Skip to content

Fix initial version of cardano-crypto-wallet#667

Draft
lehins wants to merge 33 commits into
masterfrom
lehins/fix-cardano-crypto-wallet
Draft

Fix initial version of cardano-crypto-wallet#667
lehins wants to merge 33 commits into
masterfrom
lehins/fix-cardano-crypto-wallet

Conversation

@lehins

@lehins lehins commented Jun 4, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Description

This is a PR that fixes initial version that was added in #653 and reverts #666

This PR is mostly ready. I just need to tidy up git history, self-review the PR and provide a better description for this PR with important changes that are applied to the initial version. Other than that it is ready for review

Checklist

  • Commit sequence broadly makes sense and commits have useful messages
  • New tests are added if needed and existing tests are updated
  • All visible changes are prepended to the latest section of a CHANGELOG.md for the affected packages.
    New section is never added with the code changes. (See RELEASING.md)
  • When applicable, versions are updated in .cabal and CHANGELOG.md files according to the
    versioning process.
  • The version bounds in .cabal files for all affected packages are updated.
    If you change the bounds in a cabal file, that package itself must have a version increase. (See RELEASING.md)
  • Self-reviewed the diff

lehins added 30 commits June 4, 2026 18:43
@lehins
Revert "cardano-crypto-wallet: rename ed25519 C symbols from cardano_…
91d2b9a 
…crypto_ to ccw_"

This reverts commit cc5f867.
@lehins
Re-export byteArrayFromShortByteString, byteArrayToShortByteString.
7f98af1
@lehins
Add byteArrayFromByteString
4397c90 
Also deprecate `byteStringToByteArray` in its favor
@lehins
Add psbToByteArray
b9010b0
@lehins
Add psbFromByteStringM
a94caf2
@lehins
Add the odd output file to gitignore
a2c868d
@lehins
Introduce SecretKey
6b5edc2
@lehins
Make PublicKey into a newtype
b51bc91
@lehins
Introduce withDecryptedKeyMaterial
2c72a01 
This properly fixes scoping and async exception handling for decrypting
`KeyMaterial`

Also rename `encryptedChangePass` -> `encryptedChangePassphrase` for
consistency with `encryptedValidatePassphrase`
@lehins
Introduce proper scoping in withEncryptedKeyOutput
7165b0a
@lehins
Introduce Validity parameter to KeyMaterial
0fa54e9
@lehins
Improve EncryptedKey type safety
1f55856 
Also introduce a more descriptive `mkEncryptedKey` function that
deprecates `encryptedKey`
@lehins
Make ChainCode into a newtype
dc49f21
@lehins
Improve scoping of decryptKeyMaterialV2
0e52faa 
Extracting `SecretKey` construction outside, makes resource allocation
in `bracket` much cheaper, which is absolutely what we want for proper async
exception handling
@lehins
Rename "Encrypted" -> "Secret/Unencrypted"
f93c85e 
* `ekey` -> `skey`
* `ENCRYPTED_KEY_SIZE` -> `UNENCRYPTED_KEY_SIZE`

It was incorrectly named, since secret key in that structure is not encrypted
@lehins
Simplify validation of KeyMaterial
21c39fd 
There was a totally unnecessary allocation of key material legacy struct
@lehins
Introduce KeyMaterialBuffer
e67db24 
Also rename `encrypted_key` -> `key_material`

f
@lehins
Avoid unnecessarily allocating CKeyMaterialBuffer
d922ac1 
There was need to make a copy of the full `KeyMaterial` into MLocked
memory, which is scarce, just to validate public key against a secret key
@lehins
Remove confusing encrypted_ suffix
750d89d
@lehins
Remove redundant legacyKeySize
38445e0
@lehins
More type safety for Nonce and Salt
bee08e4
@lehins
More type safety for Tag
db74c85
@lehins
WIP rename plaintext to secret_key
f05aa5f
@lehins
Rename Ciphertext to EncSecretKey
627206e
@lehins
Remove another redundant argument to decrypt C function
9f49b89
@lehins
Introduce WrappingKey and remove redundant parameters
3c41781
@lehins
Rename Envelope and other minor cleanup
1387291
@lehins
Expose safe parts of the Envelope
7e1d046
@lehins
Consistent and unique naming for C functions and FFI
8f3169d
@lehins
Switch to using consistent CCW definition everywhere
55f8c52
lehins added 3 commits June 4, 2026 18:43
@lehins
TODO: confirm. Ensure more bytes than necessary is not copied over.
7587f86 
We also need to make sure that tag is fully set to zero, since it
doesn't llook like the full overwrite is guaranteed.
@lehins
Stop writing zeros into memory that is guaranteed to be overwritten
599cbb6
@lehins
Ensure sizes match up
610e241
@lehins lehins force-pushed the lehins/fix-cardano-crypto-wallet branch from 10741b8 to 610e241 Compare June 4, 2026 15:44
@lehins lehins requested review from disassembler and perturbing June 4, 2026 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@disassembler disassembler Awaiting requested review from disassembler

@perturbing perturbing Awaiting requested review from perturbing

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lehins