RiB Newsletter #35
Welcome to the #35 edition of Rust in Blockchain, the monthly newsletter about Rust, distributed systems, cryptography, and other industry topics. Previous: #34.
This month Trail of Bits published disclosure of a class of security vulnerabilities in multiple zero-knowledge proof implementations. The four part series is a good read, though technically deep. One of the projects they audited and fixed is Dusk Network’s plonk implementation in Rust, increasing that library’s credibility.
We like hacking on many Rust blockchains, and hackathons are a great bite-sized opportunity to take a blockchain for a test-drive. This month Dfinity will be holding a hackathon, but that is the last one we have on the calendar. We’re interested in listing more hackathons in the newsletter; if you are aware of any please let us know.
Since adding a bunch of coverage last month for Rust Bitcoin projects, Hunter Trujillo has started a dedicated Rust in Bitcoin Telegram channel.
Thanks
Thanks to contributors: djddo, Genysys, Hunter Trujillo, Ilya Tegmark, keymakercasa, Max Wegman, Mikerah, Radha, Brian Anderson, and Aimee Zhu. Thank you for your help!
RiB needs help to keep up with Rust blockchain projects. If you follow a particular project, or otherwise find information that is beneficial to the Rust & blockchain community, please contribute to the next issue by submitting a PR to the next draft.
Project Spotlight
Each month we like to shine a light on a notable Rust blockchain project. This month that project is…
risc0 is an implementation of the RISC-V instruction set that produces zero-knowledge proofs of execution.
It can run arbitrary code produced by compilers of traditional languages like Rust.
This would seem to make zero-knowledge proof programming more accessible to the average programmer.
It was introduced in a recent blog post,
and with a Battleship example that shows how to create a fair distributed game of battleship
without a trusted server.
Interesting Things
News
- For Rust in Bitcoin, Taproot support has landed in rust-bitcoin and rust-miniscript. In addition, the first release of the MyCitadel Wallet was published by the LNP/BP team. It’s fully written in Rust, supports hardware signers like the Ledger Nano X and BitBox, and uses GTK and Relm.
Blog Posts
- Mesa’s New OpenCL Stack “Rusticl” Nearing Formal Support For OpenCL 3.0
- The Tower of Weakenings: Memory Models For Everyone
- Coordinated disclosure of vulnerabilities affecting Girault, Bulletproofs, and PlonK
- The Frozen Heart vulnerability in Girault’s proof of knowledge
- The Frozen Heart vulnerability in Bulletproofs
- The Frozen Heart vulnerability in PlonK
- What’s two-adicity?
- Understanding RGB Protocol
- Miniscript is coming to Bitcoin, and to your Ledger Nano!
- 7 Theses on a next step for BIP-119
Papers
- Practical Decentralized Oracle Contracts for Cryptocurrencies
- Design and analysis of a distributed ECDSA signing service
- Gemini: Elastic SNARKs for Diverse Environments
- Bulletproofs++
- Dew: Transparent Constant-sized zkSNARKs
- Crime and Punishment in Distributed Byzantine Decision Tasks (Extended Version)
Projects
- StoffelMPC: A framework for building MPC as a sidechain applications for blockchains
- oriac. A toy Cairo VM implementation in Rust
- RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture.
- Vulcan Signer: Software for building an embedded PSBT signing device
- Mori: A CLI descriptor-based wallet to be used to safely inherit bitcoin
Security Advisories
Monthly security advisories, from RustSec, and GitHub Advisories. Bold entries here are especially relevant to blockchain projects.
- RUSTSEC-2022-0017: Unsoundness in array-macro.
- GHSA-j35p-q24r-5367: Dep Group Remote Memory Exhaustion (Denial of Service) in ckb.
- GHSA-3227-r97m-8j95: Relative Path Traversal in afire serve_static.
