herocode/webassembly
12
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0890db4810
webassembly/scripts/examples/mycelium_example.md

138 lines
4.8 KiB
Markdown
Raw Blame History

# Mycelium Integration Example
This document demonstrates how to use the Mycelium messaging system with the WebAssembly Cryptography Module for remote script execution.
## Overview
Mycelium is a peer-to-peer, end-to-end encrypted messaging system that allows for secure communication between nodes. When integrated with the WebAssembly Cryptography Module, it enables remote execution of Rhai scripts, allowing for distributed cryptographic operations.
## Example Scenario
In this example, we'll demonstrate how a remote system can send a Rhai script to the cryptographic module for execution, and receive the results.
### Step 1: Start the Listener
First, start the cryptographic module's Mycelium listener:
```bash
crypto-cli listen
```
This will start a Mycelium node that listens for scripts on the "crypto.scripts" topic.
### Step 2: Send a Script from a Remote System
From another system, send a Rhai script to the listener:
```rust
use mycelium::{Node, Identity};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Create a Mycelium node
let identity = Identity::random();
let node = Node::new(identity)?;
// Connect to the network
node.start().await?;
// Define the script to execute
let script = r#"
// Create a key space
if create_key_space("remote_space") {
print("Key space created successfully");
// Create a keypair
if create_keypair("remote_keypair") {
print("Keypair created successfully");
// Select the keypair
if select_keypair("remote_keypair") {
print("Keypair selected successfully");
// Sign a message
let message = "Hello from remote system";
let signature = sign(message);
print("Message: " + message);
print("Signature: " + signature);
// Return the signature as the result
signature
} else {
"Failed to select keypair"
}
} else {
"Failed to create keypair"
}
} else {
"Failed to create key space"
}
"#;
// Send the script to the crypto module
println!("Sending script to crypto module...");
let target_id = "RECIPIENT_ID"; // The ID of the crypto module's Mycelium node
node.publish("crypto.scripts", target_id, script.as_bytes().to_vec()).await?;
// Subscribe to receive the result
let mut receiver = node.subscribe("crypto.results").await?;
// Wait for the result
println!("Waiting for result...");
if let Some(msg) = receiver.recv().await {
let result = String::from_utf8_lossy(&msg.payload);
println!("Received result: {}", result);
}
Ok(())
}
```
### Step 3: Process the Result
The remote system can then process the result of the script execution:
```rust
// Continue from the previous example...
// Parse the signature from the result
let signature_hex = result.trim();
// Use the signature for further operations
println!("Signature received: {}", signature_hex);
// Verify the signature locally
let message = "Hello from remote system";
let message_bytes = message.as_bytes();
let signature_bytes = hex_to_bytes(signature_hex);
// Assuming we have the public key of the remote keypair
let is_valid = verify_with_public_key(public_key, message_bytes, &signature_bytes);
println!("Signature valid: {}", is_valid);
```
## Security Considerations
When using Mycelium for remote script execution, consider the following security measures:
1. **Authentication**: Ensure that only authorized nodes can send scripts to your crypto module.
2. **Script Validation**: Validate scripts before execution to prevent malicious code.
3. **Resource Limits**: Set appropriate limits on script execution to prevent denial of service.
4. **Sensitive Data**: Be careful about what data is returned in script results.
5. **End-to-End Encryption**: Mycelium provides end-to-end encryption, but ensure your node IDs are properly secured.
## Benefits of Mycelium Integration
- **Decentralized**: No central server required, making the system more resilient.
- **End-to-End Encrypted**: All communication is encrypted by default.
- **NAT Traversal**: Works across different network environments without complex configuration.
- **Rust Native**: Seamless integration with the WebAssembly Cryptography Module.
## Example Use Cases
1. **Distributed Key Management**: Manage cryptographic keys across multiple systems.
2. **Secure Communication**: Establish secure communication channels between systems.
3. **Remote Signing**: Sign messages or transactions remotely without exposing private keys.
4. **Automated Cryptographic Operations**: Schedule and execute cryptographic operations from remote systems.
Reference in New Issue View Git Blame Copy Permalink