "hex", "rand 0.7.3", "serde", - "thiserror", + "thiserror 1.0.69", "tokio-stream", ] @@ -4365,7 +4365,7 @@ dependencies = [ "serde_derive", "sha3 0.9.1", "subtle-ng", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -4474,7 +4474,7 @@ dependencies = [ "regex", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -4569,7 +4569,7 @@ dependencies = [ "http 1.1.0", "jsonrpsee 0.24.7", "serde", - "thiserror", + "thiserror 1.0.69", "tracing", ] @@ -4645,7 +4645,7 @@ dependencies = [ "serde", "serde_repr", "sha2 0.10.8", - "thiserror", + "thiserror 1.0.69", "time", ] @@ -5765,6 +5765,37 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "derive_builder" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d67778784b508018359cbc8696edb3db78160bab2c2a28ba7f56ef6932997f8" +dependencies = [ + "derive_builder_macro", +] + +[[package]] +name = "derive_builder_core" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c11bdc11a0c47bc7d37d582b5285da6849c96681023680b906673c5707af7b0f" +dependencies = [ + "darling 0.14.4", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "derive_builder_macro" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebcda35c7a396850a55ffeac740804b40ffec779b98fffbb1738f4033f0ee79e" +dependencies = [ + "derive_builder_core", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.18" @@ -6254,7 +6285,7 @@ dependencies = [ "serde", "serde_json", "sha3 0.10.8", - "thiserror", + "thiserror 1.0.69", "uint", ] @@ -6522,7 +6553,7 @@ dependencies = [ "log", "nu-ansi-term 0.49.0", "regex", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -6534,7 +6565,7 @@ dependencies = [ "rustix 0.38.40", "serde", "tempfile", - "thiserror", + "thiserror 1.0.69", "tokio", ] @@ -6897,7 +6928,7 @@ dependencies = [ "serde", "serde_json", "tempfile", - "thiserror", + "thiserror 1.0.69", "tokio", ] @@ -6928,7 +6959,7 @@ dependencies = [ "reqwest 0.11.27", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "time", "tokio", "tracing", @@ -6943,7 +6974,7 @@ checksum = "f8bdaaa4bc036e8318274d1b25f0f2265b3e95418b765fd1ea1c7ef938fd69bd" dependencies = [ "google-cloud-token", "http 0.2.12", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-retry", "tonic 0.9.2", @@ -6969,7 +7000,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "96e4ad0802d3f416f62e7ce01ac1460898ee0efc98f8b45cd4aab7611607012f" dependencies = [ "reqwest 0.11.27", - "thiserror", + "thiserror 1.0.69", "tokio", ] @@ -6986,7 +7017,7 @@ dependencies = [ "google-cloud-googleapis", "google-cloud-token", "prost-types 0.11.9", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-util", "tracing", @@ -7015,7 +7046,7 @@ dependencies = [ "serde", "serde_json", "sha2 0.10.8", - "thiserror", + "thiserror 1.0.69", "time", "tokio", "tracing", @@ -7121,7 +7152,7 @@ dependencies = [ "pest_derive", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -7375,6 +7406,18 @@ dependencies = [ "url", ] +[[package]] +name = "hsm-demo" +version = "0.0.2" +dependencies = [ + "anyhow", + "async-trait", + "base64 0.13.1", + "rand 0.7.3", + "tokio", + "vaultrs", +] + [[package]] name = "http" version = "0.2.12" @@ -7535,6 +7578,7 @@ dependencies = [ "tokio", "tokio-rustls 0.26.0", "tower-service", + "webpki-roots 0.26.6", ] [[package]] @@ -8133,7 +8177,7 @@ dependencies = [ "combine", "jni-sys", "log", - "thiserror", + "thiserror 1.0.69", "walkdir", ] @@ -8199,7 +8243,7 @@ dependencies = [ "rustls-pki-types", "rustls-platform-verifier", "soketto", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-rustls 0.26.0", "tokio-util", @@ -8225,7 +8269,7 @@ dependencies = [ "rustc-hash 2.0.0", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-stream", "tracing", @@ -8249,7 +8293,7 @@ dependencies = [ "rustls-platform-verifier", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tower 0.4.13", "tracing", @@ -8279,7 +8323,7 @@ dependencies = [ "beef", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tracing", ] @@ -8292,7 +8336,7 @@ dependencies = [ "http 1.1.0", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -8453,7 +8497,7 @@ dependencies = [ "ledger-transport", "libc", "log", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -8464,7 +8508,7 @@ checksum = "ee58dbc414bd23885d7da915e0457618b36d1fc950a6169ef2cb29829d1b1a1d" dependencies = [ "bytes 1.8.0", "lazy_static", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -8512,7 +8556,7 @@ dependencies = [ "multihash", "quick-protobuf", "sha2 0.10.8", - "thiserror", + "thiserror 1.0.69", "tracing", ] @@ -8900,7 +8944,7 @@ dependencies = [ "serde", "serde_json", "tempfile", - "thiserror", + "thiserror 1.0.69", "tokio", "tonic 0.12.3", "tracing", @@ -8952,7 +8996,7 @@ dependencies = [ "movement-types", "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-stream", "tracing", @@ -9112,7 +9156,7 @@ checksum = "4edc8853320c2a0dab800fbda86253c8938f6ea88510dc92c5f1ed20e794afc1" dependencies = [ "cfg-if", "miette-derive", - "thiserror", + "thiserror 1.0.69", "unicode-width", ] @@ -9459,7 +9503,7 @@ dependencies = [ "ref-cast", "serde", "serde_bytes", - "thiserror", + "thiserror 1.0.69", "uint", ] @@ -9964,7 +10008,7 @@ dependencies = [ "prost 0.13.3", "rand 0.7.3", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-stream", "tonic 0.12.3", @@ -10048,7 +10092,7 @@ dependencies = [ "prost 0.13.3", "rand 0.7.3", "serde_json", - "thiserror", + "thiserror 1.0.69", "tokio", "tokio-stream", "tonic 0.12.3", @@ -10120,7 +10164,7 @@ dependencies = [ "serde", "serde_json", "serde_yaml 0.9.34+deprecated", - "thiserror", + "thiserror 1.0.69", "tokio", "tonic 0.12.3", "tracing", @@ -10427,7 +10471,7 @@ dependencies = [ "libc", "once_cell", "parking_lot", - "thiserror", + "thiserror 1.0.69", "widestring 0.5.1", "winapi 0.3.9", ] @@ -11180,7 +11224,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "879952a81a83930934cbf1786752d6dedc3b1f29e8f8fb2ad1d0a36f377cf442" dependencies = [ "memchr", - "thiserror", + "thiserror 1.0.69", "ucd-trie", ] @@ -11470,7 +11514,7 @@ dependencies = [ "smallvec", "sse-codec", "tempfile", - "thiserror", + "thiserror 1.0.69", "time", "tokio", "tokio-rustls 0.24.1", @@ -11512,7 +11556,7 @@ dependencies = [ "serde_json", "serde_urlencoded", "serde_yaml 0.9.34+deprecated", - "thiserror", + "thiserror 1.0.69", "tokio", "url", ] @@ -11532,7 +11576,7 @@ dependencies = [ "quote", "regex", "syn 1.0.109", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -11641,7 +11685,7 @@ dependencies = [ "smallvec", "symbolic-demangle", "tempfile", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -11883,7 +11927,7 @@ dependencies = [ "lazy_static", "memchr", "parking_lot", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -12105,7 +12149,7 @@ dependencies = [ "prost-reflect", "prost-types 0.12.6", "protox-parse", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -12117,7 +12161,7 @@ dependencies = [ "logos", "miette", "prost-types 0.12.6", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -12212,6 +12256,58 @@ dependencies = [ "parking_lot", ] +[[package]] +name = "quinn" +version = "0.11.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62e96808277ec6f97351a2380e6c25114bc9e67037775464979f3037c92d05ef" +dependencies = [ + "bytes 1.8.0", + "pin-project-lite", + "quinn-proto", + "quinn-udp", + "rustc-hash 2.0.0", + "rustls 0.23.17", + "socket2 0.5.7", + "thiserror 2.0.7", + "tokio", + "tracing", +] + +[[package]] +name = "quinn-proto" +version = "0.11.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2fe5ef3495d7d2e377ff17b1a8ce2ee2ec2a18cde8b6ad6619d65d0701c135d" +dependencies = [ + "bytes 1.8.0", + "getrandom 0.2.15", + "rand 0.8.5", + "ring 0.17.8", + "rustc-hash 2.0.0", + "rustls 0.23.17", + "rustls-pki-types", + "slab", + "thiserror 2.0.7", + "tinyvec", + "tracing", + "web-time", +] + +[[package]] +name = "quinn-udp" +version = "0.5.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52cd4b1eff68bf27940dd39811292c49e007f4d0b4c357358dc9b0197be6b527" +dependencies = [ + "cfg_aliases", + "libc", + "once_cell", + "socket2 0.5.7", + "tracing", + "windows-sys 0.59.0", +] + [[package]] name = "quote" version = "1.0.37" @@ -12418,7 +12514,7 @@ checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43" dependencies = [ "getrandom 0.2.15", "libredox", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -12567,7 +12663,10 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", + "quinn", + "rustls 0.23.17", "rustls-pemfile 2.2.0", + "rustls-pki-types", "serde", "serde_json", "serde_urlencoded", @@ -12575,11 +12674,13 @@ dependencies = [ "system-configuration 0.6.1", "tokio", "tokio-native-tls", + "tokio-rustls 0.26.0", "tower-service", "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", + "webpki-roots 0.26.6", "windows-registry", ] @@ -12837,6 +12938,40 @@ dependencies = [ "semver 1.0.23", ] +[[package]] +name = "rustify" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "759a090a17ce545d1adcffcc48207d5136c8984d8153bd8247b1ad4a71e49f5f" +dependencies = [ + "anyhow", + "async-trait", + "bytes 1.8.0", + "http 1.1.0", + "reqwest 0.12.9", + "rustify_derive", + "serde", + "serde_json", + "serde_urlencoded", + "thiserror 1.0.69", + "tracing", + "url", +] + +[[package]] +name = "rustify_derive" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f07d43b2dbdbd99aaed648192098f0f413b762f0f352667153934ef3955f1793" +dependencies = [ + "proc-macro2", + "quote", + "regex", + "serde_urlencoded", + "syn 1.0.109", + "synstructure 0.12.6", +] + [[package]] name = "rustix" version = "0.36.17" @@ -12967,6 +13102,9 @@ name = "rustls-pki-types" version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b" +dependencies = [ + "web-time", +] [[package]] name = "rustls-platform-verifier" @@ -13275,7 +13413,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "12c47087018ec281d1cdab673d36aea22d816b54d498264029c05d5fa1910da6" dependencies = [ "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -13285,7 +13423,7 @@ source = "git+https://github.com/aptos-labs/serde-reflection?rev=73b6bbf748334b7 dependencies = [ "once_cell", "serde", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -13350,7 +13488,7 @@ checksum = "606e91878516232ac3b16c12e063d4468d762f16d77e7aef14a1f2326c5f409b" dependencies = [ "serde", "serde_json", - "thiserror", + "thiserror 1.0.69", ] [[package]] @@ -13669,7 +13807,7 @@ checksum = "adc4e5204eb1910f40f9cfa375f6f05b68c3abac4b6fd879c8ff5e7ae8a0a085" dependencies = [ "num-bigint 0.4.6", "num-traits", - "thiserror", + "thiserror 1.0.69", "time", ] @@ -14121,7 +14259,7 @@ dependencies = [ "serde_json", "tar", "tempfile", - "thiserror", + "thiserror 1.0.69", "tokio", "tracing", "uuid", @@ -14141,6 +14279,18 @@ dependencies = [ "tracing", ] +[[package]] +name = "synstructure" +version = "0.12.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", + "unicode-xid", +] + [[package]] name = "synstructure" version = "0.13.1" @@ -14312,7 +14462,16 @@ version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52" dependencies = [ - "thiserror-impl", + "thiserror-impl 1.0.69", +] + +[[package]] +name = "thiserror" +version = "2.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" +dependencies = [ + "thiserror-impl 2.0.7", ] [[package]] @@ -14326,6 +14485,17 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "thiserror-impl" +version = "2.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.87", +] + [[package]] name = "thread_local" version = "1.1.8" @@ -14402,7 +14572,7 @@ dependencies = [ "rand 0.7.3", "rustc-hash 1.1.0", "sha2 0.9.9", - "thiserror", + "thiserror 1.0.69", "unicode-normalization", "wasm-bindgen", "zeroize", @@ -14927,7 +15097,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3566e8ce28cc0a3fe42519fc80e6b4c943cc4c8cef275620eb8dac2d3d4e06cf" dependencies = [ "crossbeam-channel", - "thiserror", + "thiserror 1.0.69", "time", "tracing-subscriber 0.3.18", ] @@ -15079,7 +15249,7 @@ dependencies = [ "log", "rand 0.8.5", "sha1", - "thiserror", + "thiserror 1.0.69", "url", "utf-8", ] @@ -15100,7 +15270,7 @@ dependencies = [ "rustls 0.23.17", "rustls-pki-types", "sha1", - "thiserror", + "thiserror 1.0.69", "utf-8", ] @@ -15459,6 +15629,26 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "vaultrs" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a769a71e45deef489beed23167f79ee75d41f482b5e3d96ddab833f24fd07e51" +dependencies = [ + "async-trait", + "bytes 1.8.0", + "derive_builder", + "http 1.1.0", + "reqwest 0.12.9", + "rustify", + "rustify_derive", + "serde", + "serde_json", + "thiserror 1.0.69", + "tracing", + "url", +] + [[package]] name = "vcpkg" version = "0.2.15" @@ -15656,6 +15846,16 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "web-time" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + [[package]] name = "webpki-roots" version = "0.23.1" @@ -15685,7 +15885,7 @@ name = "whitelist" version = "0.0.2" dependencies = [ "prost 0.13.3", - "thiserror", + "thiserror 1.0.69", "tonic 0.12.3", ] @@ -16061,7 +16261,7 @@ dependencies = [ "pharos", "rustc_version 0.4.1", "send_wrapper", - "thiserror", + "thiserror 1.0.69", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -16145,7 +16345,7 @@ dependencies = [ "proc-macro2", "quote", "syn 2.0.87", - "synstructure", + "synstructure 0.13.1", ] [[package]] @@ -16173,7 +16373,7 @@ dependencies = [ "sha2 0.10.8", "signature 2.2.0", "subtle", - "thiserror", + "thiserror 1.0.69", "time", "uuid", "zeroize", @@ -16218,7 +16418,7 @@ dependencies = [ "proc-macro2", "quote", "syn 2.0.87", - "synstructure", + "synstructure 0.13.1", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 7deeb1d00..9109baa69 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,6 +3,7 @@ resolver = "2" members = [ + "demo/hsm", "protocol-units/bridge/config", "protocol-units/bridge/setup", "protocol-units/execution/maptos/dof", @@ -113,6 +114,10 @@ whitelist = { path = "util/whitelist" } ## access control aptos-account-whitelist = { path = "protocol-units/access-control/aptos/account-whitelist" } +## vault +vaultrs = { version = "0.7.3" } +base64 = { version = "0.13.0" } + # Serialization and Deserialization borsh = { version = "0.10" } # todo: internalize jmt and bump serde = "1.0" diff --git a/demo/hsm/Cargo.toml b/demo/hsm/Cargo.toml new file mode 100644 index 000000000..304b5e854 --- /dev/null +++ b/demo/hsm/Cargo.toml @@ -0,0 +1,21 @@ +[package] +name = "hsm-demo" +version = { workspace = true } +edition = { workspace = true } +license = { workspace = true } +authors = { workspace = true } +repository = { workspace = true } +homepage = { workspace = true } +publish = { workspace = true } +rust-version = { workspace = true } + +[dependencies] +tokio = { workspace = true } +async-trait = { workspace = true } +anyhow = { workspace = true } +vaultrs = { workspace = true } +rand = { workspace = true } +base64 = { workspace = true } + +[lints] +workspace = true diff --git a/demo/hsm/src/action_stream/mod.rs b/demo/hsm/src/action_stream/mod.rs new file mode 100644 index 000000000..7bcbfe0e2 --- /dev/null +++ b/demo/hsm/src/action_stream/mod.rs @@ -0,0 +1 @@ +pub mod random; diff --git a/demo/hsm/src/action_stream/random.rs b/demo/hsm/src/action_stream/random.rs new file mode 100644 index 000000000..a9cdce65e --- /dev/null +++ b/demo/hsm/src/action_stream/random.rs @@ -0,0 +1,18 @@ +use crate::{ActionStream, Bytes, Message}; +use rand::{Rng, RngCore}; + +/// A stream of random messages. +pub struct Random; + +#[async_trait::async_trait] +impl ActionStream for Random { + async fn next(&mut self) -> Option { + // Generate a random vec of bytes + let mut rng = rand::thread_rng(); + let len = rng.gen_range(1, 10); + let mut bytes = vec![0u8; len]; + rng.fill_bytes(&mut bytes); + + Some(Message::Sign(Bytes(bytes))) + } +} diff --git a/demo/hsm/src/hsm/hashi_corp_vault.rs b/demo/hsm/src/hsm/hashi_corp_vault.rs new file mode 100644 index 000000000..6c25ce6e0 --- /dev/null +++ b/demo/hsm/src/hsm/hashi_corp_vault.rs @@ -0,0 +1,74 @@ +use crate::{Bytes, Hsm, Signature}; +use vaultrs::api::transit::requests::CreateKeyRequest; +use vaultrs::api::transit::KeyType; +use vaultrs::client::{VaultClient, VaultClientSettingsBuilder}; +use vaultrs::transit::data; +use vaultrs::transit::key; + +/// A HashiCorp Vault HSM. +pub struct HashiCorpVault { + client: VaultClient, + key_name: String, + mount_name: String, +} + +impl HashiCorpVault { + /// Creates a new HashiCorp Vault HSM + pub fn new(client: VaultClient, key_name: String, mount_name: String) -> Self { + Self { client, key_name, mount_name } + } + + /// Tries to create a new HashiCorp Vault HSM from the environment + pub fn try_from_env() -> Result { + let address = std::env::var("VAULT_ADDR").unwrap_or_else(|_| "https:// + + let client = VaultClient::new( + VaultClientSettingsBuilder::default() + .address("https://127.0.0.1:8200") + .token("TOKEN") + .build()?, + )?; + let key_name = std::env::var("VAULT_KEY_NAME")?; + let mount_name = std::env::var("VAULT_MOUNT_NAME")?; + + Ok(Self::new(client, key_name, mount_name)) + } + + /// Creates a new key in the transit backend + pub async fn new_key(self) -> Result<(), anyhow::Error> { + key::create( + &self.client, + self.mount_name.as_str(), + self.key_name.as_str(), + Some(CreateKeyRequest::builder().key_type(KeyType::Ed25519)), + ) + .await?; + + Ok(()) + } +} + +#[async_trait::async_trait] +impl Hsm for HashiCorpVault { + async fn sign(&self, message: Bytes) -> Result { + let res = data::sign( + &self.client, + self.mount_name.as_str(), + self.key_name.as_str(), + // convert bytes vec to base64 string + base64::encode(message.0).as_str(), + None, + ) + .await?; + + // decode base64 string to vec + let signature = base64::decode(res.signature)?; + + // Sign the message using HashiCorp Vault + Ok(Signature(Bytes(signature))) + } + + async fn verify(&self, _message: Bytes, _signature: Signature) -> Result { + Ok(true) + } +} diff --git a/demo/hsm/src/hsm/mod.rs b/demo/hsm/src/hsm/mod.rs new file mode 100644 index 000000000..3be11e46e --- /dev/null +++ b/demo/hsm/src/hsm/mod.rs @@ -0,0 +1 @@ +pub mod hashi_corp_vault; diff --git a/demo/hsm/src/lib.rs b/demo/hsm/src/lib.rs new file mode 100644 index 000000000..ad6ceabef --- /dev/null +++ b/demo/hsm/src/lib.rs @@ -0,0 +1,59 @@ +pub mod action_stream; +pub mod hsm; + +/// A collection of bytes. +#[derive(Debug)] +pub struct Bytes(pub Vec); + +/// A signature. +#[derive(Debug)] +pub struct Signature(pub Bytes); + +/// A message to be signed or verified. +pub enum Message { + Sign(Bytes), + Verify(Bytes, Bytes), +} + +/// A stream of messages to be signed or verified. +#[async_trait::async_trait] +pub trait ActionStream { + async fn next(&mut self) -> Option; +} + +/// An HSM capable of signing and verifying messages. +#[async_trait::async_trait] +pub trait Hsm { + async fn sign(&self, message: Bytes) -> Result; + async fn verify(&self, message: Bytes, signature: Signature) -> Result; +} + +/// An application which reads a stream of messages to either sign or verify. +pub struct Application { + hsm: Box, + stream: Box, +} + +/// The application implementation. +impl Application { + /// Creates a new application. + pub fn new(hsm: Box, stream: Box) -> Self { + Self { hsm, stream } + } + + /// Runs the application. + pub async fn run(&mut self) { + while let Some(message) = self.stream.next().await { + match message { + Message::Sign(message) => { + let signature = self.hsm.sign(message).await; + println!("Signed message: {:?}", signature); + } + Message::Verify(message, signature) => { + let verified = self.hsm.verify(message, Signature(signature)).await; + println!("Verified message: {:?}", verified); + } + } + } + } +} diff --git a/demo/hsm/src/main.rs b/demo/hsm/src/main.rs new file mode 100644 index 000000000..f612f9690 --- /dev/null +++ b/demo/hsm/src/main.rs @@ -0,0 +1,10 @@ +use hsm_demo::{action_stream, hsm, Application}; + +#[tokio::main] +pub async fn main() -> Result<(), anyhow::Error> { + let stream = action_stream::random::Random; + + let hsm = hsm::hashi_corp_vault::HashiCorpVault::new() + + Ok(()) +} From 642227eeaf7d823ce43a8cba5c1f4b4868649094 Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Tue, 17 Dec 2024 16:50:43 +0100 Subject: [PATCH 02/18] fix: google and amazon. --- Cargo.lock | 183 ++++++++++++++++++-- Cargo.toml | 4 + demo/hsm/Cargo.toml | 6 + demo/hsm/src/action_stream/join.rs | 41 +++++ demo/hsm/src/action_stream/mod.rs | 2 + demo/hsm/src/action_stream/notify_verify.rs | 28 +++ demo/hsm/src/action_stream/random.rs | 12 +- demo/hsm/src/hsm/aws_kms.rs | 99 +++++++++++ demo/hsm/src/hsm/google_kms.rs | 138 +++++++++++++++ demo/hsm/src/hsm/hashi_corp_vault.rs | 106 +++++++++--- demo/hsm/src/hsm/mod.rs | 2 + demo/hsm/src/lib.rs | 45 +++-- demo/hsm/src/main.rs | 18 +- payload.json | 5 + 14 files changed, 631 insertions(+), 58 deletions(-) create mode 100644 demo/hsm/src/action_stream/join.rs create mode 100644 demo/hsm/src/action_stream/notify_verify.rs create mode 100644 demo/hsm/src/hsm/aws_kms.rs create mode 100644 demo/hsm/src/hsm/google_kms.rs create mode 100644 payload.json diff --git a/Cargo.lock b/Cargo.lock index d47dca924..b3b1c12e8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3192,7 +3192,7 @@ dependencies = [ "aws-sdk-sts", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", @@ -3223,9 +3223,9 @@ dependencies = [ [[package]] name = "aws-runtime" -version = "1.4.3" +version = "1.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a10d5c055aa540164d9561a0e2e74ad30f0dcf7393c3a92f6733ddf9c5762468" +checksum = "b5ac934720fbb46206292d2c75b57e67acfc56fe7dfd34fb9a02334af08409ea" dependencies = [ "aws-credential-types", "aws-sigv4", @@ -3247,6 +3247,28 @@ dependencies = [ "uuid", ] +[[package]] +name = "aws-sdk-kms" +version = "1.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c30f6fd5646b99d9b45ec3a0c22e67112c175b2383100c960d7ee39d96c8d96" +dependencies = [ + "aws-credential-types", + "aws-runtime", + "aws-smithy-async", + "aws-smithy-http", + "aws-smithy-json 0.61.1", + "aws-smithy-runtime", + "aws-smithy-runtime-api", + "aws-smithy-types", + "aws-types", + "bytes 1.8.0", + "http 0.2.12", + "once_cell", + "regex-lite", + "tracing", +] + [[package]] name = "aws-sdk-s3" version = "1.61.0" @@ -3260,7 +3282,7 @@ dependencies = [ "aws-smithy-checksums", "aws-smithy-eventstream", "aws-smithy-http", - "aws-smithy-json", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", @@ -3291,7 +3313,7 @@ dependencies = [ "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", @@ -3313,7 +3335,7 @@ dependencies = [ "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", @@ -3335,7 +3357,7 @@ dependencies = [ "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json", + "aws-smithy-json 0.60.7", "aws-smithy-query", "aws-smithy-runtime", "aws-smithy-runtime-api", @@ -3350,9 +3372,9 @@ dependencies = [ [[package]] name = "aws-sigv4" -version = "1.2.5" +version = "1.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5619742a0d8f253be760bfbb8e8e8368c69e3587e4637af5754e488a611499b1" +checksum = "7d3820e0c08d0737872ff3c7c1f21ebbb6693d832312d6152bf18ef50a5471c2" dependencies = [ "aws-credential-types", "aws-smithy-eventstream", @@ -3450,6 +3472,15 @@ dependencies = [ "aws-smithy-types", ] +[[package]] +name = "aws-smithy-json" +version = "0.61.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee4e69cc50921eb913c6b662f8d909131bb3e6ad6cb6090d3a39b66fc5c52095" +dependencies = [ + "aws-smithy-types", +] + [[package]] name = "aws-smithy-query" version = "0.60.7" @@ -3462,9 +3493,9 @@ dependencies = [ [[package]] name = "aws-smithy-runtime" -version = "1.7.3" +version = "1.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be28bd063fa91fd871d131fc8b68d7cd4c5fa0869bea68daca50dcb1cbd76be2" +checksum = "9f20685047ca9d6f17b994a07f629c813f08b5bce65523e47124879e60103d45" dependencies = [ "aws-smithy-async", "aws-smithy-http", @@ -6952,7 +6983,7 @@ checksum = "931bedb2264cb00f914b0a6a5c304e34865c34306632d3932e0951a073e4a67d" dependencies = [ "async-trait", "base64 0.21.7", - "google-cloud-metadata", + "google-cloud-metadata 0.3.2", "google-cloud-token", "home", "jsonwebtoken 8.3.0", @@ -6966,6 +6997,28 @@ dependencies = [ "urlencoding", ] +[[package]] +name = "google-cloud-auth" +version = "0.17.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e57a13fbacc5e9c41ded3ad8d0373175a6b7a6ad430d99e89d314ac121b7ab06" +dependencies = [ + "async-trait", + "base64 0.21.7", + "google-cloud-metadata 0.5.0", + "google-cloud-token", + "home", + "jsonwebtoken 9.3.0", + "reqwest 0.12.9", + "serde", + "serde_json", + "thiserror 1.0.69", + "time", + "tokio", + "tracing", + "urlencoding", +] + [[package]] name = "google-cloud-gax" version = "0.15.0" @@ -6982,6 +7035,22 @@ dependencies = [ "tracing", ] +[[package]] +name = "google-cloud-gax" +version = "0.19.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de13e62d7e0ffc3eb40a0113ddf753cf6ec741be739164442b08893db4f9bfca" +dependencies = [ + "google-cloud-token", + "http 1.1.0", + "thiserror 1.0.69", + "tokio", + "tokio-retry2", + "tonic 0.12.3", + "tower 0.4.13", + "tracing", +] + [[package]] name = "google-cloud-googleapis" version = "0.10.0" @@ -6993,6 +7062,34 @@ dependencies = [ "tonic 0.9.2", ] +[[package]] +name = "google-cloud-googleapis" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0edfdfb507593d47605b3bb2fb36628b391e3d397e520b85852dea2412c8e2d1" +dependencies = [ + "prost 0.13.3", + "prost-types 0.13.3", + "tonic 0.12.3", +] + +[[package]] +name = "google-cloud-kms" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e8842723521d34b9bf43305c84fd469c4d1858c42a630e1cb8c0d9c53781551" +dependencies = [ + "google-cloud-auth 0.17.2", + "google-cloud-gax 0.19.2", + "google-cloud-googleapis 0.16.0", + "google-cloud-token", + "prost-types 0.13.3", + "serde", + "serde_json", + "thiserror 1.0.69", + "tracing", +] + [[package]] name = "google-cloud-metadata" version = "0.3.2" @@ -7004,6 +7101,17 @@ dependencies = [ "tokio", ] +[[package]] +name = "google-cloud-metadata" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04f945a208886a13d07636f38fb978da371d0abc3e34bad338124b9f8c135a8f" +dependencies = [ + "reqwest 0.12.9", + "thiserror 1.0.69", + "tokio", +] + [[package]] name = "google-cloud-pubsub" version = "0.18.0" @@ -7012,9 +7120,9 @@ checksum = "095b104502b6e1abbad9b9768af944b9202e032dbc7f0947d3c30d4191761071" dependencies = [ "async-channel", "async-stream", - "google-cloud-auth", - "google-cloud-gax", - "google-cloud-googleapis", + "google-cloud-auth 0.12.0", + "google-cloud-gax 0.15.0", + "google-cloud-googleapis 0.10.0", "google-cloud-token", "prost-types 0.11.9", "thiserror 1.0.69", @@ -7033,8 +7141,8 @@ dependencies = [ "base64 0.21.7", "bytes 1.8.0", "futures-util", - "google-cloud-auth", - "google-cloud-metadata", + "google-cloud-auth 0.12.0", + "google-cloud-metadata 0.3.2", "google-cloud-token", "hex", "once_cell", @@ -7412,8 +7520,14 @@ version = "0.0.2" dependencies = [ "anyhow", "async-trait", + "aws-config", + "aws-sdk-kms", "base64 0.13.1", + "ed25519 2.2.3", + "google-cloud-kms", + "k256", "rand 0.7.3", + "ring-compat", "tokio", "vaultrs", ] @@ -11867,7 +11981,7 @@ dependencies = [ "field_count", "futures", "futures-util", - "google-cloud-googleapis", + "google-cloud-googleapis 0.10.0", "google-cloud-pubsub", "google-cloud-storage", "hex", @@ -12759,6 +12873,25 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "ring-compat" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccce7bae150b815f0811db41b8312fcb74bffa4cab9cee5429ee00f356dd5bd4" +dependencies = [ + "aead", + "digest 0.10.7", + "ecdsa 0.16.9", + "ed25519 2.2.3", + "generic-array", + "p256 0.13.2", + "p384", + "pkcs8 0.10.2", + "rand_core 0.6.4", + "ring 0.17.8", + "signature 2.2.0", +] + [[package]] name = "ripemd" version = "0.1.3" @@ -14709,6 +14842,16 @@ dependencies = [ "tokio", ] +[[package]] +name = "tokio-retry2" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "903934dba1c4c2f2e9cb460ef10b5695e0b0ecad3bf9ee7c8675e540c5e8b2d1" +dependencies = [ + "pin-project 1.1.7", + "tokio", +] + [[package]] name = "tokio-rustls" version = "0.24.1" @@ -14937,6 +15080,7 @@ dependencies = [ "axum 0.7.9", "base64 0.22.1", "bytes 1.8.0", + "flate2", "h2 0.4.6", "http 1.1.0", "http-body 1.0.1", @@ -14947,13 +15091,16 @@ dependencies = [ "percent-encoding", "pin-project 1.1.7", "prost 0.13.3", + "rustls-pemfile 2.2.0", "socket2 0.5.7", "tokio", + "tokio-rustls 0.26.0", "tokio-stream", "tower 0.4.13", "tower-layer", "tower-service", "tracing", + "webpki-roots 0.26.6", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 9109baa69..fb608a2cc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -116,6 +116,8 @@ aptos-account-whitelist = { path = "protocol-units/access-control/aptos/account- ## vault vaultrs = { version = "0.7.3" } +aws-sdk-kms = "1.51.0" +google-cloud-kms = "0.6.0" base64 = { version = "0.13.0" } # Serialization and Deserialization @@ -306,6 +308,8 @@ tracing-test = "0.2.5" trie-db = "0.28.0" url = "2.2.2" x25519-dalek = "1.0.1" +ed25519 = "2.2.3" +ring-compat = "0.8.0" zstd-sys = "2.0.9" zstd = "0.13" inotify = "0.10.2" diff --git a/demo/hsm/Cargo.toml b/demo/hsm/Cargo.toml index 304b5e854..047e4bfaf 100644 --- a/demo/hsm/Cargo.toml +++ b/demo/hsm/Cargo.toml @@ -14,8 +14,14 @@ tokio = { workspace = true } async-trait = { workspace = true } anyhow = { workspace = true } vaultrs = { workspace = true } +aws-sdk-kms = { workspace = true } +aws-config = { workspace = true } rand = { workspace = true } base64 = { workspace = true } +ed25519 = { workspace = true } +ring-compat = { workspace = true } +k256 = { workspace = true, features = ["ecdsa", "pkcs8"] } +google-cloud-kms = { workspace = true } [lints] workspace = true diff --git a/demo/hsm/src/action_stream/join.rs b/demo/hsm/src/action_stream/join.rs new file mode 100644 index 000000000..2926ffd3e --- /dev/null +++ b/demo/hsm/src/action_stream/join.rs @@ -0,0 +1,41 @@ +use crate::{ActionStream, Message}; + +/// Joins several streams together. +/// Notifies all streams of messages emitted from elsewhere in the system. +/// Round-robins through streams for next. +pub struct Join { + streams: Vec>, + current: usize, +} + +impl Join { + /// Creates a new `Join` stream. + pub fn new(streams: Vec>) -> Self { + Self { streams, current: 0 } + } +} + +#[async_trait::async_trait] +impl ActionStream for Join { + /// Notifies the stream of a message emitted from elsewhere in the system. + async fn notify(&mut self, message: Message) -> Result<(), anyhow::Error> { + for stream in &mut self.streams { + stream.notify(message.clone()).await?; + } + Ok(()) + } + + /// Gets the message to act upon. + async fn next(&mut self) -> Result, anyhow::Error> { + let mut next = None; + for _ in 0..self.streams.len() { + let stream = &mut self.streams[self.current]; + next = stream.next().await?; + self.current = (self.current + 1) % self.streams.len(); + if next.is_some() { + break; + } + } + Ok(next) + } +} diff --git a/demo/hsm/src/action_stream/mod.rs b/demo/hsm/src/action_stream/mod.rs index 7bcbfe0e2..2a1ec4208 100644 --- a/demo/hsm/src/action_stream/mod.rs +++ b/demo/hsm/src/action_stream/mod.rs @@ -1 +1,3 @@ +pub mod join; +pub mod notify_verify; pub mod random; diff --git a/demo/hsm/src/action_stream/notify_verify.rs b/demo/hsm/src/action_stream/notify_verify.rs new file mode 100644 index 000000000..7670fe266 --- /dev/null +++ b/demo/hsm/src/action_stream/notify_verify.rs @@ -0,0 +1,28 @@ +use crate::{ActionStream, Message}; +use std::collections::VecDeque; + +/// Adds all verify messages of which the stream is notified back to the stream +pub struct NotifyVerify { + buffer: VecDeque, +} + +impl NotifyVerify { + /// Creates a new `NotifyVerify` stream. + pub fn new() -> Self { + Self { buffer: VecDeque::new() } + } +} + +#[async_trait::async_trait] +impl ActionStream for NotifyVerify { + /// Notifies the stream of a message emitted from elsewhere in the system. + async fn notify(&mut self, message: Message) -> Result<(), anyhow::Error> { + self.buffer.push_back(message); + Ok(()) + } + + /// Gets the message to act upon. + async fn next(&mut self) -> Result, anyhow::Error> { + Ok(self.buffer.pop_front()) + } +} diff --git a/demo/hsm/src/action_stream/random.rs b/demo/hsm/src/action_stream/random.rs index a9cdce65e..81c89227c 100644 --- a/demo/hsm/src/action_stream/random.rs +++ b/demo/hsm/src/action_stream/random.rs @@ -6,13 +6,19 @@ pub struct Random; #[async_trait::async_trait] impl ActionStream for Random { - async fn next(&mut self) -> Option { + /// Notifies the stream of a message emitted from elsewhere in the system. + async fn notify(&mut self, _message: Message) -> Result<(), anyhow::Error> { + Ok(()) + } + + /// Gets the message to act upon. + async fn next(&mut self) -> Result, anyhow::Error> { // Generate a random vec of bytes let mut rng = rand::thread_rng(); - let len = rng.gen_range(1, 10); + let len = rng.gen_range(32, 256); let mut bytes = vec![0u8; len]; rng.fill_bytes(&mut bytes); - Some(Message::Sign(Bytes(bytes))) + Ok(Some(Message::Sign(Bytes(bytes)))) } } diff --git a/demo/hsm/src/hsm/aws_kms.rs b/demo/hsm/src/hsm/aws_kms.rs new file mode 100644 index 000000000..eb952432e --- /dev/null +++ b/demo/hsm/src/hsm/aws_kms.rs @@ -0,0 +1,99 @@ +use crate::{Bytes, Hsm, PublicKey, Signature}; +use anyhow::Context; +use aws_sdk_kms::primitives::Blob; +use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; +use aws_sdk_kms::Client; +use k256::ecdsa::{self, VerifyingKey}; +use k256::pkcs8::DecodePublicKey; +use ring_compat::signature::Verifier; + +/// A AWS KMS HSM. +pub struct AwsKms { + client: Client, + key_id: String, + public_key: PublicKey, +} + +impl AwsKms { + /// Creates a new AWS KMS HSM + pub fn new(client: Client, key_id: String, public_key: PublicKey) -> Self { + Self { client, key_id, public_key } + } + + /// Tries to create a new AWS KMS HSM from the environment + pub async fn try_from_env() -> Result { + let key_id = std::env::var("AWS_KMS_KEY_ID").context("AWS_KMS_KEY_ID not set")?; + let public_key = std::env::var("AWS_KMS_PUBLIC_KEY").unwrap_or_default(); + + let config = aws_config::load_from_env().await; + let client = aws_sdk_kms::Client::new(&config); + + Ok(Self::new(client, key_id, PublicKey(Bytes(public_key.as_bytes().to_vec())))) + } + + /// Creates in AWS KMS matching the provided key id. + pub async fn create_key(self) -> Result { + let res = self + .client + .create_key() + .key_spec(KeySpec::EccSecgP256K1) + .key_usage(KeyUsageType::SignVerify) + .send() + .await?; + + let key_id = res.key_metadata().context("No key metadata available")?.key_id().to_string(); + + Ok(Self::new(self.client, key_id, self.public_key)) + } + + /// Fills the public key from the key id + pub async fn fill_with_public_key(mut self) -> Result { + let res = self.client.get_public_key().key_id(&self.key_id).send().await?; + let public_key = PublicKey(Bytes( + res.public_key().context("No public key available")?.as_ref().to_vec(), + )); + self.public_key = public_key; + Ok(self) + } +} + +#[async_trait::async_trait] +impl Hsm for AwsKms { + async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { + let blob = Blob::new(message.clone().0); + let request = self + .client + .sign() + .key_id(&self.key_id) + .signing_algorithm(SigningAlgorithmSpec::EcdsaSha256) + .message(blob); + + let res = request.send().await?; + println!("res: {:?}", res); + let signature = + Signature(Bytes(res.signature().context("No signature available")?.as_ref().to_vec())); + + Ok((message, self.public_key.clone(), signature)) + } + + async fn verify( + &self, + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result { + let verifying_key = VerifyingKey::from_public_key_der(&public_key.0 .0) + .context("Failed to create verifying key")?; + + let signature = + ecdsa::Signature::from_der(&signature.0 .0).context("Failed to create signature")?; + + match verifying_key.verify(message.0.as_slice(), &signature) { + Ok(_) => Ok(true), + Err(e) => { + println!("Error verifying signature: {:?}", e); + Ok(false) + } + } + } +} diff --git a/demo/hsm/src/hsm/google_kms.rs b/demo/hsm/src/hsm/google_kms.rs new file mode 100644 index 000000000..e3049fd9d --- /dev/null +++ b/demo/hsm/src/hsm/google_kms.rs @@ -0,0 +1,138 @@ +use crate::{Bytes, Hsm, PublicKey, Signature}; +use anyhow::Context; +use google_cloud_kms::client::{Client, ClientConfig}; +use google_cloud_kms::grpc::kms::v1::{ + AsymmetricSignRequest, CreateCryptoKeyRequest, CreateKeyRingRequest, CryptoKey, Digest, + GetPublicKeyRequest, +}; +use k256::ecdsa::{self, VerifyingKey}; +use k256::pkcs8::DecodePublicKey; +use ring_compat::signature::Verifier; + +pub struct GoogleKms { + client: Client, + project: String, + location: String, + key_ring: String, + key_name: String, + public_key: PublicKey, +} + +impl GoogleKms { + pub fn new( + client: Client, + project: String, + location: String, + key_ring: String, + key_name: String, + public_key: PublicKey, + ) -> Self { + Self { client, project, location, key_ring, key_name, public_key } + } + + /// Tries to create a new Google KMS HSM from the environment + pub async fn try_from_env() -> Result { + let project = std::env::var("GOOGLE_KMS_PROJECT").context("GOOGLE_KMS_PROJECT not set")?; + let location = + std::env::var("GOOGLE_KMS_LOCATION").context("GOOGLE_KMS_LOCATION not set")?; + let key_ring = + std::env::var("GOOGLE_KMS_KEY_RING").context("GOOGLE_KMS_KEY_RING not set")?; + let key_name = + std::env::var("GOOGLE_KMS_KEY_NAME").context("GOOGLE_KMS_KEY_NAME not set")?; + let public_key = std::env::var("GOOGLE_KMS_PUBLIC_KEY").unwrap_or_default(); + + let config = ClientConfig::default().with_auth().await?; + let client = Client::new(config).await?; + + Ok(Self::new( + client, + project, + location, + key_ring, + key_name, + PublicKey(Bytes(public_key.as_bytes().to_vec())), + )) + } + + /// Tries to create a new key matching the provided key name. + pub async fn create_key_ring(self) -> Result { + let request = CreateKeyRingRequest { + parent: format!("projects/{}/locations/{}", self.project, self.location), + key_ring_id: self.key_ring.clone(), + key_ring: Default::default(), + }; + + self.client.create_key_ring(request, None).await?; + Ok(self) + } + + /// Tries to create a new key matching the provided key name. + pub async fn create_key(self) -> Result { + let request = CreateCryptoKeyRequest { + parent: self.key_ring.clone(), + crypto_key_id: self.key_name.clone(), + crypto_key: Some(CryptoKey { + purpose: 3, // Corresponds to ASYMETRIC_SIGN + version_template: Some(Default::default()), + ..Default::default() + }), + skip_initial_version_creation: false, + }; + + self.client.create_crypto_key(request, None).await?; + + Ok(self) + } + + /// Fills the public key from the key name + pub async fn fill_with_public_key(mut self) -> Result { + let request = GetPublicKeyRequest { name: self.key_name.clone() }; + + let res = self.client.get_public_key(request, None).await?; + + self.public_key = PublicKey(Bytes(res.pem.as_bytes().to_vec())); + + Ok(self) + } +} + +#[async_trait::async_trait] +impl Hsm for GoogleKms { + async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { + let digest = Digest { + digest: Some(google_cloud_kms::grpc::kms::v1::digest::Digest::Sha256( + message.clone().0, + )), + ..Default::default() + }; + + let request = AsymmetricSignRequest { + name: self.key_name.clone(), + digest: Some(digest), + ..Default::default() + }; + + let response = + self.client.asymmetric_sign(request, None).await.context("Failed to sign")?; + + let signature = Signature(Bytes(response.signature)); + + Ok((message, self.public_key.clone(), signature)) + } + + async fn verify( + &self, + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result { + let verifying_key = VerifyingKey::from_public_key_der(&public_key.0 .0) + .context("Failed to create verifying key")?; + + // use the pkcs8 der to decode + let k256_signature = + ecdsa::Signature::from_der(&signature.0 .0).context("Failed to create signature")?; + + Ok(verifying_key.verify(message.0.as_slice(), &k256_signature).is_ok()) + } +} diff --git a/demo/hsm/src/hsm/hashi_corp_vault.rs b/demo/hsm/src/hsm/hashi_corp_vault.rs index 6c25ce6e0..9b5457132 100644 --- a/demo/hsm/src/hsm/hashi_corp_vault.rs +++ b/demo/hsm/src/hsm/hashi_corp_vault.rs @@ -1,6 +1,11 @@ -use crate::{Bytes, Hsm, Signature}; -use vaultrs::api::transit::requests::CreateKeyRequest; +use crate::{Bytes, Hsm, PublicKey, Signature}; +use anyhow::Context; +use ring_compat::signature::{ + ed25519::{self, VerifyingKey}, + Verifier, +}; use vaultrs::api::transit::KeyType; +use vaultrs::api::transit::{requests::CreateKeyRequest, responses::ReadKeyData}; use vaultrs::client::{VaultClient, VaultClientSettingsBuilder}; use vaultrs::transit::data; use vaultrs::transit::key; @@ -10,65 +15,122 @@ pub struct HashiCorpVault { client: VaultClient, key_name: String, mount_name: String, + public_key: PublicKey, } impl HashiCorpVault { /// Creates a new HashiCorp Vault HSM - pub fn new(client: VaultClient, key_name: String, mount_name: String) -> Self { - Self { client, key_name, mount_name } + pub fn new( + client: VaultClient, + key_name: String, + mount_name: String, + public_key: PublicKey, + ) -> Self { + Self { client, key_name, mount_name, public_key } } /// Tries to create a new HashiCorp Vault HSM from the environment pub fn try_from_env() -> Result { - let address = std::env::var("VAULT_ADDR").unwrap_or_else(|_| "https:// - + let address = std::env::var("VAULT_ADDRESS").context("VAULT_ADDRESS not set")?; + let token = std::env::var("VAULT_TOKEN").context("VAULT_TOKEN not set")?; + let namespace = std::env::var("VAULT_NAMESPACE").unwrap_or_else(|_| "admin".to_string()); let client = VaultClient::new( VaultClientSettingsBuilder::default() - .address("https://127.0.0.1:8200") - .token("TOKEN") + .address(address.as_str()) + .token(token.as_str()) + .namespace(Some(namespace)) .build()?, )?; - let key_name = std::env::var("VAULT_KEY_NAME")?; - let mount_name = std::env::var("VAULT_MOUNT_NAME")?; - Ok(Self::new(client, key_name, mount_name)) + let key_name = std::env::var("VAULT_KEY_NAME").context("VAULT_KEY_NAME not set")?; + let mount_name = std::env::var("VAULT_MOUNT_NAME").context("VAULT_MOUNT_NAME not set")?; + let public_key = std::env::var("VAULT_PUBLIC_KEY").unwrap_or_default(); + + Ok(Self::new( + client, + key_name, + mount_name, + PublicKey(Bytes(public_key.as_bytes().to_vec())), + )) } /// Creates a new key in the transit backend - pub async fn new_key(self) -> Result<(), anyhow::Error> { + pub async fn create_key(self) -> Result { key::create( &self.client, self.mount_name.as_str(), self.key_name.as_str(), - Some(CreateKeyRequest::builder().key_type(KeyType::Ed25519)), + Some(CreateKeyRequest::builder().key_type(KeyType::Ed25519).derived(false)), ) - .await?; + .await + .context("Failed to create key")?; - Ok(()) + Ok(self) + } + + /// Fills with a public key fetched from vault. + pub async fn fill_with_public_key(self) -> Result { + let res = key::read(&self.client, self.mount_name.as_str(), self.key_name.as_str()) + .await + .context("Failed to read key")?; + println!("Read key: {:?}", res); + + let public_key = match res.keys { + ReadKeyData::Symmetric(_) => { + return Err(anyhow::anyhow!("Symmetric keys are not supported")); + } + ReadKeyData::Asymmetric(keys) => { + let key = keys.values().next().context("No key found")?; + base64::decode(key.public_key.as_str()).context("Failed to decode public key")? + } + }; + + println!("Public key: {:?}", public_key); + Ok(Self::new(self.client, self.key_name, self.mount_name, PublicKey(Bytes(public_key)))) } } #[async_trait::async_trait] impl Hsm for HashiCorpVault { - async fn sign(&self, message: Bytes) -> Result { + async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { let res = data::sign( &self.client, self.mount_name.as_str(), self.key_name.as_str(), // convert bytes vec to base64 string - base64::encode(message.0).as_str(), + base64::encode(message.clone().0).as_str(), None, ) - .await?; + .await + .context("Failed to sign message")?; + + // the signature should be encoded valut:v1: check for match and split off the signature + // 1. check for match + if !res.signature.starts_with("vault:v1:") { + return Err(anyhow::anyhow!("Invalid signature format")); + } + // 2. split off the signature + let signature_str = res.signature.split_at(9).1; // decode base64 string to vec - let signature = base64::decode(res.signature)?; + let signature = base64::decode(signature_str).context("Failed to decode signature")?; // Sign the message using HashiCorp Vault - Ok(Signature(Bytes(signature))) + Ok((message, self.public_key.clone(), Signature(Bytes(signature)))) } - async fn verify(&self, _message: Bytes, _signature: Signature) -> Result { - Ok(true) + async fn verify( + &self, + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result { + let verifying_key = VerifyingKey::from_slice(public_key.0 .0.as_slice()) + .context("Failed to create verifying key")?; + + let signature = ed25519::Signature::from_slice(signature.0 .0.as_slice()) + .context("Failed to create signature")?; + + Ok(verifying_key.verify(message.0.as_slice(), &signature).is_ok()) } } diff --git a/demo/hsm/src/hsm/mod.rs b/demo/hsm/src/hsm/mod.rs index 3be11e46e..08cd9d479 100644 --- a/demo/hsm/src/hsm/mod.rs +++ b/demo/hsm/src/hsm/mod.rs @@ -1 +1,3 @@ +pub mod aws_kms; +pub mod google_kms; pub mod hashi_corp_vault; diff --git a/demo/hsm/src/lib.rs b/demo/hsm/src/lib.rs index ad6ceabef..f5c863fb5 100644 --- a/demo/hsm/src/lib.rs +++ b/demo/hsm/src/lib.rs @@ -2,30 +2,44 @@ pub mod action_stream; pub mod hsm; /// A collection of bytes. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct Bytes(pub Vec); /// A signature. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct Signature(pub Bytes); +/// A public key. +#[derive(Debug, Clone)] +pub struct PublicKey(pub Bytes); + +#[derive(Debug, Clone)] /// A message to be signed or verified. pub enum Message { Sign(Bytes), - Verify(Bytes, Bytes), + Verify(Bytes, PublicKey, Signature), } /// A stream of messages to be signed or verified. #[async_trait::async_trait] pub trait ActionStream { - async fn next(&mut self) -> Option; + /// Notifies the stream of a message emitted from elsewhere in the system. + async fn notify(&mut self, message: Message) -> Result<(), anyhow::Error>; + + /// Gets the message to act upon. + async fn next(&mut self) -> Result, anyhow::Error>; } /// An HSM capable of signing and verifying messages. #[async_trait::async_trait] pub trait Hsm { - async fn sign(&self, message: Bytes) -> Result; - async fn verify(&self, message: Bytes, signature: Signature) -> Result; + async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error>; + async fn verify( + &self, + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result; } /// An application which reads a stream of messages to either sign or verify. @@ -42,18 +56,23 @@ impl Application { } /// Runs the application. - pub async fn run(&mut self) { - while let Some(message) = self.stream.next().await { + pub async fn run(&mut self) -> Result<(), anyhow::Error> { + while let Some(message) = self.stream.next().await? { + println!("RECEIVED: {:?}", message); match message { Message::Sign(message) => { - let signature = self.hsm.sign(message).await; - println!("Signed message: {:?}", signature); + println!("SIGNING: {:?}", message); + let (message, public_key, signature) = self.hsm.sign(message).await?; + println!("SIGNED:\n{:?}\n{:?}\n{:?}", message, public_key, signature); + self.stream.notify(Message::Verify(message, public_key, signature)).await?; } - Message::Verify(message, signature) => { - let verified = self.hsm.verify(message, Signature(signature)).await; - println!("Verified message: {:?}", verified); + Message::Verify(message, public_key, signature) => { + println!("VERIFYING:\n{:?}\n{:?}\n{:?}", message, public_key, signature); + let verified = self.hsm.verify(message, public_key, signature).await?; + println!("VERIFIED: {:?}", verified); } } } + Ok(()) } } diff --git a/demo/hsm/src/main.rs b/demo/hsm/src/main.rs index f612f9690..11a173cbc 100644 --- a/demo/hsm/src/main.rs +++ b/demo/hsm/src/main.rs @@ -2,9 +2,23 @@ use hsm_demo::{action_stream, hsm, Application}; #[tokio::main] pub async fn main() -> Result<(), anyhow::Error> { - let stream = action_stream::random::Random; + let random_stream = action_stream::random::Random; + let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); + let join_stream = action_stream::join::Join::new(vec![ + Box::new(random_stream), + Box::new(notify_verify_stream), + ]); - let hsm = hsm::hashi_corp_vault::HashiCorpVault::new() + let hsm = hsm::aws_kms::AwsKms::try_from_env() + .await? + .create_key() + .await? + .fill_with_public_key() + .await?; + + let mut app = Application::new(Box::new(hsm), Box::new(join_stream)); + + app.run().await?; Ok(()) } diff --git a/payload.json b/payload.json new file mode 100644 index 000000000..0a9135ac8 --- /dev/null +++ b/payload.json @@ -0,0 +1,5 @@ +{ + "type": "ecdsa-p256", + "derived": false +} + From 873d1ffe5581c2b24556ae6c7757b5ef895b2033 Mon Sep 17 00:00:00 2001 From: Andy Golay Date: Wed, 18 Dec 2024 03:56:19 -0500 Subject: [PATCH 03/18] Server for HSM demo (#962) --- Cargo.lock | 19 ++++ demo/hsm/Cargo.toml | 9 +- demo/hsm/src/hsm/aws_kms.rs | 5 +- demo/hsm/src/hsm/cli.rs | 61 +++++++++++ demo/hsm/src/hsm/hashi_corp_vault.rs | 2 +- demo/hsm/src/lib.rs | 1 + demo/hsm/src/main.rs | 156 +++++++++++++++++++++++---- demo/hsm/src/server.rs | 44 ++++++++ 8 files changed, 272 insertions(+), 25 deletions(-) create mode 100644 demo/hsm/src/hsm/cli.rs create mode 100644 demo/hsm/src/server.rs diff --git a/Cargo.lock b/Cargo.lock index b3b1c12e8..8318b0ca2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3606,7 +3606,11 @@ dependencies = [ "pin-project-lite", "rustversion", "serde", + "serde_json", + "serde_path_to_error", + "serde_urlencoded", "sync_wrapper 0.1.2", + "tokio", "tower 0.4.13", "tower-layer", "tower-service", @@ -7522,12 +7526,17 @@ dependencies = [ "async-trait", "aws-config", "aws-sdk-kms", + "axum 0.6.20", "base64 0.13.1", + "dotenv", "ed25519 2.2.3", "google-cloud-kms", "k256", "rand 0.7.3", + "reqwest 0.12.9", "ring-compat", + "serde", + "serde_json", "tokio", "vaultrs", ] @@ -13624,6 +13633,16 @@ dependencies = [ "thiserror 1.0.69", ] +[[package]] +name = "serde_path_to_error" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af99884400da37c88f5e9146b7f1fd0fbcae8f6eec4e9da38b67d05486f814a6" +dependencies = [ + "itoa", + "serde", +] + [[package]] name = "serde_repr" version = "0.1.19" diff --git a/demo/hsm/Cargo.toml b/demo/hsm/Cargo.toml index 047e4bfaf..63d08ec1f 100644 --- a/demo/hsm/Cargo.toml +++ b/demo/hsm/Cargo.toml @@ -10,18 +10,23 @@ publish = { workspace = true } rust-version = { workspace = true } [dependencies] -tokio = { workspace = true } +tokio = { workspace = true, features = ["full"] } async-trait = { workspace = true } -anyhow = { workspace = true } vaultrs = { workspace = true } +anyhow = { workspace = true } aws-sdk-kms = { workspace = true } aws-config = { workspace = true } rand = { workspace = true } base64 = { workspace = true } +dotenv = "0.15" ed25519 = { workspace = true } ring-compat = { workspace = true } k256 = { workspace = true, features = ["ecdsa", "pkcs8"] } google-cloud-kms = { workspace = true } +reqwest = { version = "0.12", features = ["json"] } +axum = "0.6" +serde = { version = "1.0", features = ["derive"] } +serde_json = "1.0" [lints] workspace = true diff --git a/demo/hsm/src/hsm/aws_kms.rs b/demo/hsm/src/hsm/aws_kms.rs index eb952432e..23ccab0e5 100644 --- a/demo/hsm/src/hsm/aws_kms.rs +++ b/demo/hsm/src/hsm/aws_kms.rs @@ -3,6 +3,7 @@ use anyhow::Context; use aws_sdk_kms::primitives::Blob; use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; use aws_sdk_kms::Client; +use dotenv::dotenv; use k256::ecdsa::{self, VerifyingKey}; use k256::pkcs8::DecodePublicKey; use ring_compat::signature::Verifier; @@ -11,7 +12,7 @@ use ring_compat::signature::Verifier; pub struct AwsKms { client: Client, key_id: String, - public_key: PublicKey, + pub public_key: PublicKey, } impl AwsKms { @@ -22,6 +23,7 @@ impl AwsKms { /// Tries to create a new AWS KMS HSM from the environment pub async fn try_from_env() -> Result { + dotenv().ok(); let key_id = std::env::var("AWS_KMS_KEY_ID").context("AWS_KMS_KEY_ID not set")?; let public_key = std::env::var("AWS_KMS_PUBLIC_KEY").unwrap_or_default(); @@ -49,6 +51,7 @@ impl AwsKms { /// Fills the public key from the key id pub async fn fill_with_public_key(mut self) -> Result { let res = self.client.get_public_key().key_id(&self.key_id).send().await?; + println!("AWS KMS Response: {:?}", res); let public_key = PublicKey(Bytes( res.public_key().context("No public key available")?.as_ref().to_vec(), )); diff --git a/demo/hsm/src/hsm/cli.rs b/demo/hsm/src/hsm/cli.rs new file mode 100644 index 000000000..fc909558c --- /dev/null +++ b/demo/hsm/src/hsm/cli.rs @@ -0,0 +1,61 @@ +mod cli; +mod hsm; + +use anyhow::Result; +use clap::Parser; +use cli::{Cli, Service}; +use hsm::{aws::AwsKms, google::GoogleKms, vault::HashiCorpVault}; +use dotenv::dotenv; +use hsm_demo::{action_stream, Application}; + +#[tokio::main] +async fn main() -> Result<()> { + dotenv().ok(); // Load environment variables from .env file + let cli = Cli::parse(); + + // Select the HSM implementation based on CLI input + let hsm = match cli.service { + Service::Aws(args) => { + println!("Using AWS KMS with {:?} key", args.key_type); + AwsKms::try_from_env() + .await? + .create_key() + .await? + .fill_with_public_key() + .await? + } + Service::Gcp(args) => { + println!("Using Google Cloud KMS with {:?} key", args.key_type); + GoogleKms::try_from_env() + .await? + .create_key_ring() + .await? + .create_key() + .await? + .fill_with_public_key() + .await? + } + Service::Vault(args) => { + println!("Using HashiCorp Vault with {:?} key", args.key_type); + HashiCorpVault::try_from_env() + .and_then(|vault| vault.create_key()) + .await? + .fill_with_public_key() + .await? + } + }; + + // Initialize the streams + let random_stream = action_stream::random::Random; + let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); + let join_stream = action_stream::join::Join::new(vec![ + Box::new(random_stream), + Box::new(notify_verify_stream), + ]); + + // Run the application + let mut app = Application::new(Box::new(hsm), Box::new(join_stream)); + app.run().await?; + + Ok(()) +} diff --git a/demo/hsm/src/hsm/hashi_corp_vault.rs b/demo/hsm/src/hsm/hashi_corp_vault.rs index 9b5457132..8e27d82e5 100644 --- a/demo/hsm/src/hsm/hashi_corp_vault.rs +++ b/demo/hsm/src/hsm/hashi_corp_vault.rs @@ -15,7 +15,7 @@ pub struct HashiCorpVault { client: VaultClient, key_name: String, mount_name: String, - public_key: PublicKey, + pub public_key: PublicKey, } impl HashiCorpVault { diff --git a/demo/hsm/src/lib.rs b/demo/hsm/src/lib.rs index f5c863fb5..7aace54e2 100644 --- a/demo/hsm/src/lib.rs +++ b/demo/hsm/src/lib.rs @@ -1,5 +1,6 @@ pub mod action_stream; pub mod hsm; +pub mod server; /// A collection of bytes. #[derive(Debug, Clone)] diff --git a/demo/hsm/src/main.rs b/demo/hsm/src/main.rs index 11a173cbc..9a23eb0e0 100644 --- a/demo/hsm/src/main.rs +++ b/demo/hsm/src/main.rs @@ -1,24 +1,138 @@ -use hsm_demo::{action_stream, hsm, Application}; +use axum::Server; +use hsm_demo::{hsm, Bytes, Hsm, PublicKey, Signature}; +use reqwest::Client; +use serde::Serialize; +use std::net::SocketAddr; +use std::sync::Arc; +use tokio::sync::Mutex; +use tokio::task; +use dotenv::dotenv; + +use hsm_demo::{action_stream, Application}; +use hsm_demo::server::create_server; #[tokio::main] -pub async fn main() -> Result<(), anyhow::Error> { - let random_stream = action_stream::random::Random; - let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); - let join_stream = action_stream::join::Join::new(vec![ - Box::new(random_stream), - Box::new(notify_verify_stream), - ]); - - let hsm = hsm::aws_kms::AwsKms::try_from_env() - .await? - .create_key() - .await? - .fill_with_public_key() - .await?; - - let mut app = Application::new(Box::new(hsm), Box::new(join_stream)); - - app.run().await?; - - Ok(()) +async fn main() -> Result<(), anyhow::Error> { + dotenv().ok(); // Load environment variables from .env file + + // Initialize HSM based on PROVIDER + let provider = std::env::var("PROVIDER").unwrap_or_else(|_| "AWS".to_string()); + let (hsm, public_key) = match provider.as_str() { + "AWS" => { + let aws_kms_hsm = hsm::aws_kms::AwsKms::try_from_env() + .await? + .create_key() + .await? + .fill_with_public_key() + .await?; + let public_key = aws_kms_hsm.public_key.clone(); + (Arc::new(Mutex::new(aws_kms_hsm)) as Arc>, public_key) + } + "VAULT" => { + let vault_hsm = hsm::hashi_corp_vault::HashiCorpVault::try_from_env()? + .create_key() + .await? + .fill_with_public_key() + .await?; + let public_key = vault_hsm.public_key.clone(); + (Arc::new(Mutex::new(vault_hsm)) as Arc>, public_key) + } + _ => { + return Err(anyhow::anyhow!("Unsupported provider: {}", provider)); + } + }; + + // Start the server task + let server_hsm = hsm.clone(); + let server_task = task::spawn(async move { + let app = create_server(server_hsm); + let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); + println!("Server listening on {}", addr); + + Server::bind(&addr) + .serve(app.into_make_service()) + .await + .expect("Server failed"); + }); + + tokio::time::sleep(tokio::time::Duration::from_secs(1)).await; + + // Start the Application + let client = Client::new(); + let random_stream = action_stream::random::Random; + let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); + let join_stream = action_stream::join::Join::new(vec![ + Box::new(random_stream), + Box::new(notify_verify_stream), + ]); + + // Replace HSM with the HTTP client that sends requests to the server + let hsm_proxy = HttpHsmProxy::new(client, "http://127.0.0.1:3000/sign".to_string(), public_key); + let mut app = Application::new(Box::new(hsm_proxy), Box::new(join_stream)); + + app.run().await?; + + server_task.await?; + Ok(()) +} + +#[derive(Serialize)] +struct SignRequest { + message: Vec, +} + +#[derive(serde::Deserialize)] +struct SignedResponse { + signature: Vec, } + +pub struct HttpHsmProxy { + client: Client, + server_url: String, + public_key: PublicKey, +} + +impl HttpHsmProxy { + pub fn new(client: Client, server_url: String, public_key: PublicKey) -> Self { + Self { client, server_url, public_key } + } + + pub fn get_public_key(&self) -> PublicKey { + self.public_key.clone() + } +} + +#[async_trait::async_trait] +impl Hsm for HttpHsmProxy { + async fn sign( + &self, + message: Bytes, + ) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { + let payload = SignRequest { message: message.0.clone() }; + + let response = self + .client + .post(&self.server_url) + .json(&payload) + .send() + .await? + .json::() + .await?; + + let signature = Signature(Bytes(response.signature)); + + // Return the stored public key along with the signature + Ok((message, self.public_key.clone(), signature)) + } + + async fn verify( + &self, + _message: Bytes, + _public_key: PublicKey, + _signature: Signature, + ) -> Result { + // Verification would need another endpoint or can be skipped because Application already verifies + Ok(true) + } +} + diff --git a/demo/hsm/src/server.rs b/demo/hsm/src/server.rs new file mode 100644 index 000000000..9f0bf5667 --- /dev/null +++ b/demo/hsm/src/server.rs @@ -0,0 +1,44 @@ +use axum::{ + routing::post, + extract::State, + Json, Router, + http::StatusCode, +}; +use std::sync::Arc; +use tokio::sync::Mutex; + +use crate::{Bytes, Hsm}; + +pub fn create_server(hsm: Arc>) -> Router { + Router::new() + .route("/sign", post(sign_handler)) + .with_state(hsm) +} + +async fn sign_handler( + State(hsm): State>>, + Json(payload): Json, +) -> Result, StatusCode> { + let message_bytes = Bytes(payload.message); + + let (_message, _public_key, signature) = hsm + .lock() + .await + .sign(message_bytes) + .await + .