Add subxt_signer crate for native & WASM compatible signing (#1016)

* Add and use subxt-signer crate for WASM compatible signing * cargo fmt * dev keypairs already references * WIP fix various breakages * re-jig features to be simpler and various test fixes etc * doc and web fix * fix various bits and pieces * fix a test I broke * dev-deps can't be linked to in docs, hrmph * cargo fmt * another doc link * document the subxt_signer crate more thoroughly * move feature flag for consistency * more docs, no default subxt feature flag on signer, update release instrs * Add missing license header * unwrap_inner => into_inner * extend a test a little to better check derive junctions * note more clearly that the crypto bits come from sp_core::crypto
paritytech · Jun 20, 2023 · b4eb406 · b4eb406
1 parent d091c09
commit b4eb406
Show file tree

Hide file tree

Showing 52 changed files with 1,388 additions and 302 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -58,11 +58,21 @@ jobs:
             - name: Cargo check all targets.
               run: cargo check --all-targets
 
-            # Next, check each feature on its own and compile each crate separately. This is no good
-            # for subxt/examples, which expect default features to be enabled, hence the above check
-            # and why we don'#t do `--all-targets` for this one.
+            # Next, check subxt features.
+            # - `native` feature must always be enabled
+            # - `web` feature is always ignored.
+            # - This means, don't check --no-default-features and don't try enabling --all-features; both will fail
+            - name: Cargo hack; check each subxt feature
+              run: cargo hack -p subxt --each-feature check --exclude-no-default-features --exclude-all-features --exclude-features web --features native
+
+            # Subxt-signer has the "subxt" features enabled in the "check all targets" test. Run it on its own to
+            # check it without. We can't enable subxt or web features here, so no cargo hack.
+            - name: Cargo check subxt-signer
+              run: cargo check -p subxt-signer
+
+            # Next, check each other package in isolation.
             - name: Cargo hack; check each feature/crate on its own
-              run: cargo hack --exclude-all-features --each-feature check --workspace
+              run: cargo hack --exclude subxt --exclude subxt-signer --exclude-all-features --each-feature check --workspace
 
     fmt:
         name: Cargo fmt
@@ -215,10 +225,16 @@ jobs:
                   mkdir -p ~/.local/bin
                   mv substrate ~/.local/bin
 
-            - name: Run WASM tests
+            - name: Run subxt WASM tests
               run: |
                   substrate --dev --tmp > /dev/null 2>&1 &
                   wasm-pack test --headless --firefox
                   wasm-pack test --headless --chrome
                   pkill substrate
               working-directory: testing/wasm-tests
+
+            - name: Run subxt-signer WASM tests
+              run: |
+                  wasm-pack test --headless --firefox
+                  wasm-pack test --headless --chrome
+              working-directory: signer/wasm-tests
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -8,13 +8,18 @@ members = [
     "testing/ui-tests",
     "macro",
     "metadata",
+    "signer",
     "subxt"
 ]
 
-# This cannot be a workspace dependency, because it requires
-# mutually exclusive jsonrpsee features to work, and workspaces
-# will aggregate features used across crates:
-exclude = ["testing/wasm-tests", "examples/wasm-example"]
+# We exclude any crates that would depend on non mutually
+# exclusive feature flags and thus can't compile with the
+# workspace:
+exclude = [
+    "testing/wasm-tests",
+    "signer/wasm-tests",
+    "examples/wasm-example"
+]
 resolver = "2"
 
 [workspace.package]
@@ -42,7 +47,7 @@ derivative = "2.2.0"
 either = "1.8.1"
 frame-metadata = { version = "15.1.0", features = ["v14", "v15-unstable", "std"] }
 futures = { version = "0.3.27", default-features = false, features = ["std"] }
-getrandom = "0.2"
+getrandom = { version = "0.2", default-features = false }
 hex = "0.4.3"
 heck = "0.4.1"
 impl-serde = { version = "0.4.0" }
@@ -79,9 +84,19 @@ sp-runtime = "24.0.0"
 sp-version = "22.0.0"
 
