RiB Newsletter #44
Welcome to the #44 edition of Rust in Blockchain, the monthly newsletter about Rust, distributed systems, cryptography, and other industry topics. Previous: #43.
Thanks
Thanks to contributors: camilahanada, gcharang, Kadan Stadelmann, Paul d’Aoust, Vid Kersic, Brian Anderson and Aimee Zhu. Thank you for your help!
RiB needs help to keep up with Rust blockchain projects. If you follow a particular project, or otherwise find information that is beneficial to the Rust & blockchain community, please contribute to the next issue by submitting a PR to the next draft.
Project Spotlight
Each month we like to shine a light on a notable Rust blockchain project. This month that project is…
This is a Rust implementation of Mina, a blockchain that uses SNARKs to validate the state of the blockchain without storing the blockchain itself. The distinguishing feature of this implementation is that it runs as WASM directly in a web browser, peering with other nodes via WebRTC and presenting a wallet UI, where most wallets require a semi-trusted RPC intermediary.
The ability to run completely in the browser has been a tantalizing promise of Mina, but with the primary codebase written in OCaml hadn’t previously materialized. This implementation was described recently in a blog post. It appears to be a different Rust implementation than the previous mina-rs.
Interesting Things
Blog Posts
- Harnessing the eBPF Verifier
- Consensus canon
- Generating secure randomness on Ethereum using SNARKs
- How to transform code into arithmetic circuits
- Role of Aggregators and Subcommittees
- Epochs, Slots and Beacon Blocks
- Cross-Chain Bridge Bugs: A Growing Problem
Papers
- The Tip5 Hash Function for Recursive STARKs
- Fair Delivery of Decentralised Randomness Beacon
- Flyover: A Repayment Protocol for Fast Bitcoin Transfers over Federated Pegs
- Single-tiered hybrid PoW consensus protocol to encourage decentralization in bitcoin
- Specialized Proof of Confidential Knowledge (SPoCK)
Projects
- Ordinals. A project that “imbues satoshis with numismatic value, allowing them to collected and traded as curios.”
- AES Encryption circuit. ZK-SNARK circuit to prove that a given ciphertext is the correct AES-128 encryption using a certain secret key.
- TFHE-rs. A pure Rust implementation of TFHE for boolean and small integer arithmetics over encrypted data.
- aa-bundler. EIP-4337 (Account Abstraction) - Bundler implementation in Rust.
- merkle_patricia_tree. Patricia Merkle Tree implementation in Rust.
- heimdall-rs. An advanced EVM toolkit that aims to make dealing with smart contracts on EVM based chains easier.
- cosmwasm-vm. Experimental, minimalistic, no_std friendly abstract virtual machine for CosmWasm contracts execution. Blog post: How we built a generalized CosmWasm VM.
- zk-benchmarking. A suite of benchmarks designed to compare different zero-knowledge proof libraries. Blog post: ZK System Benchmarking.
- ezkl. A library and command-line tool for doing inference for deep learning models and other computational graphs in a zk-SNARK.
- poseidon-circuit. Poseidon hash circuit and primitives. It integrated several Poseidon hash schemes from Zcash and iden3 and support sponge progress for hashing messages at any length.
- starknet_in_rust. A Rust implementation of Starknet by LambdaClass.
- Aurora Engine. EVM on the NEAR Protocol.
Security Advisories
Monthly security advisories, from RustSec, and GitHub Advisories. Bold entries here are especially relevant to blockchain projects.
- RUSTSEC-2023-0001:
tokio
- vulnerability. - RUSTSEC-2022-0075:
wasmtime
- vulnerability. - RUSTSEC-2022-0076:
wasmtime
- vulnerability. - RUSTSEC-2022-0077:
claim
- unmaintained. - RUSTSEC-2022-0078:
bumpalo
- unsoundness. - RUSTSEC-2022-0079:
elf_rs
- vulnerability. - RUSTSEC-2021-0146:
twoway
- unmaintained. - RUSTSEC-2022-0080:
parity-util-mem
- unmaintained.- It contains unpatched undefined behavior.
- RUSTSEC-2022-0081:
json
- unmaintained. - RUSTSEC-2023-0003:
libgit2-sys
- vulnerability. - RUSTSEC-2022-0082:
warp
- vulnerability. - RUSTSEC-2021-0147:
daemonize
- unmaintained. - CVE-2023-22895:
bzip2
- bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow. - CVE-2022-46176:
cargo
- Cargo did not verify SSH host keys. - CVE-2022-45299:
webbrowser-rs
- webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL. - CVE-2023-22499:
deno
- Deno is vulnerable to race condition via interactive permission prompt spoofing.
Most Active in January
Sui: 567 merged PRs, 94 closed issues, 124 open issues
Parity: 454 merged PRs, 150 closed issues, 149 open issues
Starkware: 452 merged PRs, 8 closed issues, 11 open issues
Solana: 401 merged PRs, 137 closed issues, 60 open issues
Fuel: 322 merged PRs, 259 closed issues, 134 open issues
Project Updates
Aleo
49 merged PRs (1, 2, 3, 4, 5), 114 closed issues (1, 2, 3), 11 open issues (1, 2, 3)
Anoma
83 merged PRs (1, 2, 3), 92 closed issues (1, 2, 3), 37 open issues (1, 2, 3)
Aptos
231 merged PRs (1), 110 closed issues (1), 56 open issues (1)
Casper
62 merged PRs (1, 2), 57 closed issues (1, 2), 36 open issues (1, 2)
COMIT
5 merged PRs (1), 5 closed issues (1), 2 open issues (1)
Concordium
60 merged PRs (1, 2, 3, 4, 5), 23 closed issues (1, 2, 3), 21 open issues (1, 2, 3, 4)
Conflux
5 merged PRs (1), 0 closed issues, 0 open issues
DarkFi
3 merged PRs (1), 1 closed issues (1), 1 open issues (1)
Dfinity
94 merged PRs (1, 2, 3, 4, 5, 6), 6 closed issues (1, 2, 3), 7 open issues (1, 2, 3)
Dusk Network
22 merged PRs (1, 2, 3, 4), 19 closed issues (1, 2, 3), 16 open issues (1, 2, 3)
Espresso Systems
31 merged PRs (1, 2, 3), 32 closed issues (1, 2, 3), 27 open issues (1, 2)
Filecoin
221 merged PRs (1, 2, 3, 4, 5, 6, 7, 8), 195 closed issues (1, 2, 3, 4, 5), 153 open issues (1, 2, 3, 4, 5)
Findora
21 merged PRs (1, 2, 3), 0 closed issues, 0 open issues
Fluence
119 merged PRs (1, 2, 3, 4, 5, 6, 7), 0 closed issues (), 2 open issues (1, 2)
Fuel
322 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14), 259 closed issues (1, 2, 3, 4, 5, 6, 7, 8), 134 open issues (1, 2, 3, 4, 5, 6)
Golem
16 merged PRs (1, 2, 3, 4), 53 closed issues (1, 2, 3, 4), 28 open issues (1)
Helium
16 merged PRs (1, 2, 3), 9 closed issues (1), 0 open issues ()
Holochain
81 merged PRs (1, 2, 3, 4), 16 closed issues (1, 2), 6 open issues (1, 2)
Holochain reached a maturity milestone in January with its 0.1.0 beta release, which comes with a six-month freeze on breaking changes. They’ve also recently released the first version of a CLI-driven dApp scaffolding tool similar to Rails’ scaffolder.
IOTA
106 merged PRs (1, 2, 3, 4), 42 closed issues (1, 2), 39 open issues (1, 2, 3, 4, 5, 6)
Maidsafe
97 merged PRs (1, 2, 3, 4), 2 closed issues (1), 8 open issues (1, 2)
Mina
0 merged PRs, 7 closed issues (1, 2), 1 open issues (1)
- Four ZK Technologies You Should Know
- Introducing the Web Node — an in-browser Mina node that verifies blocks and transfers funds. The source code openmina.
- zkIgnite, Cohort 1 Program Overview. A three-month program designed to help developers and entrepreneurs turn their innovative ideas into real-world applications and build successful businesses on Mina Protocol.