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?; + + Ok(Json(SignedResponse { + signature: signature.0 .0, + })) +} + +#[derive(serde::Deserialize)] +pub struct SignRequest { + pub message: Vec, +} + +#[derive(serde::Serialize)] +pub struct SignedResponse { + pub signature: Vec, +} From df28163913abe8d88d9510fd2099eeeba50bdc0d Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Wed, 18 Dec 2024 10:43:47 +0100 Subject: [PATCH 04/18] feat: generics for cryptography. --- demo/hsm/src/cli/mod.rs | 0 demo/hsm/src/cryptography/aws_kms.rs | 28 +++ demo/hsm/src/cryptography/google_kms.rs | 0 demo/hsm/src/cryptography/hashicorp_vault.rs | 14 ++ demo/hsm/src/cryptography/mod.rs | 18 ++ demo/hsm/src/cryptography/verifier.rs | 71 ++++++ demo/hsm/src/hsm/aws_kms.rs | 48 ++--- demo/hsm/src/hsm/hashi_corp_vault.rs | 38 ++-- demo/hsm/src/hsm/mod.rs | 7 + demo/hsm/src/lib.rs | 2 + demo/hsm/src/main.rs | 216 ++++++++++--------- 11 files changed, 293 insertions(+), 149 deletions(-) create mode 100644 demo/hsm/src/cli/mod.rs create mode 100644 demo/hsm/src/cryptography/aws_kms.rs create mode 100644 demo/hsm/src/cryptography/google_kms.rs create mode 100644 demo/hsm/src/cryptography/hashicorp_vault.rs create mode 100644 demo/hsm/src/cryptography/mod.rs create mode 100644 demo/hsm/src/cryptography/verifier.rs diff --git a/demo/hsm/src/cli/mod.rs b/demo/hsm/src/cli/mod.rs new file mode 100644 index 000000000..e69de29bb diff --git a/demo/hsm/src/cryptography/aws_kms.rs b/demo/hsm/src/cryptography/aws_kms.rs new file mode 100644 index 000000000..7e408eea0 --- /dev/null +++ b/demo/hsm/src/cryptography/aws_kms.rs @@ -0,0 +1,28 @@ +use crate::cryptography::Secp256k1; +use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; + +/// Defines the needed methods for providing a definition of cryptography used with AWS KMS +pub trait AwsKmsCryptography { + /// Returns the [KeySpec] for the desired cryptography + fn key_spec() -> KeySpec; + + /// Returns the [KeyUsageType] for the desired cryptography + fn key_usage_type() -> KeyUsageType; + + /// Returns the [SigningAlgorithmSpec] for the desired cryptography + fn signing_algorithm_spec() -> SigningAlgorithmSpec; +} + +impl AwsKmsCryptography for Secp256k1 { + fn key_spec() -> KeySpec { + KeySpec::EccSecgP256K1 + } + + fn key_usage_type() -> KeyUsageType { + KeyUsageType::SignVerify + } + + fn signing_algorithm_spec() -> SigningAlgorithmSpec { + SigningAlgorithmSpec::EcdsaSha256 + } +} diff --git a/demo/hsm/src/cryptography/google_kms.rs b/demo/hsm/src/cryptography/google_kms.rs new file mode 100644 index 000000000..e69de29bb diff --git a/demo/hsm/src/cryptography/hashicorp_vault.rs b/demo/hsm/src/cryptography/hashicorp_vault.rs new file mode 100644 index 000000000..0ec19ac1c --- /dev/null +++ b/demo/hsm/src/cryptography/hashicorp_vault.rs @@ -0,0 +1,14 @@ +use crate::cryptography::Ed25519; +use vaultrs::api::transit::KeyType; + +/// Defines the needed methods for providing a definition of cryptography used with HashiCorp Vault +pub trait HashiCorpVaultCryptography { + /// Returns the [KeyType] for the desired cryptography + fn key_type() -> KeyType; +} + +impl HashiCorpVaultCryptography for Ed25519 { + fn key_type() -> KeyType { + KeyType::Ed25519 + } +} diff --git a/demo/hsm/src/cryptography/mod.rs b/demo/hsm/src/cryptography/mod.rs new file mode 100644 index 000000000..46c39abeb --- /dev/null +++ b/demo/hsm/src/cryptography/mod.rs @@ -0,0 +1,18 @@ +pub mod aws_kms; +pub mod google_kms; +pub mod hashicorp_vault; +pub mod verifier; + +/// The Secp256k1 curve. +#[derive(Debug, Clone, Copy)] +pub struct Secp256k1; + +/// The Ed25519 curve. +#[derive(Debug, Clone, Copy)] +pub struct Ed25519; + +#[derive(Debug, Clone, Copy)] +pub enum Curve { + Secp256k1(Secp256k1), + Ed25519(Ed25519), +} diff --git a/demo/hsm/src/cryptography/verifier.rs b/demo/hsm/src/cryptography/verifier.rs new file mode 100644 index 000000000..b7f25c522 --- /dev/null +++ b/demo/hsm/src/cryptography/verifier.rs @@ -0,0 +1,71 @@ +use crate::{Bytes, PublicKey, Signature}; + +#[async_trait::async_trait] +pub trait LocalVerifier { + /// Verifies a signature for a given message and public key. + async fn verify( + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result; +} + +pub mod secp256k1 { + use super::*; + use crate::cryptography::Secp256k1; + use anyhow::Context; + use k256::ecdsa::{self, VerifyingKey}; + use k256::pkcs8::DecodePublicKey; + use ring_compat::signature::Verifier; + + #[async_trait::async_trait] + impl LocalVerifier for Secp256k1 { + async fn verify( + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result { + let verifying_key = VerifyingKey::from_public_key_der(&public_key.0 .0) + .context("Failed to create verifying key")?; + + let signature = ecdsa::Signature::from_der(&signature.0 .0) + .context("Failed to create signature")?; + + match verifying_key.verify(message.0.as_slice(), &signature) { + Ok(_) => Ok(true), + Err(e) => { + println!("Error verifying signature: {:?}", e); + Ok(false) + } + } + } + } +} + +pub mod ed25519 { + + use super::*; + use crate::cryptography::Ed25519; + use anyhow::Context; + use ring_compat::signature::{ + ed25519::{self, VerifyingKey}, + Verifier, + }; + + #[async_trait::async_trait] + impl LocalVerifier for Ed25519 { + async fn verify( + message: Bytes, + public_key: PublicKey, + signature: Signature, + ) -> Result { + let verifying_key = VerifyingKey::from_slice(public_key.0 .0.as_slice()) + .context("Failed to create verifying key")?; + + let signature = ed25519::Signature::from_slice(signature.0 .0.as_slice()) + .context("Failed to create signature")?; + + Ok(verifying_key.verify(message.0.as_slice(), &signature).is_ok()) + } + } +} diff --git a/demo/hsm/src/hsm/aws_kms.rs b/demo/hsm/src/hsm/aws_kms.rs index 23ccab0e5..f1f7570fd 100644 --- a/demo/hsm/src/hsm/aws_kms.rs +++ b/demo/hsm/src/hsm/aws_kms.rs @@ -1,24 +1,26 @@ +use crate::cryptography::aws_kms::AwsKmsCryptography; +use crate::cryptography::verifier::LocalVerifier; use crate::{Bytes, Hsm, PublicKey, Signature}; use anyhow::Context; use aws_sdk_kms::primitives::Blob; -use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; use aws_sdk_kms::Client; use dotenv::dotenv; -use k256::ecdsa::{self, VerifyingKey}; -use k256::pkcs8::DecodePublicKey; -use ring_compat::signature::Verifier; /// A AWS KMS HSM. -pub struct AwsKms { +pub struct AwsKms { client: Client, key_id: String, - pub public_key: PublicKey, + public_key: PublicKey, + _cryptography_marker: std::marker::PhantomData, } -impl AwsKms { +impl AwsKms +where + C: AwsKmsCryptography, +{ /// Creates a new AWS KMS HSM pub fn new(client: Client, key_id: String, public_key: PublicKey) -> Self { - Self { client, key_id, public_key } + Self { client, key_id, public_key, _cryptography_marker: std::marker::PhantomData } } /// Tries to create a new AWS KMS HSM from the environment @@ -38,8 +40,8 @@ impl AwsKms { let res = self .client .create_key() - .key_spec(KeySpec::EccSecgP256K1) - .key_usage(KeyUsageType::SignVerify) + .key_spec(C::key_spec()) + .key_usage(C::key_usage_type()) .send() .await?; @@ -58,17 +60,25 @@ impl AwsKms { self.public_key = public_key; Ok(self) } + + /// Gets a reference to the public key + pub fn public_key(&self) -> &PublicKey { + &self.public_key + } } #[async_trait::async_trait] -impl Hsm for AwsKms { +impl Hsm for AwsKms +where + C: AwsKmsCryptography + LocalVerifier + Send + Sync, +{ async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { let blob = Blob::new(message.clone().0); let request = self .client .sign() .key_id(&self.key_id) - .signing_algorithm(SigningAlgorithmSpec::EcdsaSha256) + .signing_algorithm(C::signing_algorithm_spec()) .message(blob); let res = request.send().await?; @@ -85,18 +95,6 @@ impl Hsm for AwsKms { public_key: PublicKey, signature: Signature, ) -> Result { - let verifying_key = VerifyingKey::from_public_key_der(&public_key.0 .0) - .context("Failed to create verifying key")?; - - let signature = - ecdsa::Signature::from_der(&signature.0 .0).context("Failed to create signature")?; - - match verifying_key.verify(message.0.as_slice(), &signature) { - Ok(_) => Ok(true), - Err(e) => { - println!("Error verifying signature: {:?}", e); - Ok(false) - } - } + C::verify(message, public_key, signature).await } } diff --git a/demo/hsm/src/hsm/hashi_corp_vault.rs b/demo/hsm/src/hsm/hashi_corp_vault.rs index 8e27d82e5..a44509d78 100644 --- a/demo/hsm/src/hsm/hashi_corp_vault.rs +++ b/demo/hsm/src/hsm/hashi_corp_vault.rs @@ -1,24 +1,25 @@ +use crate::cryptography::hashicorp_vault::HashiCorpVaultCryptography; +use crate::cryptography::verifier::LocalVerifier; use crate::{Bytes, Hsm, PublicKey, Signature}; use anyhow::Context; -use ring_compat::signature::{ - ed25519::{self, VerifyingKey}, - Verifier, -}; -use vaultrs::api::transit::KeyType; use vaultrs::api::transit::{requests::CreateKeyRequest, responses::ReadKeyData}; use vaultrs::client::{VaultClient, VaultClientSettingsBuilder}; use vaultrs::transit::data; use vaultrs::transit::key; /// A HashiCorp Vault HSM. -pub struct HashiCorpVault { +pub struct HashiCorpVault { client: VaultClient, key_name: String, mount_name: String, pub public_key: PublicKey, + _cryptography_marker: std::marker::PhantomData, } -impl HashiCorpVault { +impl HashiCorpVault +where + C: HashiCorpVaultCryptography, +{ /// Creates a new HashiCorp Vault HSM pub fn new( client: VaultClient, @@ -26,7 +27,13 @@ impl HashiCorpVault { mount_name: String, public_key: PublicKey, ) -> Self { - Self { client, key_name, mount_name, public_key } + Self { + client, + key_name, + mount_name, + public_key, + _cryptography_marker: std::marker::PhantomData, + } } /// Tries to create a new HashiCorp Vault HSM from the environment @@ -60,7 +67,7 @@ impl HashiCorpVault { &self.client, self.mount_name.as_str(), self.key_name.as_str(), - Some(CreateKeyRequest::builder().key_type(KeyType::Ed25519).derived(false)), + Some(CreateKeyRequest::builder().key_type(C::key_type()).derived(false)), ) .await .context("Failed to create key")?; @@ -91,7 +98,10 @@ impl HashiCorpVault { } #[async_trait::async_trait] -impl Hsm for HashiCorpVault { +impl Hsm for HashiCorpVault +where + C: HashiCorpVaultCryptography + LocalVerifier + Send + Sync, +{ async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { let res = data::sign( &self.client, @@ -125,12 +135,6 @@ impl Hsm for HashiCorpVault { public_key: PublicKey, signature: Signature, ) -> Result { - let verifying_key = VerifyingKey::from_slice(public_key.0 .0.as_slice()) - .context("Failed to create verifying key")?; - - let signature = ed25519::Signature::from_slice(signature.0 .0.as_slice()) - .context("Failed to create signature")?; - - Ok(verifying_key.verify(message.0.as_slice(), &signature).is_ok()) + C::verify(message, public_key, signature).await } } diff --git a/demo/hsm/src/hsm/mod.rs b/demo/hsm/src/hsm/mod.rs index 08cd9d479..a2d89f982 100644 --- a/demo/hsm/src/hsm/mod.rs +++ b/demo/hsm/src/hsm/mod.rs @@ -1,3 +1,10 @@ pub mod aws_kms; pub mod google_kms; pub mod hashi_corp_vault; + +#[derive(Debug, Clone, Copy)] +pub enum Provider { + AWS, + GCP, + Vault, +} diff --git a/demo/hsm/src/lib.rs b/demo/hsm/src/lib.rs index 7aace54e2..7b2f622db 100644 --- a/demo/hsm/src/lib.rs +++ b/demo/hsm/src/lib.rs @@ -1,4 +1,6 @@ pub mod action_stream; +pub mod cli; +pub mod cryptography; pub mod hsm; pub mod server; diff --git a/demo/hsm/src/main.rs b/demo/hsm/src/main.rs index 9a23eb0e0..cf73a52e3 100644 --- a/demo/hsm/src/main.rs +++ b/demo/hsm/src/main.rs @@ -1,4 +1,11 @@ use axum::Server; +use dotenv::dotenv; +use hsm_demo::server::create_server; +use hsm_demo::{ + action_stream, + cryptography::{Ed25519, Secp256k1}, + Application, +}; use hsm_demo::{hsm, Bytes, Hsm, PublicKey, Signature}; use reqwest::Client; use serde::Serialize; @@ -6,133 +13,128 @@ use std::net::SocketAddr; use std::sync::Arc; use tokio::sync::Mutex; use tokio::task; -use dotenv::dotenv; - -use hsm_demo::{action_stream, Application}; -use hsm_demo::server::create_server; #[tokio::main] async fn main() -> Result<(), anyhow::Error> { - dotenv().ok(); // Load environment variables from .env file - - // Initialize HSM based on PROVIDER - let provider = std::env::var("PROVIDER").unwrap_or_else(|_| "AWS".to_string()); - let (hsm, public_key) = match provider.as_str() { - "AWS" => { - let aws_kms_hsm = hsm::aws_kms::AwsKms::try_from_env() - .await? - .create_key() - .await? - .fill_with_public_key() - .await?; - let public_key = aws_kms_hsm.public_key.clone(); - (Arc::new(Mutex::new(aws_kms_hsm)) as Arc>, public_key) - } - "VAULT" => { - let vault_hsm = hsm::hashi_corp_vault::HashiCorpVault::try_from_env()? - .create_key() - .await? - .fill_with_public_key() - .await?; - let public_key = vault_hsm.public_key.clone(); - (Arc::new(Mutex::new(vault_hsm)) as Arc>, public_key) - } - _ => { - return Err(anyhow::anyhow!("Unsupported provider: {}", provider)); - } - }; - - // Start the server task - let server_hsm = hsm.clone(); - let server_task = task::spawn(async move { - let app = create_server(server_hsm); - let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); - println!("Server listening on {}", addr); - - Server::bind(&addr) - .serve(app.into_make_service()) - .await - .expect("Server failed"); - }); - - tokio::time::sleep(tokio::time::Duration::from_secs(1)).await; - - // Start the Application - let client = Client::new(); - let random_stream = action_stream::random::Random; - let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); - let join_stream = action_stream::join::Join::new(vec![ - Box::new(random_stream), - Box::new(notify_verify_stream), - ]); - - // Replace HSM with the HTTP client that sends requests to the server - let hsm_proxy = HttpHsmProxy::new(client, "http://127.0.0.1:3000/sign".to_string(), public_key); - let mut app = Application::new(Box::new(hsm_proxy), Box::new(join_stream)); - - app.run().await?; - - server_task.await?; - Ok(()) + dotenv().ok(); // Load environment variables from .env file + + // Initialize HSM based on PROVIDER + let provider = std::env::var("PROVIDER").unwrap_or_else(|_| "AWS".to_string()); + let (hsm, public_key) = match provider.as_str() { + "AWS" => { + let aws_kms_hsm = hsm::aws_kms::AwsKms::::try_from_env() + .await? + .create_key() + .await? + .fill_with_public_key() + .await?; + let public_key = aws_kms_hsm.public_key().clone(); + ( + Arc::new(Mutex::new(aws_kms_hsm)) as Arc>, + public_key, + ) + } + "VAULT" => { + let vault_hsm = hsm::hashi_corp_vault::HashiCorpVault::::try_from_env()? + .create_key() + .await? + .fill_with_public_key() + .await?; + let public_key = vault_hsm.public_key.clone(); + ( + Arc::new(Mutex::new(vault_hsm)) as Arc>, + public_key, + ) + } + _ => { + return Err(anyhow::anyhow!("Unsupported provider: {}", provider)); + } + }; + + // Start the server task + let server_hsm = hsm.clone(); + let server_task = task::spawn(async move { + let app = create_server(server_hsm); + let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); + println!("Server listening on {}", addr); + + Server::bind(&addr).serve(app.into_make_service()).await.expect("Server failed"); + }); + + tokio::time::sleep(tokio::time::Duration::from_secs(1)).await; + + // Start the Application + let client = Client::new(); + let random_stream = action_stream::random::Random; + let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); + let join_stream = action_stream::join::Join::new(vec![ + Box::new(random_stream), + Box::new(notify_verify_stream), + ]); + + // Replace HSM with the HTTP client that sends requests to the server + let hsm_proxy = HttpHsmProxy::new(client, "http://127.0.0.1:3000/sign".to_string(), public_key); + let mut app = Application::new(Box::new(hsm_proxy), Box::new(join_stream)); + + app.run().await?; + + server_task.await?; + Ok(()) } #[derive(Serialize)] struct SignRequest { - message: Vec, + message: Vec, } #[derive(serde::Deserialize)] struct SignedResponse { - signature: Vec, + signature: Vec, } pub struct HttpHsmProxy { - client: Client, - server_url: String, - public_key: PublicKey, + client: Client, + server_url: String, + public_key: PublicKey, } impl HttpHsmProxy { - pub fn new(client: Client, server_url: String, public_key: PublicKey) -> Self { - Self { client, server_url, public_key } - } + pub fn new(client: Client, server_url: String, public_key: PublicKey) -> Self { + Self { client, server_url, public_key } + } - pub fn get_public_key(&self) -> PublicKey { - self.public_key.clone() - } + pub fn get_public_key(&self) -> PublicKey { + self.public_key.clone() + } } #[async_trait::async_trait] impl Hsm for HttpHsmProxy { - async fn sign( - &self, - message: Bytes, - ) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { - let payload = SignRequest { message: message.0.clone() }; - - let response = self - .client - .post(&self.server_url) - .json(&payload) - .send() - .await? - .json::() - .await?; - - let signature = Signature(Bytes(response.signature)); - - // Return the stored public key along with the signature - Ok((message, self.public_key.clone(), signature)) - } - - async fn verify( - &self, - _message: Bytes, - _public_key: PublicKey, - _signature: Signature, - ) -> Result { - // Verification would need another endpoint or can be skipped because Application already verifies - Ok(true) - } + async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { + let payload = SignRequest { message: message.0.clone() }; + + let response = self + .client + .post(&self.server_url) + .json(&payload) + .send() + .await? + .json::() + .await?; + + let signature = Signature(Bytes(response.signature)); + + // Return the stored public key along with the signature + Ok((message, self.public_key.clone(), signature)) + } + + async fn verify( + &self, + _message: Bytes, + _public_key: PublicKey, + _signature: Signature, + ) -> Result { + // Verification would need another endpoint or can be skipped because Application already verifies + Ok(true) + } } - From 2093ac1e3530fffbcffa8b3386067929155c5146 Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Wed, 18 Dec 2024 12:40:16 +0100 Subject: [PATCH 05/18] fix: hsm demo CLI. --- Cargo.lock | 1 + demo/hsm/Cargo.toml | 1 + demo/hsm/src/cli/mod.rs | 17 +++ .../cli/server/ed25519/hashi_corp_vault.rs | 30 ++++ demo/hsm/src/cli/server/ed25519/mod.rs | 17 +++ demo/hsm/src/cli/server/mod.rs | 22 +++ demo/hsm/src/cli/server/secp256k1/aws_kms.rs | 30 ++++ demo/hsm/src/cli/server/secp256k1/mod.rs | 17 +++ demo/hsm/src/cryptography/mod.rs | 6 - demo/hsm/src/hsm/aws_kms.rs | 1 + demo/hsm/src/hsm/cli.rs | 61 -------- demo/hsm/src/hsm/mod.rs | 7 - demo/hsm/src/main.rs | 140 +----------------- 13 files changed, 143 insertions(+), 207 deletions(-) create mode 100644 demo/hsm/src/cli/server/ed25519/hashi_corp_vault.rs create mode 100644 demo/hsm/src/cli/server/ed25519/mod.rs create mode 100644 demo/hsm/src/cli/server/mod.rs create mode 100644 demo/hsm/src/cli/server/secp256k1/aws_kms.rs create mode 100644 demo/hsm/src/cli/server/secp256k1/mod.rs delete mode 100644 demo/hsm/src/hsm/cli.rs diff --git a/Cargo.lock b/Cargo.lock index 8318b0ca2..9eedf21d9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7528,6 +7528,7 @@ dependencies = [ "aws-sdk-kms", "axum 0.6.20", "base64 0.13.1", + "clap 4.5.21", "dotenv", "ed25519 2.2.3", "google-cloud-kms", diff --git a/demo/hsm/Cargo.toml b/demo/hsm/Cargo.toml index 63d08ec1f..1cec78720 100644 --- a/demo/hsm/Cargo.toml +++ b/demo/hsm/Cargo.toml @@ -27,6 +27,7 @@ reqwest = { version = "0.12", features = ["json"] } axum = "0.6" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" +clap = { workspace = true } [lints] workspace = true diff --git a/demo/hsm/src/cli/mod.rs b/demo/hsm/src/cli/mod.rs index e69de29bb..e3008ed44 100644 --- a/demo/hsm/src/cli/mod.rs +++ b/demo/hsm/src/cli/mod.rs @@ -0,0 +1,17 @@ +pub mod server; +use clap::Parser; + +#[derive(Parser)] +#[clap(rename_all = "kebab-case")] +pub enum HsmDemo { + #[clap(subcommand)] + Server(server::Server), +} + +impl HsmDemo { + pub async fn run(&self) -> Result<(), anyhow::Error> { + match self { + HsmDemo::Server(server) => server.run().await, + } + } +} diff --git a/demo/hsm/src/cli/server/ed25519/hashi_corp_vault.rs b/demo/hsm/src/cli/server/ed25519/hashi_corp_vault.rs new file mode 100644 index 000000000..0c9c0f5e3 --- /dev/null +++ b/demo/hsm/src/cli/server/ed25519/hashi_corp_vault.rs @@ -0,0 +1,30 @@ +use crate::{cryptography::Ed25519, hsm, server::create_server}; +use axum::Server; +use clap::Parser; +use std::net::SocketAddr; +use std::sync::Arc; +use tokio::sync::Mutex; + +#[derive(Debug, Parser, Clone)] +#[clap(rename_all = "kebab-case", about = "Runs signing app for ed25519 against HashiCorp Vault")] +pub struct HashiCorpVault {} + +impl HashiCorpVault { + pub async fn run(&self) -> Result<(), anyhow::Error> { + let hsm = hsm::hashi_corp_vault::HashiCorpVault::::try_from_env()? + .create_key() + .await? + .fill_with_public_key() + .await?; + + let server_hsm = Arc::new(Mutex::new(hsm)); + + let app = create_server(server_hsm); + let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); + println!("Server listening on {}", addr); + + Server::bind(&addr).serve(app.into_make_service()).await?; + + Ok(()) + } +} diff --git a/demo/hsm/src/cli/server/ed25519/mod.rs b/demo/hsm/src/cli/server/ed25519/mod.rs new file mode 100644 index 000000000..e396a6ea5 --- /dev/null +++ b/demo/hsm/src/cli/server/ed25519/mod.rs @@ -0,0 +1,17 @@ +pub mod hashi_corp_vault; + +use clap::Subcommand; + +#[derive(Subcommand, Debug)] +#[clap(rename_all = "kebab-case", about = "Commands for signing with Ed25519")] +pub enum Ed25519 { + HashiCorpVault(hashi_corp_vault::HashiCorpVault), +} + +impl Ed25519 { + pub async fn run(&self) -> Result<(), anyhow::Error> { + match self { + Ed25519::HashiCorpVault(hcv) => hcv.run().await, + } + } +} diff --git a/demo/hsm/src/cli/server/mod.rs b/demo/hsm/src/cli/server/mod.rs new file mode 100644 index 000000000..d9d358e9d --- /dev/null +++ b/demo/hsm/src/cli/server/mod.rs @@ -0,0 +1,22 @@ +pub mod ed25519; +pub mod secp256k1; + +use clap::Subcommand; + +#[derive(Subcommand, Debug)] +#[clap(rename_all = "kebab-case", about = "Commands for signing")] +pub enum Server { + #[clap(subcommand)] + Ed25519(ed25519::Ed25519), + #[clap(subcommand)] + Secp256k1(secp256k1::Secp256k1), +} + +impl Server { + pub async fn run(&self) -> Result<(), anyhow::Error> { + match self { + Server::Ed25519(ed) => ed.run().await, + Server::Secp256k1(sk) => sk.run().await, + } + } +} diff --git a/demo/hsm/src/cli/server/secp256k1/aws_kms.rs b/demo/hsm/src/cli/server/secp256k1/aws_kms.rs new file mode 100644 index 000000000..21a22bd9e --- /dev/null +++ b/demo/hsm/src/cli/server/secp256k1/aws_kms.rs @@ -0,0 +1,30 @@ +use crate::{cryptography::Secp256k1, hsm, server::create_server}; +use axum::Server; +use clap::Parser; +use std::net::SocketAddr; +use std::sync::Arc; +use tokio::sync::Mutex; + +#[derive(Debug, Parser, Clone)] +#[clap(rename_all = "kebab-case", about = "Runs signing app for secp256k1 against AWS KMS")] +pub struct AwsKms {} + +impl AwsKms { + pub async fn run(&self) -> Result<(), anyhow::Error> { + let hsm = hsm::aws_kms::AwsKms::::try_from_env() + .await? + .create_key() + .await? + .fill_with_public_key() + .await?; + let server_hsm = Arc::new(Mutex::new(hsm)); + + let app = create_server(server_hsm); + let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); + println!("Server listening on {}", addr); + + Server::bind(&addr).serve(app.into_make_service()).await?; + + Ok(()) + } +} diff --git a/demo/hsm/src/cli/server/secp256k1/mod.rs b/demo/hsm/src/cli/server/secp256k1/mod.rs new file mode 100644 index 000000000..a6516de71 --- /dev/null +++ b/demo/hsm/src/cli/server/secp256k1/mod.rs @@ -0,0 +1,17 @@ +use clap::Subcommand; + +pub mod aws_kms; + +#[derive(Subcommand, Debug)] +#[clap(rename_all = "kebab-case", about = "Commands for signing with Secp256k1")] +pub enum Secp256k1 { + AwsKms(aws_kms::AwsKms), +} + +impl Secp256k1 { + pub async fn run(&self) -> Result<(), anyhow::Error> { + match self { + Secp256k1::AwsKms(ak) => ak.run().await, + } + } +} diff --git a/demo/hsm/src/cryptography/mod.rs b/demo/hsm/src/cryptography/mod.rs index 46c39abeb..b80e8b714 100644 --- a/demo/hsm/src/cryptography/mod.rs +++ b/demo/hsm/src/cryptography/mod.rs @@ -10,9 +10,3 @@ pub struct Secp256k1; /// The Ed25519 curve. #[derive(Debug, Clone, Copy)] pub struct Ed25519; - -#[derive(Debug, Clone, Copy)] -pub enum Curve { - Secp256k1(Secp256k1), - Ed25519(Ed25519), -} diff --git a/demo/hsm/src/hsm/aws_kms.rs b/demo/hsm/src/hsm/aws_kms.rs index f1f7570fd..821218207 100644 --- a/demo/hsm/src/hsm/aws_kms.rs +++ b/demo/hsm/src/hsm/aws_kms.rs @@ -7,6 +7,7 @@ use aws_sdk_kms::Client; use dotenv::dotenv; /// A AWS KMS HSM. +#[derive(Debug, Clone)] pub struct AwsKms { client: Client, key_id: String, diff --git a/demo/hsm/src/hsm/cli.rs b/demo/hsm/src/hsm/cli.rs deleted file mode 100644 index fc909558c..000000000 --- a/demo/hsm/src/hsm/cli.rs +++ /dev/null @@ -1,61 +0,0 @@ -mod cli; -mod hsm; - -use anyhow::Result; -use clap::Parser; -use cli::{Cli, Service}; -use hsm::{aws::AwsKms, google::GoogleKms, vault::HashiCorpVault}; -use dotenv::dotenv; -use hsm_demo::{action_stream, Application}; - -#[tokio::main] -async fn main() -> Result<()> { - dotenv().ok(); // Load environment variables from .env file - let cli = Cli::parse(); - - // Select the HSM implementation based on CLI input - let hsm = match cli.service { - Service::Aws(args) => { - println!("Using AWS KMS with {:?} key", args.key_type); - AwsKms::try_from_env() - .await? - .create_key() - .await? - .fill_with_public_key() - .await? - } - Service::Gcp(args) => { - println!("Using Google Cloud KMS with {:?} key", args.key_type); - GoogleKms::try_from_env() - .await? - .create_key_ring() - .await? - .create_key() - .await? - .fill_with_public_key() - .await? - } - Service::Vault(args) => { - println!("Using HashiCorp Vault with {:?} key", args.key_type); - HashiCorpVault::try_from_env() - .and_then(|vault| vault.create_key()) - .await? - .fill_with_public_key() - .await? - } - }; - - // Initialize the streams - let random_stream = action_stream::random::Random; - let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); - let join_stream = action_stream::join::Join::new(vec![ - Box::new(random_stream), - Box::new(notify_verify_stream), - ]); - - // Run the application - let mut app = Application::new(Box::new(hsm), Box::new(join_stream)); - app.run().await?; - - Ok(()) -} diff --git a/demo/hsm/src/hsm/mod.rs b/demo/hsm/src/hsm/mod.rs index a2d89f982..08cd9d479 100644 --- a/demo/hsm/src/hsm/mod.rs +++ b/demo/hsm/src/hsm/mod.rs @@ -1,10 +1,3 @@ pub mod aws_kms; pub mod google_kms; pub mod hashi_corp_vault; - -#[derive(Debug, Clone, Copy)] -pub enum Provider { - AWS, - GCP, - Vault, -} diff --git a/demo/hsm/src/main.rs b/demo/hsm/src/main.rs index cf73a52e3..2604dbf5f 100644 --- a/demo/hsm/src/main.rs +++ b/demo/hsm/src/main.rs @@ -1,140 +1,14 @@ -use axum::Server; +use clap::*; use dotenv::dotenv; -use hsm_demo::server::create_server; -use hsm_demo::{ - action_stream, - cryptography::{Ed25519, Secp256k1}, - Application, -}; -use hsm_demo::{hsm, Bytes, Hsm, PublicKey, Signature}; -use reqwest::Client; -use serde::Serialize; -use std::net::SocketAddr; -use std::sync::Arc; -use tokio::sync::Mutex; -use tokio::task; +use hsm_demo::cli; #[tokio::main] async fn main() -> Result<(), anyhow::Error> { - dotenv().ok(); // Load environment variables from .env file + // Load environment variables from .env file + dotenv().ok(); - // Initialize HSM based on PROVIDER - let provider = std::env::var("PROVIDER").unwrap_or_else(|_| "AWS".to_string()); - let (hsm, public_key) = match provider.as_str() { - "AWS" => { - let aws_kms_hsm = hsm::aws_kms::AwsKms::::try_from_env() - .await? - .create_key() - .await? - .fill_with_public_key() - .await?; - let public_key = aws_kms_hsm.public_key().clone(); - ( - Arc::new(Mutex::new(aws_kms_hsm)) as Arc>, - public_key, - ) - } - "VAULT" => { - let vault_hsm = hsm::hashi_corp_vault::HashiCorpVault::::try_from_env()? - .create_key() - .await? - .fill_with_public_key() - .await?; - let public_key = vault_hsm.public_key.clone(); - ( - Arc::new(Mutex::new(vault_hsm)) as Arc>, - public_key, - ) - } - _ => { - return Err(anyhow::anyhow!("Unsupported provider: {}", provider)); - } - }; - - // Start the server task - let server_hsm = hsm.clone(); - let server_task = task::spawn(async move { - let app = create_server(server_hsm); - let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); - println!("Server listening on {}", addr); - - Server::bind(&addr).serve(app.into_make_service()).await.expect("Server failed"); - }); - - tokio::time::sleep(tokio::time::Duration::from_secs(1)).await; - - // Start the Application - let client = Client::new(); - let random_stream = action_stream::random::Random; - let notify_verify_stream = action_stream::notify_verify::NotifyVerify::new(); - let join_stream = action_stream::join::Join::new(vec![ - Box::new(random_stream), - Box::new(notify_verify_stream), - ]); - - // Replace HSM with the HTTP client that sends requests to the server - let hsm_proxy = HttpHsmProxy::new(client, "http://127.0.0.1:3000/sign".to_string(), public_key); - let mut app = Application::new(Box::new(hsm_proxy), Box::new(join_stream)); - - app.run().await?; - - server_task.await?; + // run the CLI + let hsm_demo = cli::HsmDemo::parse(); + hsm_demo.run().await?; Ok(()) } - -#[derive(Serialize)] -struct SignRequest { - message: Vec, -} - -#[derive(serde::Deserialize)] -struct SignedResponse { - signature: Vec, -} - -pub struct HttpHsmProxy { - client: Client, - server_url: String, - public_key: PublicKey, -} - -impl HttpHsmProxy { - pub fn new(client: Client, server_url: String, public_key: PublicKey) -> Self { - Self { client, server_url, public_key } - } - - pub fn get_public_key(&self) -> PublicKey { - self.public_key.clone() - } -} - -#[async_trait::async_trait] -impl Hsm for HttpHsmProxy { - async fn sign(&self, message: Bytes) -> Result<(Bytes, PublicKey, Signature), anyhow::Error> { - let payload = SignRequest { message: message.0.clone() }; - - let response = self - .client - .post(&self.server_url) - .json(&payload) - .send() - .await? - .json::() - .await?; - - let signature = Signature(Bytes(response.signature)); - - // Return the stored public key along with the signature - Ok((message, self.public_key.clone(), signature)) - } - - async fn verify( - &self, - _message: Bytes, - _public_key: PublicKey, - _signature: Signature, - ) -> Result { - // Verification would need another endpoint or can be skipped because Application already verifies - Ok(true) - } -} From 8477374820f6ed8e6e2c3454d81f091ea2f9a15c Mon Sep 17 00:00:00 2001 From: musitdev Date: Wed, 18 Dec 2024 14:16:31 +0100 Subject: [PATCH 06/18] first draf of the API --- Cargo.toml | 1 + util/signing/Cargo.toml | 15 ++++++++++++++ util/signing/src/lib.rs | 44 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 util/signing/Cargo.toml create mode 100644 util/signing/src/lib.rs diff --git a/Cargo.toml b/Cargo.toml index fb608a2cc..8c598d17c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -42,6 +42,7 @@ members = [ "protocol-units/bridge/indexer-db", "protocol-units/bridge/util", "benches/*", + "util/signing", ] [workspace.package] diff --git a/util/signing/Cargo.toml b/util/signing/Cargo.toml new file mode 100644 index 000000000..14b238e81 --- /dev/null +++ b/util/signing/Cargo.toml @@ -0,0 +1,15 @@ +[package] +name = "signing" +version.workspace = true +edition.workspace = true +license.workspace = true +authors.workspace = true +repository.workspace = true +homepage.workspace = true +publish.workspace = true +rust-version.workspace = true + +[dependencies] + +[lints] +workspace = true diff --git a/util/signing/src/lib.rs b/util/signing/src/lib.rs new file mode 100644 index 000000000..cc788de65 --- /dev/null +++ b/util/signing/src/lib.rs @@ -0,0 +1,44 @@ +/// A collection of bytes. +#[derive(Debug, Clone)] +pub struct Bytes(pub Vec); + +/// A signature. +#[derive(Debug, Clone)] +pub struct Signature(pub Bytes); + +/// A public key. +#[derive(Debug, Clone)] +pub struct PublicKey(pub Bytes); + +/// Version of a key. +/// Default mean the current key. +#[derive(Debug, Clone, Default)] +pub struct KeyVersion(pub String); + +/// Id that identify a Key. +#[derive(Debug, Clone)] +pub struct KeyId(pub String); + +pub struct SigningService; + +impl SigningService { + /// Create the service with environment variable. + pub fn try_from_env() -> Result { + todo!() + } + + /// Sign the provided message with the current key identified with the keyId. + /// Return the Signature and the version of the key used to sign. + async fn sign( + &self, + message: Bytes, + key: KeyId, + ) -> Result<(KeyVersion, Signature), anyhow::Error> { + todo!(); + } + + /// Get the public key associated with the specified key and version. + async fn get_public_key(&self, key: KeyId, version: KeyVersion) -> Result { + todo!(); + } +} From 37cfc8e6f06fc3a0102dd18c2be6a0a50f491c9f Mon Sep 17 00:00:00 2001 From: musitdev Date: Wed, 18 Dec 2024 14:29:52 +0100 Subject: [PATCH 07/18] correct get_public_key call --- util/signing/src/lib.rs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/util/signing/src/lib.rs b/util/signing/src/lib.rs index cc788de65..70aebc45e 100644 --- a/util/signing/src/lib.rs +++ b/util/signing/src/lib.rs @@ -38,7 +38,11 @@ impl SigningService { } /// Get the public key associated with the specified key and version. - async fn get_public_key(&self, key: KeyId, version: KeyVersion) -> Result { + async fn get_public_key( + &self, + key: KeyId, + version: KeyVersion, + ) -> Result { todo!(); } } From 7ba55d9bff0355d0285816d585a55734d41ae99a Mon Sep 17 00:00:00 2001 From: musitdev Date: Wed, 18 Dec 2024 18:06:01 +0100 Subject: [PATCH 08/18] add error to sign API --- util/signing/Cargo.toml | 1 + util/signing/src/lib.rs | 21 ++++++++++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/util/signing/Cargo.toml b/util/signing/Cargo.toml index 14b238e81..208e1c4cb 100644 --- a/util/signing/Cargo.toml +++ b/util/signing/Cargo.toml @@ -10,6 +10,7 @@ publish.workspace = true rust-version.workspace = true [dependencies] +thiserror.workspace = true [lints] workspace = true diff --git a/util/signing/src/lib.rs b/util/signing/src/lib.rs index 70aebc45e..a7b898265 100644 --- a/util/signing/src/lib.rs +++ b/util/signing/src/lib.rs @@ -19,11 +19,26 @@ pub struct KeyVersion(pub String); #[derive(Debug, Clone)] pub struct KeyId(pub String); +/// Errors thrown by SigningService. +#[derive(Debug, thiserror::Error)] +pub enum SignerError { + #[error("Error during signing : {0}")] + Sign(String), + #[error("Error during public key retrieval : {0}")] + GetPublicKey(String), + #[error("Error can't decode provided hex data : {0}")] + Hex(String), + #[error("Signature not found.")] + SignatureNotFound, + #[error("public key not found.")] + PublicKeyNotFound, +} + pub struct SigningService; impl SigningService { /// Create the service with environment variable. - pub fn try_from_env() -> Result { + pub fn try_from_env() -> Result { todo!() } @@ -33,7 +48,7 @@ impl SigningService { &self, message: Bytes, key: KeyId, - ) -> Result<(KeyVersion, Signature), anyhow::Error> { + ) -> Result<(KeyVersion, Signature), SignerError> { todo!(); } @@ -42,7 +57,7 @@ impl SigningService { &self, key: KeyId, version: KeyVersion, - ) -> Result { + ) -> Result { todo!(); } } From 50bbc98313d3ebd5bd106559857ac2a422eaa0c4 Mon Sep 17 00:00:00 2001 From: musitdev Date: Wed, 18 Dec 2024 18:08:06 +0100 Subject: [PATCH 09/18] set API function pub --- util/signing/src/lib.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/util/signing/src/lib.rs b/util/signing/src/lib.rs index a7b898265..d4bff97e1 100644 --- a/util/signing/src/lib.rs +++ b/util/signing/src/lib.rs @@ -44,7 +44,7 @@ impl SigningService { /// Sign the provided message with the current key identified with the keyId. /// Return the Signature and the version of the key used to sign. - async fn sign( + pub async fn sign( &self, message: Bytes, key: KeyId, @@ -53,7 +53,7 @@ impl SigningService { } /// Get the public key associated with the specified key and version. - async fn get_public_key( + pub async fn get_public_key( &self, key: KeyId, version: KeyVersion, From dfa32dac29922e90af58724fcc793bb416691b19 Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Wed, 18 Dec 2024 19:34:30 +0100 Subject: [PATCH 10/18] fix: structuring. --- Cargo.lock | 8 ++++ Cargo.toml | 5 ++- util/signing/{ => signer}/Cargo.toml | 6 ++- .../signer/src/cryptography/ed25519.rs | 7 ++++ util/signing/signer/src/cryptography/mod.rs | 6 +++ .../signer/src/cryptography/secp256k1.rs | 7 ++++ util/signing/{ => signer}/src/lib.rs | 37 +++++-------------- 7 files changed, 46 insertions(+), 30 deletions(-) rename util/signing/{ => signer}/Cargo.toml (75%) create mode 100644 util/signing/signer/src/cryptography/ed25519.rs create mode 100644 util/signing/signer/src/cryptography/mod.rs create mode 100644 util/signing/signer/src/cryptography/secp256k1.rs rename util/signing/{ => signer}/src/lib.rs (55%) diff --git a/Cargo.lock b/Cargo.lock index 8318b0ca2..1018b66de 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -13914,6 +13914,14 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "signer" +version = "0.0.2" +dependencies = [ + "async-trait", + "thiserror 1.0.69", +] + [[package]] name = "simd-adler32" version = "0.3.7" diff --git a/Cargo.toml b/Cargo.toml index 8c598d17c..ee33b924c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -42,7 +42,7 @@ members = [ "protocol-units/bridge/indexer-db", "protocol-units/bridge/util", "benches/*", - "util/signing", + "util/signing/signer", ] [workspace.package] @@ -115,6 +115,9 @@ whitelist = { path = "util/whitelist" } ## access control aptos-account-whitelist = { path = "protocol-units/access-control/aptos/account-whitelist" } +# signing +signer = { path = "util/signing/signer" } + ## vault vaultrs = { version = "0.7.3" } aws-sdk-kms = "1.51.0" diff --git a/util/signing/Cargo.toml b/util/signing/signer/Cargo.toml similarity index 75% rename from util/signing/Cargo.toml rename to util/signing/signer/Cargo.toml index 208e1c4cb..8d57babf7 100644 --- a/util/signing/Cargo.toml +++ b/util/signing/signer/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "signing" +name = "signer" version.workspace = true edition.workspace = true license.workspace = true @@ -10,7 +10,9 @@ publish.workspace = true rust-version.workspace = true [dependencies] -thiserror.workspace = true +thiserror = { workspace = true } +async-trait = { workspace = true } + [lints] workspace = true diff --git a/util/signing/signer/src/cryptography/ed25519.rs b/util/signing/signer/src/cryptography/ed25519.rs new file mode 100644 index 000000000..9cfc41030 --- /dev/null +++ b/util/signing/signer/src/cryptography/ed25519.rs @@ -0,0 +1,7 @@ +use crate::cryptography::Curve; + +/// The Ed25519 curve. +#[derive(Debug, Clone)] +pub struct Ed25519; + +impl Curve for Ed25519 {} diff --git a/util/signing/signer/src/cryptography/mod.rs b/util/signing/signer/src/cryptography/mod.rs new file mode 100644 index 000000000..bd747a2dd --- /dev/null +++ b/util/signing/signer/src/cryptography/mod.rs @@ -0,0 +1,6 @@ +pub mod ed25519; +pub mod secp256k1; + +/// A curve. +/// Currently this has not methods, but it is used to bound the `Signer` trait. +pub trait Curve {} diff --git a/util/signing/signer/src/cryptography/secp256k1.rs b/util/signing/signer/src/cryptography/secp256k1.rs new file mode 100644 index 000000000..eae0e15e0 --- /dev/null +++ b/util/signing/signer/src/cryptography/secp256k1.rs @@ -0,0 +1,7 @@ +use crate::cryptography::Curve; + +/// The secp256k1 elliptic curve. +#[derive(Debug, Clone)] +pub struct Secp256k1; + +impl Curve for Secp256k1 {} diff --git a/util/signing/src/lib.rs b/util/signing/signer/src/lib.rs similarity index 55% rename from util/signing/src/lib.rs rename to util/signing/signer/src/lib.rs index d4bff97e1..3955279de 100644 --- a/util/signing/src/lib.rs +++ b/util/signing/signer/src/lib.rs @@ -1,3 +1,5 @@ +pub mod cryptography; + /// A collection of bytes. #[derive(Debug, Clone)] pub struct Bytes(pub Vec); @@ -25,7 +27,7 @@ pub enum SignerError { #[error("Error during signing : {0}")] Sign(String), #[error("Error during public key retrieval : {0}")] - GetPublicKey(String), + PublicKey(String), #[error("Error can't decode provided hex data : {0}")] Hex(String), #[error("Signature not found.")] @@ -34,30 +36,11 @@ pub enum SignerError { PublicKeyNotFound, } -pub struct SigningService; - -impl SigningService { - /// Create the service with environment variable. - pub fn try_from_env() -> Result { - todo!() - } - - /// Sign the provided message with the current key identified with the keyId. - /// Return the Signature and the version of the key used to sign. - pub async fn sign( - &self, - message: Bytes, - key: KeyId, - ) -> Result<(KeyVersion, Signature), SignerError> { - todo!(); - } - - /// Get the public key associated with the specified key and version. - pub async fn get_public_key( - &self, - key: KeyId, - version: KeyVersion, - ) -> Result { - todo!(); - } +#[async_trait::async_trait] +pub trait Signer { + /// Signs some bytes. + async fn sign(message: Bytes) -> Result; + + /// Gets the public key. + async fn public_key(&self) -> Result; } From 2f5636f0d0ddac29e49ca3fd067a5a76b6aa730a Mon Sep 17 00:00:00 2001 From: Liam Monninger Date: Wed, 18 Dec 2024 20:19:41 +0100 Subject: [PATCH 11/18] chore: scaffold signing api. --- Cargo.lock | 54 ++++++++++++ Cargo.toml | 4 + util/signing/aws-kms/Cargo.toml | 34 ++++++++ util/signing/aws-kms/src/cryptography/mod.rs | 1 + .../aws-kms/src/cryptography/secp256k1/mod.rs | 28 +++++++ util/signing/aws-kms/src/lib.rs | 1 + util/signing/hashicorp-vault/Cargo.toml | 34 ++++++++ .../src/cryptography/ed25519/mod.rs | 28 +++++++ .../hashicorp-vault/src/cryptography/mod.rs | 1 + util/signing/hashicorp-vault/src/hsm/mod.rs | 12 +++ util/signing/hashicorp-vault/src/lib.rs | 2 + util/signing/signer/Cargo.toml | 4 + .../signer/src/cryptography/ed25519.rs | 27 ++++++ util/signing/signer/src/cryptography/mod.rs | 3 +- .../signer/src/cryptography/secp256k1.rs | 32 +++++++ util/signing/signer/src/lib.rs | 84 ++++++++++++++++++- 16 files changed, 344 insertions(+), 5 deletions(-) create mode 100644 util/signing/aws-kms/Cargo.toml create mode 100644 util/signing/aws-kms/src/cryptography/mod.rs create mode 100644 util/signing/aws-kms/src/cryptography/secp256k1/mod.rs create mode 100644 util/signing/aws-kms/src/lib.rs create mode 100644 util/signing/hashicorp-vault/Cargo.toml create mode 100644 util/signing/hashicorp-vault/src/cryptography/ed25519/mod.rs create mode 100644 util/signing/hashicorp-vault/src/cryptography/mod.rs create mode 100644 util/signing/hashicorp-vault/src/hsm/mod.rs create mode 100644 util/signing/hashicorp-vault/src/lib.rs diff --git a/Cargo.lock b/Cargo.lock index b4064ecc4..8c5da6b18 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3221,6 +3221,31 @@ dependencies = [ "zeroize", ] +[[package]] +name = "aws-kms-signer" +version = "0.0.2" +dependencies = [ + "anyhow", + "async-trait", + "aws-config", + "aws-sdk-kms", + "axum 0.6.20", + "base64 0.13.1", + "clap 4.5.21", + "dotenv", + "ed25519 2.2.3", + "google-cloud-kms", + "k256", + "rand 0.7.3", + "reqwest 0.12.9", + "ring-compat", + "serde", + "serde_json", + "signer", + "tokio", + "vaultrs", +] + [[package]] name = "aws-runtime" version = "1.4.4" @@ -7306,6 +7331,31 @@ dependencies = [ "foldhash", ] +[[package]] +name = "hashicorp-vault-signer" +version = "0.0.2" +dependencies = [ + "anyhow", + "async-trait", + "aws-config", + "aws-sdk-kms", + "axum 0.6.20", + "base64 0.13.1", + "clap 4.5.21", + "dotenv", + "ed25519 2.2.3", + "google-cloud-kms", + "k256", + "rand 0.7.3", + "reqwest 0.12.9", + "ring-compat", + "serde", + "serde_json", + "signer", + "tokio", + "vaultrs", +] + [[package]] name = "hdrhistogram" version = "7.5.4" @@ -13919,7 +13969,11 @@ dependencies = [ name = "signer" version = "0.0.2" dependencies = [ + "anyhow", "async-trait", + "ed25519 2.2.3", + "k256", + "ring-compat", "thiserror 1.0.69", ] diff --git a/Cargo.toml b/Cargo.toml index ee33b924c..d8b4051f2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -43,6 +43,8 @@ members = [ "protocol-units/bridge/util", "benches/*", "util/signing/signer", + "util/signing/aws-kms", + "util/signing/hashicorp-vault", ] [workspace.package] @@ -117,6 +119,8 @@ aptos-account-whitelist = { path = "protocol-units/access-control/aptos/account- # signing signer = { path = "util/signing/signer" } +aws-kms-signer = { path = "util/signing/aws-kms" } +hashicorp-vault-signer = { path = "util/signing/hashicorp-vault" } ## vault vaultrs = { version = "0.7.3" } diff --git a/util/signing/aws-kms/Cargo.toml b/util/signing/aws-kms/Cargo.toml new file mode 100644 index 000000000..bb98e067a --- /dev/null +++ b/util/signing/aws-kms/Cargo.toml @@ -0,0 +1,34 @@ +[package] +name = "aws-kms-signer" +version = { workspace = true } +edition = { workspace = true } +license = { workspace = true } +authors = { workspace = true } +repository = { workspace = true } +homepage = { workspace = true } +publish = { workspace = true } +rust-version = { workspace = true } + +[dependencies] +tokio = { workspace = true, features = ["full"] } +async-trait = { workspace = true } +vaultrs = { workspace = true } +anyhow = { workspace = true } +aws-sdk-kms = { workspace = true } +aws-config = { workspace = true } +rand = { workspace = true } +base64 = { workspace = true } +dotenv = "0.15" +ed25519 = { workspace = true } +ring-compat = { workspace = true } +k256 = { workspace = true, features = ["ecdsa", "pkcs8"] } +google-cloud-kms = { workspace = true } +reqwest = { version = "0.12", features = ["json"] } +axum = "0.6" +serde = { version = "1.0", features = ["derive"] } +serde_json = "1.0" +clap = { workspace = true } +signer = { workspace = true } + +[lints] +workspace = true diff --git a/util/signing/aws-kms/src/cryptography/mod.rs b/util/signing/aws-kms/src/cryptography/mod.rs new file mode 100644 index 000000000..3e5840107 --- /dev/null +++ b/util/signing/aws-kms/src/cryptography/mod.rs @@ -0,0 +1 @@ +pub mod secp256k1; diff --git a/util/signing/aws-kms/src/cryptography/secp256k1/mod.rs b/util/signing/aws-kms/src/cryptography/secp256k1/mod.rs new file mode 100644 index 000000000..7b0f0026d --- /dev/null +++ b/util/signing/aws-kms/src/cryptography/secp256k1/mod.rs @@ -0,0 +1,28 @@ +use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; +use signer::cryptography::secp256k1::Secp256k1; + +/// Defines the needed methods for providing a definition of cryptography used with AWS KMS +pub trait AwsKmsCryptography { + /// Returns the [KeySpec] for the desired cryptography + fn key_spec() -> KeySpec; + + /// Returns the [KeyUsageType] for the desired cryptography + fn key_usage_type() -> KeyUsageType; + + /// Returns the [SigningAlgorithmSpec] for the desired cryptography + fn signing_algorithm_spec() -> SigningAlgorithmSpec; +} + +impl AwsKmsCryptography for Secp256k1 { + fn key_spec() -> KeySpec { + KeySpec::EccSecgP256K1 + } + + fn key_usage_type() -> KeyUsageType { + KeyUsageType::SignVerify + } + + fn signing_algorithm_spec() -> SigningAlgorithmSpec { + SigningAlgorithmSpec::EcdsaSha256 + } +} diff --git a/util/signing/aws-kms/src/lib.rs b/util/signing/aws-kms/src/lib.rs new file mode 100644 index 000000000..18f57b93b --- /dev/null +++ b/util/signing/aws-kms/src/lib.rs @@ -0,0 +1 @@ +pub mod cryptography; diff --git a/util/signing/hashicorp-vault/Cargo.toml b/util/signing/hashicorp-vault/Cargo.toml new file mode 100644 index 000000000..7abe1231f --- /dev/null +++ b/util/signing/hashicorp-vault/Cargo.toml @@ -0,0 +1,34 @@ +[package] +name = "hashicorp-vault-signer" +version = { workspace = true } +edition = { workspace = true } +license = { workspace = true } +authors = { workspace = true } +repository = { workspace = true } +homepage = { workspace = true } +publish = { workspace = true } +rust-version = { workspace = true } + +[dependencies] +tokio = { workspace = true, features = ["full"] } +async-trait = { workspace = true } +vaultrs = { workspace = true } +anyhow = { workspace = true } +aws-sdk-kms = { workspace = true } +aws-config = { workspace = true } +rand = { workspace = true } +base64 = { workspace = true } +dotenv = "0.15" +ed25519 = { workspace = true } +ring-compat = { workspace = true } +k256 = { workspace = true, features = ["ecdsa", "pkcs8"] } +google-cloud-kms = { workspace = true } +reqwest = { version = "0.12", features = ["json"] } +axum = "0.6" +serde = { version = "1.0", features = ["derive"] } +serde_json = "1.0" +clap = { workspace = true } +signer = { workspace = true } + +[lints] +workspace = true \ No newline at end of file diff --git a/util/signing/hashicorp-vault/src/cryptography/ed25519/mod.rs b/util/signing/hashicorp-vault/src/cryptography/ed25519/mod.rs new file mode 100644 index 000000000..7b0f0026d --- /dev/null +++ b/util/signing/hashicorp-vault/src/cryptography/ed25519/mod.rs @@ -0,0 +1,28 @@ +use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; +use signer::cryptography::secp256k1::Secp256k1; + +/// Defines the needed methods for providing a definition of cryptography used with AWS KMS +pub trait AwsKmsCryptography { + /// Returns the [KeySpec] for the desired cryptography + fn key_spec() -> KeySpec; + + /// Returns the [KeyUsageType] for the desired cryptography + fn key_usage_type() -> KeyUsageType; + + /// Returns the [SigningAlgorithmSpec] for the desired cryptography + fn signing_algorithm_spec() -> SigningAlgorithmSpec; +} + +impl AwsKmsCryptography for Secp256k1 { + fn key_spec() -> KeySpec { + KeySpec::EccSecgP256K1 + } + + fn key_usage_type() -> KeyUsageType { + KeyUsageType::SignVerify + } + + fn signing_algorithm_spec() -> SigningAlgorithmSpec { + SigningAlgorithmSpec::EcdsaSha256 + } +} diff --git a/util/signing/hashicorp-vault/src/cryptography/mod.rs b/util/signing/hashicorp-vault/src/cryptography/mod.rs new file mode 100644 index 000000000..58845d3fa --- /dev/null +++ b/util/signing/hashicorp-vault/src/cryptography/mod.rs @@ -0,0 +1 @@ +pub mod ed25519; diff --git a/util/signing/hashicorp-vault/src/hsm/mod.rs b/util/signing/hashicorp-vault/src/hsm/mod.rs new file mode 100644 index 000000000..ff1f0d21d --- /dev/null +++ b/util/signing/hashicorp-vault/src/hsm/mod.rs @@ -0,0 +1,12 @@ +// ! Develop HSM here under [SignerOperations] +// use signer::{cryptography::ed25519, SignerOperations}; + +pub struct HashicorpVault; + +/*#[async_trait::async_trait] +impl SignerOperations for HashicorpVault { + async fn sign(&self, _message: Bytes) -> Result { + // Sign the message. + Ok(Signature::default()) + } +}*/ diff --git a/util/signing/hashicorp-vault/src/lib.rs b/util/signing/hashicorp-vault/src/lib.rs new file mode 100644 index 000000000..63d77a7f1 --- /dev/null +++ b/util/signing/hashicorp-vault/src/lib.rs @@ -0,0 +1,2 @@ +pub mod cryptography; +pub mod hsm; diff --git a/util/signing/signer/Cargo.toml b/util/signing/signer/Cargo.toml index 8d57babf7..fa855726d 100644 --- a/util/signing/signer/Cargo.toml +++ b/util/signing/signer/Cargo.toml @@ -12,6 +12,10 @@ rust-version.workspace = true [dependencies] thiserror = { workspace = true } async-trait = { workspace = true } +ed25519 = { workspace = true } +ring-compat = { workspace = true } +k256 = { workspace = true, features = ["ecdsa", "pkcs8"] } +anyhow = { workspace = true } [lints] diff --git a/util/signing/signer/src/cryptography/ed25519.rs b/util/signing/signer/src/cryptography/ed25519.rs index 9cfc41030..aa34725e4 100644 --- a/util/signing/signer/src/cryptography/ed25519.rs +++ b/util/signing/signer/src/cryptography/ed25519.rs @@ -1,7 +1,34 @@ use crate::cryptography::Curve; +use crate::{Bytes, PublicKey, Signature, VerifierError, VerifierOperations}; +use anyhow::Context; +use ring_compat::signature::{ + ed25519::{self, VerifyingKey}, + Verifier, +}; /// The Ed25519 curve. #[derive(Debug, Clone)] pub struct Ed25519; impl Curve for Ed25519 {} + +/// Built-in verifier for Ed25519. +#[async_trait::async_trait] +impl VerifierOperations for Ed25519 { + async fn verify( + &self, + message: Bytes, + signature: Signature, + public_key: PublicKey, + ) -> Result { + let verifying_key = VerifyingKey::from_slice(public_key.0 .0.as_slice()) + .context("Failed to create verifying key") + .map_err(|e| VerifierError::Verify(e.to_string()))?; + + let signature = ed25519::Signature::from_slice(signature.0 .0.as_slice()) + .context("Failed to create signature") + .map_err(|e| VerifierError::Verify(e.to_string()))?; + + Ok(verifying_key.verify(message.0.as_slice(), &signature).is_ok()) + } +} diff --git a/util/signing/signer/src/cryptography/mod.rs b/util/signing/signer/src/cryptography/mod.rs index bd747a2dd..8681cce3d 100644 --- a/util/signing/signer/src/cryptography/mod.rs +++ b/util/signing/signer/src/cryptography/mod.rs @@ -1,6 +1,5 @@ pub mod ed25519; pub mod secp256k1; - /// A curve. -/// Currently this has not methods, but it is used to bound the `Signer` trait. +/// Currently this has no methods, but it is used to bound the `Signer` trait. pub trait Curve {} diff --git a/util/signing/signer/src/cryptography/secp256k1.rs b/util/signing/signer/src/cryptography/secp256k1.rs index eae0e15e0..d9db5f062 100644 --- a/util/signing/signer/src/cryptography/secp256k1.rs +++ b/util/signing/signer/src/cryptography/secp256k1.rs @@ -1,7 +1,39 @@ use crate::cryptography::Curve; +use crate::{Bytes, PublicKey, Signature, VerifierError, VerifierOperations}; +use anyhow::Context; +use k256::ecdsa::{self, VerifyingKey}; +use k256::pkcs8::DecodePublicKey; +use ring_compat::signature::Verifier; /// The secp256k1 elliptic curve. #[derive(Debug, Clone)] pub struct Secp256k1; impl Curve for Secp256k1 {} + +/// Built-in verifier for secp256k1. +#[async_trait::async_trait] +impl VerifierOperations for Secp256k1 { + async fn verify( + &self, + message: Bytes, + signature: Signature, + public_key: PublicKey, + ) -> Result { + let verifying_key = VerifyingKey::from_public_key_der(&public_key.0 .0) + .context("Failed to create verifying key") + .map_err(|e| VerifierError::Verify(e.to_string()))?; + + let signature = ecdsa::Signature::from_der(&signature.0 .0) + .context("Failed to create signature") + .map_err(|e| VerifierError::Verify(e.to_string()))?; + + match verifying_key.verify(message.0.as_slice(), &signature) { + Ok(_) => Ok(true), + Err(e) => { + println!("Error verifying signature: {:?}", e); + Ok(false) + } + } + } +} diff --git a/util/signing/signer/src/lib.rs b/util/signing/signer/src/lib.rs index 3955279de..49d3196c5 100644 --- a/util/signing/signer/src/lib.rs +++ b/util/signing/signer/src/lib.rs @@ -21,7 +21,7 @@ pub struct KeyVersion(pub String); #[derive(Debug, Clone)] pub struct KeyId(pub String); -/// Errors thrown by SigningService. +/// Errors thrown by Signer #[derive(Debug, thiserror::Error)] pub enum SignerError { #[error("Error during signing : {0}")] @@ -37,10 +37,88 @@ pub enum SignerError { } #[async_trait::async_trait] -pub trait Signer { +pub trait SignerOperations { /// Signs some bytes. - async fn sign(message: Bytes) -> Result; + async fn sign(&self, message: Bytes) -> Result; /// Gets the public key. async fn public_key(&self) -> Result; } + +pub struct Signer +where + O: SignerOperations, + C: cryptography::Curve, +{ + operations: O, + _curve_marker: std::marker::PhantomData, +} + +/// Signer wraps an implementation of [SignerOperations] and provides a simple API for signing and getting the public key. +impl Signer +where + O: SignerOperations, + C: cryptography::Curve, +{ + pub fn new(operations: O) -> Self { + Self { operations, _curve_marker: std::marker::PhantomData } + } + + /// Signs some bytes. + pub async fn sign(&self, message: Bytes) -> Result { + self.operations.sign(message).await + } + + /// Gets the public key. + pub async fn public_key(&self) -> Result { + self.operations.public_key().await + } +} + +/// Errors thrown by the verifier. +#[derive(Debug, thiserror::Error)] +pub enum VerifierError { + #[error("Error during verification : {0}")] + Verify(String), +} + +#[async_trait::async_trait] +pub trait VerifierOperations { + /// Verifies a signature. + async fn verify( + &self, + message: Bytes, + signature: Signature, + public_key: PublicKey, + ) -> Result; +} + +pub struct Verifier +where + O: VerifierOperations, + C: cryptography::Curve, +{ + operations: O, + _curve_marker: std::marker::PhantomData, +} + +/// Verifier wraps an implementation of [VerifierOperations] and provides a simple API for verifying signatures. +impl Verifier +where + O: VerifierOperations, + C: cryptography::Curve, +{ + pub fn new(operations: O) -> Self { + Self { operations, _curve_marker: std::marker::PhantomData } + } + + /// Verifies a signature. + pub async fn verify( + &self, + message: Bytes, + signature: Signature, + public_key: PublicKey, + ) -> Result { + self.operations.verify(message, signature, public_key).await + } +} From e46122161e1a4b5b0a463bfb98e4fba9c08a5499 Mon Sep 17 00:00:00 2001 From: musitdev Date: Thu, 19 Dec 2024 14:22:41 +0100 Subject: [PATCH 12/18] Alloy signing integration --- Cargo.lock | 14 ++ Cargo.toml | 2 + util/signing/integrations/alloy/Cargo.toml | 25 ++++ util/signing/integrations/alloy/src/lib.rs | 147 +++++++++++++++++++++ 4 files changed, 188 insertions(+) create mode 100644 util/signing/integrations/alloy/Cargo.toml create mode 100644 util/signing/integrations/alloy/src/lib.rs diff --git a/Cargo.lock b/Cargo.lock index 8c5da6b18..9145a531f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10516,6 +10516,20 @@ dependencies = [ "tracing", ] +[[package]] +name = "movement-signing-alloy" +version = "0.0.2" +dependencies = [ + "alloy-consensus", + "alloy-network", + "alloy-primitives 0.7.7", + "alloy-signer", + "async-trait", + "k256", + "signer", + "spki 0.7.3", +] + [[package]] name = "movement-tracing" version = "0.0.2" diff --git a/Cargo.toml b/Cargo.toml index d8b4051f2..85eb7c817 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -45,6 +45,7 @@ members = [ "util/signing/signer", "util/signing/aws-kms", "util/signing/hashicorp-vault", + "util/signing/integrations/alloy", ] [workspace.package] @@ -227,6 +228,7 @@ alloy-eips = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b17258 alloy-contract = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } alloy-network = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } alloy-primitives = { version = "0.7.2", default-features = false } +alloy-consensus = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } alloy-provider = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2", features = [ "ws", ] } diff --git a/util/signing/integrations/alloy/Cargo.toml b/util/signing/integrations/alloy/Cargo.toml new file mode 100644 index 000000000..96d491ae8 --- /dev/null +++ b/util/signing/integrations/alloy/Cargo.toml @@ -0,0 +1,25 @@ +[package] +name = "movement-signing-alloy" +version.workspace = true +edition.workspace = true +license.workspace = true +authors.workspace = true +repository.workspace = true +homepage.workspace = true +publish.workspace = true +rust-version.workspace = true + +[dependencies] +signer = { workspace = true } +async-trait.workspace = true + +# Alloy needed crates +alloy-primitives.workspace = true +alloy-signer.workspace = true +alloy-network.workspace = true +alloy-consensus.workspace = true +spki = "0.7.3" +k256 = "0.13.4" + +[lints] +workspace = true diff --git a/util/signing/integrations/alloy/src/lib.rs b/util/signing/integrations/alloy/src/lib.rs new file mode 100644 index 000000000..4875427e0 --- /dev/null +++ b/util/signing/integrations/alloy/src/lib.rs @@ -0,0 +1,147 @@ +use alloy_consensus::SignableTransaction; +use alloy_primitives::{hex, Address, ChainId, B256}; +use alloy_signer::{sign_transaction_with_chain_id, Result, Signature as AlloySignature, Signer}; +use k256::ecdsa::{self, VerifyingKey}; +use signer::{ + cryptography::secp256k1::Secp256k1, Bytes, SignerOperations, SignerError, Signature as MvtSignature, PublicKey}; +use std::fmt; + +pub struct HsmSigner { + kms: Box+ Sync> , + pubkey: VerifyingKey, + address: Address, + chain_id: Option, +} + +impl fmt::Debug for HsmSigner { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.debug_struct("HsmSigner") + .field("chain_id", &self.chain_id) + .field("pubkey", &hex::encode(self.pubkey.to_sec1_bytes())) + .field("address", &self.address) + .finish() + } +} + +#[async_trait::async_trait] +impl alloy_network::TxSigner for HsmSigner { + fn address(&self) -> Address { + self.address + } + + async fn sign_transaction( + &self, + tx: &mut dyn SignableTransaction, + ) -> Result { + sign_transaction_with_chain_id!