diff --git a/.github/workflows/pkg_pr_release.yml b/.github/workflows/pkg_pr_release.yml new file mode 100644 index 000000000..9af226b3a --- /dev/null +++ b/.github/workflows/pkg_pr_release.yml @@ -0,0 +1,36 @@ +name: pkg.pr preview release + +on: + pull_request: + # Run the workflow when labels are added to a PR or when the PR is updated. + types: + - opened + - synchronize + - labeled + - reopened + +permissions: + # Allow the workflow to add comments to pull requests when publishing. + pull-requests: write + +jobs: + Pkg-pr-new: + # Only run this job when the pull request contains the pkg‑pr‑release label. + if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'pkg-pr-release') + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup Node.JS 20 + uses: actions/setup-node@v4 + with: + node-version: 20 + - name: build + uses: ./.github/actions/build + - name: Build o1js and mina-signer + run: | + npm run prepublish:full + cd src/mina-signer + npm ci + npm run prepublish:full + - name: Publish o1js and mina-signer on pkg-pr-new + run: npx pkg-pr-new publish ./ ./src/mina-signer # Enable `--compact` once published to NPM with `repository` in package.json diff --git a/npmDepsHash b/npmDepsHash index f1081d5ae..d38a45d6e 100644 --- a/npmDepsHash +++ b/npmDepsHash @@ -1 +1 @@ -sha256-ww0EdkEWiciR6XLTu2/lfqtDMbvIDBLj+gyPH+lpLTE= +sha256-xGz183aZzn46B0pSwmy9oOCNujTLDQwlDBMbVLfAodA= diff --git a/package-lock.json b/package-lock.json index b21da24eb..ed3072df0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,9 +9,9 @@ "version": "2.10.0", "license": "Apache-2.0", "dependencies": { + "@noble/hashes": "^1.7.1", "blakejs": "1.2.1", "cachedir": "^2.4.0", - "js-sha256": "^0.9.0", "libsodium-wrappers-sumo": "^0.7.15", "reflect-metadata": "^0.1.13", "stacktrace-js": "^2.0.2", @@ -23,7 +23,6 @@ "devDependencies": { "@influxdata/influxdb-client": "^1.33.2", "@noble/curves": "1.8.1", - "@noble/hashes": "^1.3.2", "@playwright/test": "^1.48.0", "@types/jest": "^27.0.0", "@types/libsodium-wrappers-sumo": "^0.7.8", @@ -1938,7 +1937,6 @@ "version": "1.7.1", "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.7.1.tgz", "integrity": "sha512-B8XBPsn4vT/KJAGqDzbwztd+6Yte3P4V7iafm24bxgDe/mlRuK6xmWPuCNrKt2vDafZ8MfJLlchDG/vYafQEjQ==", - "dev": true, "engines": { "node": "^14.21.3 || >=16" }, @@ -5290,11 +5288,6 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, - "node_modules/js-sha256": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/js-sha256/-/js-sha256-0.9.0.tgz", - "integrity": "sha512-sga3MHh9sgQN2+pJ9VYZ+1LPwXOxuBJBA5nrR5/ofPfuiJBE2hnjsaN8se8JznOmGLN2p49Pe5U/ttafcs/apA==" - }, "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", diff --git a/package.json b/package.json index ca0e80b1e..171f68560 100644 --- a/package.json +++ b/package.json @@ -88,7 +88,6 @@ "devDependencies": { "@influxdata/influxdb-client": "^1.33.2", "@noble/curves": "1.8.1", - "@noble/hashes": "^1.3.2", "@playwright/test": "^1.48.0", "@types/jest": "^27.0.0", "@types/libsodium-wrappers-sumo": "^0.7.8", @@ -116,9 +115,9 @@ "typescript": "^5.4.5" }, "dependencies": { + "@noble/hashes": "^1.7.1", "blakejs": "1.2.1", "cachedir": "^2.4.0", - "js-sha256": "^0.9.0", "libsodium-wrappers-sumo": "^0.7.15", "reflect-metadata": "^0.1.13", "stacktrace-js": "^2.0.2", diff --git a/src/lib/provable/gadgets/elliptic-curve.ts b/src/lib/provable/gadgets/elliptic-curve.ts index 72a69a6ef..ee55e7c92 100644 --- a/src/lib/provable/gadgets/elliptic-curve.ts +++ b/src/lib/provable/gadgets/elliptic-curve.ts @@ -4,7 +4,7 @@ import { Provable } from '../provable.js'; import { assert } from './common.js'; import { Field3, ForeignField, split, weakBound } from './foreign-field.js'; import { l, l2, l2Mask, multiRangeCheck } from './range-check.js'; -import { sha256 } from 'js-sha256'; +import { sha256 } from '@noble/hashes/sha256'; import { bigIntToBytes, bytesToBigInt } from '../../../bindings/crypto/bigint-helpers.js'; import { CurveAffine, @@ -626,12 +626,12 @@ function getPointTable(Curve: CurveAffine, P: Point, windowSize: number, table?: function initialAggregator(Curve: CurveAffine) { // hash that identifies the curve let h = sha256.create(); - h.update('initial-aggregator'); - h.update(bigIntToBytes(Curve.modulus)); - h.update(bigIntToBytes(Curve.order)); - h.update(bigIntToBytes(Curve.a)); - h.update(bigIntToBytes(Curve.b)); - let bytes = h.array(); + h.update(new TextEncoder().encode('initial-aggregator')); + h.update(new Uint8Array(bigIntToBytes(Curve.modulus))); + h.update(new Uint8Array(bigIntToBytes(Curve.order))); + h.update(new Uint8Array(bigIntToBytes(Curve.a))); + h.update(new Uint8Array(bigIntToBytes(Curve.b))); + let bytes = h.digest(); // bytes represent a 256-bit number // use that as x coordinate diff --git a/src/lib/util/base58.ts b/src/lib/util/base58.ts index 533b15b30..b4ffc4c24 100644 --- a/src/lib/util/base58.ts +++ b/src/lib/util/base58.ts @@ -1,6 +1,6 @@ import { versionBytes } from '../../bindings/crypto/constants.js'; import { Binable, withVersionNumber } from '../../bindings/lib/binable.js'; -import { sha256 } from 'js-sha256'; +import { sha256 } from '@noble/hashes/sha256'; import { changeBase } from '../../bindings/crypto/bigint-helpers.js'; export { toBase58Check, fromBase58Check, base58, withBase58, fieldEncodings, Base58, alphabet }; @@ -62,11 +62,12 @@ function fromBase58(base58: string) { } function computeChecksum(input: number[] | Uint8Array) { + let inputBytes = input instanceof Uint8Array ? input : new Uint8Array(input); let hash1 = sha256.create(); - hash1.update(input); + hash1.update(inputBytes); let hash2 = sha256.create(); - hash2.update(hash1.array()); - return hash2.array().slice(0, 4); + hash2.update(hash1.digest()); + return Array.from(hash2.digest().slice(0, 4)); } type Base58 = { diff --git a/src/mina-signer/package-lock.json b/src/mina-signer/package-lock.json index e64e8fb26..334e812d0 100644 --- a/src/mina-signer/package-lock.json +++ b/src/mina-signer/package-lock.json @@ -9,8 +9,8 @@ "version": "3.1.0", "license": "Apache-2.0", "dependencies": { - "blakejs": "^1.2.1", - "js-sha256": "^0.9.0" + "@noble/hashes": "^1.7.1", + "blakejs": "^1.2.1" }, "devDependencies": { "pkg-pr-new": "^0.0.9" @@ -32,6 +32,18 @@ "node": ">=10" } }, + "node_modules/@noble/hashes": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.8.0.tgz", + "integrity": "sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==", + "license": "MIT", + "engines": { + "node": "^14.21.3 || >=16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -555,11 +567,6 @@ "dev": true, "license": "ISC" }, - "node_modules/js-sha256": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/js-sha256/-/js-sha256-0.9.0.tgz", - "integrity": "sha512-sga3MHh9sgQN2+pJ9VYZ+1LPwXOxuBJBA5nrR5/ofPfuiJBE2hnjsaN8se8JznOmGLN2p49Pe5U/ttafcs/apA==" - }, "node_modules/merge2": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", diff --git a/src/mina-signer/package.json b/src/mina-signer/package.json index 83e1fa58e..f17cf7791 100644 --- a/src/mina-signer/package.json +++ b/src/mina-signer/package.json @@ -38,8 +38,8 @@ "README.md" ], "dependencies": { - "blakejs": "^1.2.1", - "js-sha256": "^0.9.0" + "@noble/hashes": "^1.7.1", + "blakejs": "^1.2.1" }, "devDependencies": { "pkg-pr-new": "^0.0.9"