feat!: keychain and configurable crypto (#1041)

Adds a configuration option to allow dynamically loading crypto implementations on-demand.

Ships with only webcrypto-supported crypto implementations (e.g. `Ed25519`, `RSA`, `ECDSA`), anything else (e.g. `secp256k1`) must be configured separately.

Imports [ipns](https://www.npmjs.com/package/ipns) code into `@helia/ipns` for ease of maintenance.

Removes `@libp2p/keychain` dep and adds a `.keychain` property to Helia for securely storing private keys.

BREAKING CHANGE: `secp256k1` support has been removed from the default config, it must now be configured separately

Author: achingbrain

package.json

@@ -47,6 +47,9 @@
     "packages/*"
   ],
   "overrides": {
-    "playwright-core": "1.55.1"
+    "multiformats": "^14.0.0",
+    "uint8arrays": "^6.0.0",
+    "interface-datastore": "^10.0.1",
+    "uint8-varint": "^3.0.0"
   }
 }

packages/helia/.aegir.js

@@ -2,8 +2,8 @@ import { circuitRelayServer } from '@libp2p/circuit-relay-v2'
 import { identify } from '@libp2p/identify'
 import { WebSockets } from '@multiformats/mafmt'
 import { CID } from 'multiformats/cid'
-import { sha256 } from 'multiformats/hashes/sha2'
 import * as raw from 'multiformats/codecs/raw'
+import { sha256 } from 'multiformats/hashes/sha2'
 
 /** @type {import('aegir').PartialOptions} */
 const options = {
@@ -20,7 +20,7 @@ const options = {
         libp2p: {
           addresses: {
             listen: [
-              `/ip4/127.0.0.1/tcp/0/ws`
+              '/ip4/127.0.0.1/tcp/0/ws'
             ]
           },
           connectionManager: {

packages/helia/package.json

@@ -52,7 +52,7 @@
     "@chainsafe/libp2p-noise": "^17.0.0",
     "@chainsafe/libp2p-yamux": "^8.0.1",
     "@helia/block-brokers": "^5.2.4",
-    "@helia/delegated-routing-v1-http-api-client": "^6.0.1",
+    "@helia/delegated-routing-v1-http-api-client": "^7.0.1",
     "@helia/interface": "^6.2.1",
     "@helia/routers": "^5.1.1",
     "@helia/utils": "^2.5.2",
@@ -79,7 +79,6 @@
     "blockstore-core": "^7.0.1",
     "datastore-core": "^12.0.1",
     "interface-datastore": "^10.0.1",
-    "ipns": "^11.0.0",
     "libp2p": "^3.2.0",
     "multiformats": "^14.0.0"
   },

packages/helia/src/utils/libp2p-defaults.browser.ts

@@ -9,21 +9,17 @@ import { dcutr } from '@libp2p/dcutr'
 import { http } from '@libp2p/http'
 import { identify, identifyPush } from '@libp2p/identify'
 import { kadDHT } from '@libp2p/kad-dht'
-import { keychain } from '@libp2p/keychain'
 import { mplex } from '@libp2p/mplex'
 import { ping } from '@libp2p/ping'
 import { webRTC, webRTCDirect } from '@libp2p/webrtc'
 import { webSockets } from '@libp2p/websockets'
-import { ipnsSelector } from 'ipns/selector'
-import { ipnsValidator } from 'ipns/validator'
 import { userAgent } from 'libp2p/user-agent'
 import { name, version } from '../version.ts'
 import { bootstrapConfig } from './bootstrappers.ts'
 import type { Libp2pDefaultsOptions } from './libp2p.ts'
 import type { HTTP } from '@libp2p/http'
 import type { Identify } from '@libp2p/identify'
 import type { KadDHT } from '@libp2p/kad-dht'
-import type { Keychain } from '@libp2p/keychain'
 import type { Ping } from '@libp2p/ping'
 import type { Libp2pOptions } from 'libp2p'
 
@@ -33,7 +29,6 @@ export interface DefaultLibp2pServices extends Record<string, unknown> {
   delegatedRouting: unknown
   dht: KadDHT
   identify: Identify
-  keychain: Keychain
   ping: Ping
   http: HTTP
 }
@@ -74,17 +69,10 @@ export function libp2pDefaults (options: Libp2pDefaultsOptions = {}): Libp2pOpti
       dcutr: dcutr(),
       delegatedRouting: delegatedRoutingV1HttpApiClient(delegatedHTTPRoutingDefaults()),
       dht: kadDHT({
-        clientMode: true,
-        validators: {
-          ipns: ipnsValidator
-        },
-        selectors: {
-          ipns: ipnsSelector
-        }
+        clientMode: true
       }),
       identify: identify(),
       identifyPush: identifyPush(),
-      keychain: keychain(options.keychain),
       ping: ping(),
       http: http()
     }

