Bug Zenroom Npm Package Missing BBS+ And Coconut Features

by JurnalWarga.com 58 views
Iklan Headers

Hey everyone! We've run into a snag with the Zenroom npm package, and we wanted to share the details so you can avoid the same headache. It seems like some advanced cryptographic features, specifically BBS+ signatures and Coconut credentials, are missing from the package. While basic crypto stuff works fine, these advanced features are throwing undefined errors. Let's dive into the specifics!

Issue Summary: Advanced Crypto Features MIA

So, here's the deal, guys. The Zenroom npm package appears to be missing some pretty crucial cryptographic features that are actually documented as being available. We're talking about things like BBS+ signatures and Coconut credentials. While the basic cryptographic operations like ECDH, hashing, and random number generation are working like a charm, all the advanced features are failing miserably, giving us those dreaded undefined errors. It's like ordering a pizza with all the toppings and only getting the crust – super disappointing, right?

Current Behavior: A Tale of Two Cryptos

Right now, we've got a mixed bag of results. The basic cryptographic operations are playing nice. Things like hashing, generating random numbers, and ECDH key exchange are all working as expected. It’s all sunshine and rainbows in the land of basic crypto. But, when we try to use the BBS+ signatures or Coconut credentials, or even attempt advanced key generation, things go south real quick. We're getting undefined errors, which are about as helpful as a screen door on a submarine. It’s like the package is teasing us with the possibility of advanced features, only to snatch them away at the last moment.

Expected Behavior: Living Up to the Documentation

Now, according to the official documentation, things should be working a lot differently. The documentation clearly states that BBS+ signatures should be available, especially since they're mentioned in the benchmarks. And those Coconut credentials? They should be working just like they do in the DECODEproject examples. We're expecting these advanced cryptographic features to be fully functional in the npm package, just like the documentation promises. It's like expecting a fully equipped Swiss Army knife and only getting a toothpick – not quite what we signed up for!

Environment: Setting the Stage

To give you the full picture, here’s the environment we’re working in:

  • Node.js: v22.12.0
  • OS: Windows 11
  • Zenroom versions tested: 5.10.0, 5.18.0, 5.19.2
  • Package manager: npm 10.8.2

We've tried a bunch of different Zenroom versions to see if it was a version-specific issue, but no luck. The problem seems to be consistent across the board. It’s like the issue is following us around, no matter what we try!

Reproduction Steps: How to Break It Yourself

Want to see the problem in action? Here’s how you can reproduce the issue:

1. Installation

First, install the Zenroom package using npm:

npm install [email protected]

2. Basic Test (βœ… Works)

Let's start with a basic test to make sure things are generally working:

import { zencode_exec } from 'zenroom';

// This works
const result = await zencode_exec(`Given nothing
When I create the random of '32' bytes
Then print the 'random' as 'hex'`);
console.log(result.result); // βœ… SUCCESS: { "random":"..." }

This should print a random hex string, confirming that basic operations are functional. See? We're not crazy! Some things do work!

3. BBS+ Test (❌ Fails)

Now, let's try the BBS+ signatures:

import { zencode_exec } from 'zenroom';

// This fails
const result = await zencode_exec(`Scenario 'bbs': "Generate BBS+ keypair"
Given nothing
When I create the bbs key
Then print my 'bbs public key'`);
console.log(result); // ❌ ERROR: undefined

This will likely return undefined, indicating that the BBS+ feature is not working. Bummer!

4. Coconut Test (❌ Fails)

And now, for the Coconut credentials:

import { zencode_exec } from 'zenroom';

// This fails
const result = await zencode_exec(`Scenario 'coconut': "Generate credential issuer keypair"
Given that I am known as 'issuer_identifier'
When I create my new issuer keypair
Then print all data`);
console.log(result); // ❌ ERROR: undefined

Again, you'll probably get undefined, confirming that Coconut is also MIA. Double bummer!

