This is Haskell bindings to perform signing using Ed25519 algorithm used in blockchains such as Cardano. This is meant to enable using YubiHSM (Yubico Hardware Security Module) as an offline signing device to hold the key and sign transactions instead of a wallet. It uses yubihsm.rs YubiHSM Rust community bindings.
The Rust and Haskell library can be built using Nix as follows,
# Rust
nix build .#rust
# Haskell
nix buildYou can also use cabal or cargo from inside of nix develop shell. For example,
nix develop
cd ./rustbits
cargo test
cd ../
cabal buildTo test the Haskell->Rust integration works, a Cabal executable is provided. You can run it as:
❯ nix run
thread '<unnamed>' panicked at 'could not connect to YubiHSM: Error(Context { kind: ProtocolError, source: Some(Error(Context { kind: ProtocolError, source: Some(Error(Context { kind: UsbError, source: Some(Message("no YubiHSM 2 devices detected")) })) })) })', src/lib.rs:39:49
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
fatal runtime error: failed to initiate panic, error 5
Aborted (core dumped)- Install Nix & enable Flakes
- Run
nix develop -c echoto sanity check your environment - Open as single-folder workspace in Visual Studio Code
- If you use
nix-direnv, install this extension, otherwise install this one.
- If you use
Some useful development works.
- When editing the Haskell library, run
nix develop -c ghcidto get fast compile feedback. - When editing the Haskell executable, run
nix develop -c ghcid -c 'cabal repl exe:yubihsm-ed-sign'to get fast compile feedback.- Add
-T :maininside of-cargument if you also want to run the main entrypoint.
- Add
- For Haskell repl,
nix develop -c cabal repl
rustbitsis the Rust code- The project root is the Haskell project that invokes that code through FFI