commit 0ad1c99d04d7d995db8a3fab576c5237a6a6a977
parent 3f5a0515225f4a5b781e625aad35c82af07bc0a2
Author: lash <dev@holbrook.no>
Date: Sun, 30 Jun 2024 17:54:18 +0100
Add io interface, fs getter for rss source
Diffstat:
7 files changed, 2647 insertions(+), 20 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
@@ -59,6 +59,12 @@ dependencies = [
]
[[package]]
+name = "bytes"
+version = "1.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9"
+
+[[package]]
name = "cfg-if"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -95,6 +101,7 @@ dependencies = [
"clap",
"digest",
"feed-rs",
+ "http",
"rs_sha512",
"tempfile",
]
@@ -162,6 +169,12 @@ dependencies = [
]
[[package]]
+name = "fnv"
+version = "1.0.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
+
+[[package]]
name = "form_urlencoded"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -201,6 +214,17 @@ dependencies = [
]
[[package]]
+name = "http"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258"
+dependencies = [
+ "bytes",
+ "fnv",
+ "itoa",
+]
+
+[[package]]
name = "idna"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/Cargo.toml b/Cargo.toml
@@ -16,6 +16,7 @@ clap = "2.34.0"
#sha2 = "^0.10.8"
#quick-xml = "^0.28.2"
rs_sha512 = "^0.1.3"
+http = "^1.0"
[dev-dependencies]
tempfile = "3.3.0"
diff --git a/src/io.rs b/src/io.rs
@@ -0,0 +1,17 @@
+use feed_rs::model::Feed;
+
+pub enum FeedMethod {
+ Read,
+ Create,
+ Update,
+}
+
+pub trait FeedGet {
+ fn get(&self, s: &str, method: Option<FeedMethod>) -> Result<Feed, u64>;
+}
+
+pub trait FeedPut {
+ fn put(&self, feed: &Feed, s: &str, method: Option<FeedMethod>) -> u64;
+}
+
+pub mod fs;
diff --git a/src/io/fs.rs b/src/io/fs.rs
@@ -0,0 +1,26 @@
+use super::FeedMethod;
+use super::FeedGet;
+use feed_rs::model::Feed;
+use feed_rs::parser;
+//use http::Uri;
+use std::path::Path;
+use std::fs::File;
+use core::str::FromStr;
+use std::io::stderr;
+
+pub struct Fs {
+}
+
+impl FeedGet for Fs {
+ fn get(&self, s: &str, method: Option<FeedMethod>) -> Result<Feed, u64> {
+ //let uri = Uri::from_str(s).unwrap();
+ let f = File::open(s).unwrap();
+ let feed = parser::parse(f).unwrap();
+ Ok(feed)
+ }
+}
+
+
+//pub get() -> Entry {
+//
+//}
diff --git a/src/lib.rs b/src/lib.rs
@@ -4,6 +4,7 @@ use std::hash::Hash;
use std::iter::Iterator;
use feed_rs::model::Entry;
use rs_sha512::Sha512Hasher;
+mod io;
pub struct Sequencer {
pub items: HashMap<u32, Vec<u8>>,
@@ -72,23 +73,4 @@ impl Hash for SequencerEntry {
}
#[cfg(test)]
-mod tests {
- use super::Sequencer;
- use feed_rs::model::Entry;
-
- #[test]
- fn test_entry_guard() {
- let mut r: bool;
- let mut seq = Sequencer::new();
- let mut src = Entry::default();
- src.id = String::from("foo");
- r = seq.add(src);
- assert!(r);
-
-
- let mut src_two = Entry::default();
- src_two.id = String::from("foo");
- r = seq.add(src_two);
- assert!(!r);
- }
-}
+mod tests;
diff --git a/src/tests.rs b/src/tests.rs
@@ -0,0 +1,29 @@
+use super::Sequencer;
+use feed_rs::model::Entry;
+use super::io::FeedGet;
+use super::io::fs::Fs;
+
+#[test]
+fn test_entry_guard() {
+ let mut r: bool;
+ let mut seq = Sequencer::new();
+ let mut src = Entry::default();
+ src.id = String::from("foo");
+ r = seq.add(src);
+ assert!(r);
+
+ let mut src_two = Entry::default();
+ src_two.id = String::from("foo");
+ r = seq.add(src_two);
+ assert!(!r);
+}
+
+#[test]
+fn test_feed_get() {
+ let r: bool;
+ let fs = Fs{};
+ let feed = fs.get("testdata/test.atom.xml", None).unwrap();
+ let mut seq = Sequencer::new();
+ r = seq.add(feed.entries.get(0).unwrap().clone());
+ assert!(r);
+}
diff --git a/testdata/test.atom.xml b/testdata/test.atom.xml
@@ -0,0 +1,2547 @@
+<?xml version="1.0" encoding="utf-8"?>
+<feed xmlns="http://www.w3.org/2005/Atom"><title>man bytes gnu</title><link href="/" rel="alternate"></link><link href="feeds/all.atom.xml" rel="self"></link><id>/</id><updated>2024-06-25T21:58:00+02:00</updated><entry><title>Secrets in the shell</title><link href="clortho.html" rel="alternate"></link><published>2024-06-25T20:46:00+02:00</published><updated>2024-06-25T21:58:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2024-06-25:clortho.html</id><summary type="html"><p class="first last">A key value store at your fingertips</p>
+</summary><content type="html"><p>Ever since I started using the <a class="reference external" href="https://www.passwordstore.org/">pass</a> CLI as my password manager, I've found myself putting all sorts of stuff in there; usernames, email, urls, crypto addresses, api keys, you name it.</p>
+<p>It makes total sense that some of these items are in there. For example, I store the url to a service together with the password, usually accompanied by the username and the email used <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>. No password recoveries needed.</p>
+<p>However, at some point I also started putting in things like crypto addresses, or even token smart contract addresses in there.</p>
+<p>That seemed less of a good fit.</p>
+<p>One thing is that it spams the password directory.</p>
+<p>Another, perhaps more sinister, issue is that it's pretty clear for anyone reading the directory what items you are storing data for.</p>
+<p>So what if I want to store key/value pairs, and at the same time I want to hide what I am storing?</p>
+<div class="section" id="hiding-in-plain-cipher-text">
+<h2>Hiding in plain cipher text</h2>
+<p>A simple solution is to hash the key together with some passphrase as &quot;salt&quot;, along the lines of this:</p>
+<div class="highlight"><pre><span></span><span class="nv">key</span><span class="o">=</span><span class="nv">$1</span>
+<span class="c1"># read passphrase from stdin</span>
+stty<span class="w"> </span>-echo
+<span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="s2">&quot;passphrase: &quot;</span>
+<span class="nb">read</span><span class="w"> </span>passphrase
+stty<span class="w"> </span><span class="nb">echo</span>
+hash_key<span class="o">()</span><span class="w"> </span><span class="o">{</span>
+<span class="w"> </span><span class="c1"># dump the passphrase (assuming mktemp stores in volatile memory)</span>
+<span class="w"> </span><span class="nv">ktt</span><span class="o">=</span><span class="k">$(</span>mktemp<span class="k">)</span>
+<span class="w"> </span><span class="nv">kt</span><span class="o">=</span><span class="k">$(</span>mktemp<span class="k">)</span>
+<span class="w"> </span>chmod<span class="w"> </span><span class="m">200</span><span class="w"> </span><span class="nv">$kt</span>
+<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$passphrase</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$kt</span>
+<span class="w"> </span>chmod<span class="w"> </span><span class="m">600</span><span class="w"> </span><span class="nv">$kt</span>
+<span class="w"> </span><span class="c1"># the salted key; first add the hashed passphrase (sha512)</span>
+<span class="w"> </span><span class="nv">kc</span><span class="o">=</span><span class="k">$(</span>sha512sum<span class="w"> </span><span class="nv">$kt</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{print $1;}&#39;</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$ktt</span><span class="k">)</span>
+<span class="w"> </span><span class="c1"># remove the stored passphrase</span>
+<span class="w"> </span>shred<span class="w"> </span><span class="nv">$kt</span>
+<span class="w"> </span><span class="c1"># then add the key to the mix, and hash again</span>