(self, tx, self.sign_hash(&tx.signature_hash()).await) + } +} + +#[async_trait::async_trait] +impl Signer for HsmSigner { + async fn sign_hash(&self, hash: &B256) -> Result { + self.sign_digest(hash).await.map(|sign| sign.into()).map_err(alloy_signer::Error::other) + } + + #[inline] + fn address(&self) -> Address { + self.address + } + + #[inline] + fn chain_id(&self) -> Option { + self.chain_id + } + + #[inline] + fn set_chain_id(&mut self, chain_id: Option) { + self.chain_id = chain_id; + } +} + +impl HsmSigner { + /// Instantiate a new signer from an existing `Client` and key ID. + /// + /// Retrieves the public key from HMS and calculates the Ethereum address. + pub async fn new( + kms: Box + Sync>, + chain_id: Option, + ) -> Result { + let resp = request_get_pubkey(&*kms).await?; + let pubkey = decode_pubkey(resp)?; + let address = alloy_signer::utils::public_key_to_address(&pubkey); + Ok(Self { kms, chain_id, pubkey, address }) + } + + /// Fetch the pubkey associated with a key ID. + pub async fn get_pubkey_for_key(&self) -> Result { + request_get_pubkey(&*self.kms).await.and_then(decode_pubkey) + } + + /// Fetch the pubkey associated with this signer's key ID. + pub async fn get_pubkey(&self) -> Result { + self.get_pubkey_for_key().await + } + + /// Sign a digest with this signer's key and applies EIP-155. + async fn sign_digest(&self, digest: &B256) -> Result { + let sig = request_sign_digest(&*self.kms, digest).await.and_then(decode_signature)?; + let mut sig = sig_from_digest_bytes_trial_recovery(sig, digest, &self.pubkey); + if let Some(chain_id) = self.chain_id { + sig = sig.with_chain_id(chain_id); + } + Ok(sig) + } +} + +async fn request_get_pubkey( + kms: &dyn SignerOperations, +) -> Result { + kms.public_key().await +} + +async fn request_sign_digest( + kms: &(dyn SignerOperations + Sync), + digest: &B256, +) -> Result { + let signature = kms.sign(Bytes(digest.as_slice().to_vec())).await?; + Ok(signature) +} + +/// Decode an AWS KMS Pubkey response. +fn decode_pubkey(pk: PublicKey) -> Result { + let pk_ref: &[u8] = &pk.0.0; + let spki = spki::SubjectPublicKeyInfoRef::try_from(pk_ref).map_err(|err| SignerError::PublicKey(err.to_string()))?; + let key = VerifyingKey::from_sec1_bytes(spki.subject_public_key.raw_bytes()).map_err(|err| SignerError::Sign(err.to_string()))?; + Ok(key) +} + +/// Decode an AWS KMS Signature response. +fn decode_signature(sign: MvtSignature) -> Result { + let sig = ecdsa::Signature::from_der(&sign.0.0).map_err(|err| SignerError::Sign(err.to_string()))?; + Ok(sig.normalize_s().unwrap_or(sig)) +} + +/// Recover an rsig from a signature under a known key by trial/error. +fn sig_from_digest_bytes_trial_recovery( + sig: ecdsa::Signature, + hash: &B256, + pubkey: &VerifyingKey, +) -> AlloySignature { + let signature = AlloySignature::from_signature_and_parity(sig, false).unwrap(); + if check_candidate(&signature, hash, pubkey) { + return signature; + } + + let signature = signature.with_parity(true); + if check_candidate(&signature, hash, pubkey) { + return signature; + } + + panic!("bad sig"); +} + +/// Makes a trial recovery to check whether an RSig corresponds to a known `VerifyingKey`. +fn check_candidate(signature: &AlloySignature, hash: &B256, pubkey: &VerifyingKey) -> bool { + signature.recover_from_prehash(hash).map(|key| key == *pubkey).unwrap_or(false) +} \ No newline at end of file From 43c974ba5cb639a6e140446c093ae7c826d8ef81 Mon Sep 17 00:00:00 2001 From: musitdev Date: Mon, 23 Dec 2024 09:21:08 +0100 Subject: [PATCH 13/18] simple transfer test for AWS signing --- Cargo.lock | 71 +++++++- util/signing/integrations/alloy/Cargo.toml | 13 ++ util/signing/integrations/alloy/src/lib.rs | 17 +- .../integrations/alloy/tests/aws_test.rs | 160 ++++++++++++++++++ 4 files changed, 248 insertions(+), 13 deletions(-) create mode 100644 util/signing/integrations/alloy/tests/aws_test.rs diff --git a/Cargo.lock b/Cargo.lock index 9145a531f..713914298 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -561,6 +561,23 @@ dependencies = [ "thiserror 1.0.69", ] +[[package]] +name = "alloy-signer-aws" +version = "0.1.4" +source = "git+https://github.com/alloy-rs/alloy.git?rev=83343b172585fe4e040fb104b4d1421f58cbf9a2#83343b172585fe4e040fb104b4d1421f58cbf9a2" +dependencies = [ + "alloy-consensus", + "alloy-network", + "alloy-primitives 0.7.7", + "alloy-signer", + "async-trait", + "aws-sdk-kms", + "k256", + "spki 0.7.3", + "thiserror 1.0.69", + "tracing", +] + [[package]] name = "alloy-signer-local" version = "0.1.4" @@ -6338,7 +6355,7 @@ version = "18.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7413c5f74cc903ea37386a8965a936cbeb334bd270862fdece542c1b2dcbc898" dependencies = [ - "ethereum-types", + "ethereum-types 0.14.1", "hex", "once_cell", "regex", @@ -6349,6 +6366,19 @@ dependencies = [ "uint", ] +[[package]] +name = "ethbloom" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfb684ac8fa8f6c5759f788862bb22ec6fe3cb392f6bfd08e3c64b603661e3f8" +dependencies = [ + "crunchy", + "fixed-hash 0.7.0", + "impl-rlp", + "impl-serde 0.3.2", + "tiny-keccak", +] + [[package]] name = "ethbloom" version = "0.13.0" @@ -6362,13 +6392,27 @@ dependencies = [ "tiny-keccak", ] +[[package]] +name = "ethereum-types" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f64b5df66a228d85e4b17e5d6c6aa43b0310898ffe8a85988c4c032357aaabfd" +dependencies = [ + "ethbloom 0.11.1", + "fixed-hash 0.7.0", + "impl-rlp", + "impl-serde 0.3.2", + "primitive-types 0.9.1", + "uint", +] + [[package]] name = "ethereum-types" version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02d215cbf040552efcbe99a38372fe80ab9d00268e20012b79fcd0f073edd8ee" dependencies = [ - "ethbloom", + "ethbloom 0.13.0", "fixed-hash 0.8.0", "impl-rlp", "impl-serde 0.4.0", @@ -10520,14 +10564,24 @@ dependencies = [ name = "movement-signing-alloy" version = "0.0.2" dependencies = [ + "alloy", "alloy-consensus", "alloy-network", "alloy-primitives 0.7.7", "alloy-signer", + "alloy-signer-aws", + "anyhow", "async-trait", + "aws-config", + "aws-sdk-kms", + "ethereum-types 0.11.0", + "hex", "k256", + "keccak-hash", + "sha3 0.10.8", "signer", "spki 0.7.3", + "tokio", ] [[package]] @@ -11923,6 +11977,19 @@ dependencies = [ "elliptic-curve 0.13.8", ] +[[package]] +name = "primitive-types" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06345ee39fbccfb06ab45f3a1a5798d9dafa04cb8921a76d227040003a234b0e" +dependencies = [ + "fixed-hash 0.7.0", + "impl-codec 0.5.1", + "impl-rlp", + "impl-serde 0.3.2", + "uint", +] + [[package]] name = "primitive-types" version = "0.10.1" diff --git a/util/signing/integrations/alloy/Cargo.toml b/util/signing/integrations/alloy/Cargo.toml index 96d491ae8..fa1a18bac 100644 --- a/util/signing/integrations/alloy/Cargo.toml +++ b/util/signing/integrations/alloy/Cargo.toml @@ -21,5 +21,18 @@ alloy-consensus.workspace = true spki = "0.7.3" k256 = "0.13.4" +[dev-dependencies] +aws-sdk-kms = { workspace = true } +anyhow = { workspace = true } +tokio = { workspace = true } +alloy.workspace = true +alloy-signer-aws = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } +aws-config = { workspace = true } + +ethereum-types = "0.11" +keccak-hash = "0.10" +hex = "0.4" +sha3 = "0.10.8" + [lints] workspace = true diff --git a/util/signing/integrations/alloy/src/lib.rs b/util/signing/integrations/alloy/src/lib.rs index 4875427e0..9ae826454 100644 --- a/util/signing/integrations/alloy/src/lib.rs +++ b/util/signing/integrations/alloy/src/lib.rs @@ -7,7 +7,7 @@ use signer::{ use std::fmt; pub struct HsmSigner { - kms: Box+ Sync> , + kms: Box+ Sync + Send> , pubkey: VerifyingKey, address: Address, chain_id: Option, @@ -64,7 +64,7 @@ impl HsmSigner { /// /// Retrieves the public key from HMS and calculates the Ethereum address. pub async fn new( - kms: Box + Sync>, + kms: Box + Sync+ Send>, chain_id: Option, ) -> Result { let resp = request_get_pubkey(&*kms).await?; @@ -73,19 +73,15 @@ impl HsmSigner { Ok(Self { kms, chain_id, pubkey, address }) } - /// Fetch the pubkey associated with a key ID. - pub async fn get_pubkey_for_key(&self) -> Result { - request_get_pubkey(&*self.kms).await.and_then(decode_pubkey) - } - /// Fetch the pubkey associated with this signer's key ID. pub async fn get_pubkey(&self) -> Result { - self.get_pubkey_for_key().await + request_get_pubkey(&*self.kms).await.and_then(decode_pubkey) } /// Sign a digest with this signer's key and applies EIP-155. - async fn sign_digest(&self, digest: &B256) -> Result { + pub async fn sign_digest(&self, digest: &B256) -> Result { let sig = request_sign_digest(&*self.kms, digest).await.and_then(decode_signature)?; + println!("MVT AWAS SIGN: {}", hex::encode(sig.to_bytes())); let mut sig = sig_from_digest_bytes_trial_recovery(sig, digest, &self.pubkey); if let Some(chain_id) = self.chain_id { sig = sig.with_chain_id(chain_id); @@ -104,8 +100,7 @@ async fn request_sign_digest( kms: &(dyn SignerOperations + Sync), digest: &B256, ) -> Result { - let signature = kms.sign(Bytes(digest.as_slice().to_vec())).await?; - Ok(signature) + kms.sign(Bytes(digest.as_slice().to_vec())).await } /// Decode an AWS KMS Pubkey response. diff --git a/util/signing/integrations/alloy/tests/aws_test.rs b/util/signing/integrations/alloy/tests/aws_test.rs new file mode 100644 index 000000000..7199ac164 --- /dev/null +++ b/util/signing/integrations/alloy/tests/aws_test.rs @@ -0,0 +1,160 @@ +use alloy::node_bindings::Anvil; +use alloy::providers::{Provider, ProviderBuilder}; +use alloy::rpc::types::TransactionRequest; +use alloy::signers::local::PrivateKeySigner; +use alloy_network::EthereumWallet; +use alloy_network::TransactionBuilder; +use alloy_network::TxSigner; +use alloy_primitives::U256; +use anyhow::Context; +use aws_sdk_kms::primitives::Blob; +use aws_sdk_kms::types::MessageType; +use aws_sdk_kms::types::{KeySpec, KeyUsageType, SigningAlgorithmSpec}; +use aws_sdk_kms::Client; +use movement_signing_alloy::HsmSigner; +use signer::{ + cryptography::secp256k1::Secp256k1, Bytes, PublicKey, Signature, SignerError, SignerOperations, +}; +use std::env; + +/// A AWS KMS HSM. +#[derive(Debug, Clone)] +pub struct AwsKms { + pub client: Client, + key_id: String, +} + +#[async_trait::async_trait] +impl SignerOperations for AwsKms { + /// Signs some bytes. + async fn sign(&self, message: Bytes) -> Result { + //println!("sign message {message:?}",); + + let res = self + .client + .sign() + .key_id(&self.key_id) + .message(Blob::new(message.0)) + .message_type(MessageType::Digest) + .signing_algorithm(SigningAlgorithmSpec::EcdsaSha256) + .send() + .await + .unwrap(); + + //println!("sign res: {:?}", res); + let signature = Signature(Bytes( + res.signature().context("No signature available").unwrap().as_ref().to_vec(), + )); + Ok(signature) + } + + /// Gets the public key. + async fn public_key(&self) -> Result { + let res = self.client.get_public_key().key_id(&self.key_id).send().await.unwrap(); + //println!("public_key AWS KMS Response: {:?}", res); + let public_key = PublicKey(Bytes( + res.public_key().context("No public key available").unwrap().as_ref().to_vec(), + )); + Ok(public_key) + } +} + +impl AwsKms { + pub async fn new(key_id: String) -> Self { + let config = aws_config::load_from_env().await; + let client = aws_sdk_kms::Client::new(&config); + AwsKms { client, key_id } + } + + /// Creates in AWS KMS matching the provided key id. + pub async fn create_key(&self) -> Result { + let res = self + .client + .create_key() + .key_spec(KeySpec::EccSecgP256K1) + .key_usage(KeyUsageType::SignVerify) + .send() + .await?; + + let key_id = res.key_metadata().context("No key metadata available")?.key_id().to_string(); + + Ok(key_id) + } + + pub fn set_key_id(&mut self, key_id: String) { + self.key_id = key_id; + } +} + +#[tokio::test] +async fn test_aws_kms_send_tx() -> Result<(), anyhow::Error> { + // Start Anvil + let mut anvil = Anvil::new().port(8545u16).arg("-vvvvv").spawn(); + let rpc_url = anvil.endpoint_url(); + let chain_id = anvil.chain_id(); + + // Use AWS KMS + let _access_key = env::var("AWS_ACCESS_KEY").expect("AWS_ACCESS_KEY not set"); + let _secret_key = env::var("AWS_SECRET_KEY").expect("AWS_SECRET_KEY not set"); + let key_id = env::var("AWS_KEY_ID").expect("AWS_KEY_ID not set"); + + println!("key_id:{key_id}"); + + let aws = AwsKms::new(key_id).await; + let signer = HsmSigner::new(Box::new(aws), Some(chain_id)).await?; + let address = signer.address(); + println!("DEEEEB Key address:{}", address); + + let key_provider = ProviderBuilder::new() + .with_recommended_fillers() + .wallet(EthereumWallet::new(signer)) + .on_builtin(&rpc_url.to_string()) + .await?; + + let admin: PrivateKeySigner = anvil.keys()[1].clone().into(); + let admin_address = admin.address(); + let admin_provider = ProviderBuilder::new() + .with_recommended_fillers() + .wallet(EthereumWallet::new(admin)) + .on_builtin(&rpc_url.to_string()) + .await?; + + //transfer some eth to the key. + let tx = TransactionRequest::default() + .with_to(address) + .with_value(U256::from(1000000000)); + let receipt = admin_provider.send_transaction(tx).await?.get_receipt().await?; + println!("Admin -> Key receipt: {receipt:?}",); + + let account = key_provider.get_accounts().await; + println!("Account: {:?}", account); + let balance = key_provider.get_balance(address).await; + println!("Balance: {:?}", balance); + + //transfer back some eth. + let tx = TransactionRequest::default() + .with_from(address) + .with_to(admin_address) + .with_value(U256::from(5)) + .gas_limit(3000000); + println!("Tx from {:?}", tx.from); + + let receipt = key_provider.send_transaction(tx).await; //.get_receipt().await?; + println!("Key -> Admin receipt: {receipt:?}",); + + // // Print ANvil output. + // use std::io; + // use std::io::BufRead; + // use std::io::BufReader; + // use std::io::Write; + + // let anvil_out = anvil.child_mut().stdout.take().unwrap(); + // let mut stdout_writer = io::stdout(); + // let mut reader = BufReader::new(anvil_out).lines(); + // while let Some(Ok(line)) = reader.next() { + // stdout_writer.write_all(line.as_bytes())?; + // stdout_writer.write_all(b"\n")?; + // } + + Ok(()) +} From ca9c370c617f6a890f2df5279d63cedc2ffa5c58 Mon Sep 17 00:00:00 2001 From: musitdev Date: Tue, 24 Dec 2024 12:20:35 +0100 Subject: [PATCH 14/18] use AwsKmsCryptography trait --- util/signing/integrations/eth/tests/aws_test.rs | 1 - util/signing/providers/aws-kms/src/hsm/mod.rs | 10 ++++------ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/util/signing/integrations/eth/tests/aws_test.rs b/util/signing/integrations/eth/tests/aws_test.rs index 6a55d4d08..f912f4391 100644 --- a/util/signing/integrations/eth/tests/aws_test.rs +++ b/util/signing/integrations/eth/tests/aws_test.rs @@ -17,7 +17,6 @@ use std::env; #[tokio::test] async fn basic_signing_verify() -> Result<(), anyhow::Error> { let message = b"Hello, world!"; - let hasher = Keccak256::new(); let digest: [u8; 32] = Keccak256::new_with_prefix(&message).finalize().into(); let key_id = env::var("AWS_KEY_ID").expect("AWS_KEY_ID not set"); let aws = AwsKmsSigner::new(key_id).await; diff --git a/util/signing/providers/aws-kms/src/hsm/mod.rs b/util/signing/providers/aws-kms/src/hsm/mod.rs index 521bafdb6..0f964447a 100644 --- a/util/signing/providers/aws-kms/src/hsm/mod.rs +++ b/util/signing/providers/aws-kms/src/hsm/mod.rs @@ -1,7 +1,5 @@ +use crate::cryptography::secp256k1::AwsKmsCryptography; use aws_sdk_kms::primitives::Blob; -use aws_sdk_kms::types::KeySpec; -use aws_sdk_kms::types::KeyUsageType; -use aws_sdk_kms::types::SigningAlgorithmSpec; use aws_sdk_kms::Client; use k256::ecdsa; use movement_signer::cryptography::secp256k1::{self, Secp256k1}; @@ -25,7 +23,7 @@ impl Signing for AwsKmsSigner { .key_id(&self.key_id) .message(Blob::new(message)) .message_type(aws_sdk_kms::types::MessageType::Digest) - .signing_algorithm(SigningAlgorithmSpec::EcdsaSha256) + .signing_algorithm(Secp256k1::signing_algorithm_spec()) .send() .await .map_err(|e| SignerError::Internal(e.to_string()))?; @@ -66,8 +64,8 @@ impl AwsKmsSigner { let res = self .client .create_key() - .key_spec(KeySpec::EccSecgP256K1) - .key_usage(KeyUsageType::SignVerify) + .key_spec(Secp256k1::key_spec()) + .key_usage(Secp256k1::key_usage_type()) .send() .await .map_err(|e| SignerError::Internal(e.to_string()))?; From 1f522d56138569f47c90dad15a29b99ee420a8ad Mon Sep 17 00:00:00 2001 From: musitdev Date: Thu, 2 Jan 2025 12:24:15 +0100 Subject: [PATCH 15/18] rename new to try_new --- util/signing/integrations/eth/src/lib.rs | 2 +- util/signing/integrations/eth/tests/aws_test.rs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/util/signing/integrations/eth/src/lib.rs b/util/signing/integrations/eth/src/lib.rs index 7a97e90c3..3a72e21ff 100644 --- a/util/signing/integrations/eth/src/lib.rs +++ b/util/signing/integrations/eth/src/lib.rs @@ -64,7 +64,7 @@ impl + Sync + Send> HsmSigner { /// Instantiate a new signer from an existing `Client` and key ID. /// /// Retrieves the public key from HMS and calculates the Ethereum address. - pub async fn new( + pub async fn try_new( kms: S, chain_id: Option, ) -> Result, SignerError> { diff --git a/util/signing/integrations/eth/tests/aws_test.rs b/util/signing/integrations/eth/tests/aws_test.rs index f912f4391..a75ae2bfb 100644 --- a/util/signing/integrations/eth/tests/aws_test.rs +++ b/util/signing/integrations/eth/tests/aws_test.rs @@ -10,7 +10,7 @@ use movement_signer::cryptography::secp256k1::Secp256k1; use movement_signer::Signing; use movement_signer::Verify; use movement_signer_aws_kms::hsm::AwsKmsSigner; -use movement_signing_alloy::HsmSigner; +use movement_signing_eth::HsmSigner; use sha3::{Digest, Keccak256}; use std::env; @@ -42,7 +42,7 @@ async fn test_aws_kms_send_tx() -> Result<(), anyhow::Error> { println!("key_id:{key_id}"); let aws = AwsKmsSigner::new(key_id).await; - let signer = HsmSigner::new(aws, Some(chain_id)).await?; + let signer = HsmSigner::try_new(aws, Some(chain_id)).await?; let address = signer.address(); println!("DEEEEB Key address:{}", address); From 7f6c6b31897b0ebe5a14fe699cb7c806794b8f2e Mon Sep 17 00:00:00 2001 From: musitdev Date: Thu, 2 Jan 2025 12:37:28 +0100 Subject: [PATCH 16/18] correct build --- Cargo.lock | 22 +++++++++++----------- util/signing/integrations/eth/Cargo.toml | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0b169b9aa..690cff656 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10602,7 +10602,17 @@ dependencies = [ ] [[package]] -name = "movement-signing-alloy" +name = "movement-signing-aptos" +version = "0.0.2" +dependencies = [ + "aptos-crypto", + "aptos-types", + "movement-signer", + "thiserror 1.0.69", +] + +[[package]] +name = "movement-signing-eth" version = "0.0.2" dependencies = [ "alloy", @@ -10625,16 +10635,6 @@ dependencies = [ "tokio", ] -[[package]] -name = "movement-signing-aptos" -version = "0.0.2" -dependencies = [ - "aptos-crypto", - "aptos-types", - "movement-signer", - "thiserror 1.0.69", -] - [[package]] name = "movement-tracing" version = "0.0.2" diff --git a/util/signing/integrations/eth/Cargo.toml b/util/signing/integrations/eth/Cargo.toml index 01532693a..025f427d4 100644 --- a/util/signing/integrations/eth/Cargo.toml +++ b/util/signing/integrations/eth/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "movement-signing-alloy" +name = "movement-signing-eth" version.workspace = true edition.workspace = true license.workspace = true From 4d6faa8e32434f26113143f724523956f62ab38a Mon Sep 17 00:00:00 2001 From: musitdev Date: Thu, 2 Jan 2025 13:32:10 +0100 Subject: [PATCH 17/18] add rustls-tls to allow https connections --- Cargo.toml | 1 + util/signing/integrations/eth/Cargo.toml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 6ca92f428..db7ddec7d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -223,6 +223,7 @@ alloy-rpc-types = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b alloy-sol-types = { version = "0.7.2", features = ["json"] } alloy-signer = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } alloy-transport = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } +alloy-transport-http = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2", features = ["reqwest-rustls-tls"] } alloy-transport-ws = { git = "https://github.com/alloy-rs/alloy.git", rev = "83343b172585fe4e040fb104b4d1421f58cbf9a2" } anyhow = "1.0" diff --git a/util/signing/integrations/eth/Cargo.toml b/util/signing/integrations/eth/Cargo.toml index 01532693a..c19fc17d5 100644 --- a/util/signing/integrations/eth/Cargo.toml +++ b/util/signing/integrations/eth/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "movement-signing-alloy" +name = "movement-signing-eth" version.workspace = true edition.workspace = true license.workspace = true @@ -19,6 +19,7 @@ alloy-primitives.workspace = true alloy-signer.workspace = true alloy-network.workspace = true alloy-consensus.workspace = true +alloy-transport-http = { workspace = true, features = ["reqwest-rustls-tls"] } k256 = "0.13.4" [dev-dependencies] From 7ad333d160d17921962d8bec23d1721413d237ec Mon Sep 17 00:00:00 2001 From: musitdev Date: Thu, 2 Jan 2025 13:45:56 +0100 Subject: [PATCH 18/18] correct Cargo.lock file --- Cargo.lock | 1358 ++++++++++++++++++++++++++-------------------------- 1 file changed, 674 insertions(+), 684 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0b169b9aa..d4b01f3fc 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -122,9 +122,9 @@ checksum = "250f629c0161ad8107cf89319e990051fae62832fd343083bea452d93e2205fd" [[package]] name = "allocative" -version = "0.3.4" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fac2ce611db8b8cee9b2aa886ca03c924e9da5e5295d0dbd0526e5d0b0710f7" +checksum = "082af274fd02beef17b7f0725a49ecafe6c075ef56cac9d6363eb3916a9817ae" dependencies = [ "allocative_derive", "ctor", @@ -138,14 +138,14 @@ checksum = "fe233a377643e0fc1a56421d7c90acdec45c291b30345eb9f08e8d0ddce5a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "allocator-api2" -version = "0.2.21" +version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923" +checksum = "45862d1c77f2228b9e10bc609d5bc203d86ebc9b87ad8d5d5167a6c9abf739d9" [[package]] name = "alloy" @@ -336,7 +336,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ccb3ead547f4532bc8af961649942f0b9c16ee9226e26caa3f38420651cc0bf4" dependencies = [ "alloy-rlp", - "bytes 1.9.0", + "bytes 1.8.0", "cfg-if", "const-hex", "derive_more 0.99.18", @@ -357,7 +357,7 @@ version = "0.8.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9fce5dbd6a4f118eecc4719eaa9c7ffc31c315e6c5ccde3642db927802312425" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "cfg-if", "const-hex", "derive_more 1.0.0", @@ -426,24 +426,24 @@ dependencies = [ [[package]] name = "alloy-rlp" -version = "0.3.10" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f542548a609dca89fcd72b3b9f355928cf844d4363c5eed9c5273a3dd225e097" +checksum = "da0822426598f95e45dd1ea32a738dac057529a709ee645fcc516ffa4cbde08f" dependencies = [ "alloy-rlp-derive", "arrayvec 0.7.6", - "bytes 1.9.0", + "bytes 1.8.0", ] [[package]] name = "alloy-rlp-derive" -version = "0.3.10" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a833d97bf8a5f0f878daf2c8451fff7de7f9de38baa5a45d936ec718d81255a" +checksum = "2b09cae092c27b6f1bde952653a22708691802e57bfef4a2973b80bea21efd3f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -606,7 +606,7 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -619,11 +619,11 @@ dependencies = [ "alloy-sol-macro-input", "const-hex", "heck 0.5.0", - "indexmap 2.7.0", + "indexmap 2.6.0", "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "syn-solidity", "tiny-keccak", ] @@ -641,7 +641,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.91", + "syn 2.0.87", "syn-solidity", ] @@ -708,7 +708,7 @@ dependencies = [ "alloy-json-rpc", "alloy-pubsub", "alloy-transport", - "bytes 1.9.0", + "bytes 1.8.0", "futures", "interprocess", "pin-project 1.1.7", @@ -726,8 +726,8 @@ dependencies = [ "alloy-pubsub", "alloy-transport", "futures", - "http 1.2.0", - "rustls 0.23.20", + "http 1.1.0", + "rustls 0.23.17", "serde_json", "tokio", "tokio-tungstenite 0.23.1", @@ -822,9 +822,9 @@ checksum = "34fde25430d87a9388dadbe6e34d7f72a462c8b43ac8d309b42b0a8505d7e2a5" [[package]] name = "anyhow" -version = "1.0.95" +version = "1.0.93" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34ac096ce696dc2fcabef30516bb13c0a68a11d30131d3df6f04711467681b04" +checksum = "4c95c10ba0b00a02636238b814946408b1322d5ac4760326e6fb8ec956d85775" [[package]] name = "aptos-abstract-gas-usage" @@ -896,11 +896,11 @@ dependencies = [ "aptos-vm", "async-trait", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "fail", "futures", "hex", - "hyper 0.14.32", + "hyper 0.14.31", "itertools 0.12.1", "mime", "mini-moka", @@ -933,7 +933,7 @@ dependencies = [ "aptos-vm", "async-trait", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "hex", "indoc", "move-binary-format", @@ -981,7 +981,7 @@ dependencies = [ "aptos-vm-types", "arc-swap", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "claims", "concurrent-queue", "crossbeam", @@ -1009,7 +1009,7 @@ dependencies = [ "aptos-metrics-core", "aptos-types", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "dashmap 5.5.3", "itertools 0.12.1", "jemallocator", @@ -1150,7 +1150,7 @@ dependencies = [ "bcs 0.1.4", "blst", "bulletproofs", - "bytes 1.9.0", + "bytes 1.8.0", "curve25519-dalek 3.2.0", "curve25519-dalek-ng", "digest 0.9.0", @@ -1259,7 +1259,7 @@ dependencies = [ "aptos-storage-interface", "aptos-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "dashmap 5.5.3", "move-core-types", ] @@ -1358,7 +1358,7 @@ dependencies = [ "aptos-vm", "arr_macro", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "dashmap 5.5.3", "fail", "itertools 0.12.1", @@ -1386,7 +1386,7 @@ dependencies = [ "aptos-types", "aptos-vm", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "crossbeam-channel", "ctrlc", "dashmap 5.5.3", @@ -1466,7 +1466,7 @@ dependencies = [ "aptos-sdk", "async-trait", "captcha", - "clap 4.5.23", + "clap 4.5.21", "deadpool-redis", "enum_dispatch", "futures", @@ -1527,7 +1527,7 @@ dependencies = [ "blake2-rfc", "bulletproofs", "byteorder", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "curve25519-dalek-ng", "either", @@ -1688,11 +1688,11 @@ dependencies = [ "aptos-storage-interface", "aptos-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "chrono", "futures", "hex", - "hyper 0.14.32", + "hyper 0.14.31", "itertools 0.12.1", "move-binary-format", "move-core-types", @@ -1727,7 +1727,7 @@ dependencies = [ "flate2", "futures", "google-cloud-storage", - "hyper 0.14.32", + "hyper 0.14.31", "serde", "serde_json", "tar", @@ -1837,7 +1837,7 @@ dependencies = [ "aptos-vm-logging", "aptos-vm-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "goldenfile", "move-binary-format", "move-command-line-common", @@ -1900,7 +1900,7 @@ dependencies = [ "strum_macros 0.24.3", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -1975,7 +1975,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "aptos-infallible", - "bytes 1.9.0", + "bytes 1.8.0", "futures", "once_cell", ] @@ -2015,7 +2015,7 @@ dependencies = [ [[package]] name = "aptos-moving-average" version = "0.1.0" -source = "git+https://github.com/movementlabsxyz/aptos-indexer-processors#2175024ec52713e2d913b1e8eb3e1dd07f5b08e9" +source = "git+https://github.com/movementlabsxyz/aptos-indexer-processors#a43b90b98bc5e8d79d37cc6058ed2cfa741c0997" dependencies = [ "chrono", ] @@ -2030,7 +2030,7 @@ dependencies = [ "aptos-crypto", "aptos-types", "aptos-vm-types", - "bytes 1.9.0", + "bytes 1.8.0", "claims", "crossbeam", "dashmap 5.5.3", @@ -2050,7 +2050,7 @@ dependencies = [ "aptos-gas-schedule", "aptos-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "move-binary-format", "move-core-types", "move-vm-runtime", @@ -2066,7 +2066,7 @@ dependencies = [ "aptos-memsocket", "aptos-proxy", "aptos-types", - "bytes 1.9.0", + "bytes 1.8.0", "futures", "pin-project 1.1.7", "serde", @@ -2099,7 +2099,7 @@ dependencies = [ "arc-swap", "async-trait", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "futures", "futures-util", "hex", @@ -2287,7 +2287,7 @@ dependencies = [ "aptos-logger", "aptos-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "hex", "move-core-types", "reqwest 0.11.27", @@ -2382,7 +2382,7 @@ dependencies = [ "anyhow", "aptos-types", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "heck 0.4.1", "move-core-types", "once_cell", @@ -2490,7 +2490,7 @@ dependencies = [ "aptos-profiler", "async-mutex", "http 0.2.12", - "hyper 0.14.32", + "hyper 0.14.31", "lazy_static", "mime", "pprof", @@ -2509,7 +2509,7 @@ dependencies = [ "aptos-gas-schedule", "aptos-native-interface", "better_any", - "bytes 1.9.0", + "bytes 1.8.0", "move-binary-format", "move-core-types", "move-table-extension", @@ -2560,7 +2560,7 @@ dependencies = [ "arr_macro", "base64 0.13.1", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "fixed", "fxhash", "hashbrown 0.14.5", @@ -2586,7 +2586,7 @@ dependencies = [ "rand 0.7.3", "rayon", "ring 0.16.20", - "rsa 0.9.7", + "rsa 0.9.6", "serde", "serde-big-array", "serde_bytes", @@ -2650,7 +2650,7 @@ dependencies = [ "ark-bn254", "ark-groth16", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "claims", "crossbeam-channel", "derive_more 0.99.18", @@ -2681,7 +2681,7 @@ dependencies = [ "aptos-types", "aptos-vm", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "move-core-types", "move-vm-runtime", "move-vm-types", @@ -2716,7 +2716,7 @@ dependencies = [ "aptos-gas-schedule", "aptos-types", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "claims", "either", "move-binary-format", @@ -3115,7 +3115,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -3137,7 +3137,7 @@ checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -3148,7 +3148,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -3187,7 +3187,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -3198,9 +3198,9 @@ checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" [[package]] name = "aws-config" -version = "1.1.7" +version = "1.5.