packages/helia/src/utils/libp2p-defaults.ts

@@ -1,6 +1,6 @@
 import { noise } from '@chainsafe/libp2p-noise'
 import { yamux } from '@chainsafe/libp2p-yamux'
-import { delegatedRoutingV1HttpApiClient } from '@helia/delegated-routing-v1-http-api-client'
+import { delegatedRoutingV1HttpApiClientContentRouting, delegatedRoutingV1HttpApiClientPeerRouting } from '@helia/delegated-routing-v1-http-api-client'
 import { delegatedHTTPRoutingDefaults } from '@helia/routers'
 import { autoTLS } from '@ipshipyard/libp2p-auto-tls'
 import { autoNAT } from '@libp2p/autonat'
@@ -19,8 +19,6 @@ import { tls } from '@libp2p/tls'
 import { uPnPNAT } from '@libp2p/upnp-nat'
 import { webRTC, webRTCDirect } from '@libp2p/webrtc'
 import { webSockets } from '@libp2p/websockets'
-import { ipnsSelector } from 'ipns/selector'
-import { ipnsValidator } from 'ipns/validator'
 import { userAgent } from 'libp2p/user-agent'
 import { name, version } from '../version.ts'
 import { bootstrapConfig } from './bootstrappers.ts'
@@ -38,7 +36,8 @@ export interface DefaultLibp2pServices extends Record<string, unknown> {
   autoNAT: unknown
   autoTLS: AutoTLS
   dcutr: unknown
-  delegatedRouting: unknown
+  delegatedContentRouting: unknown
+  delegatedPeerRouting: unknown
   dht: KadDHT
   identify: Identify
   keychain: Keychain
@@ -116,15 +115,9 @@ export function libp2pDefaults (options: Libp2pDefaultsOptions = {}): Libp2pOpti
       autoNAT: autoNAT(),
       autoTLS: autoTLS(),
       dcutr: dcutr(),
-      delegatedRouting: delegatedRoutingV1HttpApiClient(delegatedHTTPRoutingDefaults()),
-      dht: kadDHT({
-        validators: {
-          ipns: ipnsValidator
-        },
-        selectors: {
-          ipns: ipnsSelector
-        }
-      }),
+      delegatedPeerRouting: delegatedRoutingV1HttpApiClientPeerRouting(delegatedHTTPRoutingDefaults()),
+      delegatedContentRouting: delegatedRoutingV1HttpApiClientContentRouting(delegatedHTTPRoutingDefaults()),
+      dht: kadDHT(),
       identify: identify(),
       identifyPush: identifyPush(),
       keychain: keychain(options.keychain),

packages/helia/src/utils/libp2p.ts

@@ -26,7 +26,6 @@ export async function createLibp2p <T extends Record<string, unknown>> (options:
 
   // if no peer id was passed, try to load it from the keychain
   if (libp2pOptions.privateKey == null && options.datastore != null) {
-    // @ts-expect-error libp2p needs dep updates
     libp2pOptions.privateKey = await loadOrCreateSelfKey(options.datastore, options.keychain)
   }
 

packages/http/package.json

@@ -49,7 +49,7 @@
   },
   "dependencies": {
     "@helia/block-brokers": "^5.2.4",
-    "@helia/delegated-routing-v1-http-api-client": "^6.0.1",
+    "@helia/delegated-routing-v1-http-api-client": "^7.0.1",
     "@helia/interface": "^6.2.1",
     "@helia/routers": "^5.1.1",
     "@helia/utils": "^2.5.2",

packages/http/src/utils/libp2p.ts

@@ -26,7 +26,6 @@ export async function createLibp2p <T extends Record<string, unknown>> (options:
 
   // if no peer id was passed, try to load it from the keychain
   if (libp2pOptions.privateKey == null && options.datastore != null) {
-    // @ts-expect-error libp2p needs dep updates
     libp2pOptions.privateKey = await loadOrCreateSelfKey(options.datastore, options.keychain)
   }
 

packages/interface/package.json

@@ -72,9 +72,12 @@
     "build": "aegir build"
   },
   "dependencies": {
+    "@ipshipyard/crypto": "^1.1.0",
+    "@ipshipyard/keychain": "^1.0.2",
     "@libp2p/interface": "^3.2.0",
     "@multiformats/dns": "^1.0.13",
     "@multiformats/multiaddr": "^13.0.1",
+    "abort-error": "^1.0.2",
     "interface-blockstore": "^7.0.1",
     "interface-datastore": "^10.0.1",
     "multiformats": "^14.0.0",

packages/interface/src/errors.ts

@@ -42,3 +42,8 @@ export class InvalidCodecError extends Error {
     this.name = 'InvalidCodecError'
   }
 }
+
+export class UnknownCryptoError extends Error {
+  static name = 'UnknownCryptoError'
+  name = 'UnknownCryptoError'
+}