+<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$kp</span><span class="w"> </span>&gt;&gt;<span class="w"> </span><span class="nv">$ktt</span>
+<span class="w"> </span><span class="nv">kc</span><span class="o">=</span><span class="k">$(</span>sha512sum<span class="w"> </span><span class="nv">$ktt</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{print $1;}&#39;</span><span class="k">)</span>
+<span class="o">}</span>
+</pre></div>
+<p>The <tt class="docutils literal">kc</tt> variable at the end of the script above now contains the <em>salted</em> hash of the key.</p>
+<p>Specifically, in this implementation, given key <tt class="docutils literal">&quot;foo&quot;</tt> and passphrase <tt class="docutils literal">&quot;bar&quot;</tt>, the resulting key will be:</p>
+<p><tt class="docutils literal">a9454592edbed78c3abb739dd88567bc92cc4ea1feee8480c7204d48d7d0e9ce86f9c79d55e39751ceb3f2774913841056293a5e8e8f440a3f281dffabd6f540</tt>.</p>
+</div>
+<div class="section" id="added-value">
+<h2>Added value</h2>
+<p>Now we can encrypt the store the corresponding value, and store it in a file that has that literal hash as the key.</p>
+<p>Using <a class="reference external" href="https://ccrypt.sourceforge.net/">ccrypt</a> as an example:</p>
+<div class="highlight"><pre><span></span><span class="nv">data_dir</span><span class="o">=</span><span class="nv">$HOME</span>/.obfuscated
+<span class="nv">key</span><span class="o">=</span><span class="nv">$1</span>
+<span class="nv">vp</span><span class="o">=</span><span class="nv">$2</span>
+<span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$vp</span><span class="s2">&quot;</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$t</span>
+<span class="c1"># create a file for ccrypt to read, because supplying any other way in shell is not so safe.</span>
+<span class="nv">passfile</span><span class="o">=</span><span class="k">$(</span>mktemp<span class="k">)</span>
+chmod<span class="w"> </span><span class="m">600</span><span class="w"> </span><span class="nv">$passfile</span>
+<span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="nv">$passphrase</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$passfile</span>
+chmod<span class="w"> </span><span class="m">400</span><span class="w"> </span><span class="nv">$passfile</span>
+ccrypt<span class="w"> </span>-k<span class="w"> </span><span class="nv">$passfile</span><span class="w"> </span><span class="nv">$t</span>
+shred<span class="w"> </span><span class="nv">$passfile</span>
+<span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$?</span><span class="s2">&quot;</span><span class="w"> </span>-gt<span class="w"> </span><span class="s2">&quot;0&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span>
+<span class="w"> </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nb">set</span><span class="w"> </span>key<span class="w"> </span>fail
+<span class="w"> </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span>
+<span class="k">fi</span>
+<span class="c1"># run the code in the previous section</span>
+hash_key
+mkdir<span class="w"> </span>-vp<span class="w"> </span><span class="nv">$data_dir</span>
+cp<span class="w"> </span><span class="nv">$t</span>.cpt<span class="w"> </span><span class="nv">$data_dir</span>/<span class="nv">$kc</span>
+shred<span class="w"> </span><span class="nv">$t</span>.cpt
+</pre></div>
+<p>At the end of this operation, the <em>encrypted</em> value is stored in a file whose name is the <em>salted</em> hash of the key.</p>
+<div class="section" id="key-mastering">
+<h3>Key Mastering</h3>
+<p>Let's say you want to store some <a class="reference external" href="https://kobl.one/blog/create-full-ethereum-keypair-and-address/">Ethereum addresses</a> that are of interest to you, but should be of interest to noone else.</p>
+<p>So, let's choose a prefix for &quot;Ethereum addresses.&quot; Let it be <tt class="docutils literal">etha</tt></p>
+<p>Next, let's pick an identifier that we will remember, that describes the <em>purpose</em> of the address. In this case it's for &quot;governance of the organization 'Xy Zzy Co.'&quot;. The key then becomes <tt class="docutils literal">ethagovxyzzyco</tt>.</p>
+<p>Last, for a bit of extra fun, let's add some random stuff at the end of the string, like <a class="reference external" href="https://www.quotes.net/mquote/42425">shilling!shilling?oh,shilling</a>. Thus, we finally end up with <cite>ethagovxyzshilling!shilling?oh,shilling`</cite>.</p>
+<p>What we need to memorize here is:</p>
+<ul class="simple">
+<li>whenever referring to an <em>Ethereum address</em>. we use <tt class="docutils literal">etha</tt></li>
+<li>whenever referring to <em>governance</em>. we use <tt class="docutils literal">gov</tt></li>
+<li>whenever referring to an entity, we use the name of the organization <em>less whitespace and special characters</em>.</li>
+<li>the three above are added one after another</li>
+<li>add the extra fun</li>
+</ul>
+<p>There will of course always be a pattern to how you create and add similar structures for other categories, actions and entities.</p>
+<p>But the point here is to show that it doesn't take <em>that much</em> to have some advantage of <em>plausible deniability</em>: Even faced with the <a class="reference external" href="https://xkcd.com/538/">5 Dollar Wrench Problem</a>, if you are able to hold your ground, there is no feasible way to prove that you <em>don't own something</em>. Bite the bullet, absorb the pain, deny ownership, and you'll be fine.</p>
+</div>
+</div>
+<div class="section" id="perils-and-pitfalls">
+<h2>Perils and pitfalls</h2>
+<p>None of this is in no way safe by itself.</p>
+<p>Some concerns are named below. Surely there are others, too.</p>
+<div class="section" id="out-of-sight-but-still-mined">
+<h3>Out of sight, but still mined</h3>
+<p>You may find it a pain in the ass to type the passphrase for the key salt every time.</p>
+<p>An obvious workaround for that is to store the passphrase in a file.</p>
+<p>But keep in mind that, if you do that, the key obfuscation is going to be less safe than your regular passwords storage.</p>
+<p>That is to say: If the attacker can read your passwords ciphertext, most likely the attacked can read you obfuscation passphrase, too.</p>
+</div>
+<div class="section" id="out-of-mind-out-of-luck">
+<h3>Out of mind, out of luck</h3>
+<p>Maybe the most important thing to realize in this solution is that there is no way to recall the original keys from the file names under which the values are stored.</p>
+<p>Instead, the idea is that you decide on a naming scheme for certain crucial values you want to store, and <em>remember</em> how to reconstruct them. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a></p>
+</div>
+<div class="section" id="shell-shill">
+<h3>Shell shill</h3>
+<p>The code above has been adapted from a <tt class="docutils literal">bash</tt> tool I've already written for the purpose, given the name <a class="reference external" href="https://holbrook.no/src/clortho/file/clortho.sh.html#l10">Clortho</a>.</p>
+<p>Shell script is surely a very poor choice for this kind of thing, but at the time I simply wanted to write shell so that's how it ended up.</p>
+<p>I probably will rewrite it for another environment at some point.</p>