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b96342ea8948ab9bef3e6234ea97fc32e2d8a88d8fb6a084e52267317f94b6b" +checksum = "9b49afaa341e8dd8577e1a2200468f98956d6eda50bcf4a53246cc00174ba924" dependencies = [ "aws-credential-types", "aws-runtime", @@ -3214,15 +3214,15 @@ dependencies = [ "aws-smithy-runtime-api", "aws-smithy-types", "aws-types", - "bytes 1.9.0", - "fastrand 2.3.0", + "bytes 1.8.0", + "fastrand 2.2.0", "hex", "http 0.2.12", - "hyper 0.14.32", "ring 0.17.8", "time", "tokio", "tracing", + "url", "zeroize", ] @@ -3240,9 +3240,9 @@ dependencies = [ [[package]] name = "aws-runtime" -version = "1.5.1" +version = "1.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "300a12520b4e6d08b73f77680f12c16e8ae43250d55100e0b2be46d78da16a48" +checksum = "b5ac934720fbb46206292d2c75b57e67acfc56fe7dfd34fb9a02334af08409ea" dependencies = [ "aws-credential-types", "aws-sigv4", @@ -3253,8 +3253,8 @@ dependencies = [ "aws-smithy-runtime-api", "aws-smithy-types", "aws-types", - "bytes 1.9.0", - "fastrand 2.3.0", + "bytes 1.8.0", + "fastrand 2.2.0", "http 0.2.12", "http-body 0.4.6", "once_cell", @@ -3279,7 +3279,7 @@ dependencies = [ "aws-smithy-runtime-api", "aws-smithy-types", "aws-types", - "bytes 1.9.0", + "bytes 1.8.0", "http 0.2.12", "once_cell", "regex-lite", @@ -3288,9 +3288,9 @@ dependencies = [ [[package]] name = "aws-sdk-s3" -version = "1.66.0" +version = "1.61.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "154488d16ab0d627d15ab2832b57e68a16684c8c902f14cb8a75ec933fc94852" +checksum = "0e531658a0397d22365dfe26c3e1c0c8448bf6a3a2d8a098ded802f2b1261615" dependencies = [ "aws-credential-types", "aws-runtime", @@ -3299,14 +3299,14 @@ dependencies = [ "aws-smithy-checksums", "aws-smithy-eventstream", "aws-smithy-http", - "aws-smithy-json 0.61.1", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", "aws-smithy-xml", "aws-types", - "bytes 1.9.0", - "fastrand 2.3.0", + "bytes 1.8.0", + "fastrand 2.2.0", "hex", "hmac 0.12.1", "http 0.2.12", @@ -3322,20 +3322,20 @@ dependencies = [ [[package]] name = "aws-sdk-sso" -version = "1.50.0" +version = "1.49.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05ca43a4ef210894f93096039ef1d6fa4ad3edfabb3be92b80908b9f2e4b4eab" +checksum = "09677244a9da92172c8dc60109b4a9658597d4d298b188dd0018b6a66b410ca4" dependencies = [ "aws-credential-types", "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json 0.61.1", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", "aws-types", - "bytes 1.9.0", + "bytes 1.8.0", "http 0.2.12", "once_cell", "regex-lite", @@ -3344,20 +3344,20 @@ dependencies = [ [[package]] name = "aws-sdk-ssooidc" -version = "1.51.0" +version = "1.50.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abaf490c2e48eed0bb8e2da2fb08405647bd7f253996e0f93b981958ea0f73b0" +checksum = "81fea2f3a8bb3bd10932ae7ad59cc59f65f270fc9183a7e91f501dc5efbef7ee" dependencies = [ "aws-credential-types", "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json 0.61.1", + "aws-smithy-json 0.60.7", "aws-smithy-runtime", "aws-smithy-runtime-api", "aws-smithy-types", "aws-types", - "bytes 1.9.0", + "bytes 1.8.0", "http 0.2.12", "once_cell", "regex-lite", @@ -3366,15 +3366,15 @@ dependencies = [ [[package]] name = "aws-sdk-sts" -version = "1.51.0" +version = "1.50.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b68fde0d69c8bfdc1060ea7da21df3e39f6014da316783336deff0a9ec28f4bf" +checksum = "6ada54e5f26ac246dc79727def52f7f8ed38915cb47781e2a72213957dc3a7d5" dependencies = [ "aws-credential-types", "aws-runtime", "aws-smithy-async", "aws-smithy-http", - "aws-smithy-json 0.61.1", + "aws-smithy-json 0.60.7", "aws-smithy-query", "aws-smithy-runtime", "aws-smithy-runtime-api", @@ -3398,13 +3398,13 @@ dependencies = [ "aws-smithy-http", "aws-smithy-runtime-api", "aws-smithy-types", - "bytes 1.9.0", + "bytes 1.8.0", "crypto-bigint 0.5.5", "form_urlencoded", "hex", "hmac 0.12.1", "http 0.2.12", - "http 1.2.0", + "http 1.1.0", "once_cell", "p256 0.11.1", "percent-encoding", @@ -3418,9 +3418,9 @@ dependencies = [ [[package]] name = "aws-smithy-async" -version = "1.2.2" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8aa8ff1492fd9fb99ae28e8467af0dbbb7c31512b16fabf1a0f10d7bb6ef78bb" +checksum = "62220bc6e97f946ddd51b5f1361f78996e704677afc518a4ff66b7a72ea1378c" dependencies = [ "futures-util", "pin-project-lite", @@ -3435,7 +3435,7 @@ checksum = "ba1a71073fca26775c8b5189175ea8863afb1c9ea2cceb02a5de5ad9dfbaa795" dependencies = [ "aws-smithy-http", "aws-smithy-types", - "bytes 1.9.0", + "bytes 1.8.0", "crc32c", "crc32fast", "hex", @@ -3455,7 +3455,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cef7d0a272725f87e51ba2bf89f8c21e4df61b9e49ae1ac367a6d69916ef7c90" dependencies = [ "aws-smithy-types", - "bytes 1.9.0", + "bytes 1.8.0", "crc32fast", ] @@ -3468,7 +3468,7 @@ dependencies = [ "aws-smithy-eventstream", "aws-smithy-runtime-api", "aws-smithy-types", - "bytes 1.9.0", + "bytes 1.8.0", "bytes-utils", "futures-core", "http 0.2.12", @@ -3510,22 +3510,22 @@ dependencies = [ [[package]] name = "aws-smithy-runtime" -version = "1.7.5" +version = "1.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "431a10d0e07e09091284ef04453dae4069283aa108d209974d67e77ae1caa658" +checksum = "9f20685047ca9d6f17b994a07f629c813f08b5bce65523e47124879e60103d45" dependencies = [ "aws-smithy-async", "aws-smithy-http", "aws-smithy-runtime-api", "aws-smithy-types", - "bytes 1.9.0", - "fastrand 2.3.0", + "bytes 1.8.0", + "fastrand 2.2.0", "h2 0.3.26", "http 0.2.12", "http-body 0.4.6", "http-body 1.0.1", "httparse", - "hyper 0.14.32", + "hyper 0.14.31", "hyper-rustls 0.24.2", "once_cell", "pin-project-lite", @@ -3543,9 +3543,9 @@ checksum = "92165296a47a812b267b4f41032ff8069ab7ff783696d217f0994a0d7ab585cd" dependencies = [ "aws-smithy-async", "aws-smithy-types", - "bytes 1.9.0", + "bytes 1.8.0", "http 0.2.12", - "http 1.2.0", + "http 1.1.0", "pin-project-lite", "tokio", "tracing", @@ -3554,16 +3554,16 @@ dependencies = [ [[package]] name = "aws-smithy-types" -version = "1.2.10" +version = "1.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ecbf4d5dfb169812e2b240a4350f15ad3c6b03a54074e5712818801615f2dc5" +checksum = "4fbd94a32b3a7d55d3806fe27d98d3ad393050439dd05eb53ece36ec5e3d3510" dependencies = [ "base64-simd", - "bytes 1.9.0", + "bytes 1.8.0", "bytes-utils", "futures-core", "http 0.2.12", - "http 1.2.0", + "http 1.1.0", "http-body 0.4.6", "http-body 1.0.1", "http-body-util", @@ -3610,11 +3610,11 @@ dependencies = [ "async-trait", "axum-core 0.3.4", "bitflags 1.3.2", - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", "http 0.2.12", "http-body 0.4.6", - "hyper 0.14.32", + "hyper 0.14.31", "itoa", "matchit", "memchr", @@ -3641,9 +3641,9 @@ checksum = "edca88bc138befd0323b20752846e6587272d3b03b0343c8ea28a6f819e6e71f" dependencies = [ "async-trait", "axum-core 0.4.5", - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", - "http 1.2.0", + "http 1.1.0", "http-body 1.0.1", "http-body-util", "itoa", @@ -3654,8 +3654,8 @@ dependencies = [ "pin-project-lite", "rustversion", "serde", - "sync_wrapper 1.0.2", - "tower 0.5.2", + "sync_wrapper 1.0.1", + "tower 0.5.1", "tower-layer", "tower-service", ] @@ -3667,7 +3667,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c" dependencies = [ "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", "http 0.2.12", "http-body 0.4.6", @@ -3684,15 +3684,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09f2bd6146b97ae3359fa0cc6d6b376d9539582c7b4220f041a33ec24c226199" dependencies = [ "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", - "http 1.2.0", + "http 1.1.0", "http-body 1.0.1", "http-body-util", "mime", "pin-project-lite", "rustversion", - "sync_wrapper 1.0.2", + "sync_wrapper 1.0.1", "tower-layer", "tower-service", ] @@ -3882,9 +3882,9 @@ dependencies = [ [[package]] name = "bigdecimal" -version = "0.4.7" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f31f3af01c5c65a07985c804d3366560e6fa7883d640a122819b14ec327482c" +checksum = "8f850665a0385e070b64c38d2354e6c104c8479c59868d1e48a0c13ee2c7a1c1" dependencies = [ "autocfg", "libm", @@ -3926,7 +3926,7 @@ dependencies = [ "regex", "rustc-hash 1.1.0", "shlex", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -4032,9 +4032,9 @@ dependencies = [ [[package]] name = "blake3" -version = "1.5.5" +version = "1.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8ee0c1824c4dea5b5f81736aff91bae041d2c07ee1192bec91054e10e3e601e" +checksum = "d82033247fd8e890df8f740e407ad4d038debb9eb1f40533fffb32e7d17dc6f7" dependencies = [ "arrayref", "arrayvec 0.7.6", @@ -4080,9 +4080,9 @@ dependencies = [ [[package]] name = "blockstore" -version = "0.7.1" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a8962daed8fb337472d9c4215006443acba1e40c6c91c9d4a3f440d1fb30436" +checksum = "7679095248a6dc7555fae81154ed1baef264383c16621ef881a219576c72a9be" dependencies = [ "cid", "dashmap 6.1.0", @@ -4161,7 +4161,7 @@ dependencies = [ "proc-macro-crate 3.2.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -4199,7 +4199,7 @@ dependencies = [ "rand 0.7.3", "serde", "tokio", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -4207,7 +4207,7 @@ name = "bridge-grpc" version = "0.0.2" dependencies = [ "buildtime", - "prost 0.13.4", + "prost 0.13.3", "tonic 0.12.3", "tonic-build", "tonic-reflection 0.12.3", @@ -4260,7 +4260,7 @@ dependencies = [ "tokio-stream", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "url", ] @@ -4308,7 +4308,7 @@ dependencies = [ "tokio-stream", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "url", ] @@ -4335,7 +4335,7 @@ dependencies = [ "serde_json", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -4363,9 +4363,9 @@ dependencies = [ [[package]] name = "bstr" -version = "1.11.1" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "786a307d683a5bf92e6fd5fd69a7eb613751668d1d8d67d802846dfe367c62c8" +checksum = "1a68f1f47cdf0ec8ee4b941b2eee2a80cb796db73118c0dd09ac63fbe405be22" dependencies = [ "memchr", "regex-automata 0.4.9", @@ -4396,7 +4396,7 @@ version = "0.0.2" dependencies = [ "buildtime-helpers", "quote", - "syn 2.0.91", + "syn 2.0.87", "tonic-build", ] @@ -4440,9 +4440,9 @@ checksum = "5ce89b21cab1437276d2650d57e971f9d548a2d9037cc231abdc0562b97498ce" [[package]] name = "bytemuck" -version = "1.21.0" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef657dfab802224e671f5818e9a4935f9b1957ed18e58292690cc39e7a4092a3" +checksum = "8334215b81e418a0a7bdb8ef0849474f40bb10c8b71f1c4ed315cff49f32494d" [[package]] name = "byteorder" @@ -4458,9 +4458,9 @@ checksum = "0e4cec68f03f32e44924783795810fa50a7035d8c8ebe78580ad7e6c703fba38" [[package]] name = "bytes" -version = "1.9.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b" +checksum = "9ac0150caa2ae65ca5bd83f25c7de183dea78d4d366469f148435e2acfbad0da" dependencies = [ "serde", ] @@ -4471,7 +4471,7 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7dafe3a8757b027e2be6e4e5601ed563c55989fcf1546e933c66c8eb3a058d35" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "either", ] @@ -4545,9 +4545,9 @@ dependencies = [ [[package]] name = "cargo-platform" -version = "0.1.9" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e35af189006b9c0f00a064685c727031e3ed2d8020f7ba284d78cc2671bd36ea" +checksum = "24b1f0365a6c6bb4020cd05806fd0d33c44d38046b8bd7f0e40814b9763cabfc" dependencies = [ "serde", ] @@ -4560,7 +4560,7 @@ checksum = "4acbb09d9ee8e23699b9634375c72795d095bf268439da88562cf9b501f181fa" dependencies = [ "camino", "cargo-platform", - "semver 1.0.24", + "semver 1.0.23", "serde", "serde_json", ] @@ -4588,9 +4588,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.5" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c31a0499c1dc64f458ad13872de75c0eb7e3fdb0e67964610c914b034fc5956e" +checksum = "fd9de9f2205d5ef3fd67e685b0df337994ddd4495e2a28d185500d0e1edfea47" dependencies = [ "jobserver", "libc", @@ -4603,9 +4603,9 @@ version = "0.5.0" source = "git+https://github.com/movementlabsxyz/lumina?rev=2d16e6733949f6bf70849eb60c14114e6d8ea63e#2d16e6733949f6bf70849eb60c14114e6d8ea63e" dependencies = [ "celestia-tendermint-proto", - "prost 0.13.4", + "prost 0.13.3", "prost-build 0.12.6", - "prost-types 0.13.4", + "prost-types 0.13.3", "protox", "serde", ] @@ -4618,7 +4618,7 @@ dependencies = [ "async-trait", "celestia-types", "futures", - "http 1.2.0", + "http 1.1.0", "jsonrpsee 0.24.7", "serde", "thiserror 1.0.69", @@ -4631,7 +4631,7 @@ version = "0.32.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ce8c92a01145f79a0f3ac7c44a43a9b5ee58e8a4c716b56d98833a3848db1afd" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "celestia-tendermint-proto", "digest 0.10.7", "ed25519 2.2.3", @@ -4656,16 +4656,16 @@ dependencies = [ [[package]] name = "celestia-tendermint-proto" -version = "0.32.2" +version = "0.32.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a95746c5221a74d7b913a415fdbb9e7c90e1b4d818dbbff59bddc034cfce2ec" +checksum = "9bbd5c2345d29ea85566ad8a1114cc0dfb20dacf8f9e0722d64886d0e1e064f7" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "flex-error", "num-derive", "num-traits", - "prost 0.12.6", - "prost-types 0.12.6", + "prost 0.13.3", + "prost-types 0.13.3", "serde", "serde_bytes", "subtle-encoding", @@ -4680,7 +4680,7 @@ dependencies = [ "base64 0.22.1", "bech32", "blockstore", - "bytes 1.9.0", + "bytes 1.8.0", "celestia-proto", "celestia-tendermint", "celestia-tendermint-proto", @@ -4692,7 +4692,7 @@ dependencies = [ "multiaddr", "multihash", "nmt-rs", - "prost 0.13.4", + "prost 0.13.3", "ruint", "serde", "serde_repr", @@ -4730,9 +4730,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" [[package]] name = "chrono" -version = "0.4.39" +version = "0.4.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e36cc9d416881d2e24f9a963be5fb1cd90966419ac844274161d10488b3e825" +checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" dependencies = [ "android-tzdata", "iana-time-zone", @@ -4857,9 +4857,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.23" +version = "4.5.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3135e7ec2ef7b10c6ed8950f0f792ed96ee093fa088608f1c76e569722700c84" +checksum = "fb3b4b9e5a7c7514dfa52869339ee98b3156b0bfb4e8a77c4ff4babb64b1604f" dependencies = [ "clap_builder", "clap_derive", @@ -4867,9 +4867,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.23" +version = "4.5.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30582fc632330df2bd26877bde0c1f4470d57c582bbc070376afcd04d8cb4838" +checksum = "b17a95aa67cc7b5ebd32aa5370189aa0d79069ef1c64ce893bd30fb24bff20ec" dependencies = [ "anstream", "anstyle", @@ -4886,14 +4886,14 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "clap_lex" -version = "0.7.4" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" +checksum = "afb84c814227b90d6895e01398aee0d8033c00e7466aca416fb6a8e0eb19d8a7" [[package]] name = "clear_on_drop" @@ -4912,7 +4912,7 @@ checksum = "7602ac4363f68ac757d6b87dd5d850549a14d37489902ae639c06ecec06ad275" dependencies = [ "async-trait", "base64 0.13.1", - "bytes 1.9.0", + "bytes 1.8.0", "chrono", "dotenv", "futures-util", @@ -4974,9 +4974,9 @@ checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" [[package]] name = "colored" -version = "2.2.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c" +checksum = "cbf2150cce219b664a8a70df7a1f933836724b503f8a413af9365b4dcc4d90b8" dependencies = [ "lazy_static", "windows-sys 0.48.0", @@ -4988,7 +4988,7 @@ version = "4.6.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba5a308b75df32fe02788e748662718f03fde005016435c444eea572398219fd" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-core", "memchr", "pin-project-lite", @@ -5017,14 +5017,14 @@ dependencies = [ [[package]] name = "console" -version = "0.15.10" +version = "0.15.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea3c6ecd8059b57859df5c69830340ed3c41d30e3da0c1cbed90a96ac853041b" +checksum = "0e1f83fc076bd6dd27517eacdf25fef6c4dfe5f1d7448bafaaf3a26f13b5e4eb" dependencies = [ "encode_unicode", + "lazy_static", "libc", - "once_cell", - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -5062,14 +5062,14 @@ dependencies = [ "tonic 0.11.0", "tracing", "tracing-core", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] name = "const-hex" -version = "1.14.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b0485bab839b018a8f1723fc5391819fea5f8f0f32288ef8a735fd096b6160c" +checksum = "0121754e84117e65f9d90648ee6aa4882a6e63110307ab73967a4c5e7e69e586" dependencies = [ "cfg-if", "cpufeatures", @@ -5118,18 +5118,18 @@ checksum = "373e9fafaa20882876db20562275ff58d50e0caa2590077fe7ce7bef90211d0d" [[package]] name = "const_format" -version = "0.2.34" +version = "0.2.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "126f97965c8ad46d6d9163268ff28432e8f6a1196a55578867832e3049df63dd" +checksum = "50c655d81ff1114fb0dcdea9225ea9f0cc712a6f8d189378e82bdf62a473a64b" dependencies = [ "const_format_proc_macros", ] [[package]] name = "const_format_proc_macros" -version = "0.2.34" +version = "0.2.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d57c2eccfb16dbac1f4e61e206105db5820c9d26c3c472bc17c774259ef7744" +checksum = "eff1a44b93f47b1bac19a27932f5c591e43d1ba357ee4f61526c8a25603f0eb1" dependencies = [ "proc-macro2", "quote", @@ -5246,9 +5246,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.2.16" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "16b80225097f2e5ae4e7179dd2266824648f3e2f49d9134d584b76389d31c4c3" +checksum = "0ca741a962e1b0bff6d724a1a0958b686406e853bb14061f218562e1896f95e6" dependencies = [ "libc", ] @@ -5322,18 +5322,18 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.14" +version = "0.5.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06ba6d68e24814cb8de6bb986db8222d3a027d15872cabc0d18817bc3c0e4471" +checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2" dependencies = [ "crossbeam-utils", ] [[package]] name = "crossbeam-deque" -version = "0.8.6" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9dd111b7b7f7d55b72c0a6ae361660ee5853c9af73f70c3c2ef6858b950e2e51" +checksum = "613f8cc01fe9cf1a3eb3d7f488fd2fa8388403e97039e2f73692932e291a770d" dependencies = [ "crossbeam-epoch", "crossbeam-utils", @@ -5350,18 +5350,18 @@ dependencies = [ [[package]] name = "crossbeam-queue" -version = "0.3.12" +version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f58bbc28f91df819d0aa2a2c00cd19754769c2fad90579b3592b1c9ba7a3115" +checksum = "df0346b5d5e76ac2fe4e327c5fd1118d6be7c51dfb18f9b7922923f287471e35" dependencies = [ "crossbeam-utils", ] [[package]] name = "crossbeam-utils" -version = "0.8.21" +version = "0.8.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28" +checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" [[package]] name = "crossterm" @@ -5562,7 +5562,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5624,7 +5624,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5646,7 +5646,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" dependencies = [ "darling_core 0.20.10", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5760,7 +5760,7 @@ checksum = "4e018fccbeeb50ff26562ece792ed06659b9c2dae79ece77c4456bb10d9bf79b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5830,7 +5830,7 @@ checksum = "d150dea618e920167e5973d70ae6ece4385b7164e0d799fe7c122dd0a5d912ad" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5841,7 +5841,7 @@ checksum = "30542c1ad912e0e3d22a1935c290e12e8a29d704a420177a31faad4a601a0800" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5885,7 +5885,7 @@ dependencies = [ "proc-macro2", "quote", "rustc_version 0.4.1", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5905,7 +5905,7 @@ checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "unicode-xid", ] @@ -5917,9 +5917,9 @@ checksum = "339544cc9e2c4dc3fc7149fd630c5f22263a4fdf18a98afd0075784968b5cf00" [[package]] name = "diesel" -version = "2.2.6" +version = "2.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccf1bedf64cdb9643204a36dd15b19a6ce8e7aa7f7b105868e9f1fad5ffa7d12" +checksum = "158fe8e2e68695bd615d7e4f3227c0727b151330d3e253b525086c348d055d5e" dependencies = [ "bigdecimal", "bitflags 2.6.0", @@ -5927,7 +5927,7 @@ dependencies = [ "chrono", "diesel_derives", "itoa", - "num-bigint 0.2.6", + "num-bigint 0.4.6", "num-integer", "num-traits", "pq-sys", @@ -5937,9 +5937,9 @@ dependencies = [ [[package]] name = "diesel-async" -version = "0.5.2" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51a307ac00f7c23f526a04a77761a0519b9f0eb2838ebf5b905a58580095bdcb" +checksum = "4c5c6ec8d5c7b8444d19a47161797cbe361e0fb1ee40c6a8124ec915b64a4125" dependencies = [ "async-trait", "bb8", @@ -5960,7 +5960,7 @@ dependencies = [ "dsl_auto_type", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -5980,7 +5980,7 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "209c735641a413bc68c4923a9d6ad4bcb3ca306b794edaa7eb0b3228a99ffb25" dependencies = [ - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -6059,7 +6059,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -6103,7 +6103,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -6287,9 +6287,9 @@ dependencies = [ [[package]] name = "encode_unicode" -version = "1.0.0" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34aa73646ffb006b8f5147f3dc182bd4bcb190227ce861fc4a4844bf8e3cb2c0" +checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" [[package]] name = "encoding_rs" @@ -6309,23 +6309,23 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "env_filter" -version = "0.1.3" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "186e05a59d4c50738528153b83b0b0194d3a29507dfec16eccd4b342903397d0" +checksum = "4f2c92ceda6ceec50f43169f9ee8424fe2db276791afde7b2cd8bc084cb376ab" dependencies = [ "log", ] [[package]] name = "env_logger" -version = "0.11.6" +version = "0.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcaee3d8e3cfc3fd92428d477bc97fc29ec8716d180c0d74c643bb26166660e0" +checksum = "e13fa619b91fb2381732789fc5de83b45675e882f66623b7d8cb4f643017018d" dependencies = [ "env_filter", "log", @@ -6348,9 +6348,9 @@ dependencies = [ [[package]] name = "errno" -version = "0.3.10" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d" +checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba" dependencies = [ "libc", "windows-sys 0.52.0", @@ -6486,9 +6486,9 @@ dependencies = [ [[package]] name = "fastrand" -version = "2.3.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" +checksum = "486f806e73c5707928240ddc295403b1b93c96a02038563881c4a2fd84b81ac4" [[package]] name = "fastrlp" @@ -6498,25 +6498,14 @@ checksum = "139834ddba373bbdd213dffe02c8d110508dcf1726c2be27e8d1f7d7e1856418" dependencies = [ "arrayvec 0.7.6", "auto_impl", - "bytes 1.9.0", -] - -[[package]] -name = "fastrlp" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce8dba4714ef14b8274c371879b175aa55b16b30f269663f19d576f380018dc4" -dependencies = [ - "arrayvec 0.7.6", - "auto_impl", - "bytes 1.9.0", + "bytes 1.8.0", ] [[package]] name = "fdeflate" -version = "0.3.7" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e6853b52649d4ac5c0bd02320cddc5ba956bdb407c4b75a2c6b75bf51500f8c" +checksum = "07c6f4c64c1d33a3111c4466f7365ebdcc37c5bd1ea0d62aae2e3d722aacbedb" dependencies = [ "simd-adler32", ] @@ -6699,7 +6688,7 @@ version = "0.0.2" dependencies = [ "anyhow", "futures", - "rustix 0.38.42", + "rustix 0.38.40", "serde", "tempfile", "thiserror 1.0.69", @@ -6714,9 +6703,9 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "foldhash" -version = "0.1.4" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0d2fde1f7b3d48b8395d5f2de76c18a528bd6a9cdde438df747bfcba3e05d6f" +checksum = "f81ec6369c545a7d40e4589b5597581fa1c441fe1cce96dd1de43159910a36a2" [[package]] name = "foreign-types" @@ -6745,7 +6734,7 @@ checksum = "1a5c6c585bc94aaf2c7b51dd4c2ba22680844aba4c687be581871a6f518c5742" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -6852,7 +6841,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -7148,7 +7137,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "de13e62d7e0ffc3eb40a0113ddf753cf6ec741be739164442b08893db4f9bfca" dependencies = [ "google-cloud-token", - "http 1.2.0", + "http 1.1.0", "thiserror 1.0.69", "tokio", "tokio-retry2", @@ -7174,8 +7163,8 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0edfdfb507593d47605b3bb2fb36628b391e3d397e520b85852dea2412c8e2d1" dependencies = [ - "prost 0.13.4", - "prost-types 0.13.4", + "prost 0.13.3", + "prost-types 0.13.3", "tonic 0.12.3", ] @@ -7189,7 +7178,7 @@ dependencies = [ "google-cloud-gax 0.19.2", "google-cloud-googleapis 0.16.0", "google-cloud-token", - "prost-types 0.13.4", + "prost-types 0.13.3", "serde", "serde_json", "thiserror 1.0.69", @@ -7245,7 +7234,7 @@ checksum = "22c57ca1d971d7c6f852c02eda4e87e88b1247b6ed8be9fa5b2768c68b0f2ca5" dependencies = [ "async-stream", "base64 0.21.7", - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", "google-cloud-auth 0.12.0", "google-cloud-metadata 0.3.2", @@ -7306,13 +7295,13 @@ version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "fnv", "futures-core", "futures-sink", "futures-util", "http 0.2.12", - "indexmap 2.7.0", + "indexmap 2.6.0", "slab", "tokio", "tokio-util", @@ -7321,17 +7310,17 @@ dependencies = [ [[package]] name = "h2" -version = "0.4.7" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccae279728d634d083c00f6099cb58f01cc99c145b84b8be2f6c74618d79922e" +checksum = "524e8ac6999421f49a846c2d4411f337e53497d8ec55d67753beffa43c5d9205" dependencies = [ "atomic-waker", - "bytes 1.9.0", + "bytes 1.8.0", "fnv", "futures-core", "futures-sink", - "http 1.2.0", - "indexmap 2.7.0", + "http 1.1.0", + "indexmap 2.6.0", "slab", "tokio", "tokio-util", @@ -7399,9 +7388,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.15.2" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" +checksum = "3a9bfc1af68b1726ea47d3d5109de126281def866b33970e10fbab11b5dafab3" dependencies = [ "allocator-api2", "equivalent", @@ -7428,7 +7417,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06683b93020a07e3dbcf5f8c0f6d40080d725bea7936fc01ad345c01b97dc270" dependencies = [ "base64 0.21.7", - "bytes 1.9.0", + "bytes 1.8.0", "headers-core", "http 0.2.12", "httpdate", @@ -7575,11 +7564,11 @@ dependencies = [ [[package]] name = "home" -version = "0.5.11" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "589533453244b0995c858700322199b2becb13b627df2851f64a2775d024abcf" +checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" dependencies = [ - "windows-sys 0.59.0", + "windows-sys 0.52.0", ] [[package]] @@ -7616,7 +7605,7 @@ dependencies = [ "serde", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "url", ] @@ -7630,7 +7619,7 @@ dependencies = [ "aws-sdk-kms", "axum 0.6.20", "base64 0.13.1", - "clap 4.5.23", + "clap 4.5.21", "dotenv", "ed25519 2.2.3", "google-cloud-kms", @@ -7650,18 +7639,18 @@ version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "fnv", "itoa", ] [[package]] name = "http" -version = "1.2.