Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Official Audit #4

Open
c-blake opened this issue Apr 5, 2023 · 2 comments
Open

Official Audit #4

c-blake opened this issue Apr 5, 2023 · 2 comments

Comments

@c-blake
Copy link

c-blake commented Apr 5, 2023

It's hard for me to say what kind of interest level you have gotten in use of this library, but the idea came up that it would help the broader community if an official audit/certification was done. This could maybe be paid for by EFoundation or someone else.

Just to be clear, I am not asserting any bugs in your code, but passing certain bureaucratic hurdles like someone official running against official SHA256 hash test suites can help other people's comfort levels and pave the way for easier adoption.

Are there any plans for this? If so, has any motion on that happened yet? If not, do you foresee any obstacles?

@potuz
Copy link
Collaborator

potuz commented Apr 5, 2023

We have had the EF and ourselves running differential fuzzers on gohashtree and hashtree before we switched libraries, but there has not been any official audit. Prysm will get an audit soon and as part of it gohashtree will be audited. I wouldn't mind an audit of hashtree as well, but there are no plans that I am aware of. For adoption of this library in particular I think at the very least I need to port the sha version of ARM64 (that is covered in gohashtree but not here) and perhaps automatic CPU detection to simplify the exported functions to simply one

cc @prestonvanloon

@c-blake
Copy link
Author

c-blake commented Apr 12, 2023

The ARM64 port of the go asm to hashtree would be great, if I haven't said so before.

cpuid dispatch is more straightforward and cpuid itself is also Intel-specific. I guess for ARM it might be IID_AA64_ISAR{0,1}_EL1.

It is debatable, but it might be best to leave this dispatching to higher levels, at least until a post-audit era. For example, it is at least theoretically possible that one branch could fail an audit while others succeed, making higher levels want a non-hard coded selection protocol. At the least, it should probably be just an optional layer/entry point (which is probably how you would have designed it anyway.. just saying).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants