Simplifying Blockchain Security Using Hyperledger Ursa
In a recent blog post, the Hyperledger project has announced their latest project, Hyperledger Ursa , has been accepted by the Technical Steering Committee (TSC). Ursa’s primary objective is to simplify and consolidate cryptographic libraries in a trusted, consumable manner for use in distributed ledger technology projects in an interoperable way.
Within Project Ursa, a comprehensive library of modular signatures and symmetric-key primitives will be available so developers can swap in and out different cryptographic schemes through configuration and without having to modify their code. In addition to this base library, Ursa will also include newer cryptography, including pairing-based , threshold , and aggregate signatures. In addition to these signatures, zero-knowledge primitives including SNARKs will also be included.
Blockchain security is highly dependent upon cryptographic operations, but for developers, choosing the correct implementation is a challenge. Hart Montgomery , a cryptographic researcher at Fujitsu and a member of the Hyperledger TSC, explains:
As Hyperledger has matured, the individual projects within Hyperledger have started to find a need for sophisticated cryptographic implementations. Rather than have each project implement its own cryptographic protocols, it is much better to collaborate on a shared library.
The Hyperledger Ursa project has identified the following benefits:
- Avoiding duplication of solving similar security requirements across different blockchain implementations.
- Security audits of cryptographic operations are simpler to analyze when code is consolidated into a single location. This reduces maintenance efforts of these libraries and improves the security footprint for developers who may be less experienced in distributed ledger projects.
- Expert Reviews take place on all cryptographic code to reduce the likelihood of dangerous security bugs.
- Cross-platform interoperability improves when multiple platforms, who require cryptographic verification, are using the same security protocols on both platforms.
- Modularity of common components, lay the framework for future modular distributed ledger technology platforms using common components. A successful reference implementation of a common component, like security, creates future opportunities.
- New projects are able to accelerate their time to market if an existing security paradigm can be plugged-in without a project needing to build it themselves.
As Hyperledger Ursa is in its infancy, the project has broad future plans, including further investments in modularizing Minicrypt , Montgomery explains:
Our first library is our “base crypto” library. Right now we are focused on our shared modular signature library, but we plan to extend this to allow easy modularization of all commonly used cryptographic primitives in Minicrypt. This—work in progress—has the implementation of several different signature schemes with a common API, allowing for blockchain builders to change signature schemes almost on-the-fly—or to use and support multiple signature schemes easily. Exact implementations and APIs have not been finalized, but they are in progress.
Project Ursa does not include raw crypto implementations within their library, but chooses to use wrappers for code from existing libraries instead. Montgomery characterizes the benefit as:
The novelty here is the modularization and API, which enables blockchain platforms to easily use a wide variety of changeable cryptographic algorithms without having to understand or interact with the underlying mathematics.
Ursa is mostly written in Rust but will have interfaces in all of the different languages that are commonly used throughout Hyperledger including Go, Python and Java. The repository for Ursa is available on GitHub .
- 一课读懂Hyperledger Fabric
- IT巨头齐聚首届KubeCon 2020线上峰会，开启云原生下一个十年
- 解读2020 Linux基金会开源人才培养新蓝图 | 开源技术日系列活动
- IOHK首席执行官：IOHK将加入Hyperledger Project和W3C
- 超级账本Hyperledger Fabric中的Protobuf到底是什么？
- 快速带你上手Hyperledger Fabric环境搭建＋开发测试
- 第二章 九析带你轻松完爆 hyperledger fabric - 搭建 GO 环境
- Decades-Old Email Flaws Could Let Attackers Mask Their Identities
- Vectrix is developing cloud security marketplace built for and by security pros
- Twitter warns investors of possible fine from FTC consent order probe
- Open Source Security Foundation (OpenSSF)
- Google to invest $450M in smart home security solutions provider ADT
- Vitalik Buterin：尽量使以太坊2.0协议简单化，从而保证网络的安全性