Enforce that any SharedArrayBuffers that get passed to crypto operations get cloned as non-shared#1116
Merged
Conversation
🦋 Changeset detectedLatest commit: bc62790 The changes in this PR will be included in the next version bump. This PR includes changesets to release 42 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Contributor
Author
BundleMonFiles updated (3)
Unchanged files (130)
Total files change +79B +0.02% Final result: ✅ View report in BundleMon website ➡️ |
steveluscher
commented
Dec 16, 2025
| type BaseEncoder<TFrom> = { | ||
| /** Encode the provided value and return the encoded bytes directly. */ | ||
| readonly encode: (value: TFrom) => ReadonlyUint8Array; | ||
| readonly encode: (value: TFrom) => ReadonlyUint8Array<ArrayBuffer>; |
Contributor
Author
There was a problem hiding this comment.
What do you think about this narrowing, @lorisleiva. I presume that encoders should never return a SharedArrayBuffer.
Member
There was a problem hiding this comment.
Looks good to me. I can't think of a scenario where you'd want the returned bytes to be shared — and if that was the case, you'd probably want to be super explicit about it and wrap the encoder into something else.
| * ``` | ||
| */ | ||
| export interface ReadonlyUint8Array extends Omit<Uint8Array, TypedArrayMutableProperties> { | ||
| export interface ReadonlyUint8Array<TArrayBuffer extends ArrayBufferLike = ArrayBufferLike> extends Omit< |
Contributor
Author
There was a problem hiding this comment.
Add the ability to say ‘no really, this ReadonlyUint8Array is not a SharedArrayBuffer’.
| import { ED25519_ALGORITHM_IDENTIFIER } from './algorithm'; | ||
|
|
||
| function addPkcs8Header(bytes: ReadonlyUint8Array): ReadonlyUint8Array { | ||
| function addPkcs8Header(bytes: ReadonlyUint8Array): ReadonlyUint8Array<ArrayBuffer> { |
Contributor
Author
There was a problem hiding this comment.
Here, we're able to express that it's readonly, and non-shared (because we just created it inline).
| export async function signBytes(key: CryptoKey, data: ReadonlyUint8Array): Promise<SignatureBytes> { | ||
| assertSigningCapabilityIsAvailable(); | ||
| const signedData = await crypto.subtle.sign(ED25519_ALGORITHM_IDENTIFIER, key, data); | ||
| const signedData = await crypto.subtle.sign(ED25519_ALGORITHM_IDENTIFIER, key, toArrayBuffer(data)); |
Contributor
Author
There was a problem hiding this comment.
Allows people to pass SharedArrayBuffers in here for signing, without triggering a runtime error.
steveluscher
force-pushed
the
12-16-enforce_that_any_sharedarraybuffers_passed_to_crypto_operations_get_cloned_as_non-shared
branch
from
dfb2fab to
ae1c4e9
Compare
Contributor
|
Documentation Preview: https://kit-docs-41gy0z0mn-anza-tech.vercel.app |
lorisleiva
approved these changes
Dec 16, 2025
| type BaseEncoder<TFrom> = { | ||
| /** Encode the provided value and return the encoded bytes directly. */ | ||
| readonly encode: (value: TFrom) => ReadonlyUint8Array; | ||
| readonly encode: (value: TFrom) => ReadonlyUint8Array<ArrayBuffer>; |
Member
There was a problem hiding this comment.
Looks good to me. I can't think of a scenario where you'd want the returned bytes to be shared — and if that was the case, you'd probably want to be super explicit about it and wrap the encoder into something else.
steveluscher
force-pushed
the
12-16-enforce_that_any_sharedarraybuffers_passed_to_crypto_operations_get_cloned_as_non-shared
branch
from
ae1c4e9 to
0769816
Compare
steveluscher
force-pushed
the
12-16-a_shared_method_for_converting_uint8arrays_to_arraybuffers_
branch
from
aeaf04e to
d6e2b8e
Compare
Contributor
Author
Merge activity
|
steveluscher
changed the base branch from
12-16-a_shared_method_for_converting_uint8arrays_to_arraybuffers_
to
graphite-base/1116
…tions get cloned as non-shared
steveluscher
force-pushed
the
12-16-enforce_that_any_sharedarraybuffers_passed_to_crypto_operations_get_cloned_as_non-shared
branch
from
0769816 to
bc62790
Compare
steveluscher
deleted the
12-16-enforce_that_any_sharedarraybuffers_passed_to_crypto_operations_get_cloned_as_non-shared
branch
Contributor
|
🔎💬 Inkeep AI search and chat service is syncing content for source 'Solana Kit Docs' |
This was referenced Dec 16, 2025
Merged
Closed
Contributor
|
Because there has been no activity on this PR for 14 days since it was merged, it has been automatically locked. Please open a new issue if it requires a follow up. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When you pass a
SharedArrayBufferto a crypto operation (eg.SubtleCrypto#sign) it fatals. TypeScript recently got more strict about this, resulting in type errors that make this PR necessary.Summary of Changes
In this PR we clone
SharedArrayBufferas non-shared when it's used in a crypto operation.