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f16ca2af56261c99fba8bac40a10251ce8188205a4c448fbb745a2e4daa76fea" +checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "fnv", "itoa", ] @@ -7672,7 +7661,7 @@ version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "http 0.2.12", "pin-project-lite", ] @@ -7683,8 +7672,8 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" dependencies = [ - "bytes 1.9.0", - "http 1.2.0", + "bytes 1.8.0", + "http 1.1.0", ] [[package]] @@ -7693,9 +7682,9 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "793429d76616a256bcb62c2a2ec2bed781c8307e797e2598c50010f2bee2544f" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-util", - "http 1.2.0", + "http 1.1.0", "http-body 1.0.1", "pin-project-lite", ] @@ -7729,11 +7718,11 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "hyper" -version = "0.14.32" +version = "0.14.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41dfc780fdec9373c01bae43289ea34c972e40ee3c9f6b3c8801a35f35586ce7" +checksum = "8c08302e8fa335b151b788c775ff56e7a03ae64ff85c548ee820fecb70356e85" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-channel", "futures-core", "futures-util", @@ -7744,7 +7733,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2 0.5.8", + "socket2 0.5.7", "tokio", "tower-service", "tracing", @@ -7753,15 +7742,15 @@ dependencies = [ [[package]] name = "hyper" -version = "1.5.2" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "256fb8d4bd6413123cc9d91832d78325c48ff41677595be797d90f42969beae0" +checksum = "bbbff0a806a4728c99295b254c8838933b5b082d75e3cb70c8dab21fdfbcfa9a" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-channel", "futures-util", - "h2 0.4.7", - "http 1.2.0", + "h2 0.4.6", + "http 1.1.0", "http-body 1.0.1", "httparse", "httpdate", @@ -7780,7 +7769,7 @@ checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" dependencies = [ "futures-util", "http 0.2.12", - "hyper 0.14.32", + "hyper 0.14.31", "log", "rustls 0.21.12", "rustls-native-certs 0.6.3", @@ -7790,21 +7779,21 @@ dependencies = [ [[package]] name = "hyper-rustls" -version = "0.27.5" +version = "0.27.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d191583f3da1305256f22463b9bb0471acad48a4e534a5218b9963e9c1f59b2" +checksum = "08afdbb5c31130e3034af566421053ab03787c640246a446327f550d11bcb333" dependencies = [ "futures-util", - "http 1.2.0", - "hyper 1.5.2", + "http 1.1.0", + "hyper 1.5.0", "hyper-util", "log", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-pki-types", "tokio", - "tokio-rustls 0.26.1", + "tokio-rustls 0.26.0", "tower-service", - "webpki-roots 0.26.7", + "webpki-roots 0.26.6", ] [[package]] @@ -7813,7 +7802,7 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1" dependencies = [ - "hyper 0.14.32", + "hyper 0.14.31", "pin-project-lite", "tokio", "tokio-io-timeout", @@ -7825,7 +7814,7 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2b90d566bffbce6a75bd8b09a05aa8c2cb1fabb6cb348f8840c9e4c90a0d83b0" dependencies = [ - "hyper 1.5.2", + "hyper 1.5.0", "hyper-util", "pin-project-lite", "tokio", @@ -7838,8 +7827,8 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" dependencies = [ - "bytes 1.9.0", - "hyper 0.14.32", + "bytes 1.8.0", + "hyper 0.14.31", "native-tls", "tokio", "tokio-native-tls", @@ -7851,9 +7840,9 @@ version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "http-body-util", - "hyper 1.5.2", + "hyper 1.5.0", "hyper-util", "native-tls", "tokio", @@ -7867,14 +7856,14 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df2dcfbe0677734ab2f3ffa7fa7bfd4706bfdc1ef393f2ee30184aed67e631b4" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-channel", "futures-util", - "http 1.2.0", + "http 1.1.0", "http-body 1.0.1", - "hyper 1.5.2", + "hyper 1.5.0", "pin-project-lite", - "socket2 0.5.8", + "socket2 0.5.7", "tokio", "tower-service", "tracing", @@ -8018,7 +8007,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -8116,7 +8105,7 @@ version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba6a270039626615617f3f36d15fc827041df3b78c439da2cadfa47455a77f2f" dependencies = [ - "parity-scale-codec 3.6.12", + "parity-scale-codec 3.7.0", ] [[package]] @@ -8148,13 +8137,13 @@ dependencies = [ [[package]] name = "impl-trait-for-tuples" -version = "0.2.3" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0eb5a3343abf848c0984fe4604b2b105da9539376e24fc0a3b0007411ae4fd9" +checksum = "11d7a9f6330b71fea57921c9b61c47ee6e84f72d394754eff6163ae67e7395eb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 1.0.109", ] [[package]] @@ -8200,12 +8189,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.7.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62f822373a4fe84d4bb149bf54e584a7f4abec90e072ed49cda0edea5b95471f" +checksum = "707907fe3c25f5424cce2cb7e1cbcafee6bdbe735ca90ef77c29e84591e5b9da" dependencies = [ "equivalent", - "hashbrown 0.15.2", + "hashbrown 0.15.1", "serde", ] @@ -8222,12 +8211,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "232929e1d75fe899576a3d5c7416ad0d88dbfbb3c3d6aa00873a7408a50ddb88" dependencies = [ "ahash 0.8.11", - "clap 4.5.23", + "clap 4.5.21", "crossbeam-channel", "crossbeam-utils", "dashmap 6.1.0", "env_logger", - "indexmap 2.7.0", + "indexmap 2.6.0", "is-terminal", "itoa", "log", @@ -8278,9 +8267,9 @@ dependencies = [ [[package]] name = "interprocess" -version = "2.2.2" +version = "2.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "894148491d817cb36b6f778017b8ac46b17408d522dd90f539d677ea938362eb" +checksum = "d2f4e4a06d42fab3e85ab1b419ad32b09eab58b901d40c57935ff92db3287a13" dependencies = [ "doctest-file", "futures-core", @@ -8330,9 +8319,9 @@ dependencies = [ [[package]] name = "is_debug" -version = "1.0.2" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8ea828c9d6638a5bd3d8b14e37502b4d56cae910ccf8a5b7f51c7a0eb1d0508" +checksum = "06d198e9919d9822d5f7083ba8530e04de87841eaf21ead9af8f2304efd57c89" [[package]] name = "is_terminal_polyfill" @@ -8369,9 +8358,9 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.14" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d75a2a4b1b190afb6f5425f10f6a8f959d2ea0b9c2b1d79553551850539e4674" +checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" [[package]] name = "jemalloc-sys" @@ -8424,11 +8413,10 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.76" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6717b6b5b077764fb5966237269cb3c64edddde4b14ce42647430a78ced9e7b7" +checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9" dependencies = [ - "once_cell", "wasm-bindgen", ] @@ -8463,16 +8451,16 @@ checksum = "548125b159ba1314104f5bb5f38519e03a41862786aa3925cf349aae9cdd546e" dependencies = [ "base64 0.22.1", "futures-util", - "http 1.2.0", + "http 1.1.0", "jsonrpsee-core", "pin-project 1.1.7", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-pki-types", "rustls-platform-verifier", "soketto", "thiserror 1.0.69", "tokio", - "tokio-rustls 0.26.1", + "tokio-rustls 0.26.0", "tokio-util", "tracing", "url", @@ -8485,15 +8473,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f2882f6f8acb9fdaec7cefc4fd607119a9bd709831df7d7672a1d3b644628280" dependencies = [ "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "futures-timer", "futures-util", - "http 1.2.0", + "http 1.1.0", "http-body 1.0.1", "http-body-util", "jsonrpsee-types 0.24.7", "pin-project 1.1.7", - "rustc-hash 2.1.0", + "rustc-hash 2.0.0", "serde", "serde_json", "thiserror 1.0.69", @@ -8511,12 +8499,12 @@ dependencies = [ "async-trait", "base64 0.22.1", "http-body 1.0.1", - "hyper 1.5.2", - "hyper-rustls 0.27.5", + "hyper 1.5.0", + "hyper-rustls 0.27.3", "hyper-util", "jsonrpsee-core", "jsonrpsee-types 0.24.7", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-platform-verifier", "serde", "serde_json", @@ -8537,7 +8525,7 @@ dependencies = [ "proc-macro-crate 3.2.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -8560,7 +8548,7 @@ version = "0.24.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a178c60086f24cc35bb82f57c651d0d25d99c4742b4d335de04e97fa1f08a8a1" dependencies = [ - "http 1.2.0", + "http 1.1.0", "serde", "serde_json", "thiserror 1.0.69", @@ -8572,7 +8560,7 @@ version = "0.24.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0fe322e0896d0955a3ebdd5bf813571c53fea29edd713bc315b76620b327e86d" dependencies = [ - "http 1.2.0", + "http 1.1.0", "jsonrpsee-client-transport", "jsonrpsee-core", "jsonrpsee-types 0.24.7", @@ -8733,16 +8721,16 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee58dbc414bd23885d7da915e0457618b36d1fc950a6169ef2cb29829d1b1a1d" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "lazy_static", "thiserror 1.0.69", ] [[package]] name = "libc" -version = "0.2.169" +version = "0.2.164" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" +checksum = "433bfe06b8c75da9b2e3fbea6e5329ff87748f0b144ef75306e674c3f6f7c13f" [[package]] name = "libgit2-sys" @@ -8758,12 +8746,12 @@ dependencies = [ [[package]] name = "libloading" -version = "0.8.6" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" +checksum = "4979f22fdb869068da03c9f7528f8297c6fd2606bc3a4affe42e6a823fdb8da4" dependencies = [ "cfg-if", - "windows-targets 0.48.5", + "windows-targets 0.52.6", ] [[package]] @@ -8774,9 +8762,9 @@ checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa" [[package]] name = "libp2p-identity" -version = "0.2.10" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "257b5621d159b32282eac446bed6670c39c7dc68a200a992d8f056afa0066f6d" +checksum = "55cca1eb2bc1fd29f099f3daaab7effd01e1a54b7c577d0ed082521034d912e8" dependencies = [ "bs58", "hkdf 0.12.4", @@ -8912,9 +8900,9 @@ checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" [[package]] name = "litemap" -version = "0.7.4" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ee93343901ab17bd981295f2cf0026d4ad018c7c31ba84549a4ddbb47a45104" +checksum = "643cb0b8d4fcc284004d5fd0d67ccf61dfffadb7f75e1e71bc420f4688a3a704" [[package]] name = "lock_api" @@ -8949,18 +8937,18 @@ dependencies = [ [[package]] name = "logos" -version = "0.14.4" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7251356ef8cb7aec833ddf598c6cb24d17b689d20b993f9d11a3d764e34e6458" +checksum = "1c6b6e02facda28ca5fb8dbe4b152496ba3b1bd5a4b40bb2b1b2d8ad74e0f39b" dependencies = [ "logos-derive", ] [[package]] name = "logos-codegen" -version = "0.14.4" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59f80069600c0d66734f5ff52cc42f2dabd6b29d205f333d61fd7832e9e9963f" +checksum = "b32eb6b5f26efacd015b000bfc562186472cd9b34bdba3f6b264e2a052676d10" dependencies = [ "beef", "fnv", @@ -8968,14 +8956,14 @@ dependencies = [ "proc-macro2", "quote", "regex-syntax 0.8.5", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "logos-derive" -version = "0.14.4" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24fb722b06a9dc12adb0963ed585f19fc61dc5413e6a9be9422ef92c091e731d" +checksum = "3e5d0c5463c911ef55624739fc353238b4e310f0144be1f875dc42fec6bfd5ec" dependencies = [ "logos-codegen", ] @@ -9004,7 +8992,7 @@ version = "0.12.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "234cf4f4a04dc1f57e24b96cc0cd600cf2af460d4161ac5ecdd0af8e1f3b2a38" dependencies = [ - "hashbrown 0.15.2", + "hashbrown 0.15.1", ] [[package]] @@ -9149,9 +9137,9 @@ dependencies = [ "async-trait", "bcs 0.1.4", "borsh 0.10.4", - "bytes 1.9.0", + "bytes 1.8.0", "chrono", - "clap 4.5.23", + "clap 4.5.21", "derive_more 0.99.18", "dirs", "dot-movement", @@ -9227,7 +9215,7 @@ dependencies = [ "tokio", "tokio-stream", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -9273,7 +9261,7 @@ dependencies = [ "serde_json", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -9293,7 +9281,7 @@ dependencies = [ "serde_json", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -9377,9 +9365,9 @@ dependencies = [ [[package]] name = "miette" -version = "7.4.0" +version = "7.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "317f146e2eb7021892722af37cf1b971f0a70c8406f487e24952667616192c64" +checksum = "4edc8853320c2a0dab800fbda86253c8938f6ea88510dc92c5f1ed20e794afc1" dependencies = [ "cfg-if", "miette-derive", @@ -9389,13 +9377,13 @@ dependencies = [ [[package]] name = "miette-derive" -version = "7.4.0" +version = "7.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23c9b935fbe1d6cbd1dac857b54a688145e2d93f48db36010514d0f612d0ad67" +checksum = "dcf09caffaac8068c346b6df2a7fc27a177fd20b39421a39ce0a211bde679a6c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -9458,9 +9446,9 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" [[package]] name = "miniz_oxide" -version = "0.8.2" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ffbe83022cedc1d264172192511ae958937694cd57ce297164951b8b3568394" +checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1" dependencies = [ "adler2", "simd-adler32", @@ -9480,10 +9468,11 @@ dependencies = [ [[package]] name = "mio" -version = "1.0.3" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd" +checksum = "80e04d1dcff3aae0704555fe5fee3bcfaf3d1fdf8a7e521d5b9d2b42acb52cec" dependencies = [ + "hermit-abi 0.3.9", "libc", "wasi 0.11.0+wasi-snapshot-preview1", "windows-sys 0.52.0", @@ -9595,7 +9584,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "crossterm 0.26.1", "move-binary-format", "move-bytecode-source-map", @@ -9610,7 +9599,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "colored", "move-binary-format", @@ -9658,7 +9647,7 @@ source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597 dependencies = [ "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "hex", "move-binary-format", @@ -9685,7 +9674,7 @@ dependencies = [ "abstract-domain-derive", "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "ethnum", "flexi_logger", @@ -9716,7 +9705,7 @@ dependencies = [ "anyhow", "arbitrary", "bcs 0.1.4", - "bytes 1.9.0", + "bytes 1.8.0", "ethnum", "hashbrown 0.14.5", "hex", @@ -9740,7 +9729,7 @@ source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597 dependencies = [ "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "codespan", "colored", "move-binary-format", @@ -9758,7 +9747,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "colored", "move-binary-format", "move-bytecode-source-map", @@ -9775,7 +9764,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "codespan", "codespan-reporting", "itertools 0.12.1", @@ -9807,7 +9796,7 @@ source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597 dependencies = [ "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "move-binary-format", "move-bytecode-source-map", "move-bytecode-verifier", @@ -9892,7 +9881,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "colored", "itertools 0.12.1", "move-abigen", @@ -9927,7 +9916,7 @@ source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597 dependencies = [ "anyhow", "atty", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "itertools 0.12.1", "log", @@ -10077,7 +10066,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "better_any", - "bytes 1.9.0", + "bytes 1.8.0", "move-binary-format", "move-core-types", "move-vm-runtime", @@ -10093,7 +10082,7 @@ source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597 dependencies = [ "anyhow", "better_any", - "clap 4.5.23", + "clap 4.5.21", "codespan-reporting", "colored", "itertools 0.12.1", @@ -10120,7 +10109,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "better_any", - "bytes 1.9.0", + "bytes 1.8.0", "fail", "hashbrown 0.14.5", "lazy_static", @@ -10144,7 +10133,7 @@ version = "0.1.0" source = "git+https://github.com/movementlabsxyz/aptos-core?rev=9dfc8e7a3d622597dfd81cc4ba480a5377f87a41#9dfc8e7a3d622597dfd81cc4ba480a5377f87a41" dependencies = [ "anyhow", - "bytes 1.9.0", + "bytes 1.8.0", "move-binary-format", "move-bytecode-utils", "move-core-types", @@ -10203,7 +10192,7 @@ dependencies = [ "movement-da-light-node-proto", "movement-tracing", "movement-types", - "prost 0.13.4", + "prost 0.13.3", "serde", "serde_json", "tempfile", @@ -10231,7 +10220,7 @@ dependencies = [ "movement-celestia-da-util", "movement-da-light-node-proto", "movement-types", - "prost 0.13.4", + "prost 0.13.3", "rand 0.7.3", "serde_json", "thiserror 1.0.69", @@ -10259,7 +10248,7 @@ dependencies = [ "tokio", "tokio-stream", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -10283,7 +10272,7 @@ dependencies = [ "tokio", "tokio-stream", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -10315,7 +10304,7 @@ dependencies = [ "movement-celestia-da-light-node-setup", "movement-celestia-da-util", "movement-da-light-node-proto", - "prost 0.13.4", + "prost 0.13.3", "rand 0.7.3", "serde_json", "thiserror 1.0.69", @@ -10345,7 +10334,7 @@ dependencies = [ "k256", "memseq-util", "movement-da-light-node-proto", - "prost 0.13.4", + "prost 0.13.3", "rand 0.8.5", "serde", "serde_derive", @@ -10356,7 +10345,7 @@ dependencies = [ "toml 0.8.19", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "zstd 0.13.2", ] @@ -10394,7 +10383,7 @@ dependencies = [ "tokio", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "tracing-test", "url", ] @@ -10432,13 +10421,13 @@ name = "movement-da-light-node-client" version = "0.0.2" dependencies = [ "anyhow", - "bytes 1.9.0", + "bytes 1.8.0", "http-body-util", "hyper-util", "movement-da-light-node-proto", "tonic 0.12.3", "tonic-web", - "tower 0.5.2", + "tower 0.5.1", ] [[package]] @@ -10446,7 +10435,7 @@ name = "movement-da-light-node-proto" version = "0.0.2" dependencies = [ "buildtime", - "prost 0.13.4", + "prost 0.13.3", "tonic 0.12.3", "tonic-build", ] @@ -10460,7 +10449,7 @@ dependencies = [ "aptos-faucet-core", "aptos-logger", "aptos-sdk", - "clap 4.5.23", + "clap 4.5.21", "dot-movement", "movement-config", "tokio", @@ -10473,13 +10462,13 @@ version = "0.0.2" dependencies = [ "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "console-subscriber", "dot-movement", "futures", "godfig", "hex", - "hyper 1.5.2", + "hyper 1.5.0", "maptos-dof-execution", "mcr-settlement-client", "mcr-settlement-config", @@ -10491,7 +10480,7 @@ dependencies = [ "movement-rest", "movement-tracing", "movement-types", - "prost 0.13.4", + "prost 0.13.3", "rocksdb", "serde_json", "sha2 0.10.8", @@ -10499,7 +10488,7 @@ dependencies = [ "tokio-stream", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "zstd 0.13.2", ] @@ -10531,7 +10520,7 @@ dependencies = [ "tokio", "tokio-stream", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -10539,7 +10528,7 @@ name = "movement-indexer-service" version = "0.0.2" dependencies = [ "anyhow", - "clap 4.5.23", + "clap 4.5.21", "dot-movement", "futures", "maptos-execution-util", @@ -10553,7 +10542,7 @@ dependencies = [ "tempfile", "tokio", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -10602,7 +10591,17 @@ dependencies = [ ] [[package]] -name = "movement-signing-alloy" +name = "movement-signing-aptos" +version = "0.0.2" +dependencies = [ + "aptos-crypto", + "aptos-types", + "movement-signer", + "thiserror 1.0.69", +] + +[[package]] +name = "movement-signing-eth" version = "0.0.2" dependencies = [ "alloy", @@ -10611,6 +10610,7 @@ dependencies = [ "alloy-primitives 0.7.7", "alloy-signer", "alloy-signer-aws", + "alloy-transport-http", "anyhow", "async-trait", "aws-config", @@ -10625,22 +10625,12 @@ dependencies = [ "tokio", ] -[[package]] -name = "movement-signing-aptos" -version = "0.0.2" -dependencies = [ - "aptos-crypto", - "aptos-types", - "movement-signer", - "thiserror 1.0.69", -] - [[package]] name = "movement-tracing" version = "0.0.2" dependencies = [ "tracing-appender", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] @@ -10664,7 +10654,7 @@ version = "0.0.2" dependencies = [ "anyhow", "bcs 0.1.4", - "clap 4.5.23", + "clap 4.5.21", "console-subscriber", "dot-movement", "futures", @@ -10686,7 +10676,7 @@ dependencies = [ "tokio-stream", "tonic 0.12.3", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "zstd 0.13.2", ] @@ -10696,7 +10686,7 @@ version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "01acbdc23469fd8fe07ab135923371d5f5a422fbf9c522158677c8eb15bc51c2" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "encoding_rs", "futures-util", "http 0.2.12", @@ -10741,9 +10731,9 @@ dependencies = [ [[package]] name = "multihash" -version = "0.19.3" +version = "0.19.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b430e7953c29dd6a09afc29ff0bb69c6e306329ee6794700aee27b76a1aea8d" +checksum = "cc41f430805af9d1cf4adae4ed2149c759b877b01d909a1f40256188d09345d2" dependencies = [ "core2", "unsigned-varint", @@ -10846,7 +10836,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e408e823bdc9b4bb525a61b44e846239833a8f9bd86c03a43e4ca314a5497582" dependencies = [ "borsh 1.5.3", - "bytes 1.9.0", + "bytes 1.8.0", "serde", "sha2 0.10.8", ] @@ -11069,7 +11059,7 @@ checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -11094,9 +11084,9 @@ dependencies = [ [[package]] name = "object" -version = "0.36.7" +version = "0.36.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87" +checksum = "aedf0a2d09c573ed1d8d85b30c119153926a2b36dce0ab28322c09a117a4683e" dependencies = [ "memchr", ] @@ -11142,7 +11132,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -11276,15 +11266,16 @@ dependencies = [ [[package]] name = "parity-scale-codec" -version = "3.6.12" +version = "3.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "306800abfa29c7f16596b5970a588435e3d5b3149683d00c12b699cc19f895ee" +checksum = "8be4817d39f3272f69c59fe05d0535ae6456c2dc2fa1ba02910296c7e0a5c590" dependencies = [ "arrayvec 0.7.6", "bitvec 1.0.1", "byte-slice-cast", "impl-trait-for-tuples", - "parity-scale-codec-derive 3.6.12", + "parity-scale-codec-derive 3.7.0", + "rustversion", "serde", ] @@ -11302,14 +11293,14 @@ dependencies = [ [[package]] name = "parity-scale-codec-derive" -version = "3.6.12" +version = "3.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d830939c76d294956402033aee57a6da7b438f2294eb94864c37b0569053a42c" +checksum = "8781a75c6205af67215f382092b6e0a4ff3734798523e69073d4bcd294ec767b" dependencies = [ "proc-macro-crate 3.2.0", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.87", ] [[package]] @@ -11348,7 +11339,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e977b9066b4d3b03555c22bdc442f3fadebd96a39111249113087d0edb2691cd" dependencies = [ "ahash 0.8.11", - "bytes 1.9.0", + "bytes 1.8.0", "chrono", "futures", "half 2.4.1", @@ -11372,7 +11363,7 @@ dependencies = [ "parquet", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -11394,7 +11385,7 @@ dependencies = [ "ciborium", "coset", "data-encoding", - "indexmap 2.7.0", + "indexmap 2.6.0", "rand 0.8.5", "serde", "serde_json", @@ -11511,20 +11502,20 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" [[package]] name = "pest" -version = "2.7.15" +version = "2.7.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b7cafe60d6cf8e62e1b9b2ea516a089c008945bb5a275416789e7db0bc199dc" +checksum = "879952a81a83930934cbf1786752d6dedc3b1f29e8f8fb2ad1d0a36f377cf442" dependencies = [ "memchr", - "thiserror 2.0.9", + "thiserror 1.0.69", "ucd-trie", ] [[package]] name = "pest_derive" -version = "2.7.15" +version = "2.7.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "816518421cfc6887a0d62bf441b6ffb4536fcc926395a69e1a85852d4363f57e" +checksum = "d214365f632b123a47fd913301e14c946c61d1c183ee245fa76eb752e59a02dd" dependencies = [ "pest", "pest_generator", @@ -11532,22 +11523,22 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.7.15" +version = "2.7.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d1396fd3a870fc7838768d171b4616d5c91f6cc25e377b673d714567d99377b" +checksum = "eb55586734301717aea2ac313f50b2eb8f60d2fc3dc01d190eefa2e625f60c4e" dependencies = [ "pest", "pest_meta", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "pest_meta" -version = "2.7.15" +version = "2.7.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1e58089ea25d717bfd31fb534e4f3afcc2cc569c70de3e239778991ea3b7dea" +checksum = "b75da2a70cf4d9cb76833c990ac9cd3923c9a8905a8929789ce347c84564d03d" dependencies = [ "once_cell", "pest", @@ -11571,7 +11562,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4c5cc86750666a3ed20bdaf5ca2a0344f9c67674cae0515bec2da16fbaa47db" dependencies = [ "fixedbitset 0.4.2", - "indexmap 2.7.0", + "indexmap 2.6.0", ] [[package]] @@ -11659,7 +11650,7 @@ checksum = "3c0f5fad0874fc7abcd4d750e76917eaebbecaa2c20bde22e1dbeeba8beb758c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -11763,9 +11754,9 @@ dependencies = [ [[package]] name = "png" -version = "0.17.16" +version = "0.17.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82151a2fc869e011c153adc57cf2789ccb8d9906ce52c0b39a6b5697749d7526" +checksum = "52f9d46a34a05a6a57566bc2bfae066ef07585a6e3fa30fbbdff5936380623f0" dependencies = [ "bitflags 1.3.2", "crc32fast", @@ -11782,13 +11773,13 @@ checksum = "504774c97b0744c1ee108a37e5a65a9745a4725c4c06277521dabc28eb53a904" dependencies = [ "anyhow", "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "chrono", "cookie", "futures-util", "headers", "http 0.2.12", - "hyper 0.14.32", + "hyper 0.14.31", "mime", "multer", "nix 0.27.1", @@ -11825,7 +11816,7 @@ dependencies = [ "proc-macro-crate 2.0.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -11835,7 +11826,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e69c569eb0671cc85e65cfb6bd960d0168d24732ff58825227b4d2a10167ba91" dependencies = [ "base64 0.13.1", - "bytes 1.9.0", + "bytes 1.8.0", "derive_more 0.99.18", "futures-util", "mime", @@ -11930,7 +11921,7 @@ checksum = "acda0ebdebc28befa84bee35e651e4c5f09073d668c7aed4cf7e23c3cda84b23" dependencies = [ "base64 0.22.1", "byteorder", - "bytes 1.9.0", + "bytes 1.8.0", "fallible-iterator", "hmac 0.12.1", "md-5", @@ -11946,7 +11937,7 @@ version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f66ea23a2d0e5734297357705193335e0a957696f34bed2f2faefacb2fec336f" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "fallible-iterator", "postgres-protocol", ] @@ -12015,7 +12006,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033" dependencies = [ "proc-macro2", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -12140,9 +12131,9 @@ checksum = "bc881b2c22681370c6a780e47af9840ef841837bc98118431d4e1868bd0c1086" [[package]] name = "proc-macro2" -version = "1.0.92" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37d3544b3f2748c54e147655edb5025752e2303145b5aefb3c3ea2c78b973bb0" +checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" dependencies = [ "unicode-ident", ] @@ -12164,7 +12155,7 @@ dependencies = [ "bitflags 2.6.0", "canonical_json", "chrono", - "clap 4.5.23", + "clap 4.5.21", "diesel", "diesel-async", "diesel_migrations", @@ -12176,7 +12167,7 @@ dependencies = [ "google-cloud-pubsub", "google-cloud-storage", "hex", - "hyper 0.14.32", + "hyper 0.14.31", "itertools 0.12.1", "jemallocator", "kanal", @@ -12272,7 +12263,7 @@ version = "0.11.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b82eaa1d779e9a4bc1c3217db8ffbeabaae1dca241bf70183242128d48681cd" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "prost-derive 0.11.9", ] @@ -12282,18 +12273,18 @@ version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "deb1435c188b76130da55f17a466d252ff7b1418b2ad3e037d127b94e3411f29" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "prost-derive 0.12.6", ] [[package]] name = "prost" -version = "0.13.4" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c0fef6c4230e4ccf618a35c59d7ede15dea37de8427500f50aff708806e42ec" +checksum = "7b0487d90e047de87f984913713b85c601c05609aad5b0df4b4573fbf69aa13f" dependencies = [ - "bytes 1.9.0", - "prost-derive 0.13.4", + "bytes 1.8.0", + "prost-derive 0.13.3", ] [[package]] @@ -12302,8 +12293,8 @@ version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22505a5c94da8e3b7c2996394d1c933236c4d743e81a410bcca4e6989fc066a4" dependencies = [ - "bytes 1.9.0", - "heck 0.4.1", + "bytes 1.8.0", + "heck 0.5.0", "itertools 0.12.1", "log", "multimap", @@ -12313,27 +12304,28 @@ dependencies = [ "prost 0.12.6", "prost-types 0.12.6", "regex", - "syn 2.0.91", + "syn 2.0.87", "tempfile", ] [[package]] name = "prost-build" -version = "0.13.4" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0f3e5beed80eb580c68e2c600937ac2c4eedabdfd5ef1e5b7ea4f3fba84497b" +checksum = "0c1318b19085f08681016926435853bbf7858f9c082d0999b80550ff5d9abe15" dependencies = [ - "heck 0.4.1", + "bytes 1.8.0", + "heck 0.5.0", "itertools 0.13.0", "log", "multimap", "once_cell", "petgraph 0.6.5", "prettyplease", - "prost 0.13.4", - "prost-types 0.13.4", + "prost 0.13.3", + "prost-types 0.13.3", "regex", - "syn 2.0.91", + "syn 2.0.87", "tempfile", ] @@ -12360,20 +12352,20 @@ dependencies = [ "itertools 0.12.1", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "prost-derive" -version = "0.13.4" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "157c5a9d7ea5c2ed2d9fb8f495b64759f7816c7eaea54ba3978f0d63000162e3" +checksum = "e9552f850d5f0964a4e4d0bf306459ac29323ddfbae05e35a7c0d35cb0803cc5" dependencies = [ "anyhow", "itertools 0.13.0", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -12409,11 +12401,11 @@ dependencies = [ [[package]] name = "prost-types" -version = "0.13.4" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc2f1e56baa61e93533aebc21af4d2134b70f66275e0fcdf3cbe43d77ff7e8fc" +checksum = "4759aa0d3a6232fb8dbdb97b61de2c20047c68aca932c7ed76da9d788508d670" dependencies = [ - "prost 0.13.4", + "prost 0.13.3", ] [[package]] @@ -12447,7 +12439,7 @@ version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ac532509cee918d40f38c3e12f8ef9230f215f017d54de7dd975015538a42ce7" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "miette", "prost 0.12.6", "prost-reflect", @@ -12566,14 +12558,14 @@ version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "62e96808277ec6f97351a2380e6c25114bc9e67037775464979f3037c92d05ef" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "pin-project-lite", "quinn-proto", "quinn-udp", - "rustc-hash 2.1.0", - "rustls 0.23.20", - "socket2 0.5.8", - "thiserror 2.0.9", + "rustc-hash 2.0.0", + "rustls 0.23.17", + "socket2 0.5.7", + "thiserror 2.0.7", "tokio", "tracing", ] @@ -12584,15 +12576,15 @@ version = "0.11.