key.to_secret_key is slow

[rakanalh]

Hello @tomusdrw,

Using this peice of code:

pub fn use_key(keystore_file: &String, password: String) -> Option<SecretKey> {
    let file = File::open(&keystore_file).unwrap();
    let key: KeyFile = serde_json::from_reader(file).unwrap();
    let password: Protected = password.into();
    if let Ok(secret) = key.to_secret_key(&password) {
        return Some(secret);
    }
    None
}

I noticed that it takes a relatively long time to unlock the key and return the secret. Is this something that could be optimized?

[tomusdrw]

Hi @rakanalh!

I can imagine a bunch of different reasons why it's slow:

1. The library was not really performance focused (see also Signature verification is very slow. #37), there might be some low hanging fruits to improve this, but a bit of profiling is needed.
2. We use pure-rust crypto, which might not be super optimised.
3. And IMHO most likely: keystore files can use different key derivation schemes with different params, the main point of this is to make it hard to brute force the keystore password (i.e. it's time consuming to decrypt the keystore file). Is it possible that your keyfile is simply using some large values?

Also make sure you run in --release mode.

I'd suggest caching decrypted keyfile if performance is important, but note it has security implications.

[rakanalh]

Thanks... i can't say the performance is better in --release mode.

The use case is being able to list keys in ~/.ethereum/keystore and trying to unlock one of the keys selected so that the SecretKey is returned. Though i totally understand the brute-force attach scenario, but in comparison with the python implementation trying to achieve the same use-case, weird enough that the python one would perform better.

Edit: Referring to this https://github.com/ethereum/eth-keyfile#eth_keyfiledecode_keyfile_jsonkeyfile_json-password----private_key