herocode/sal
11
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
6dead402a2
sal/vault/README.md
Mahmoud-Emad 6dead402a2
Some checks are pending
Rhai Tests / Run Rhai Tests (push) Waiting to run
Details
feat: Remove herodo from monorepo and update dependencies 
- Removed the `herodo` binary from the monorepo. This was
  done as part of the monorepo conversion process.
- Updated the `Cargo.toml` file to reflect the removal of
  `herodo` and adjust dependencies accordingly.
- Updated `src/lib.rs` and `src/rhai/mod.rs` to use the new
  `sal-vault` crate for vault functionality.  This improves
  the modularity and maintainability of the project.
2025-06-23 14:56:03 +03:00

156 lines
4.7 KiB
Markdown
Raw Blame History

# SAL Vault
SAL Vault is a comprehensive cryptographic library that provides secure key management, digital signatures, symmetric encryption, Ethereum wallet functionality, and encrypted key-value storage.
## Features
### Core Cryptographic Operations
- **Symmetric Encryption**: ChaCha20Poly1305 AEAD cipher for secure data encryption
- **Key Derivation**: PBKDF2-based key derivation from passwords
- **Digital Signatures**: ECDSA signing and verification using secp256k1 curves
- **Key Management**: Secure keypair generation and storage
### Keyspace Management
- **Multiple Keyspaces**: Organize keys into separate, password-protected spaces
- **Session Management**: Secure session handling with automatic cleanup
- **Keypair Organization**: Named keypairs within keyspaces for easy management
### Ethereum Integration
- **Wallet Functionality**: Create and manage Ethereum wallets from keypairs
- **Transaction Signing**: Sign Ethereum transactions securely
- **Smart Contract Interaction**: Call read functions on smart contracts
- **Multi-Network Support**: Support for different Ethereum networks
### Key-Value Store
- **Encrypted Storage**: Store key-value pairs with automatic encryption
- **Secure Persistence**: Data is encrypted before being written to disk
- **Type Safety**: Strongly typed storage and retrieval operations
### Rhai Scripting Integration
- **Complete API Exposure**: All vault functionality available in Rhai scripts
- **Session Management**: Script-accessible session and keyspace management
- **Cryptographic Operations**: Encryption, signing, and verification in scripts
## Usage
### Basic Cryptographic Operations
```rust
use sal_vault::symmetric::implementation::{encrypt_symmetric, decrypt_symmetric, generate_symmetric_key};
// Generate a symmetric key
let key = generate_symmetric_key();
// Encrypt data
let message = b"Hello, World!";
let encrypted = encrypt_symmetric(&key, message)?;
// Decrypt data
let decrypted = decrypt_symmetric(&key, &encrypted)?;
```
### Keyspace and Keypair Management
```rust
use sal_vault::keyspace::{KeySpace, KeyPair};
// Create a new keyspace
let mut keyspace = KeySpace::new("my_keyspace");
// Add a keypair
keyspace.add_keypair("main_key")?;
// Sign data
if let Some(keypair) = keyspace.keypairs.get("main_key") {
let message = b"Important message";
let signature = keypair.sign(message);
let is_valid = keypair.verify(message, &signature)?;
}
```
### Ethereum Wallet Operations
```rust
use sal_vault::ethereum::wallet::EthereumWallet;
use sal_vault::ethereum::networks::NetworkConfig;
// Create wallet from keypair
let network = NetworkConfig::mainnet();
let wallet = EthereumWallet::from_keypair(&keypair, network)?;
// Get wallet address
let address = wallet.address();
```
### Rhai Scripting
```rhai
// Create and manage keyspaces
create_key_space("personal", "secure_password");
select_keyspace("personal");
// Create and use keypairs
create_keypair("signing_key");
select_keypair("signing_key");
// Sign and verify data
let message = "Important document";
let signature = sign(message);
let is_valid = verify(message, signature);
// Symmetric encryption
let key = generate_key();
let encrypted = encrypt(key, "secret data");
let decrypted = decrypt(key, encrypted);
```
## Security Features
- **Memory Safety**: All sensitive data is handled securely in memory
- **Secure Random Generation**: Uses cryptographically secure random number generation
- **Password-Based Encryption**: Keyspaces are protected with password-derived keys
- **Session Isolation**: Each session maintains separate state and security context
- **Constant-Time Operations**: Critical operations use constant-time implementations
## Error Handling
The library provides comprehensive error handling through the `CryptoError` enum:
```rust
use sal_vault::error::CryptoError;
match some_crypto_operation() {
Ok(result) => println!("Success: {:?}", result),
Err(CryptoError::InvalidKeyLength) => println!("Invalid key length provided"),
Err(CryptoError::EncryptionFailed(msg)) => println!("Encryption failed: {}", msg),
Err(CryptoError::KeypairNotFound(name)) => println!("Keypair '{}' not found", name),
Err(e) => println!("Other error: {}", e),
}
```
## Testing
The package includes comprehensive tests covering all functionality:
```bash
# Run all tests
cargo test
# Run specific test categories
cargo test crypto_tests
cargo test rhai_integration_tests
```
## Dependencies
- `chacha20poly1305`: Symmetric encryption
- `k256`: Elliptic curve cryptography
- `ethers`: Ethereum functionality
- `serde`: Serialization support
- `rhai`: Scripting integration
- `tokio`: Async runtime support
## License
Licensed under the Apache License, Version 2.0.
Reference in New Issue View Git Blame Copy Permalink