+<p>But for now it illustrates the point.</p>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>I use a different email for each service I sign up to, and for every other context I have to leave my email for something. I highly recommend this practice, aswell as running your own mail server. <a class="reference external" href="https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu">It really isn't that hard</a>.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>I'm not going to lie: That kind of thing takes practice. As in, you need to remind yourself from time to time what your scheme is. Perhaps that is an unthinkable proposition in the age of the Smartphone and the illusion of auxiliary instant truths. But I come from a time where I knew all numbers and addresses I needed to know by heart. The more you do it, the more you remember. The less you do it, the more you are dependent on others. What others do you depend on? And so on it goes...</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</div>
+</content><category term="Code"></category><category term="crypto"></category><category term="hash"></category><category term="sha512"></category><category term="bash"></category><category term="cli"></category><category term="ccrypt"></category></entry><entry><title>Keeping your gits in a row</title><link href="git-fresh.html" rel="alternate"></link><published>2024-06-18T16:28:00+02:00</published><updated>2024-06-18T16:33:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2024-06-18:git-fresh.html</id><summary type="html"><p class="first last">Scripts to keep your local git clone fresh, and help you move them around.</p>
+</summary><content type="html"><p>I believe that if you use a piece of code, you are also responsible for making sure that that code is available in the future.</p>
+<p>In this spirit, I decided a couple of years ago that I would keep a full clone of all VCS repositories that I use.</p>
+<div class="section" id="can-t-someone-else-do-it">
+<h2>Can't someone else do it?</h2>
+<p>Yeah, yeah, I hear ya.</p>
+<p>But imagine that one day you cannot reach the code repository anymore.</p>
+<p>It could be because you are working where internet is scarce or impossible to rely on.</p>
+<p>It could be that you have to cope with what was in your faraday cage when a giant solar flare happened.</p>
+<p>It could be that you, or the author of the code, have been cut off by the accelerating <a class="reference external" href="https://torrentfreak.com/the-eu-wants-its-own-dns-resolver-that-can-block-unlawful-traffic-220119/">weaponization of everything</a>.</p>
+<p>Or maybe none of the above happened. But you still understand and appreciate what it means to build a truly decentralized society, where we all participate and contribute, not only consume.</p>
+</div>
+<div class="section" id="git-organized">
+<h2>Git organized</h2>
+<p>For every <cite>git</cite> repository that I use, I actually keep a <em>local copy</em> on my daily device.</p>
+<p>I also keep a copy on a device at home, <em>and</em> on a remote device.</p>
+<p>My thinking is:</p>
+<ol class="arabic simple">
+<li>If I lose my laptop, I have two copies</li>
+<li>If my house burns down, I have two copies</li>
+<li>If my house burns down <em>with</em> my laptop inside, I have <em>at least one more copy</em>.</li>
+</ol>
+<p>... and so on.</p>
+</div>
+<div class="section" id="i-hate-to-move-it-move-it">
+<h2>I hate to move it, move it</h2>
+<p>Sometimes we have to, though,.</p>
+<p>And what can be a real pain is to move heaps of code repositories around. For example if you are moving to a new machine, or want to bootstrap a new copy without having to source the data yourself.</p>
+<p>To make this easier, I wrote the <a class="reference external" href="https://holbrook.no/src/gitrefresh/log.html">gitrefresh bash tool</a> to copy only the minimum of information required to source the data from a remote. <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a></p>
+</div>
+<div class="section" id="freshening-up">
+<h2>Freshening up</h2>
+<p>To make sense of what is what in the repository store, I use a simple folder structure.</p>
+<p>Obviously, when I create copies of the repository store, I would like to keep the same folder structure. So the tool needed to make that possible.</p>
+<p>Additionally, what's needed are tools to bootstrap a repository group from a list, and a tool to refresh those repositories periodically once they've been bootstrapped.</p>
+<p>To achieve this, I actually wrote <a class="reference external" href="https://holbrook.no/src/gitrefresh/log.html">three tools</a>, as follows:</p>
+<div class="section" id="gitlist-sh">
+<h3><cite>gitlist.sh</cite></h3>
+<p>create a list of <cite>git</cite> repositories under a filesystem path, with the option of preserving the directory structure.</p>
+</div>
+<div class="section" id="gitstart-sh">
+<h3><cite>gitstart.sh</cite></h3>
+<p>clone <cite>git</cite> repositories from a list generated from <code>gitlist.sh</code>, with or without direcory structure.</p>
+</div>
+<div class="section" id="gitrefresh-sh">
+<h3><cite>gitrefresh.sh</cite></h3>
+<p>fetch and merge updates from remotes of each repository under a directory.</p>
+</div>
+</div>
+<div class="section" id="behavior">
+<h2>Behavior</h2>
+<p>The <code>gitlist.sh</code> and <code>gitrefresh.sh</code> tools work more or less the same way.</p>
+<p>They traverse a directory structure recursively.</p>
+<p>Every time a valid git repository is found, that repository is processed. Afterwards, the tool will exit to the parent folder. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a></p>
+<div class="section" id="example">
+<h3>Example</h3>
+<p>Let's say we have three repositories that we are mirroring locally:</p>
+<ul class="simple">
+<li><code>https://github.com/bitcoin/bips</code> under <code>btc/bips</code></li>
+<li><code>https://aur.archlinux.org/libkeccak.git</code> under <code>os/archlinux/aur/libkeccak</code></li>
+<li><code>git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git</code> under <code>linux/linux</code></li>
+</ul>
+<p>First we use <code>gitlist.sh</code> to generate the list of repos to bootstrap <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a>:</p>
+<pre class="code console literal-block">
+<span class="gp">$ </span>gitlist.sh<span class="w"> </span>-p<span class="w"> </span><span class="p">|</span><span class="w"> </span>tee<span class="w"> </span>gitlist.txt<span class="w">
+</span><span class="go">https://github.com/bitcoin/bips btc/bips
+https://aur.archlinux.org/libkeccak.git os/archlinux/aur/libkeccak`
+git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git linux/linux`</span>
+</pre>
+<p>Using <code>gitstart.sh</code> with this list, we can restore this bunch of repositories <em>with</em> the same directory structure anywhere else:</p>
+<pre class="code console literal-block">
+<span class="gp">$ </span><span class="nb">cd</span><span class="w"> </span>/path/to/new/repos/location<span class="w">
+</span><span class="gp">$ </span>gitstart.sh<span class="w"> </span>&lt;<span class="w"> </span>gitlist.txt
+</pre>
+<p>Now, the idea is that from time to time you should get the latest changes from the upstream source.</p>
+<p>I simply combine <code>gitrefresh.sh</code> with <code>cron</code> to do this on the remote, while manually doing the refresh locally once in awhile.</p>
+<p>Using the tool, all it takes is:</p>
+<pre class="code console literal-block">
