herocode/sal
11
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
e125bb6511
sal/vault
History
Mahmoud-Emad e125bb6511
Some checks failed
Rhai Tests / Run Rhai Tests (push) Has been cancelled
Details
Rhai Tests / Run Rhai Tests (pull_request) Has been cancelled
Details
feat: Migrate SAL to Cargo workspace 
- Migrate individual modules to independent crates
- Refactor dependencies for improved modularity
- Update build system and testing infrastructure
- Update documentation to reflect new structure
2025-06-24 12:39:18 +03:00
..
src feat: Migrate SAL to Cargo workspace 2025-06-24 12:39:18 +03:00
tests feat: Migrate SAL to Cargo workspace 2025-06-24 12:39:18 +03:00
Cargo.toml feat: Remove herodo from monorepo and update dependencies 2025-06-23 14:56:03 +03:00
README.md feat: Migrate SAL to Cargo workspace 2025-06-24 12:39:18 +03:00

README.md

SAL Vault

SAL Vault is a comprehensive cryptographic library that provides secure key management, digital signatures, symmetric encryption, Ethereum wallet functionality, and encrypted key-value storage.

Features

Core Cryptographic Operations

  • Symmetric Encryption: ChaCha20Poly1305 AEAD cipher for secure data encryption
  • Key Derivation: PBKDF2-based key derivation from passwords
  • Digital Signatures: ECDSA signing and verification using secp256k1 curves
  • Key Management: Secure keypair generation and storage

Keyspace Management

  • Multiple Keyspaces: Organize keys into separate, password-protected spaces
  • Session Management: Secure session handling with automatic cleanup
  • Keypair Organization: Named keypairs within keyspaces for easy management

Ethereum Integration

  • Wallet Functionality: Create and manage Ethereum wallets from keypairs
  • Transaction Signing: Sign Ethereum transactions securely
  • Smart Contract Interaction: Call read functions on smart contracts
  • Multi-Network Support: Support for different Ethereum networks

Key-Value Store

  • Encrypted Storage: Store key-value pairs with automatic encryption
  • Secure Persistence: Data is encrypted before being written to disk
  • Type Safety: Strongly typed storage and retrieval operations

Rhai Scripting Integration

  • Complete API Exposure: All vault functionality available in Rhai scripts
  • Session Management: Script-accessible session and keyspace management
  • Cryptographic Operations: Encryption, signing, and verification in scripts

Usage

Basic Cryptographic Operations

use sal_vault::symmetric::implementation::{encrypt_symmetric, decrypt_symmetric, generate_symmetric_key};

// Generate a symmetric key
let key = generate_symmetric_key();

// Encrypt data
let message = b"Hello, World!";
let encrypted = encrypt_symmetric(&key, message)?;

// Decrypt data
let decrypted = decrypt_symmetric(&key, &encrypted)?;

Keyspace and Keypair Management

use sal_vault::keyspace::{KeySpace, KeyPair};

// Create a new keyspace
let mut keyspace = KeySpace::new("my_keyspace");

// Add a keypair
keyspace.add_keypair("main_key")?;

// Sign data
if let Some(keypair) = keyspace.keypairs.get("main_key") {
    let message = b"Important message";
    let signature = keypair.sign(message);
    let is_valid = keypair.verify(message, &signature)?;
}

Ethereum Wallet Operations

use sal_vault::ethereum::wallet::EthereumWallet;
use sal_vault::ethereum::networks::NetworkConfig;

// Create wallet from keypair
let network = NetworkConfig::mainnet();
let wallet = EthereumWallet::from_keypair(&keypair, network)?;

// Get wallet address
let address = wallet.address();

Rhai Scripting

// Create and manage keyspaces
create_key_space("personal", "secure_password");
select_keyspace("personal");

// Create and use keypairs
create_keypair("signing_key");
select_keypair("signing_key");

// Sign and verify data
let message = "Important document";
let signature = sign(message);
let is_valid = verify(message, signature);

// Symmetric encryption
let key = generate_key();
let encrypted = encrypt(key, "secret data");
let decrypted = decrypt(key, encrypted);

Security Features

  • Memory Safety: All sensitive data is handled securely in memory
  • Secure Random Generation: Uses cryptographically secure random number generation
  • Password-Based Encryption: Keyspaces are protected with password-derived keys
  • Session Isolation: Each session maintains separate state and security context
  • Constant-Time Operations: Critical operations use constant-time implementations

Error Handling

The library provides comprehensive error handling through the CryptoError enum:

use sal_vault::error::CryptoError;

match some_crypto_operation() {
    Ok(result) => println!("Success: {:?}", result),
    Err(CryptoError::InvalidKeyLength) => println!("Invalid key length provided"),
    Err(CryptoError::EncryptionFailed(msg)) => println!("Encryption failed: {}", msg),
    Err(CryptoError::KeypairNotFound(name)) => println!("Keypair '{}' not found", name),
    Err(e) => println!("Other error: {}", e),
}

Testing

The package includes comprehensive tests covering all functionality:

# Run all tests
cargo test

# Run specific test categories
cargo test crypto_tests
cargo test rhai_integration_tests

Note: The Rhai integration tests use global state and are automatically serialized using a test mutex to prevent interference between parallel test runs.

Dependencies

  • chacha20poly1305: Symmetric encryption
  • k256: Elliptic curve cryptography
  • ethers: Ethereum functionality
  • serde: Serialization support
  • rhai: Scripting integration
  • tokio: Async runtime support

License

Licensed under the Apache License, Version 2.0.