Most Active in April
Solana: 590 merged PRs, 105 closed issues, 88 open issues
Parity: 471 merged PRs, 145 closed issues, 154 open issues
NEAR: 219 merged PRs, 51 closed issues, 45 open issues
Fuel: 213 merged PRs, 145 closed issues, 134 open issues
IOTA: 187 merged PRs, 46 closed issues, 34 open issues
Project Updates
Aleo
81 merged PRs (1, 2, 3, 4), 15 closed issues (1, 2, 3), 8 open issues (1, 2, 3)
Anoma
24 merged PRs (1, 2), 14 closed issues (1, 2), 26 open issues (1, 2, 3)
ChainSafe
34 merged PRs (1, 2, 3), 22 closed issues (1, 2, 3), 33 open issues (1, 2, 3)
COMIT
41 merged PRs (1, 2, 3), 16 closed issues (1), 4 open issues (1, 2)
Concordium
36 merged PRs (1, 2, 3, 4, 5, 6, 7), 22 closed issues (1, 2, 3, 4), 13 open issues (1, 2, 3, 4)
Conflux
14 merged PRs (1), 4 closed issues (1), 4 open issues (1)
DarkFi
1 merged PRs (1), 6 closed issues (1), 3 open issues (1)
Dfinity
70 merged PRs (1, 2, 3, 4, 5, 6, 7, 8), 8 closed issues (1, 2), 12 open issues (1, 2, 3, 4)
Dusk Network
35 merged PRs (1, 2, 3, 4, 5), 39 closed issues (1, 2, 3, 4), 4 open issues (1, 2, 3)
Elrond
93 merged PRs (1, 2, 3, 4, 5, 6, 7, 8), 0 closed issues, 2 open issues (1, 2)
Espresso Systems
89 merged PRs (1, 2, 3, 4, 5), 62 closed issues (1, 2, 3, 4, 5), 45 open issues (1, 2, 3)
Findora
66 merged PRs (1, 2, 3, 4, 5), 8 closed issues (1, 2), 2 open issues (1)
Fluence
55 merged PRs (1, 2, 3, 4, 5), 7 closed issues (1, 2), 10 open issues (1, 2)
Fuel
213 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9, 10), 145 closed issues (1, 2, 3, 4, 5, 6, 7), 134 open issues (1, 2, 3, 4, 5, 6)
Golem
32 merged PRs (1, 2, 3), 28 closed issues (1, 2, 3), 13 open issues (1, 2)
Grin
3 merged PRs (1), 1 closed issues (1), 2 open issues (1, 2)
Helium
13 merged PRs (1, 2, 3, 4), 3 closed issues (1, 2), 4 open issues (1, 2)
Holochain
31 merged PRs (1, 2), 0 closed issues, 1 open issues (1)
IOTA
187 merged PRs (1, 2, 3, 4, 5, 6), 46 closed issues (1, 2, 3, 4, 5), 34 open issues (1, 2, 3, 4, 5)
Maidsafe
62 merged PRs (1, 2, 3, 4, 5), 5 closed issues (1, 2), 6 open issues (1, 2)
MobileCoin
112 merged PRs (1, 2), 25 closed issues (1), 21 open issues (1, 2)
NEAR
219 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9), 51 closed issues (1, 2, 3, 4, 5, 6, 7, 8, 9), 45 open issues (1, 2, 3, 4, 5, 6, 7, 8, 9)
Nervos
158 merged PRs (1, 2, 3, 4, 5, 6, 7), 2 closed issues (1, 2), 2 open issues (1, 2)
Oasis
40 merged PRs (1, 2, 3), 6 closed issues (1), 5 open issues (1)
Parity
471 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), 145 closed issues (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14), 154 open issues (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
Secret Network
3 merged PRs (1, 2), 8 closed issues (1), 2 open issues (1)
Solana
590 merged PRs (1, 2, 3), 105 closed issues (1, 2), 88 open issues (1, 2, 3)
- Solana restarted after seven-hour outage caused by surge of transactions
- 04-30-22 Solana Mainnet Beta Outage Report and Mitigation
- Neon EVM: The Limitations for Ethereum Compatibility
- Solana programs Part 2: understanding SPL Associated Token Account
- Solana programs Part 3: understanding Metaplex Token Metadata
Subspace Labs
74 merged PRs (1), 18 closed issues (1), 6 open issues (1)
TezEdge
32 merged PRs (1, 2), 4 closed issues (1), 1 open issues (1)
Zcash
134 merged PRs (1, 2, 3, 4, 5, 6), 71 closed issues (1, 2, 3, 4, 5, 6), 34 open issues (1, 2, 3, 4)
Rust in Bitcoin
For discussion join the Rust in Bitcoin Telegram group .