Comprehensive Test Results: The Nitty-Gritty

We didn't just stop at a couple of tests. We put the Zenroom package through a systematic gauntlet to see what's really going on.

βœ… Working Features: The Good Stuff

  • Random byte generation
  • SHA256 hashing
  • ECDH key generation and operations
  • Basic string/number operations
  • Scenarios: 'w3c', 'reflow', 'petition' (basic operations only)

So, it's not all bad news. The core functionality is holding up, which is a relief. It's like the engine of the car is working, but the fancy GPS system is on the fritz.

❌ Failing Features: The Bad Stuff

  • BBS+ signatures (When I create the bbs key)
  • BLS operations (When I create the bls key)
  • Coconut credentials (When I create my new issuer keypair)
  • Advanced array operations (When I create the array of '32' random bytes)
  • Any operation involving advanced cryptographic primitives

Ouch. This is where it hurts. The advanced crypto features are a no-go. It’s like having a super-spy gadget that's missing its most important function – kind of defeats the purpose, doesn't it?

Systematic Test Output: The Cold, Hard Facts

FINAL RESULTS
========================================
Working tests: 2/6
Critical features: 0/4

❌ FAIL: No advanced crypto features
Full test suite results:

Coconut - Issuer Keypair: ❌ ERROR: undefined
Coconut - Credential Keypair: ❌ ERROR: undefined
BBS+ - Keypair: ❌ ERROR: undefined
BLS - Basic key: ❌ ERROR: undefined
ECDH - Reference: βœ… SUCCESS
Random - Reference: βœ… SUCCESS

The numbers don't lie. We're missing those critical advanced crypto features.

Analysis: Digging Deeper

Let's break down what we're seeing here:

  • Error Type: All advanced features return undefined without stack traces. This is super frustrating because it doesn't give us much to go on. It's like trying to diagnose a car problem without being able to look under the hood.
  • Consistency: The error pattern is consistent across versions (5.10.0, 5.18.0, 5.19.2). This suggests it's not a version-specific bug, but something more fundamental.
  • Scope: Only affects advanced cryptographic operations, not basic functionality. This narrows down the problem area, but it's still a pretty big chunk of functionality.
  • Documentation Mismatch: Features are documented but not accessible via npm package. This is the core of the issue. We're being promised features that aren't there, which is like false advertising in the crypto world.

Comparison with Official Sources: A Glimmer of Hope

ApiRoom.net (βœ… Works)

The official web playground at https://apiroom.net/ successfully executes the same Zencode scripts that fail in the npm package. This tells us that the core Zenroom implementation does have these features. It's like the features exist in the main building, but the npm package is a smaller annex that's missing some rooms.

GitHub Examples (βœ… Expected to work)

The repository DECODEproject/dddc-pilot-contracts contains working examples using the exact same syntax:

Scenario 'coconut': "Generate credential issuer keypair"
Given that I am known as 'issuer_identifier'
When I create my new issuer keypair
Then print all data

This further reinforces that the issue is specific to the npm package.

Attempted Solutions: We Tried, We Really Did

We didn't just sit around and complain. We tried a bunch of things to fix this:

  • Version Testing: Tested versions 5.10.0, 5.18.0, 5.19.2. No luck.
  • Clean Installation: Uninstalled, cleared cache, reinstalled. Nada.
  • Syntax Variations: Tried multiple syntax variations from official examples. Nope.
  • Environment Testing: Tested on different Node.js versions. Still no.
  • Memory Testing: Verified no memory constraint issues. Not the problem.

We threw everything we had at this, and it still didn't budge. It’s like trying to fix a flat tire with a banana – just not gonna work.

Suspected Root Cause: The Missing Pieces

Our current suspicion is that the npm package is a reduced build that includes only basic cryptographic operations. The full Zenroom implementation, which is available in the CLI and web versions, includes the complete feature set. It's like the npm package is a