2020 Q4 Hyperledger Ursa
Project
This report covers Hyperledger Ursa. We apologize for the fact that it is late. This can be blamed on @hartm for those looking for a reason.
Project Health
Ursa is reasonably healthy right now. The bad news: we have lost some contributors and interest from the Indy ecosystem. This is mostly because these contributors are happy with the current features that Ursa provides and don't feel the need to improve them, so this isn't a wholly negative thing. We expect these kinds of contributions to wax and wane, so it's not a truly negative thing, but it does show up in our project metrics. The good news: Philip and Mikaela from Scoir, who are relatively new contributors, have done great work on a Go interface from Ursa. We encourage the projects that heavily use Go to check out ursa-wrapper-go and see for themselves.
In sum, we could always use more contributors, but it's hard to find cryptographers and cryptographic engineers, so we expect our core group to not be too huge.
Questions/Issues for the TSC
We say something like this in pretty much every report, but we want to reiterate that we are always interested in getting in touch with others who want to use cryptography, and particularly so for people that want to use non-standardized crypto like threshold signatures or zero knowledge proofs. If this describes you, please feel free to get in touch with us.
Yes, that was a cut and paste, and yes, we will continue to post it. Please talk to us!
Releases
We have had three releases from ursa-wrapper-go since our last report. In particular, v0.1, v0.2, and v0.3 have been released (with v0.3 just recently released two days ago). In particular, v0.3 does a full round trip of Indy credentials. Thank you Philip and Mikaela for all your hard work on this!
We didn't have a core Ursa crate this quarter, but expect to release in the not too distant future. We have a lot of new features that we want to include (see below).
Overall Activity in the Past Quarter
We had two major foci of activity in the past quarter:
- We have a Go interface! Thanks go to Philip and Mikaela. It's right now focused on Indy credentials, but is certainly extensible.
- We added code to our core Rust library that handles a variety of secret sharing cases. Thanks Mike! While secret sharing itself is not widely used by itself, it is used as a tool for many different kinds of threshold cryptography, which is where we expect to use it.
Current Plans
We have a number of things on our docket. In addition to continuing existing work, we are doing the following:
- Perhaps most notably, we are doing a large reorganization. All of our "fancy" crypto was structured in the form of a library we called zmix, which was originally designed to be an extensible zero knowledge proof system. However, the people that designed that, while excellent, moved on from Ursa a while ago. In the meantime, people have used Ursa in different ways than the zmix design originally anticipated. As such, we are rearchitecting Ursa to better reflect how people are actually using Ursa today. Mike and Brent, in particular, have done a great job getting this going.
- We anticipate including new schemes for revocable credentials in Ursa next quarter. This contains some of the most complicated crypto we've included in Ursa to this point. Thanks again to Mike!
- We plan on streamlining our signature interface for more modular signatures.
- Threshold signatures. We've been meaning to do this for a long time, and hopefully now that we have secret sharing implementations that can be used for the initial key distribution, we can make good progress.
Maintainer Diversity
New Maintainers:
- Mikaela Tarkocheva (Scoir)
- Philip Feairheller (Scoir)
Current (Old) Maintainers:
- Mike Lodder (Independent)
- Brent Zundel (Evernym Inc.)
- Dave Huseby (Linux Foundation)
- Hart Montgomery (Fujitsu)
- Dan Middleton (Intel)
- Cam Parra (Kiva)
- Dan Anderson (Intel)
- Jon Geater (Jitsuin)
Some of these maintainers are obviously more active than others.
Contributor Diversity
Here is the relevant link from LF Analytics: https://insights.lfx.linuxfoundation.org/projects/hyperledger%2Fursa/dashboard?time=%7B%22from%22:%22now-90d%22,%22type%22:%22datemath%22,%22to%22:%22now%22%7D
The TL;DR is that overall contributions are about static, core contributions are down a little bit, and wrapper contributions are up (thanks Philip and Mikeala!).
While the project continues to move along, we do not have enough diversity to apply for active status at this point in time. Cryptographers and good cryptographic engineers are hard to find.
Additional Information
Since Mic Bowman is less involved in Hyperledger these days, we need to offer up another human sacrifice to the dunking booth in order to appease the gods of open source software. We would like to propose Dan Middleton, although of course we would be happy to consider TSC feedback.
In all seriousness, thanks for reading if you've made it this far and feel free to ask us questions. Sorry again for the late report!
Reviewed By
- Angelo de Caro
- Arnaud J LE HORS
- Arun S M
- Baohua Yang
- Bobbi Muscara
- Danno Ferrin
- David Enyeart
- Gari Singh
- Grace Hartley (Deactivated)
- Hart Montgomery
- María Teresa nieto
- Mark Wagner (Deactivated)
- Nathan George
- Tracy Kuhrt
- Troy Ronda