neo-swift icon indicating copy to clipboard operation
neo-swift copied to clipboard

Published 20 hours ago verified publisher icon CityOfZion

Strech Goal: NeoCrypto in Pure Swift

Open saltyskip opened this issue 7 years ago • 7 comments

NeoCrypto library with full ECC support written in pure Swift...currently required to cross compile through GoLang, but this would be a huge achievement for anyone interested in cryptography

saltyskip avatar Sep 18 '17 06:09 saltyskip

Given the work load required to fully implement a crypto lib that would encompass key generation, signing and verification in pure Swift, I propose the creation of a Swift lib that would make use of the already available security features in iOS and macOS (in Security framework, et al).

I don't know if it is the objective of this project to be also compatible with Linux. If that is the case then using the iOS/macOS Security framework would not be possible in the end, but I can see it as a mid-term solution in the road to a pure Swift implementation.

lm2s avatar Sep 18 '17 09:09 lm2s

I had similar thoughts at the beginning, but one issue with the Security Framework is that it seems to be relatively difficult to retrieve Private Key values, and use them effectively. They are guarded very heavily by KeyStore which is not desirable.

If we want to do any custom operations for example converting the privatekey to WIF format, it appears to be not possible? I haven't researched as extensively as I could, but it seems Security framework is not suited to cryptocurrency applications for this reason

saltyskip avatar Sep 18 '17 09:09 saltyskip

I'll have to study it a bit more, in the documentation I don't see anything making it impossible for our use-case. Around the web I see some big no-no's, but I'm left wondering if it's just people misinterpreting the documentation.

Necessary operations:

  • Generation of key pairs
  • Import of private key / public key
  • Export of private key / public key
  • Signing / Verification

If the Security framework allows these operations, I think everything can be implemented, no? I think the encoding or decoding in the WIF format can be accomplished in pure Swift if the above operations are possible.

lm2s avatar Sep 18 '17 10:09 lm2s

Basically right, but some stricter requirements

  • Generation,Import, Export of public/private keys as a Hexadecimal String or Raw Byte Data
  • Verification Specific to Neo network protocol, there's a special prefix/suffix that goes on to the public key
  • Signing using specifically p256 curve, and being able to specify the random seed

saltyskip avatar Sep 18 '17 11:09 saltyskip

I agree, that if the security framework works than it is a very good mid term solution

saltyskip avatar Sep 18 '17 11:09 saltyskip

What I gathered:

  • It's possible to generate, import and export, but not as raw bytes or hexadecimal. So a middle step to convert to and from PEM would be necessary.
  • The verification I assume would work correctly, since I believe the prefix/suffix should be stripped before using the key, but I'm not sure that's how it works.
  • The curve is available but not the option to set the seed.

So it doesn't seem possible (lack of custom seed support), but since the Security framework is a bit obscure and documentation lacking, I might have missed something.

lm2s avatar Sep 20 '17 08:09 lm2s

Disappointing, but you conclusion matches my original research. It's very much in line with Apple's security policy to not expose to much to the user like that

saltyskip avatar Sep 21 '17 00:09 saltyskip