+<span class="gp">$ </span><span class="nb">cd</span><span class="w"> </span>/path/to/new/repos/location<span class="w">
+</span><span class="gp">$ </span>gitrefresh.sh<span class="w"> </span>pull
+</pre>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Yes. I didn't get beyond <cite>git</cite> yet. But at least it's a start.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>This, of course, means that the tool will not automatically archive code from <em>submodules</em>. The submodule construct is a target of both a lot of love and a lot of hate. Personally, I like it. But at the same time it is my opinion that it does not absolve us from <em>knowing</em> and being <em>mindful</em> which submodules a repository is using, and thus making sure that we have an independent clone of that repository.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>We add the <code>-p</code> flag to preserve the directory structure on disk.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</div>
+</content><category term="Archiving"></category><category term="git"></category><category term="bash"></category></entry><entry><title>A world clock in your terminal</title><link href="world-clock-terminal.html" rel="alternate"></link><published>2024-06-09T23:22:35+02:00</published><updated>2024-06-09T23:22:35+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2024-06-09:world-clock-terminal.html</id><summary type="html"><p class="first last">A single character command to display the current time of your favorite places in the world</p>
+</summary><content type="html"><div class="section" id="zoning-in">
+<h2>Zoning in</h2>
+<p>Timezones in Linux isn't a particularly intuitive issue.</p>
+<p>On my distro, archlinux, time-zone files are located in <tt class="docutils literal">/usr/share/zoneinfo</tt>, and there are several different categories of them.</p>
+<p>I've given up referencing time in the usual three- and four-letter acronyms like <tt class="docutils literal">CEST</tt> and <tt class="docutils literal">EST</tt> long ago. Not only are they ambiguous in themselves, but not all of them even have records in the zoneinfo tree.</p>
+<p>The best approach I have found so far is to look at the world continent directories, and look for nearby cities. Your OS alone may not be enough in all cases to figure out the zone for obscure locations, but at least it gets you half the way there.</p>
+<p>... as in, you ask your friend or associate to name some big cities close to them, and hope you find a match in your filesystem.</p>
+</div>
+<div class="section" id="environmental-zones">
+<h2>Environmental zones</h2>
+<p>Turns out that the <tt class="docutils literal">date</tt> command of GNU/Linux uses the environment variable <tt class="docutils literal">TZ</tt>, which lets you define the time-zone you want the output to be translated to.</p>
+<p>In my case at time of writing:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span><span class="nv">TZ</span><span class="o">=</span>America/El_Salvador<span class="w"> </span>date
+Sun<span class="w"> </span>Jun<span class="w"> </span><span class="m">9</span><span class="w"> </span><span class="m">05</span>:00:16<span class="w"> </span>PM<span class="w"> </span>CST<span class="w"> </span><span class="m">2024</span>
+
+<span class="c1"># sigh, see what I mean?</span>
+$<span class="w"> </span><span class="nv">TZ</span><span class="o">=</span>CST<span class="w"> </span>date
+Sun<span class="w"> </span>Jun<span class="w"> </span><span class="m">9</span><span class="w"> </span><span class="m">11</span>:04:12<span class="w"> </span>PM<span class="w"> </span>CST<span class="w"> </span><span class="m">2024</span>
+</pre></div>
+<p>Ugly, yes. Luckily <tt class="docutils literal">date</tt> also lets you format the output.</p>
+</div>
+<div class="section" id="times-tabled">
+<h2>Times, tabled</h2>
+<p>Now, let's bring those two together.</p>
+<div class="highlight"><pre><span></span><span class="nv">z</span><span class="o">=(</span><span class="s2">&quot;US/Hawaii&quot;</span><span class="w"> </span><span class="s2">&quot;America/El_Salvador&quot;</span><span class="w"> </span><span class="s2">&quot;US/Eastern&quot;</span><span class="w"> </span><span class="s2">&quot;Europe/Lisbon&quot;</span><span class="w"> </span><span class="s2">&quot;Europe/Berlin&quot;</span><span class="w"> </span><span class="s2">&quot;Africa/Nairobi&quot;</span><span class="w"> </span><span class="s2">&quot;Asia/Taipei&quot;</span><span class="o">)</span>
+<span class="k">for</span><span class="w"> </span>z<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="si">${</span><span class="nv">z</span><span class="p">[@]</span><span class="si">}</span><span class="p">;</span><span class="w"> </span><span class="k">do</span>
+<span class="w"> </span><span class="nv">d</span><span class="o">=</span><span class="k">$(</span><span class="nv">TZ</span><span class="o">=</span><span class="nv">$z</span><span class="w"> </span>date<span class="w"> </span>+<span class="s1">&#39;%H:%M:%S (%z)&#39;</span><span class="k">)</span>
+<span class="w"> </span><span class="nv">s</span><span class="o">=</span><span class="k">$(</span><span class="nb">printf</span><span class="w"> </span>%-16s<span class="w"> </span><span class="nv">$z</span><span class="k">)</span>
+<span class="w"> </span><span class="nb">echo</span><span class="w"> </span>-e<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$s</span><span class="s2">\t</span><span class="nv">$d</span><span class="s2">&quot;</span>
+<span class="w"> </span><span class="k">done</span>
+</pre></div>
+<p>This script iterates a list of valid time-zone strings from <tt class="docutils literal">/usr/share/zoneinfo</tt>, outputting the zone along with the time and offet in a readable, tabulated format.</p>
+<p>This results in:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>z
+US/Hawaii<span class="w"> </span><span class="m">13</span>:02:12<span class="w"> </span><span class="o">(</span>-1000<span class="o">)</span>
+America/El_Salvador<span class="w"> </span><span class="m">17</span>:02:12<span class="w"> </span><span class="o">(</span>-0600<span class="o">)</span>
+US/Eastern<span class="w"> </span><span class="m">19</span>:02:12<span class="w"> </span><span class="o">(</span>-0400<span class="o">)</span>
+Europe/Lisbon<span class="w"> </span><span class="m">00</span>:02:12<span class="w"> </span><span class="o">(</span>+0100<span class="o">)</span>
+Europe/Berlin<span class="w"> </span><span class="m">01</span>:02:12<span class="w"> </span><span class="o">(</span>+0200<span class="o">)</span>
+Africa/Nairobi<span class="w"> </span><span class="m">02</span>:02:12<span class="w"> </span><span class="o">(</span>+0300<span class="o">)</span>
+Asia/Taipei<span class="w"> </span><span class="m">07</span>:02:12<span class="w"> </span><span class="o">(</span>+0800<span class="o">)</span>
+</pre></div>
+<p>The <tt class="docutils literal">z</tt> here is merely an alias mapping added to <tt class="docutils literal">.bashrc</tt> <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>:</p>
+<div class="highlight"><pre><span></span><span class="nb">alias</span><span class="w"> </span><span class="nv">z</span><span class="o">=</span><span class="sb">`</span>bash<span class="w"> </span><span class="nv">$HOME</span>/scripts/timezones.sh<span class="sb">`</span>
+</pre></div>
+<p>Voila, now you have a world clock in your terminal at any time.</p>