 # Subxt workspace crates:
-subxt = { version = "0.29.0", path = "subxt" }
+subxt = { version = "0.29.0", path = "subxt", default-features = false }
 subxt-macro = { version = "0.29.0", path = "macro" }
 subxt-metadata = { version = "0.29.0", path = "metadata" }
 subxt-codegen = { version = "0.29.0", path = "codegen" }
+subxt-signer = { version = "0.29.0", path = "signer" }
 test-runtime = { path = "testing/test-runtime" }
 substrate-runner = { path = "testing/substrate-runner" }
+
+# subxt-signer deps that I expect aren't useful anywhere else:
+bip39 = "2.0.0"
+hmac = "0.12.1"
+pbkdf2 = { version = "0.12.1", default-features = false }
+schnorrkel = "0.10.2"
+secrecy = "0.8.0"
+sha2 = "0.10.6"
+zeroize = { version = "1", default-features = false }
diff --git a/RELEASING.md b/RELEASING.md
@@ -65,7 +65,6 @@ We also assume that ongoing work done is being merged directly to the `master` b
     2.  Perform a final sanity check that everything looks ok.
 
         ```
-        cargo hack --exclude-all-features --each-feature check --all-targets --workspace
         cargo test --all-targets
         ```
 
@@ -77,12 +76,10 @@ We also assume that ongoing work done is being merged directly to the `master` b
             (cd codegen && cargo publish) && \
             (cd macro && cargo publish) && \
             (cd subxt && cargo publish) && \
+            (cd signer && cargo publish) && \
             (cd cli && cargo publish);
         ```
 
-        If you run into any issues regarding crates not being able to find suitable versions of other `subxt-*` crates,
-        you may just need to wait a little longer and then run the remaining portion of that command.
-
 10. If the release was successful, tag the commit that we released in the `master` branch with the
     version that we just released, for example:
 

diff --git a/cli/Cargo.toml b/cli/Cargo.toml
@@ -19,7 +19,7 @@ path = "src/main.rs"
 [dependencies]
 subxt-codegen = { workspace = true }
 subxt-metadata = { workspace = true }
-subxt = { workspace = true }
+subxt = { workspace = true, features = ["native", "jsonrpsee"] }
 clap = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 color-eyre = { workspace = true }

diff --git a/signer/Cargo.toml b/signer/Cargo.toml
@@ -0,0 +1,48 @@
+[package]
+name = "subxt-signer"
+version.workspace = true
+authors.workspace = true
+edition.workspace = true
+rust-version.workspace = true
+publish = true
+
+license.workspace = true
+readme = "README.md"
+repository.workspace = true
+documentation.workspace = true
+homepage.workspace = true
+description = "Sign extrinsics to be submitted by Subxt"
+keywords = ["parity", "subxt", "extrinsic", "signer"]
+
+[features]
+default = []
+
+# Make the keypair algorithms here compatible with Subxt's Signer trait,
+# so that they can be used to sign transactions for compatible chains.
+subxt = ["dep:subxt"]
+
+# The getrandom package is used via schnorrkel. We need to enable the JS
+# feature on it if compiling for the web.
+web = ["getrandom/js"]
+
+[dependencies]
+regex = { workspace = true }
+subxt = { workspace = true, optional = true }
+hex = { workspace = true }
+codec = { package = "parity-scale-codec", workspace = true, features = ["derive"] }
+sp-core-hashing = { workspace = true }
+thiserror = { workspace = true }
+pbkdf2 = { workspace = true }
+sha2 = { workspace = true }
+hmac = { workspace = true }
+zeroize = { workspace = true }
+bip39 = { workspace = true }
+schnorrkel = { workspace = true }
+secrecy = { workspace = true }
+
+# We only pull this in to enable the JS flag for schnorrkel to use.
+getrandom = { workspace = true, optional = true }
+
+[dev-dependencies]
+sp-core = { workspace = true, features = ["std"] }
+sp-keyring = { workspace = true }