URSA

Badge level for project 2447 is passing

2022 Q3 Hyperledger Ursa




2022 Q2 Hyperledger Ursa

2022 Q1 Hyperledger Ursa

2021 Q4 Hyperledger Ursa

2021 Q3 Hyperledger Ursa

Project:  we have lost some contributors and interest from the Indy ecosystem.  This is mostly because these contributors are happy with the current features that Ursa provides

2021 Q2 Hyperledger Ursa

We say something like this in pretty much every report, but we want to reiterate that we are always interested in getting in touch with others who want to use cryptography, and particularly so for people that want to use non-standardized crypto like threshold signatures or zero knowledge proofs.  If this describes you, please feel free to get in touch with us.

Maintainer Diversity

Active Maintainers:

Mike Lodder (Independent)
Brent Zundel (Evernym Inc.)
Dave Huseby (Independent)
Hart Montgomery (Fujitsu)
Dan Middleton (Intel)


Current Plans

We have a lot of stuff in the pipeline.  We'll list some things here:

  1. Perhaps most notably, we are still doing a large reorganization.  It's been slow.  All of our "fancy" crypto was structured in the form of a library we called zmix, which was originally designed to be an extensible zero knowledge proof system.  However, the people that designed that, while excellent, moved on from Ursa a while ago.  In the meantime, people have used Ursa in different ways than the zmix design originally anticipated.  As such, we are rearchitecting Ursa to better reflect how people are actually using Ursa today.  Mike and Brent, in particular, have done a great job getting this going.  
  2. At some point, we should have a zero knowledge library contribution.  The goal would be to enable flexible use of ZK proofs in a way that the underlying proof cryptography can be switched out in a modular manner.

At some point this year, we'll work on adding post-quantum implementations.  The timeline for this depends a bit on NIST though.

In terms of community management, we our discussing with Ry and David B about how to better do community outreach so that we can find more contributors and users.  We recognize that it is hard to find talented cryptographers and cryptographic engineers with time to contribute, but we need to expand our contributor base and so are going to make a concerted effort to do so.


Q4 Report

Q1 2021 2021 Q1 Hyperledger Ursa

Hyperledger Ursa

3/17/2021

1/12/2021

10/15


Hyperledger Ursa is a shared cryptographic library that would enable people (and projects) to avoid duplicating other cryptographic work and hopefully increase security in the process. The library would be an opt-in repository for projects (and, potentially others) to place and use crypto.

Key Characteristics

As Hyperledger has matured, the individual projects within Hyperledger have started to find a need for sophisticated cryptographic implementations. Rather than have each project implement its own cryptographic protocols, we think it would be more desirable to collaborate on a shared library. There are many reasons to do this:

  • Avoiding duplication: crypto implementations are notoriously difficult to get correct (particularly when side channels are taken into account) and often require a lot of work in order to complete with a high level of security. The library would potentially allow projects to share crypto implementations, avoiding unnecessary duplication and extra work.

  • Security: having most (or all) of the crypto code in a single location would substantially simplify doing a security analysis of the crypto portion of Hyperledger. In addition, the lack of duplication would mean that maintenance would be easier (and thus, hopefully, security bugs would be less numerous). People might also be less likely to “roll their own crypto” if there are easily accessible implementations.

  • Expert Review: In addition, the ability to enforce expert review of all cryptographic code should increase security as well. There has already been at least one substantial bug in a Hyperledger DLT platform at a cryptographic algorithm level. We think that having a concentration of cryptographic experts in Hyperledger will help us minimize the risk of this in the future.

  • Cross-platform interoperability: if two projects use the same crypto libraries, it will simplify (substantially in some cases) cross-platform interoperability, since cryptographic verification will involve the same protocols on both sides.

  • Modularity: This could be the first common component/module and a step towards modular DLT platforms, which share common components. While we have already outlined most of the advantages this modularity would bring in terms of actual functionality, a successful crypto library could encourage and push forward more modular activities.

  • New Projects: It would be easier for new projects to get off the ground if they had easy access to well-implemented, modular cryptographic abstractions.

Documentation

Project Management

Repositories

Communication

Mailing List

Chat (for questions and ephemeral discussions)

Meeting

  • Meetings happen every other week on Wednesdays at 7:00 AM Pacific Time.
    • The most recent meeting was on January 9th, 2019.
    • The next meeting will be on January 23rd, 2019.
  • Meeting recordings can be found in the "Meeting Agendas and Notes" tab.  Some (very old) previous meeting recordings can be found  here .

https://www.hyperledger.org/projects/ursa