+<p>And all it takes is two mere keystrokes.</p>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Of course, be a bit careful with those aliases. There are even commands in GNU/Linux with only one character, like <tt class="docutils literal">w</tt>. If you override them in aliases, your override takes precedence.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Offlining"></category><category term="bash"></category><category term="linux"></category></entry><entry><title>Introducing Wala</title><link href="wala.html" rel="alternate"></link><published>2022-10-05T14:39:00+02:00</published><updated>2022-10-05T14:39:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2022-10-05:wala.html</id><summary type="html"><p class="first last">A simple HTTP content-addressed storage with cryptographic identity pointers.</p>
+</summary><content type="html"><p>This little project is heavily inspired by the &quot;Single-Owner Chunk&quot; (previously &quot;Mutable Resource&quot;) concept from the <a class="reference external" href="https://ethswarm.org">Swarm project</a> <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>.</p>
+<p>Dubbed <a class="reference external" href="https://git.defalsify.org/wala">wala</a> <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a>, the rust application provides two features:</p>
+<ol class="arabic simple">
+<li>Store any uploaded data under the SHA256 digest of the content itself. We call this &quot;content addressed&quot; storage.</li>
+<li>Create a link alias to the content using a keyword and a cryptographic identity.</li>
+</ol>
+<p>First, let's briefly outline what the first item on the list is.</p>
+<div class="section" id="curl-up-and-digest">
+<h2>Curl up and digest</h2>
+<p>Say an instance of wala is listnening on <code>localhost:8000</code>.</p>
+<p>A simple demonstration of the content addressed storage could be:</p>
+<pre class="code console literal-block">
+<span class="gp">$&nbsp;</span>curl<span class="w"> </span>-X<span class="w"> </span>PUT<span class="w"> </span>http://localhost:8000<span class="w"> </span>--data<span class="w"> </span><span class="s2">&quot;foo&quot;</span><span class="w">
+</span><span class="go">2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae
+</span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>http://localhost:8000/2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae<span class="w">
+</span><span class="go">foo
+</span><span class="gp">$ </span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="s2">&quot;foo&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sha256sum<span class="w">
+</span><span class="go">2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae -</span>
+</pre>
+<p>In short, anything uploaded to the endpoint will be stored under and can be retrieved by its hash.</p>
+<p>That also means that if the content changes, so does the location.</p>
+</div>
+<div class="section" id="get-to-the-pointer">
+<h2>Get to the pointer</h2>
+<p>Now let's say you want a permanent link to content that is changing.</p>
+<p>If you are the only user of the instance, this would be straightforward thing. We could just use a keyword in the url.</p>
+<p>But if you are not, then authentication is needed to make sure that one user doesn't overwrite the another user's permanent link.</p>
+<p>This is usually accomplished with a username and password stored and controlled server-side.</p>
+<p>But we can also do this by simply using public key cryptography instead.</p>
+<div class="section" id="claiming-what-is-yours">
+<h3>Claiming what is yours</h3>
+<p>Since I have a weakness for PGP, the first implementation of authentication in wala has been implemented using the <a class="reference external" href="https://sequoia-pgp.org">&quot;sequoia openpgp&quot;</a> library.</p>
+<p>The procedure is straightforward enough:</p>
+<ol class="arabic simple">
+<li>Sign the content with your pgp key.</li>
+<li>Add an <cite>Authorization</cite> header <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a> with your public key and signature.</li>
+<li>Upload the content with an arbitrary keyword. <a class="footnote-reference" href="#footnote-4" id="footnote-reference-4">[4]</a></li>
+</ol>
+<p>If the signature over the content matches the public key, then a symbolic link to the content will be created on the server. That symbolic link will be a digest of the <em>key fingerprint</em> and the <em>keyword</em>.</p>
+<p>The content can then be accessed <em>both</em> using the content address <em>and</em> the symbolic link.</p>
+<p>In wala, the symbolic link is referred to as a <em>mutable reference</em>. We will use this term from now on.</p>
+</div>
+<div class="section" id="it-ain-t-pretty-but-it-works">
+<h3>It ain't pretty, but it works</h3>
+<p>Let's demonstrate creating such an entry in wala using some commonly available tools. <a class="footnote-reference" href="#footnote-5" id="footnote-reference-5">[5]</a></p>
+<p>We will use a fictional gnupg private key with the fingerprint <code>F3FAF668E82EF5124D5187BAEF26F4682343F692</code> and the keyword <code>foo</code> to create the mutable reference.</p>
+<pre class="code console literal-block">
+<span class="gp">$&nbsp;</span><span class="nv">sig</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="s2">&quot;bar&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>gpg<span class="w"> </span>-b<span class="w"> </span>-u<span class="w"> </span>F3FAF668E82EF5124D5187BAEF26F4682343F692<span class="w"> </span><span class="p">|</span><span class="w"> </span>base64<span class="w"> </span>-w<span class="w"> </span><span class="m">0</span><span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span><span class="nv">pub</span><span class="o">=</span><span class="sb">`</span>gpg<span class="w"> </span>--export<span class="w"> </span>F3FAF668E82EF5124D5187BAEF26F4682343F692<span class="w"> </span><span class="p">|</span><span class="w"> </span>base64<span class="w"> </span>-<span class="w"> </span>w<span class="w"> </span><span class="m">0</span><span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span>curl<span class="w"> </span>-v<span class="w"> </span>-X<span class="w"> </span>PUT<span class="w"> </span>http://localhost:8000/foo<span class="w"> </span>-H<span class="w"> </span><span class="s2">&quot;Authorization: PUBSIG:</span><span class="nv">$pub</span><span class="s2">:</span><span class="nv">$sig</span><span class="s2">&quot;</span><span class="w"> </span>--data<span class="w"> </span>bar<span class="w">
+</span><span class="go">* Trying 127.0.0.1:8000...
+</span><span class="gp"> % </span>Total<span class="w"> </span>%<span class="w"> </span>Received<span class="w"> </span>%<span class="w"> </span>Xferd<span class="w"> </span>Average<span class="w"> </span>Speed<span class="w"> </span>Time<span class="w"> </span>Time<span class="w"> </span>Time<span class="w"> </span>Current<span class="w">
+</span><span class="go"> Dload Upload Total Spent Left Speed
+ 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to localhost (127.0.0.1) port 8000 (#0)
+&gt; PUT /foo HTTP/1.1
+&gt; Host: localhost:8000
+&gt; User-Agent: curl/7.85.0
+&gt; Accept: */*
