Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal: Define MultihashVerifier interface #253

Open
Gozala opened this issue Apr 18, 2023 · 0 comments
Open

Proposal: Define MultihashVerifier interface #253

Gozala opened this issue Apr 18, 2023 · 0 comments

Comments

@Gozala
Copy link
Contributor

Gozala commented Apr 18, 2023

Goal

As per ipld/js-car#123 we do need a solution for verifying hashes in CAR files without shipping all the MultihashHasher-s with the CAR library.

Proposal

Define a separate MultihashVerifier interface that can be implemented by all of our hashers. It could look like this:

export interface MultihashVerifier {
  // Fails if source produces a different multihash
  verify(mustihash: Uint8Array, source: Uint8Array): Await<{}>
}

You may be thinking can't I just use MultihashHasher to create a digest from the source and then compare. While you could there are some subtle cases where having MultihashVerifier would be a better option:

  1. Hashing algorithms like blake3 provide incremental verifiability, allowing a more optimal implementation strategy.
  2. It is possible to implement e.g. trust: (config) => MultihashVerifier that could be leveraged as an explicit opt-out as opposed to subtle option that is easy to miss.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Gozala