# Modular Rust System: Key-Value Store, Vault, and EVM Client This repository implements a modular, async, and cross-platform cryptographic stack in Rust. It is designed for use in both native (desktop/server) and WASM (browser) environments, supporting secure storage, cryptographic operations, and EVM (Ethereum) client functionality. ## Crate Overview - **kvstore/**: Async key-value store trait and implementations (native: `sled`, WASM: IndexedDB). - **vault/**: Cryptographic vault for managing encrypted keyspaces and key operations. Uses `kvstore` for persistence. - **evm_client/**: EVM RPC client, integrates with `vault` for signing and secure key management. - **cli_app/**: (Planned) Command-line interface for scripting and automation. - **web_app/**: (Planned) WASM web app exposing the same APIs to JavaScript or browser scripting. ## Architecture Highlights - **Async everywhere:** All APIs are async and runtime-agnostic. - **Conditional backends:** Uses Cargo features and `cfg` to select the appropriate backend for each environment. - **Secure by design:** Vault encrypts all key material at rest and leverages modern cryptography. - **Tested natively and in browser:** WASM and native backends are both covered by tests. ## Building and Testing ### Prerequisites - Rust (latest stable recommended) - For WASM: `wasm-pack`, Firefox or Chrome (for browser tests) ### Native ```sh cargo check --workspace --features kvstore/native ``` ### WASM (kvstore only) ```sh cd kvstore wasm-pack test --headless --firefox --features web ``` # Rhai Scripting System A unified system for writing and executing [Rhai](https://rhai.rs/) scripts, powered by shared Rust core logic. Supports both local CLI execution and secure browser extension use, with the same business logic compiled to WebAssembly. --- ## Project Goals - **Write and run Rhai scripts** both locally (CLI) and in the browser (extension). - **Reuse the same Rust core logic** (vault, evm_client) across all platforms. - **Sandboxed, secure script execution** in both native and WASM environments. --- ## Architecture Overview - **Shared Rust Crates:** - `vault/` and `evm_client/` implement business logic and expose APIs to Rhai. - All logic is reusable in both native and WASM builds. - **CLI Tool (`cli/`):** - Runs Rhai scripts from files or stdin using the shared core. - Outputs results to the terminal. - **WebAssembly Module (`wasm/`):** - Exposes `run_rhai(script: &str) -> String` via `wasm-bindgen`. - Usable from browser JS and the extension. - **Browser Extension (`browser_extension/`):** - UI for entering and running Rhai scripts securely in the browser. - Loads the WASM module and displays results. - **Web App Integration:** - Trusted web apps can send scripts to the extension for execution (via postMessage or WebSocket, with strict origin checks). --- ## Usage ### CLI ``` sal-cli run my_script.rhai # or cat my_script.rhai | sal-cli run ``` ### Browser/Extension - Enter Rhai code in the extension popup or trusted website. - Extension loads the WASM module and calls `run_rhai(script)`. - Result is displayed in the UI. --- ## Security - All script execution is sandboxed via Rhai + WASM. - Only accepts input from: - Extension popup UI - Approved websites (via content script) - Trusted backend server (if using WebSocket) - Strict origin and input validation. - No internal APIs exposed beyond `run_rhai(script)`. --- ## Directory Structure ``` . ├── kvstore/ # Key-value store trait and backends ├── vault/ # Cryptographic vault (shared core) ├── evm_client/ # EVM RPC client (shared core) ├── cli/ # Command-line tool for Rhai scripts ├── wasm/ # WebAssembly module for browser/extension ├── browser_extension/ # Extension source ├── docs/ # Architecture & usage docs └── README.md ``` --- ## Roadmap - [x] Unified async trait for key-value storage - [x] Native and WASM backends for kvstore - [x] Shared Rust core for vault and evm_client - [ ] WASM module exposing `run_rhai` - [ ] CLI tool for local Rhai script execution - [ ] Browser extension for secure script execution - [ ] Web app integration (postMessage/WebSocket) - [ ] Full end-to-end integration and security review --- ## License MIT OR Apache-2.0