+&gt; Authorization: PUBSIG pgp:mQGNBF+hSOgBDACpkPQEjADjnQtjmAsdPYpx5N+OMJBYj1DAoIYsDtV6vbcBJQt94Om3xl7RBhv9m2oLgzPsiRwjCEFRWyNSu0BUp5CFjcXfm0S4K2egx4erFnTnSSC9S6tmVNrVNEXvScE6sKAnmJ7JNX1ExJuEiWPbUDRWJ1hoI9+AR+8EONeJRLo/j0Np+S4IFDn0PsxdT+SB0GY0z2cEgjvjoPr4lW9IAb8Ft9TDYp+mOzejn1Fg7CuIrlBRSAv+sj7bVQw15dh1SpbwtS5xxubCa8ExEGI4ByXmeXdR0KZJ+EA5ksO0iSsQ/6ipSOdSg+i0niOClFNm1P/OhbUsYAxCUfiX654FMn2zoxVBEjJ3e7l0pH7ktodaxEctPofQLBA9LSDUIejqJsU0npw/DHDD2uvxG+/A6lgV9L8ETlvgp8RzeOCf2bHuiKYYz87txvkFwsXgU1+TZxbk+mtCBbngsVPLNarY/KGkVJL+yhcHRD0Pl4wXUd6auQuY6vQ9AuKiCT1We2sAEQEAAbQeTWVyIE1hbiA8bWVybWFuQGdyZXlza3VsbC5jb20+iQHUBBMBCAA+FiEE8/r2aOgu9RJNUYe67yb0aCND9pIFAl+hSOgCGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ7yb0aCND9pLwiwwAhFJbAyUK05TJKfDz81757N472STtB8sfr0auwmRr8Zs1utHRVM0b/jkjTuo4uJNr7YVVKTKgE7+rJ+pwhm3wlTQ44LVLjByWAi/7NWg3E9b2elm+qkfgm/RfFt3vkuOxGSyZyIFFh+/twv6iABPvr6w7MZwrFaS0UP3g1VGa5TFqg6KNxod9H/gPLxv45lutXf3VvBZTJpr1pxn7aLHlFzEyIgNZbP/N1QF44GSrN/k0DfL631sZjauUXaZXbi5xGsKKCYwJ1g3q587pi6mTdTV3n0hKgVuipO8hGy5++YeOv+hXsCxDwyZ+Shv+qavd/SapxYgCdEueuwONIFfsIsWCd3SCcjKXicTTEFMu8nvBmf7xuo2hv6vEOxoijlXV+4LkGrskdB8ZMg8PywEx6DLmDokgnAhTLrTc1ShbkOtQ3yNjjyFK7BDpqobsJal6d8SpbhccUJLepaSmsk0CgJsTjhAl6EwX0EYgTo3kP5fScqrbD8VwQaT8CcE4rCV4uQGNBF+hSOgBDADHtpTT1k4x+6FN5OeURpKAaIsoPHghkJ2lb6yWmESCa+DaR6GXAKlbd0L9UMcXLqnaCn4SpZvbf8hP4fJRgWdRl5uVN/rmyVbZLUVjM8NcVdFRIrTsNyu4mLBmydc3iA/90sCTEOj9e7DSvxLmmLFjpwM5xXLd6z0l6+9G+woNmARXVS3V/RryFntyKC3ATCqVlJoQBG45Tj2gMIunpadTJXWmdioooeGW3sLeUv5MM98mSB4SjKRlJqGPNjx5lO6MmJbZeXZ/L/aO6EsXUQD2h82Wphll4rpGYWPiHTCYqZYiqNYr6E3xUpzcvWVp3uCYVJWP6Ds117p7BoyKVz00yxC9ledF3eppktZWqFVowCMihQE3676L3DDTZsnJf1/8xKUh5U2Mj3lBvjlvCECKi00qo8b1mn/OklQjJ5T4WzTrH6X+/zpez8ZkmtcOayHdUKD/64roZ9dXbXG/hp5A+UWj8oSVYKg2QNAwAnZ+aiZ2KVRE/Y61DCgFg6Ccx/cAEQEAAYkBvAQYAQgAJhYhBPP69mjoLvUSTVGHuu8m9GgjQ/aSBQJfoUjoAhsMBQkDwmcAAAoJEO8m9GgjQ/aSIPcL/3jqL2A2SmC+s0BO4vMPEfCpa2gZ/vo1azzjUieZu5WhIxb5ik0V6T75EW5F0OeZj9qXI06gW+IM8+C6ImUgaR3l47UjBiBPq+uKO9QuT/nOtbSs2dXoTNCLMQN7MlrdUBix+lnqZZGSDgh6n/uVyAYw8Sh4c3/3thHUiR7xzVKGxAKDT8LoVjhHshTzYuQq8MqlfvwVI4eESLaryQ+Y+j5+VLDzSLgPAnnIqF/ui2JQjefJxm/VLoYNaPAGdqoz/u/R0Tmz94bZUfLjgQaDoUpnxYywK2JGlf3mPZ3PNWjxJzuQTF5Ge5bz/TylnRYIyBT7KD7oaKHO62fhDbYPJ4f94iZN4B6nnTAeP34zFDlkUbX4AHudXU7bvxT5OUk9x9c2tj7xwxQHaEhq2+JsYW0EVw27RLhbymnBfLjVVUktNF0nQGvU2TEocw4pr2ZkDHQkSnlbNa4kujlL7VzbpnEgyOmi5er9GaIuVSVADovBu+pz/Ov1y/3jUe8hZ/KleQ==:iQGzBAABCAAdFiEE8/r2aOgu9RJNUYe67yb0aCND9pIFAmM9guIACgkQ7yb0aCND9pIEdwwAiLLqFlrKu0UsQebfuUP07cvGbYy9LfbCMsQj/3/pG/zl7q2mSl2YdXOalbaYD2uyGU/sm7J/+qQZXGyIjmDA7F53sNVAXTuYnrcKmYIzAmzW4lUAzfWA7yL55MtbR/eNUE1rqp/Gu/ejj1OedLyxi+tGFcXUHU0q8EnjQnzfHCJVzOa3PGMIX10NiXPjrF2pafAyE7q2ogwkKZdjJi+8tyAw0tviu4CRGOVlsNZlF+yxePZh55XdRZLCEt4n6mnJrccu0C22rM9R2dEReqGLAj8t/WhACI+UyNXtL+hICnu9y6wjk4spoMr0s0pqTQ76SMwfmRFzk11uZ+ge846hArcUxE27+AeBf9Q1IwT5Ypsc0Efm9ZPoJvA2ggcJv1Yyb58Ggfmd02xPW4EQ8MOEMLA/ZoAhOm3t3wATPNFG1ucm/o+NFNDpF7HNby+Savqv2NrbNwDMlWvFzRmER2+AIO0CIG2HVJScMEn7UkjF8jIm+ba3BIAXbz2FUZ3dytFF
+&gt; Content-Length: 3
+&gt; Content-Type: application/x-www-form-urlencoded
+&gt;
+} [3 bytes data]
+* Mark bundle as not supporting multiuse
+&lt; HTTP/1.1 200 OK
+&lt; Server: tiny-http (Rust)
+&lt; Date: Wed, 5 Oct 2022 13:15:37 GMT
+&lt; Content-Type: text/plain; charset=UTF-8
+&lt; Access-Control-Allow-Origin: *
+&lt; Access-Control-Allow-Methods: OPTIONS, PUT, GET
+&lt; Access-Control-Allow-Headers: Content-Type,Authorization,X-Filename
+&lt; Content-Length: 64
+&lt;
+{ [64 bytes data]
+100 67 100 64 100 3 3548 166 --:--:-- --:--:-- --:--:-- 3722100 67 100 64 100 3 3534 165 --:--:-- --:--:-- --:--:-- 3722
+* Connection #0 to host localhost left intact
+32ea47ecc5a3ee2576aab00c2f30eaabc2592d56e19f5c82fe4f7cf5874632b2
+</span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>http://localhost:8000/32ea47ecc5a3ee2576aab00c2f30eaabc2592d56e19f5c82fe4f7cf5874632b2<span class="w">
+</span><span class="go">bar
+</span><span class="gp">$ </span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span>bar<span class="w"> </span><span class="p">|</span><span class="w"> </span>sha256sum<span class="w">
+</span><span class="go">fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9
+</span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>http://localhost:8000/fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9<span class="w">
+</span><span class="go">bar</span>
+</pre>
+<p>Now, by changing the data and signature, the data under the mutable resource changes:</p>
+<pre class="code console literal-block">
+<span class="gp">$&nbsp;</span><span class="nv">sig</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="s2">&quot;xyzzy&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>gpg<span class="w"> </span>-b<span class="w"> </span>-u<span class="w"> </span>F3FAF668E82EF5124D5187BAEF26F4682343F692<span class="w"> </span><span class="p">|</span><span class="w"> </span>base64<span class="w"> </span>-w<span class="w"> </span><span class="m">0</span><span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>PUT<span class="w"> </span>http://localhost:8000/foo<span class="w"> </span>-H<span class="w"> </span><span class="s2">&quot;Authorization: PUBSIG:</span><span class="nv">$pub</span><span class="s2">:</span><span class="nv">$sig</span><span class="s2">&quot;</span><span class="w"> </span>--data<span class="w"> </span>xyzzy<span class="w">
+</span><span class="go">32ea47ecc5a3ee2576aab00c2f30eaabc2592d56e19f5c82fe4f7cf5874632b2
+</span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>http://localhost:8000/32ea47ecc5a3ee2576aab00c2f30eaabc2592d56e19f5c82fe4f7cf5874632b2<span class="w">
+</span><span class="go">xyzzy</span>
+</pre>
+</div>
+</div>
+<div class="section" id="building-your-identity">
+<h2>Building your identity</h2>
+<p>We can also recreate the symbolic link hash using local tools:</p>
+<pre class="code console literal-block">
+<span class="gp">$ </span><span class="nv">t</span><span class="o">=</span><span class="sb">`</span>mktemp<span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span><span class="nv">d</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span>foo<span class="w"> </span><span class="p">|</span><span class="w"> </span>sha256sum<span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">'{ printf &quot;%s&quot;,$1; }'</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sed<span class="w"> </span>-e<span class="w"> </span><span class="s1">'s/../\\\\x&amp;/g'</span><span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span><span class="nb">echo</span><span class="w"> </span>-ne<span class="w"> </span><span class="nv">$d</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$t</span><span class="w">
+</span><span class="gp">$ </span><span class="nv">k</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span>F3FAF668E82EF5124D5187BAEF26F4682343F692<span class="w"> </span><span class="p">|</span><span class="w"> </span>sed<span class="w"> </span>-e<span class="w"> </span><span class="s1">'s/../\\\\x&amp;/g'</span><span class="sb">`</span><span class="w">
+</span><span class="gp">$ </span><span class="nb">echo</span><span class="w"> </span>-ne<span class="w"> </span><span class="nv">$k</span><span class="w"> </span>&gt;&gt;<span class="w"> </span><span class="nv">$t</span><span class="w">
+</span><span class="gp">$ </span>cat<span class="w"> </span><span class="nv">$t</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sha256sum<span class="w">
+</span><span class="go">32ea47ecc5a3ee2576aab00c2f30eaabc2592d56e19f5c82fe4f7cf5874632b2 -</span>
+</pre>
+<p>In other words, the mutable reference is constructed using the following recipe.</p>
+<ol class="arabic simple">