BDK
18 merged PRs (1, 2, 3), 13 closed issues (1, 2, 3), 19 open issues (1, 2, 3)
Bitmask
7 merged PRs (1), 2 closed issues (1), 9 open issues (1)
Electrs
8 merged PRs (1), 3 closed issues (1), 4 open issues (1)
LDK
36 merged PRs (1, 2, 3), 9 closed issues (1, 2), 8 open issues (1)
LNP/BP
6 merged PRs (1, 2), 3 closed issues (1, 2, 3), 6 open issues (1, 2)
LNP WG
0 merged PRs, 1 closed issues (1), 3 open issues (1)
MyCitadel
0 merged PRs, 13 closed issues (1), 11 open issues (1)
Nakamoto
2 merged PRs (1), 0 closed issues, 0 open issues
Nomic
2 merged PRs (1), 0 closed issues, 5 open issues (1)
Rust Bitcoin
57 merged PRs (1, 2, 3, 4, 5), 13 closed issues (1, 2, 3), 18 open issues (1, 2, 3, 4, 5)
Rust Simplicity
1 merged PRs (1), 1 closed issues (1), 0 open issues
Sapio
5 merged PRs (1), 1 closed issues (1), 1 open issues (1)
Talaia
3 merged PRs (1), 0 closed issues, 1 open issues (1)
If we’ve missed any other notable Rust Bitcoin projects or ecosystems, feel free to contribute!
Rust in Ethereum
Ethers-rs
79 merged PRs (1), 11 closed issues (1), 5 open issues (1)
Lighthouse
1 merged PRs (1), 7 closed issues (1), 6 open issues (1, 2)
Rust Ethereum
1 merged PRs (1), 0 closed issues, 1 open issues (1)
Rust Web3
0 merged PRs, 0 closed issues, 4 open issues (1)
zkSync
0 merged PRs, 3 closed issues (1), 4 open issues (1)
If we’ve missed any other notable Rust Ethereum projects or ecosystems, feel free to contribute!
Events
May 10 - Jun 20 | Online
May 29-30 | Trondheim, Norway
CBCrypto 2022: International Workshop on Code-Based Cryptography
May 30 - Jun 3 | Trondheim, Norway
Jun 9-12 | Austin, TX, US
Jun 13-17 | Šibenik, Croatia
Summer school on real-world crypto and privacy
Jun 20-23 | New York, US
Jun 29-30 | Online, multiple cities
Aug 7-9 | Online, Las Vegas, US
Aug 13-18 | Santa Barbara, CA, US
Aug 29-31 | Arrillaga Alumni Center, Stanford University
SBC'22: The Science of Blockchain Conference 2022
Oct 7-16 | Bogota, Colombia
Careers
Blockstream | Remote
- Software Library Engineer (Rust)
- Software Library Engineer (C++)
- Network Engineer
- Sr. Product Manager
- Product Manager
- Technical Project Manager
- QA Engineer
- Qt Engineer
- Don’t see a role that fits? Apply here!
Casa | Remote
- Senior Infrastructure Engineer
- Lead Infrastructure Engineer
- Senior Backend Software Engineer
- Senior iOS Engineer
Cloud-On-Chain | Moscow
HashCloak | Toronto, Remote
Parity | Remote, Berlin, Lisbon, or United Kingdom
- Rust / Core Engineer - Parachains Engineering
- Rust / Core Engineer - Parachains Protocol
- Rust Engineer - Solidity Compiler
- Rust Engineer - General opening
Web3 Foundation | Zug or Remote
More jobs can be found at Job Board.
Want to be included in the next issue? Feel free to submit a PR to the next draft.
Join the discussion on RiB telegram group ❤️