Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Library compatibility with Secure EcmaScript

See original GitHub issue

Secure EcmaScript proposal: https://github.com/tc39/proposal-ses

Steps to reproduce:

Only way we know how to reproduce is to run build on: https://github.com/NodeFactoryIo/metamask-snap-polkadot/tree/feature/connect-to-node

Error:

Build success: 'build/index.js' bundled as 'dist/bundle.js'!
Snap evaluation error: possible import expression rejected around line 8527

Code: Which makes no sense as that line contains comment so it might be due to snap evaluation code.

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:19 (10 by maintainers)

Top GitHub Comments

1reaction

jacogrcommented, Mar 22, 2020

1.8.0-beta.10 allows the initWasm: false flag which would skip init on the API level itself. Please give it a try as see if it gets down the road somewhat. (As mentioned, not having wasm means no sr25519 support, which depending on use is ok or not)

The util-crypto will still try imports from wasm-crypto in the utils to determine which path to take, i.e. if wasm is available it will use that, otherwise fallback. If this creates an issue, there would need to be some magic in the util-crypto done.

So if the flag itself does not get over the line, the stub of wasm-crypto is the other approach. In the project package.json -

"browser": {
    "@polkadot/wasm-crypto": "./noWasm"
  },

Where the noWasm.js file has the following -

export function isReady () {
  // always false, when true it will try and use non-existent functions
  return false;
}

export function waitReady () {
  // always immediate true, our process is done
  return Promise.resolve(true);
}

the waitReady is what is called on init
the isReady is what is called when the libs determine which path to take

(This is the hammer approach, even without the flag introduced it will just stub out the wasm completely, all ok for any hashing or ed25519 keys that can take either route)

0reactions

polkadot-js-botcommented, Jun 2, 2021

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue if you think you have a related problem or query.

Top Results From Across the Web

Securing JavaScript Modules - Medium

Support for ECMAScript modules has been released in SES (Secure ECMAScript) version 0.8.0. Generally, SES refers to an effort to introduce ...

Draft proposal for SES (Secure EcmaScript) - GitHub

Most legacy code obeying this practice is already compatible with lightweight realms descending from an immutable root realm. Some further qualifications are ...

Writing robust client-side code using Modern JavaScript

Supports JSX as well. • Microsoft TypeScript: technically not ES6 but roughly a superset of ES6. Bonus: type inference and optional static typing....

ecmascript-library-template - npm package - Snyk

Is ecmascript-library-template safe to use? The npm package ecmascript-library-template was scanned for known vulnerabilities and missing license, and no ...

ECMAScript® 2023 Language Specification - TC39

The ECMAScript library of built-ins was expanded to support additional data ... They might do so in the interests of security, to avoid...