+<li>Calculate binary value <code>R</code> of the SHA256 digest of the keyword (<code>sha256(foo) -&gt; 0x2C26B46B68FFC68FF99B453C1D30413413422D706483BFA0F98A5E886266E7AE</code>)</li>
+<li>Calculate binary value <code>K</code> of the key fingerprint (<code>0xF3FAF668E82EF5124D5187BAEF26F4682343F692</code>).</li>
+<li>Calculate binary value of SHA256 digest of <code>R | K</code> (<code>sha256(0x2C26B46B68FFC68FF99B453C1D30413413422D706483BFA0F98A5E886266E7AEF3FAF668E82EF5124D5187BAEF26F4682343F692) -&gt; 0x32EA47ECC5A3EE2576AAB00C2F30EAABC2592D56E19F5C82FE4F7CF5874632B2</code>)</li>
+</ol>
+<p>That means that anyone who knows the keyword and the public key of the uploader can calculate the mutable reference themselves, and retrieve the data behind it.</p>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Refer to <a class="reference external" href="https://www.ethswarm.org/The-Book-of-Swarm.pdf">section 4.3 of The Book of Swarm</a> for a description of &quot;feeds&quot; and &quot;single owner chunks.&quot; Swarm uses signatures to allow propagation of the data in the network. <code>wala</code> similarly uses signatures to accept update of resources &quot;owned&quot; by the holder of the private keys of an identity.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>At the time of writing <code>wala</code> is at version <code>0.1.1</code></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>A custom authorization scheme <code>PUBSIG</code> has been invented for this purpose. The format is <code>Authorization: PUBSIG pgp:key-fingerprint-in-base64&gt;:&lt;signature-in-base64&gt;</code>. Currently this is strictly just authentication, as there is no feature in wala (yet) to use access control lists to determine which public keys to allow PUTs from.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[4]</a></td><td>If you do not specify a keyword, the keyword value in the mutable resource reference will be the sha256 hash of an empty value (<code>0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</code>)</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[5]</a></td><td><code>wala</code> comes with a binary tool <code>wala_send</code> that lets you specify a key fingerprint in your default pgp keyring and a keyword as arguments when you upload data. A lot less messy, but a lot less educational, too.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Code"></category><category term="wala"></category><category term="pgp"></category><category term="crypto"></category><category term="storage"></category><category term="http"></category><category term="rust"></category></entry><entry><title>A portable book metadata exercise</title><link href="portable-book-metadata.html" rel="alternate"></link><published>2022-10-01T12:40:00+02:00</published><updated>2022-10-01T12:40:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2022-10-01:portable-book-metadata.html</id><summary type="html"><p class="first last">Structured approach to generate portable metadata files for bibliographies and literature files using cryptographic hash mapping.</p>
+</summary><content type="html"><p>One of the things I have been working on the last few weeks is a rust application I have dubbed <a class="reference external" href="https://git.defalsify.net/kitab">kitab</a> <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>.</p>
+<p>In short, the application makes it easy to extract literary metadata to a separate file structure.</p>
+<p>The metadata can in turn be applied as <em>extended attributes</em> recursively on a directory for files that match.</p>
+<p>The way it's accomplished it simple: The file name of the metadata is the hex representation of the digest of the file. The same digest is used to match files to metadata when applying it back to the file.</p>
+<p>There are two advantages to this:</p>
+<ol class="arabic simple">
+<li>The digest of the media file need not be affected by the metadata, i.e. by embedding metadata in the file itself.</li>
+<li>You do not need to use the file name to keep record of what a file is.</li>
+</ol>
+<div class="section" id="yarr-ye-matey-data">
+<h2>Yarr, ye matey-data</h2>
+<p>Let's demonstrate with an example.</p>
+<p>The fabulous <a class="reference external" href="https://libgen.rs">Library Genesis</a> project has made available an endpoint to retrieve <tt class="docutils literal">bibtex</tt> entries based on the <tt class="docutils literal">md5</tt> hash of the book media file.</p>
+<p>A version of the <a class="reference external" href="https://libgen.rs/book/index.php?md5=BCD99F1AB4155F2A2A362E5B7938A852">Bitcoin White Paper</a>, under the <code>md5</code> hash <code>bcd99f1ab4155f2a2a362e5b7938a852</code>, can be found there.</p>
+<p>If you download this file using a synchronous download link, the browser will provide you with a filename to go with the download.</p>
+<p>However, if you use the torrent alternative, the filename will be the <tt class="docutils literal">md5</tt> hash itself. If you are torrenting a bunch of those files, it quickly becomes a nuisance to distinguish them.</p>
+<p>And, of course: In either case there is no guarantee the any metadata comes with the file.</p>
+<div class="section" id="inside-the-book">
+<h3>Inside the book</h3>
+<p>Kitab (v0.0.2) is able to read metadata from both a bibtex source and xattr entries on a file, as well as its native <a class="reference external" href="https://www.w3.org/TR/turtle/">rdf-turtle</a> format.</p>
+<p>In kitab's data store, every media file entity in rdf-turtle is keyed with a <a class="reference external" href="https://www.rfc-editor.org/info/rfc8141">URN</a> specifying a digest for the file.</p>
+<p>To see exactly what that looks like, let's download and import the bibtex metadata for the paper <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a>:</p>
+<pre class="code bash literal-block">
+<span class="nv">bibtex_file</span><span class="o">=</span><span class="sb">`</span>mktemp<span class="sb">`</span><span class="w">
+</span><span class="nv">kitab_dir</span><span class="o">=</span><span class="sb">`</span>mktemp<span class="w"> </span>-d<span class="sb">`</span><span class="w">
+</span>curl<span class="w"> </span>-s<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>https://libgen.rs/book/bibtex.php?md5<span class="o">=</span>BCD99F1AB4155F2A2A362E5B7938A852<span class="w"> </span>-o<span class="w"> </span><span class="nv">$bibtex_file</span><span class="w">
+</span>kitab<span class="w"> </span>--store<span class="w"> </span><span class="nv">$kitab_dir</span><span class="w"> </span>import<span class="w"> </span>--digest<span class="w"> </span>md5:BCD99F1AB4155F2A2A362E5B7938A852<span class="w"> </span><span class="nv">$bibtex_file</span><span class="w">
+</span>cat<span class="w"> </span><span class="nv">$kitab_dir</span>/*
+</pre>
+<p>The output of the above should be:</p>
+<pre class="code turtle literal-block">
+<span class="nv">&lt;URN:md5:bcd99f1ab4155f2a2a362e5b7938a852&gt;</span> <span class="nv">&lt;https://purl.org/dc/terms/title&gt;</span> <span class="s">&quot;Bitcoin: A Peer-to-Peer Electronic Cash System&quot;</span> <span class="p">;</span>
+<span class="nv">&lt;https://purl.org/dc/terms/creator&gt;</span> <span class="s">&quot;Satoshi Nakamoto&quot;</span> <span class="p">;</span>
+<span class="nv">&lt;https://purl.org/dc/terms/type&gt;</span> <span class="s">&quot;book&quot;</span> <span class="p">.</span>
+</pre>