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2fe5ef3495d7d2e377ff17b1a8ce2ee2ec2a18cde8b6ad6619d65d0701c135d" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "getrandom 0.2.15", "rand 0.8.5", "ring 0.17.8", - "rustc-hash 2.1.0", - "rustls 0.23.20", + "rustc-hash 2.0.0", + "rustls 0.23.17", "rustls-pki-types", "slab", - "thiserror 2.0.9", + "thiserror 2.0.7", "tinyvec", "tracing", "web-time", @@ -12600,16 +12592,16 @@ dependencies = [ [[package]] name = "quinn-udp" -version = "0.5.9" +version = "0.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c40286217b4ba3a71d644d752e6a0b71f13f1b6a2c5311acfcbe0c2418ed904" +checksum = "52cd4b1eff68bf27940dd39811292c49e007f4d0b4c357358dc9b0197be6b527" dependencies = [ "cfg_aliases", "libc", "once_cell", - "socket2 0.5.8", + "socket2 0.5.7", "tracing", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -12777,7 +12769,7 @@ checksum = "aa8455fa3621f6b41c514946de66ea0531f57ca017b2e6c7cc368035ea5b46df" dependencies = [ "arc-swap", "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "combine", "futures", "futures-util", @@ -12803,9 +12795,9 @@ dependencies = [ [[package]] name = "redox_syscall" -version = "0.5.8" +version = "0.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03a862b389f93e68874fbf580b9de08dd02facb9a788ebadaf4a3fd33cf58834" +checksum = "9b6dfecf2c74bce2466cabf93f6664d6998a69eb21e39f4207930065b27b771f" dependencies = [ "bitflags 2.6.0", ] @@ -12838,7 +12830,7 @@ checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -12898,7 +12890,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" dependencies = [ "base64 0.21.7", - "bytes 1.9.0", + "bytes 1.8.0", "cookie", "cookie_store", "encoding_rs", @@ -12907,7 +12899,7 @@ dependencies = [ "h2 0.3.26", "http 0.2.12", "http-body 0.4.6", - "hyper 0.14.32", + "hyper 0.14.31", "hyper-rustls 0.24.2", "hyper-tls 0.5.0", "ipnet", @@ -12947,16 +12939,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a77c62af46e79de0a562e1a9849205ffcb7fc1238876e9bd743357570e04046f" dependencies = [ "base64 0.22.1", - "bytes 1.9.0", + "bytes 1.8.0", "encoding_rs", "futures-core", "futures-util", - "h2 0.4.7", - "http 1.2.0", + "h2 0.4.6", + "http 1.1.0", "http-body 1.0.1", "http-body-util", - "hyper 1.5.2", - "hyper-rustls 0.27.5", + "hyper 1.5.0", + "hyper-rustls 0.27.3", "hyper-tls 0.6.0", "hyper-util", "ipnet", @@ -12968,23 +12960,23 @@ dependencies = [ "percent-encoding", "pin-project-lite", "quinn", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-pemfile 2.2.0", "rustls-pki-types", "serde", "serde_json", "serde_urlencoded", - "sync_wrapper 1.0.2", + "sync_wrapper 1.0.1", "system-configuration 0.6.1", "tokio", "tokio-native-tls", - "tokio-rustls 0.26.1", + "tokio-rustls 0.26.0", "tower-service", "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots 0.26.7", + "webpki-roots 0.26.6", "windows-registry", ] @@ -13017,9 +13009,9 @@ dependencies = [ [[package]] name = "rfc7239" -version = "0.1.3" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a82f1d1e38e9a85bb58ffcfadf22ed6f2c94e8cd8581ec2b0f80a2a6858350f" +checksum = "b106a85eeb5b0336d16d6a20eab857f92861d4fbb1eb9a239866fb98fb6a1063" dependencies = [ "uncased", ] @@ -13097,7 +13089,7 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bb919243f34364b6bd2fc10ef797edbfa75f33c252e7998527479c6d6b47e1ec" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "rustc-hex", ] @@ -13133,9 +13125,9 @@ dependencies = [ [[package]] name = "rsa" -version = "0.9.7" +version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "47c75d7c5c6b673e58bf54d8544a9f432e3a925b0e80f7cd3602ab5c50c55519" +checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" dependencies = [ "const-oid 0.9.6", "digest 0.10.7", @@ -13181,20 +13173,18 @@ dependencies = [ [[package]] name = "ruint" -version = "1.12.4" +version = "1.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5ef8fb1dd8de3870cb8400d51b4c2023854bbafd5431a3ac7e7317243e22d2f" +checksum = "2c3cc4c2511671f327125da14133d0c5c5d137f006a1017a16f557bc85b16286" dependencies = [ "alloy-rlp", "ark-ff 0.3.0", "ark-ff 0.4.2", - "bytes 1.9.0", - "fastrlp 0.3.1", - "fastrlp 0.4.0", + "bytes 1.8.0", + "fastrlp", "num-bigint 0.4.6", - "num-integer", "num-traits", - "parity-scale-codec 3.6.12", + "parity-scale-codec 3.7.0", "primitive-types 0.12.2", "proptest", "rand 0.8.5", @@ -13235,9 +13225,9 @@ checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] name = "rustc-hash" -version = "2.1.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7fb8039b3032c191086b10f11f319a6e99e1e82889c5cc6046f515c9db1d497" +checksum = "583034fd73374156e66797ed8e5b0d5690409c9226b22d87cb7f19821c05d152" [[package]] name = "rustc-hex" @@ -13260,7 +13250,7 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" dependencies = [ - "semver 1.0.24", + "semver 1.0.23", ] [[package]] @@ -13271,8 +13261,8 @@ checksum = "759a090a17ce545d1adcffcc48207d5136c8984d8153bd8247b1ad4a71e49f5f" dependencies = [ "anyhow", "async-trait", - "bytes 1.9.0", - "http 1.2.0", + "bytes 1.8.0", + "http 1.1.0", "reqwest 0.12.9", "rustify_derive", "serde", @@ -13327,9 +13317,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.42" +version = "0.38.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f93dc38ecbab2eb790ff964bb77fa94faf256fd3e73285fd7ba0903b76bedb85" +checksum = "99e4ea3e1cdc4b559b8e5650f9c8e5998e3e5c1343b4eaf034565f32318d63c0" dependencies = [ "bitflags 2.6.0", "errno", @@ -13366,9 +13356,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.20" +version = "0.23.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5065c3f250cbd332cd894be57c40fa52387247659b14a2d6041d121547903b1b" +checksum = "7f1a745511c54ba6d4465e8d5dfbd81b45791756de28d4981af70d6dca128f1e" dependencies = [ "log", "once_cell", @@ -13424,9 +13414,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.10.1" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2bf47e6ff922db3825eb750c4e2ff784c6ff8fb9e13046ef6a1d1c5401b0b37" +checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b" dependencies = [ "web-time", ] @@ -13442,13 +13432,13 @@ dependencies = [ "jni", "log", "once_cell", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-native-certs 0.7.3", "rustls-platform-verifier-android", "rustls-webpki 0.102.8", "security-framework", "security-framework-sys", - "webpki-roots 0.26.7", + "webpki-roots 0.26.6", "winapi 0.3.9", ] @@ -13524,9 +13514,9 @@ dependencies = [ [[package]] name = "schannel" -version = "0.1.27" +version = "0.1.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d" +checksum = "01227be5826fa0690321a2ba6c5cd57a19cf3f6a09e76973b58e61de6ab9d1c1" dependencies = [ "windows-sys 0.59.0", ] @@ -13561,7 +13551,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -13639,9 +13629,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.13.0" +version = "2.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1863fd3768cd83c56a7f60faa4dc0d403f1b6df0a38c3c25f44b7894e45370d5" +checksum = "fa39c7303dc58b5543c94d22c1766b0d31f2ee58306363ea622b10bbc075eaa2" dependencies = [ "core-foundation-sys", "libc", @@ -13658,18 +13648,18 @@ dependencies = [ [[package]] name = "semver" -version = "1.0.24" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3cb6eb87a131f756572d7fb904f6e7b68633f09cca868c5df1c4b8d1a694bbba" +checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" dependencies = [ "serde", ] [[package]] name = "semver-parser" -version = "0.10.3" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9900206b54a3527fdc7b8a938bffd94a568bac4f4aa8113b209df75a09c0dec2" +checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" dependencies = [ "pest", ] @@ -13697,9 +13687,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.216" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9781016e935a97e8beecf0c933758c97a5520d32930e460142b4cd80c6338e" +checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" dependencies = [ "serde_derive", ] @@ -13772,13 +13762,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.216" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46f859dbbf73865c6627ed570e78961cd3ac92407a2d117204c49232485da55e" +checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -13789,16 +13779,16 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "serde_json" -version = "1.0.134" +version = "1.0.133" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d00f4175c42ee48b15416f6193a959ba3a0d67fc699a0db9ad12df9f83991c7d" +checksum = "c7fceb2473b9166b2294ef05efcb65a3db80803f0b03ef86a5fc88a2b85ee377" dependencies = [ - "indexmap 2.7.0", + "indexmap 2.6.0", "itoa", "memchr", "ryu", @@ -13834,7 +13824,7 @@ checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -13868,7 +13858,7 @@ dependencies = [ "chrono", "hex", "indexmap 1.9.3", - "indexmap 2.7.0", + "indexmap 2.6.0", "serde", "serde_derive", "serde_json", @@ -13885,7 +13875,7 @@ dependencies = [ "darling 0.20.10", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -13906,7 +13896,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.7.0", + "indexmap 2.6.0", "itoa", "ryu", "serde", @@ -13922,7 +13912,7 @@ dependencies = [ "aptos-system-utils", "async-trait", "backtrace", - "clap 4.5.23", + "clap 4.5.21", "prometheus", "serde", "serde_yaml 0.8.26", @@ -13930,7 +13920,7 @@ dependencies = [ "tokio", "toml 0.8.19", "tracing", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "warp", ] @@ -14094,7 +14084,7 @@ checksum = "ab0381d1913eeaf4c7bc4094016c9a8de6c1120663afe32a90ff268ad7f80486" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14259,9 +14249,9 @@ dependencies = [ [[package]] name = "socket2" -version = "0.5.8" +version = "0.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c970269d99b64e60ec3bd6ad27270092a5394c4e309314b18ae3fe575695fbe8" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" dependencies = [ "libc", "windows-sys 0.52.0", @@ -14269,12 +14259,12 @@ dependencies = [ [[package]] name = "soketto" -version = "0.8.1" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e859df029d160cb88608f5d7df7fb4753fd20fdfb4de5644f3d8b8440841721" +checksum = "37468c595637c10857701c990f93a40ce0e357cedb0953d1c26c8d8027f9bb53" dependencies = [ "base64 0.22.1", - "bytes 1.9.0", + "bytes 1.8.0", "futures", "httparse", "log", @@ -14464,7 +14454,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14477,7 +14467,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14537,9 +14527,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.91" +version = "2.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d53cbcb5a243bd33b7858b1d7f4aca2153490815872d86d955d6ea29f743c035" +checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d" dependencies = [ "proc-macro2", "quote", @@ -14555,7 +14545,7 @@ dependencies = [ "paste", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14566,9 +14556,9 @@ checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" [[package]] name = "sync_wrapper" -version = "1.0.2" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263" +checksum = "a7065abeca94b6a8a577f9bd45aa0867a2238b74e8eb67cf10d492bc39351394" dependencies = [ "futures-core", ] @@ -14583,7 +14573,7 @@ dependencies = [ "aws-config", "aws-sdk-s3", "aws-types", - "clap 4.5.23", + "clap 4.5.21", "flate2", "flocks", "futures", @@ -14634,7 +14624,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14724,10 +14714,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28cce251fcbc87fac86a866eeb0d6c2d536fc16d06f184bb61aeae11aa4cee0c" dependencies = [ "cfg-if", - "fastrand 2.3.0", + "fastrand 2.2.0", "once_cell", - "rustix 0.38.42", - "windows-sys 0.52.0", + "rustix 0.38.40", + "windows-sys 0.59.0", ] [[package]] @@ -14802,11 +14792,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.9" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f072643fd0190df67a8bab670c20ef5d8737177d6ac6b2e9a236cb096206b2cc" +checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" dependencies = [ - "thiserror-impl 2.0.9", + "thiserror-impl 2.0.7", ] [[package]] @@ -14817,18 +14807,18 @@ checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "thiserror-impl" -version = "2.0.9" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b50fa271071aae2e6ee85f842e2e28ba8cd2c5fb67f11fcb1fd70b276f9e7d4" +checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -14863,9 +14853,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.37" +version = "0.3.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35e7868883861bd0e56d9ac6efcaaca0d6d5d82a2a7ec8209ff492c07cf37b21" +checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" dependencies = [ "deranged", "itoa", @@ -14886,9 +14876,9 @@ checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3" [[package]] name = "time-macros" -version = "0.2.19" +version = "0.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2834e6017e3e5e4b9834939793b282bc03b37a3336245fa820e35e233e2a85de" +checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" dependencies = [ "num-conv", "time-core", @@ -14944,9 +14934,9 @@ dependencies = [ [[package]] name = "tinyvec" -version = "1.8.1" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8" +checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938" dependencies = [ "tinyvec_macros", ] @@ -14959,18 +14949,18 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.42.0" +version = "1.41.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cec9b21b0450273377fc97bd4c33a8acffc8c996c987a7c5b319a0083707551" +checksum = "22cfb5bee7a6a52939ca9224d6ac897bb669134078daa8735560897f69de4d33" dependencies = [ "backtrace", - "bytes 1.9.0", + "bytes 1.8.0", "libc", - "mio 1.0.3", + "mio 1.0.2", "parking_lot", "pin-project-lite", "signal-hook-registry", - "socket2 0.5.8", + "socket2 0.5.7", "tokio-macros", "tracing", "windows-sys 0.52.0", @@ -14994,7 +14984,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -15015,7 +15005,7 @@ checksum = "3b5d3742945bc7d7f210693b0c58ae542c6fd47b17adbbda0885f3dcb34a6bdb" dependencies = [ "async-trait", "byteorder", - "bytes 1.9.0", + "bytes 1.8.0", "fallible-iterator", "futures-channel", "futures-util", @@ -15027,7 +15017,7 @@ dependencies = [ "postgres-protocol", "postgres-types", "rand 0.8.5", - "socket2 0.5.8", + "socket2 0.5.7", "tokio", "tokio-util", "whoami", @@ -15077,19 +15067,20 @@ dependencies = [ [[package]] name = "tokio-rustls" -version = "0.26.1" +version = "0.26.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f6d0975eaace0cf0fcadee4e4aaa5da15b5c079146f2cffb67c113be122bf37" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" dependencies = [ - "rustls 0.23.20", + "rustls 0.23.17", + "rustls-pki-types", "tokio", ] [[package]] name = "tokio-stream" -version = "0.1.17" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eca58d7bba4a75707817a2c44174253f9236b2d5fbd055602e9d5c07c139a047" +checksum = "4f4e6ce100d0eb49a2734f8c0812bcd324cf357d21810932c5df6b96ef2b86f1" dependencies = [ "futures-core", "pin-project-lite", @@ -15117,21 +15108,21 @@ checksum = "c6989540ced10490aaf14e6bad2e3d33728a2813310a0c71d1574304c49631cd" dependencies = [ "futures-util", "log", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-pki-types", "tokio", - "tokio-rustls 0.26.1", + "tokio-rustls 0.26.0", "tungstenite 0.23.0", - "webpki-roots 0.26.7", + "webpki-roots 0.26.6", ] [[package]] name = "tokio-util" -version = "0.7.13" +version = "0.7.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7fcaa8d55a2bdd6b83ace262b016eca0d79ee02818c5c1bcdf0305114081078" +checksum = "61e7c3654c13bcd040d4a03abee2c75b1d14a37b423cf5a813ceae1cc903ec6a" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-core", "futures-io", "futures-sink", @@ -15175,7 +15166,7 @@ version = "0.19.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" dependencies = [ - "indexmap 2.7.0", + "indexmap 2.6.0", "toml_datetime", "winnow 0.5.40", ] @@ -15186,7 +15177,7 @@ version = "0.20.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70f427fce4d84c72b5b732388bf4a9f4531b53f74e2887e3ecb2481f68f66d81" dependencies = [ - "indexmap 2.7.0", + "indexmap 2.6.0", "toml_datetime", "winnow 0.5.40", ] @@ -15197,7 +15188,7 @@ version = "0.22.22" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4ae48d6208a266e853d946088ed816055e556cc6028c5e8e2b84d9fa5dd7c7f5" dependencies = [ - "indexmap 2.7.0", + "indexmap 2.6.0", "serde", "serde_spanned", "toml_datetime", @@ -15214,14 +15205,14 @@ dependencies = [ "async-trait", "axum 0.6.20", "base64 0.21.7", - "bytes 1.9.0", + "bytes 1.8.0", "flate2", "futures-core", "futures-util", "h2 0.3.26", "http 0.2.12", "http-body 0.4.6", - "hyper 0.14.32", + "hyper 0.14.31", "hyper-timeout 0.4.1", "percent-encoding", "pin-project 1.1.7", @@ -15247,12 +15238,12 @@ dependencies = [ "async-trait", "axum 0.6.20", "base64 0.21.7", - "bytes 1.9.0", + "bytes 1.8.0", "flate2", "h2 0.3.26", "http 0.2.12", "http-body 0.4.6", - "hyper 0.14.32", + "hyper 0.14.31", "hyper-timeout 0.4.1", "percent-encoding", "pin-project 1.1.7", @@ -15280,28 +15271,28 @@ dependencies = [ "async-trait", "axum 0.7.9", "base64 0.22.1", - "bytes 1.9.0", + "bytes 1.8.0", "flate2", - "h2 0.4.7", - "http 1.2.0", + "h2 0.4.6", + "http 1.1.0", "http-body 1.0.1", "http-body-util", - "hyper 1.5.2", + "hyper 1.5.0", "hyper-timeout 0.5.2", "hyper-util", "percent-encoding", "pin-project 1.1.7", - "prost 0.13.4", + "prost 0.13.3", "rustls-pemfile 2.2.0", - "socket2 0.5.8", + "socket2 0.5.7", "tokio", - "tokio-rustls 0.26.1", + "tokio-rustls 0.26.0", "tokio-stream", "tower 0.4.13", "tower-layer", "tower-service", "tracing", - "webpki-roots 0.26.7", + "webpki-roots 0.26.6", ] [[package]] @@ -15312,10 +15303,10 @@ checksum = "9557ce109ea773b399c9b9e5dca39294110b74f1f342cb347a80d1fce8c26a11" dependencies = [ "prettyplease", "proc-macro2", - "prost-build 0.13.4", - "prost-types 0.13.4", + "prost-build 0.13.3", + "prost-types 0.13.3", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -15337,8 +15328,8 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "878d81f52e7fcfd80026b7fdb6a9b578b3c3653ba987f87f0dce4b64043cba27" dependencies = [ - "prost 0.13.4", - "prost-types 0.13.4", + "prost 0.13.3", + "prost-types 0.13.3", "tokio", "tokio-stream", "tonic 0.12.3", @@ -15351,8 +15342,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5299dd20801ad736dccb4a5ea0da7376e59cd98f213bf1c3d478cf53f4834b58" dependencies = [ "base64 0.22.1", - "bytes 1.9.0", - "http 1.2.0", + "bytes 1.8.0", + "http 1.1.0", "http-body 1.0.1", "http-body-util", "pin-project 1.1.7", @@ -15386,14 +15377,14 @@ dependencies = [ [[package]] name = "tower" -version = "0.5.2" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9" +checksum = "2873938d487c3cfb9aed7546dc9f2711d867c9f90c46b889989a2cb84eba6b4f" dependencies = [ "futures-core", "futures-util", "pin-project-lite", - "sync_wrapper 1.0.2", + "sync_wrapper 0.1.2", "tower-layer", "tower-service", ] @@ -15405,8 +15396,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e9cd434a998747dd2c4276bc96ee2e0c7a2eadf3cae88e52be55a05fa9053f5" dependencies = [ "bitflags 2.6.0", - "bytes 1.9.0", - "http 1.2.0", + "bytes 1.8.0", + "http 1.1.0", "http-body 1.0.1", "http-body-util", "pin-project-lite", @@ -15428,9 +15419,9 @@ checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" [[package]] name = "tracing" -version = "0.1.41" +version = "0.1.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" dependencies = [ "log", "pin-project-lite", @@ -15447,25 +15438,25 @@ dependencies = [ "crossbeam-channel", "thiserror 1.0.69", "time", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", ] [[package]] name = "tracing-attributes" -version = "0.1.28" +version = "0.1.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d" +checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "tracing-core" -version = "0.1.33" +version = "0.1.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" dependencies = [ "once_cell", "valuable", @@ -15484,9 +15475,9 @@ dependencies = [ [[package]] name = "tracing-serde" -version = "0.2.0" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "704b1aeb7be0d0a84fc9828cae51dab5970fee5088f83d1dd7ee6f6246fc6ff1" +checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" dependencies = [ "serde", "tracing-core", @@ -15503,9 +15494,9 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.3.19" +version = "0.3.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008" +checksum = "ad0f048c97dbd9faa9b7df56362b8ebcaa52adb06b498c050d2f4e32f90a7a8b" dependencies = [ "matchers", "nu-ansi-term 0.46.0", @@ -15529,7 +15520,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "557b891436fe0d5e0e363427fc7f217abf9ccd510d5136549847bdcbcd011d68" dependencies = [ "tracing-core", - "tracing-subscriber 0.3.19", + "tracing-subscriber 0.3.18", "tracing-test-macro", ] @@ -15540,7 +15531,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04659ddb06c87d233c566112c1c9c5b9e98256d9af50ec3bc9c8327f873a7568" dependencies = [ "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -15590,9 +15581,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ef1a641ea34f399a848dea702823bbecfb4c486f911735368f1f137cb8257e1" dependencies = [ "byteorder", - "bytes 1.9.0", + "bytes 1.8.0", "data-encoding", - "http 1.2.0", + "http 1.1.0", "httparse", "log", "rand 0.8.5", @@ -15609,13 +15600,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6e2e2ce1e47ed2994fd43b04c8f618008d4cabdd5ee34027cf14f9d918edd9c8" dependencies = [ "byteorder", - "bytes 1.9.0", + "bytes 1.8.0", "data-encoding", - "http 1.2.0", + "http 1.1.0", "httparse", "log", "rand 0.8.5", - "rustls 0.23.20", + "rustls 0.23.17", "rustls-pki-types", "sha1", "thiserror 1.0.69", @@ -15663,7 +15654,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a615d6c2764852a2e88a4f16e9ce1ea49bb776b5872956309e170d63a042a34f" dependencies = [ "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -15793,15 +15784,15 @@ checksum = "7e51b68083f157f853b6379db119d1c1be0e6e4dec98101079dec41f6f5cf6df" [[package]] name = "unicode-bidi" -version = "0.3.18" +version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c1cb5db39152898a79168971543b1cb5020dff7fe43c8dc468b0885f5e29df5" +checksum = "5ab17db44d7388991a428b2ee655ce0c212e862eff1768a455c58f9aad6e7893" [[package]] name = "unicode-ident" -version = "1.0.14" +version = "1.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83" +checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" [[package]] name = "unicode-linebreak" @@ -15895,9 +15886,9 @@ dependencies = [ [[package]] name = "url" -version = "2.5.4" +version = "2.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32f8b686cadd1473f4bd0117a5d28d36b1ade384ea9b5069a1c40aefed7fda60" +checksum = "8d157f1b96d14500ffdc1f10ba712e780825526c03d9a49b4d0324b0d9113ada" dependencies = [ "form_urlencoded", "idna 1.0.3", @@ -15913,16 +15904,15 @@ checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da" [[package]] name = "utcnow" -version = "0.2.7" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3d1b903f7711bad0f9c1716c1497bf3db4289c53a2985ba42ac2f2e04047bd9" +checksum = "efb0d3098213b3f48185495cf55494b3201824dae380b9d7e408fedcd793ffcd" dependencies = [ "const_fn", "errno", "js-sys", "libc", - "rustix 0.37.27", - "rustversion", + "rustix 0.38.40", "wasi 0.11.0+wasi-snapshot-preview1", "wasm-bindgen", "winapi 0.3.9", @@ -15985,9 +15975,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a769a71e45deef489beed23167f79ee75d41f482b5e3d96ddab833f24fd07e51" dependencies = [ "async-trait", - "bytes 1.9.0", + "bytes 1.8.0", "derive_builder", - "http 1.2.0", + "http 1.1.0", "reqwest 0.12.9", "rustify", "rustify_derive", @@ -16062,12 +16052,12 @@ version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4378d202ff965b011c64817db11d5829506d3404edeadb61f190d111da3f231c" dependencies = [ - "bytes 1.9.0", + "bytes 1.8.0", "futures-channel", "futures-util", "headers", "http 0.2.12", - "hyper 0.14.32", + "hyper 0.14.31", "log", "mime", "mime_guess", @@ -16107,9 +16097,9 @@ checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b" [[package]] name = "wasm-bindgen" -version = "0.2.99" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a474f6281d1d70c17ae7aa6a613c87fce69a127e2624002df63dcb39d6cf6396" +checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e" dependencies = [ "cfg-if", "once_cell", @@ -16118,36 +16108,36 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.99" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f89bb38646b4f81674e8f5c3fb81b562be1fd936d84320f3264486418519c79" +checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358" dependencies = [ "bumpalo", "log", + "once_cell", "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.49" +version = "0.4.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38176d9b44ea84e9184eff0bc34cc167ed044f816accfe5922e54d84cf48eca2" +checksum = "cc7ec4f8827a71586374db3e87abdb5a2bb3a15afed140221307c3ec06b1f63b" dependencies = [ "cfg-if", "js-sys", - "once_cell", "wasm-bindgen", "web-sys", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.99" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2cc6181fd9a7492eef6fef1f33961e3695e4579b9872a6f7c83aee556666d4fe" +checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -16155,22 +16145,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.99" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30d7a95b763d3c45903ed6c81f156801839e5ee968bb07e534c44df0fcd330c2" +checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.99" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "943aab3fdaaa029a6e0271b35ea10b72b943135afe9bffca82384098ad0e06a6" +checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d" [[package]] name = "wasm-streams" @@ -16187,9 +16177,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.76" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04dd7223427d52553d3702c004d3b2fe07c148165faa56313cb00211e31c12bc" +checksum = "f6488b90108c040df0fe62fa815cbdee25124641df01814dd7282749234c6112" dependencies = [ "js-sys", "wasm-bindgen", @@ -16222,9 +16212,9 @@ checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" [[package]] name = "webpki-roots" -version = "0.26.7" +version = "0.26.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d642ff16b7e79272ae451b7322067cdc17cadf68c23264be9d94a32319efe7e" +checksum = "841c67bff177718f1d4dfefde8d8f0e78f9b6589319ba88312f567fc5841a958" dependencies = [ "rustls-pki-types", ] @@ -16233,7 +16223,7 @@ dependencies = [ name = "whitelist" version = "0.0.2" dependencies = [ - "prost 0.13.4", + "prost 0.13.3", "thiserror 1.0.69", "tonic 0.12.3", ] @@ -16295,7 +16285,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.48.0", + "windows-sys 0.59.0", ] [[package]] @@ -16649,7 +16639,7 @@ checksum = "8da84f1a25939b27f6820d92aed108f83ff920fdf11a7b19366c27c4cda81d4f" dependencies = [ "libc", "linux-raw-sys 0.4.14", - "rustix 0.38.42", + "rustix 0.38.40", ] [[package]] @@ -16675,9 +16665,9 @@ checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049" [[package]] name = "yoke" -version = "0.7.5" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "120e6aef9aa629e3d4f52dc8cc43a015c7724194c97dfaf45180d2daf2b77f40" +checksum = "6c5b1314b079b0930c31e3af543d8ee1757b1951ae1e1565ec704403a7240ca5" dependencies = [ "serde", "stable_deref_trait", @@ -16687,13 +16677,13 @@ dependencies = [ [[package]] name = "yoke-derive" -version = "0.7.5" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154" +checksum = "28cc31741b18cb6f1d5ff12f5b7523e3d6eb0852bbbad19d73905511d9849b95" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "synstructure 0.13.1", ] @@ -16746,27 +16736,27 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] name = "zerofrom" -version = "0.1.5" +version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cff3ee08c995dee1859d998dea82f7374f2826091dd9cd47def953cae446cd2e" +checksum = "91ec111ce797d0e0784a1116d0ddcdbea84322cd79e5d5ad173daeba4f93ab55" dependencies = [ "zerofrom-derive", ] [[package]] name = "zerofrom-derive" -version = "0.1.5" +version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "595eed982f7d355beb85837f651fa22e90b3c044842dc7f2c2842c086f295808" +checksum = "0ea7b4a3637ea8669cedf0f1fd5c286a17f3de97b8dd5a70a6c167a1730e63a5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", "synstructure 0.13.1", ] @@ -16787,7 +16777,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]] @@ -16809,7 +16799,7 @@ checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.91", + "syn 2.0.87", ] [[package]]