MobileCoin
41 merged PRs (1), 6 closed issues (1), 8 open issues (1)
MultiversX
61 merged PRs (1, 2, 3, 4, 5, 6), 5 closed issues (1, 2), 1 open issues (1)
NEAR
160 merged PRs (1, 2, 3, 4, 5, 6, 7, 8), 41 closed issues (1, 2, 3, 4, 5, 6), 58 open issues (1, 2, 3, 4, 5, 6, 7, 8)
Nervos
54 merged PRs (1, 2, 3, 4, 5, 6), 19 closed issues (1, 2, 3, 4), 7 open issues (1, 2, 3, 4, 5)
Oasis
7 merged PRs (1, 2, 3), 0 closed issues (), 2 open issues (1, 2)
Parity
454 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14), 150 closed issues (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12), 149 open issues (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
Radix
88 merged PRs (1, 2), 3 closed issues (1), 0 open issues
Secret Network
22 merged PRs (1, 2), 0 closed issues, 1 open issues (1)
Solana
401 merged PRs (1, 2, 3), 137 closed issues (1, 2), 60 open issues (1, 2)
Subspace Labs
45 merged PRs (1), 18 closed issues (1), 17 open issues (1)
Sui
567 merged PRs (1), 94 closed issues (1), 124 open issues (1)
Zcash
64 merged PRs (1, 2, 3, 4, 5), 48 closed issues (1, 2, 3, 4), 38 open issues (1, 2, 3, 4, 5)
Rust in Bitcoin
For discussion join the Rust in Bitcoin Telegram group.
AluVM
1 merged PRs (1), 1 closed issues (1), 1 open issues (1)
BDK
24 merged PRs (1, 2, 3, 4), 12 closed issues (1, 2, 3, 4), 17 open issues (1, 2)
BitMask
16 merged PRs (1), 5 closed issues (1), 3 open issues (1)
Cyphernet
19 merged PRs (1, 2), 2 closed issues (1), 13 open issues (1, 2)
Electrs
3 merged PRs (1), 2 closed issues (1), 4 open issues (1)
Fedimint
173 merged PRs (1), 95 closed issues (1), 87 open issues (1)
LDK
51 merged PRs (1, 2, 3), 19 closed issues (1, 2, 3), 17 open issues (1, 2)
LNP/BP
8 merged PRs (1, 2, 3, 4), 5 closed issues (1, 2, 3), 3 open issues (1, 2)
LNP WG
9 merged PRs (1, 2), 4 closed issues (1, 2), 2 open issues (1, 2)
Nakamoto
1 merged PRs (1), 1 closed issues (1), 0 open issues
Nomic
7 merged PRs (1, 2, 3), 1 closed issues (1), 0 open issues
RGB
4 merged PRs (1, 2), 11 closed issues (1, 2), 8 open issues (1)
Rust Bitcoin
48 merged PRs (1, 2, 3, 4), 41 closed issues (1, 2, 3, 4, 5), 21 open issues (1, 2, 3)
Rust Simplicity
6 merged PRs (1), 0 closed issues, 2 open issues (1)
Talaia
12 merged PRs (1), 6 closed issues (1), 2 open issues (1)
If we’ve missed any other notable Rust Bitcoin projects or ecosystems, feel free to contribute!
Rust in Ethereum
Ethers-rs
67 merged PRs (1), 11 closed issues (1), 12 open issues (1)
Foundry
96 merged PRs (1), 75 closed issues (1), 83 open issues (1)
Lighthouse
34 merged PRs (1), 13 closed issues (1), 20 open issues (1)
Mir Protocol
14 merged PRs (1), 0 closed issues, 2 open issues (1)
Starkware
452 merged PRs (1, 2, 3), 8 closed issues (1, 2), 11 open issues (1, 2)
- Papyrus: An Open-Source StarkNet Full Node. The source code papyrus.
- Cairo 1.0 is Here
If we’ve missed any other notable Rust Ethereum projects or ecosystems, feel free to contribute!
Events
Feb 15-17 | Barcelona, Spain | European Blockchain Convention 2023
Feb 24 - Mar 5 | Denver, USA | ETHDenver 2023
Mar 9-19 | Online | Holochain Dev Training for Rust Developers
Mar 13 - Apr 7 | Ho Chi Minh City, Vietnam | ZK Spring Residency in Vietnam
Mar 20-24 | Paris, France | Paris Blockchain Week
Mar 26 | Tokyo, Japan | FHE.org conference 2023
Mar 27-29 | Tokyo, Japan | RWC 2023
Apr 4 | Lisbon, Portugal | zkSummit9
May 1-5 | Bol, Brač, Croatia | Financial Cryptography and Data Security 2023
May 20-21 | Amsterdam, Netherlands | ETHDam
Jun 3-5 | Prague, Czech Republic | Gateway to Cosmos 2023
Jun 17-20 | Paris, France | EthCC
Aug 28-30 | Palo Alto, CA, US | The Science of Blockchain Conference 2023
Sep 11-13 | Berlin, Germany | DappCon
Careers
More jobs can be found at Job Board.
Want to be included in the next issue? Feel free to submit a PR to the next draft.
Join the discussion on RiB telegram group ❤️