Skip to content
/ guidelines Public

Development & release guidelines for noble, scure and other packages.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

paulmillr/guidelines

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
README.md
README.md
 
 
build-table.js
build-table.js
 
 

Repository files navigation

paulmillr/guidelines

Development & release guidelines for noble (https://paulmillr.com/noble), scure and other packages.

Status

Project Status JSR Misc
noble-ciphers Run JS tests JSR version JSR Score Run slow tests
noble-curves Run JS tests JSR version JSR Score
noble-hashes Run JS tests JSR version JSR Score Run slow tests
noble-post-quantum Run JS tests JSR version JSR Score
noble-secp256k1 Run JS tests JSR version JSR Score
noble-ed25519 Run JS tests JSR version JSR Score
scure-base Run JS tests JSR version JSR Score
scure-bip32 Run JS tests JSR version JSR Score
scure-bip39 Run JS tests JSR version JSR Score
scure-btc-signer Run JS tests JSR version JSR Score Run slow tests
scure-starknet Run JS tests JSR version JSR Score
micro-eth-signer Run JS tests JSR version JSR Score
micro-sol-signer Run JS tests JSR version JSR Score
micro-ordinals Run JS tests
micro-key-producer Run JS tests JSR version JSR Score
micro-packed Run JS tests JSR version JSR Score
micro-ftch Run JS tests JSR version JSR Score
qr Run JS tests JSR version JSR Score
micro-sr25519 Run JS tests

Release order

Before a release, integration tests should be ran. For example, if curves depend on hashes, they should install latest commit from github and try to run tests with it.

Release order is as follows:

  1. noble-hashes, noble-ciphers, scure-base
  2. noble-curves
  3. scure-bip32, scure-bip39
  4. micro-packed, scure-btc-signer
  5. ethereum-cryptography

After that, 6. pull requests to consumers (such as ethereumjs-monorepo) can also be done.

Coding practices

  • Don't use bigint literals: instead of 123n, use BigInt(123) or BigInt('123')
    • For compatibility with React Native and others
  • Don't use array destruction, such as let [a, b] = arr
    • It overloads GC when used often, because it calls iterator protocol
    • Object destruction {a, b} = obj is fine
  • Minimize for-of
    • Also uses iterator protocol, sometimes slow
  • Minimize backtick quotes
    • Unfriendly to minifiers, sometimes even unsupported in subtle ways
  • Don't use \n in strings: prefer String.fromCharCode(10)
    • Unfriendly to minifiers
  • Typescript and prettier updates should be limited to once per 3-6 months
    • Their version diffs should be sanity-checked
  • Helper packages are used to simplify development
    • paulmillr/jsbt is used to build files
    • micro-should is tiny 300-line testing framework
    • micro-bmark is tiny benchmarking framework

Duplicated code

Some code is duplicated between packages, because it's better than adding an additional dependency.

Every time a method is changed, it should also be changed in other places.

  • hexToBytes, bytesToHex, concatBytes, isBytes / abytes are identical within:
    • noble curves, ciphers, hashes
    • noble secp256k1, ed25519 (vars renamed for compactness)
    • scure-base, micro-packed
  • Tests for hexToBytes, bytesToHex, concatBytes must be present within all those packages

Testing and fuzzing

  • hashes should run test:dos and test:big
  • curves should adjust fast-check NUM_RUNS when ran on CI server

TODO

  • Fuzzing documentation
  • CI server set-up documentation
  • minified file build & upload (update JSBT)

New CI tasks:

  • Compare NPM code to GitHub
  • Scan NPM for malware
  • Check for performance regressions, compare with previous commits / releases

About

Development & release guidelines for noble, scure and other packages.

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages