History

continuist 05674b4caa Some checks failed Podman Rootless Demo / test-backend (push) Has been skipped Details Podman Rootless Demo / test-frontend (push) Has been skipped Details Podman Rootless Demo / build-backend (push) Has been skipped Details Podman Rootless Demo / build-frontend (push) Failing after 5m32s Details Podman Rootless Demo / deploy-prod (push) Has been skipped Details Add to project		2025-11-01 11:53:11 -04:00
..
src	Add to project	2025-11-01 11:53:11 -04:00
ARCHITECTURE.md	Add to project	2025-11-01 11:53:11 -04:00
Cargo.lock	Add to project	2025-11-01 11:53:11 -04:00
Cargo.toml	Add to project	2025-11-01 11:53:11 -04:00
LICENSE	Add to project	2025-11-01 11:53:11 -04:00
README.md	Add to project	2025-11-01 11:53:11 -04:00

README.md

Sharenet Passport Library

A secure Rust library for creating and managing Sharenet Passport files (.spf) for decentralized identity management.

Features

Secure Passport Creation: Generate encrypted .spf files with BIP-39 mnemonic recovery phrases
Ed25519 Key Generation: Cryptographically secure key derivation and signing
Recovery Support: Import passports from recovery phrases or existing .spf files
Export & Re-encrypt: Export passports with new passwords
Message Signing: Sign messages using your passport's private key
Security First: Zeroize memory management and secure file encryption
WASM Support: Compatible with web applications via WebAssembly

Installation

From Private Registry

[dependencies]
sharenet-passport = { version = "0.2.0", registry = "sharenet-sh-forgejo" }

Platform selection is automatic based on your compilation target:

Native targets (x86_64, aarch64, etc.): Use native implementations
WASM targets (wasm32-unknown-unknown): Use WASM implementations

Usage

Creating a New Passport

use sharenet_passport::{
    application::use_cases::CreatePassportUseCase,
    infrastructure::{Bip39MnemonicGenerator, Ed25519KeyDeriver, XChaCha20FileEncryptor, FileSystemStorage},
};

let use_case = CreatePassportUseCase::new(
    Bip39MnemonicGenerator,
    Ed25519KeyDeriver,
    XChaCha20FileEncryptor,
    FileSystemStorage,
);

let (passport, recovery_phrase) = use_case.execute("your-password", "passport.spf")?;

println!("Public Key: {:?}", passport.public_key());
println!("DID: {}", passport.did().as_str());
println!("Recovery Phrase: {}", recovery_phrase.to_string());

Importing from Recovery Phrase

use sharenet_passport::{
    application::use_cases::ImportFromRecoveryUseCase,
    infrastructure::{Bip39MnemonicGenerator, Ed25519KeyDeriver, XChaCha20FileEncryptor, FileSystemStorage},
};

let use_case = ImportFromRecoveryUseCase::new(
    Bip39MnemonicGenerator,
    Ed25519KeyDeriver,
    XChaCha20FileEncryptor,
    FileSystemStorage,
);

let recovery_words = vec!["word1".to_string(), "word2".to_string(), /* ... 24 words */];
let passport = use_case.execute(&recovery_words, "new-password", "recovered-passport.spf")?;

Signing Messages

use sharenet_passport::{
    application::use_cases::{ImportFromFileUseCase, SignCardUseCase},
    infrastructure::{XChaCha20FileEncryptor, FileSystemStorage},
};

// Import passport from file
let import_use_case = ImportFromFileUseCase::new(
    XChaCha20FileEncryptor,
    FileSystemStorage,
);

let passport = import_use_case.execute("passport.spf", "password", None)?;

// Sign message
let sign_use_case = SignCardUseCase::new();
let signature = sign_use_case.execute(&passport, "Hello, Sharenet!")?;

Architecture

Built with Clean Architecture principles:

Domain Layer: Core entities (Passport, RecoveryPhrase, PublicKey, etc.) and traits
Application Layer: Use cases (CreatePassport, ImportFromRecovery, SignCard, etc.)
Infrastructure Layer: Crypto implementations, file storage

Targets

The library automatically selects the appropriate implementation based on your compilation target:

Native Targets

Platforms: Linux, macOS, Windows, etc.
Storage: File system
RNG: System entropy (OsRng)
Time: System time

WASM Targets

Platforms: Web browsers, Node.js
Storage: Browser LocalStorage
RNG: Web Crypto API via getrandom
Time: JavaScript Date API

Optional Override Features

For testing and special cases:

force-wasm: Use WASM implementation even on native targets
force-native: Use native implementation even on WASM targets

These features are mutually exclusive and will trigger a compile error if both are enabled.

Security Features

XChaCha20-Poly1305: Authenticated encryption for file security
HKDF-SHA256: Key derivation from passwords
Zeroize: Secure memory wiping for sensitive data
BIP-39: Standard mnemonic generation and validation
Ed25519: Cryptographically secure signing

File Format (.spf)

Sharenet Passport Files (.spf) are encrypted containers that store:

Encrypted Seed: The master seed encrypted with XChaCha20-Poly1305
Public Key: Your Ed25519 public key
DID: Your Decentralized Identifier
Metadata: Creation timestamp, version, and encryption parameters

Development

Running Tests

# Test native implementation
cargo test

# Test WASM implementation
cargo test --target wasm32-unknown-unknown

# Test with override features
cargo test --features force-wasm
cargo test --features force-native

Building for Different Targets

# Build for native
cargo build

# Build for WASM
cargo build --target wasm32-unknown-unknown

License

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

You are free to:

Share — copy and redistribute the material in any medium or format
Adapt — remix, transform, and build upon the material

Under the following terms:

Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made.
NonCommercial — You may not use the material for commercial purposes.
ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.

To view a copy of this license, visit https://creativecommons.org/licenses/by-nc-sa/4.0/