+<p>Now let's say the media file itself has been downloaded to <tt class="docutils literal"><span class="pre">~/.local/share/transmission</span></tt>. We can apply this metadata as extended attributes.</p>
+<p>This time we turn on logging to see what's going on:</p>
+<pre class="code console literal-block">
+<span class="gp">$ </span><span class="nv">RUST_LOG</span><span class="o">=</span>info<span class="w"> </span>kitab<span class="w"> </span>--store<span class="w"> </span><span class="nv">$kitab_dir</span><span class="w"> </span>apply<span class="w"> </span>--digest<span class="w"> </span>md5<span class="w"> </span>~/.local/share/transmission<span class="w">
+</span><span class="go">[2022-10-01T11:14:59Z INFO kitab] have index directory &quot;/tmp/tmp.r0jBm6q4hW&quot;
+[2022-10-01T11:14:59Z INFO kitab] using digest type md5
+[2022-10-01T11:14:59Z INFO kitab] apply from path &quot;/home/lash/.local/share/transmission/&quot;
+[2022-10-01T11:14:59Z INFO kitab] apply DirEntry(&quot;/home/lash/.local/share/transmission/bcd99f1ab4155f2a2a362e5b7938a852&quot;) -&gt; title &quot;Bitcoin: A Peer-to-Peer Electronic Cash System&quot; author &quot;Satoshi Nakamoto&quot; digest md5:bcd99f1ab4155f2a2a362e5b7938a852
+
+</span><span class="gp">$ </span>find<span class="w"> </span>~/.local/share/transmission<span class="w"> </span>-type<span class="w"> </span>f<span class="w"> </span>-regextype<span class="w"> </span>sed<span class="w"> </span>-regex<span class="w"> </span><span class="s2">&quot;.*/[a-f0-9]\{32\}</span>$<span class="s2">&quot;</span><span class="w"> </span>-exec<span class="w"> </span>getfattr<span class="w"> </span>-d<span class="w"> </span><span class="o">{}</span><span class="w"> </span><span class="se">\;</span><span class="w">
+</span><span class="gp"># </span>file:<span class="w"> </span>.local/share/transmission/bcd99f1ab4155f2a2a362e5b7938a852<span class="w">
+</span><span class="go">user.dcterms:creator=&quot;Satoshi Nakamoto&quot;
+user.dcterms:title=&quot;Bitcoin: A Peer-to-Peer Electronic Cash System&quot;
+user.dcterms:type=&quot;book&quot;</span>
+</pre>
+</div>
+<div class="section" id="let-the-right-one-in">
+<h3>Let the right one in</h3>
+<p>Conversely, the metadata can be re-imported directly from the extended attributes. And this time, let's store it both under the <tt class="docutils literal">md5</tt> and the <tt class="docutils literal">sha512</tt> hash:</p>
+<pre class="code bash literal-block">
+$<span class="w"> </span><span class="nv">kitab_dir_new</span><span class="o">=</span><span class="sb">`</span>mktemp<span class="w"> </span>-d<span class="sb">`</span><span class="w">
+</span>$<span class="w"> </span>kitab<span class="w"> </span>--store<span class="w"> </span><span class="nv">$kitab_dir_new</span><span class="w"> </span>import<span class="w"> </span>--digest<span class="w"> </span>md5<span class="w"> </span>--digest<span class="w"> </span>sha512<span class="w"> </span>.local/share/transmission/bcd99f1ab4155f2a2a362e5b7938a852<span class="w">
+</span>$<span class="w"> </span>find<span class="w"> </span><span class="nv">$kitab_dir_new</span><span class="w"> </span>-type<span class="w"> </span>f<span class="w"> </span>-exec<span class="w"> </span>cat<span class="w"> </span><span class="o">{}</span><span class="w"> </span><span class="se">\;</span><span class="w">
+</span>/tmp/tmp.B6j41YMmEM/493f2a720d63156d77187bcd5f0715e4e765a38d616ef47f24e0df817ee6b4f601d47a06ffae10ef1f6ba60bb5d2e99a26318f035f9cd56e30bfe7bcdf64a792<span class="w">
+</span>&lt;URN:sha512:493f2a720d63156d77187bcd5f0715e4e765a38d616ef47f24e0df817ee6b4f601d47a06ffae10ef1f6ba60bb5d2e99a26318f035f9cd56e30bfe7bcdf64a792&gt;<span class="w"> </span>&lt;https://purl.org/dc/terms/title&gt;<span class="w"> </span><span class="s2">&quot;Bitcoin: A Peer-to-Peer Electronic Cash System&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/creator&gt;<span class="w"> </span><span class="s2">&quot;Satoshi Nakamoto&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/type&gt;<span class="w"> </span><span class="s2">&quot;book&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/MediaType&gt;<span class="w"> </span><span class="s2">&quot;application/epub+zip&quot;</span><span class="w"> </span>.<span class="w">
+</span>/tmp/tmp.B6j41YMmEM/bcd99f1ab4155f2a2a362e5b7938a852<span class="w">
+</span>&lt;URN:md5:bcd99f1ab4155f2a2a362e5b7938a852&gt;<span class="w"> </span>&lt;https://purl.org/dc/terms/title&gt;<span class="w"> </span><span class="s2">&quot;Bitcoin: A Peer-to-Peer Electronic Cash System&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/creator&gt;<span class="w"> </span><span class="s2">&quot;Satoshi Nakamoto&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/type&gt;<span class="w"> </span><span class="s2">&quot;book&quot;</span><span class="w"> </span><span class="p">;</span><span class="w">
+ </span>&lt;https://purl.org/dc/terms/MediaType&gt;<span class="w"> </span><span class="s2">&quot;application/epub+zip&quot;</span><span class="w"> </span>.
+</pre>
+</div>
+</div>
+<div class="section" id="level-up">
+<h2>Level up</h2>
+<p>Finally, a bash script <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a> example that lets you retrieve and apply metadata for a batch of files found in the directory given as the <em>first positional arg</em>.</p>
+<p>This script even renames the files according to the metadata applied.</p>
+<pre class="code bash literal-block">
+<span class="ln"> 0 </span><span class="c1"># NOTE! this will only work if your fs supports xattr.
+</span><span class="ln"> 1 </span><span class="c1"># That's why we cannot use tmpfs (mktemp) here; tmpfs does not support xattr.
+</span><span class="ln"> 2 </span><span class="c1"></span><span class="w">
+</span><span class="ln"> 3 </span><span class="w"></span><span class="c1"># directory to copy media files to
+</span><span class="ln"> 4 </span><span class="c1"></span><span class="nv">outdir</span><span class="o">=</span>./<span class="k">$(</span>uuidgen<span class="k">)</span><span class="w">
+</span><span class="ln"> 5 </span><span class="w"></span>mkdir<span class="w"> </span>-vp<span class="w"> </span><span class="nv">$outdir</span><span class="w">
+</span><span class="ln"> 6 </span><span class="w">
+</span><span class="ln"> 7 </span><span class="w"></span><span class="c1"># Input dir is the first positional arg.
+</span><span class="ln"> 8 </span><span class="c1"></span><span class="nv">indir</span><span class="o">=</span><span class="nv">$1</span><span class="w">
+</span><span class="ln"> 9 </span><span class="w">
+</span><span class="ln">10 </span><span class="w"></span><span class="nv">IFS</span><span class="o">=</span><span class="s1">$'\n'</span><span class="w">
+</span><span class="ln">11 </span><span class="w">
+</span><span class="ln">12 </span><span class="w"></span><span class="c1"># Retrieve metadata for each file and import it into the kitab store.
+</span><span class="ln">13 </span><span class="c1"># Also copy the media file to the separate output directory.
+</span><span class="ln">14 </span><span class="c1"></span><span class="k">for</span><span class="w"> </span>f<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="k">$(</span>find<span class="w"> </span><span class="nv">$indir</span><span class="w"> </span>-type<span class="w"> </span>f<span class="k">)</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+</span><span class="ln">15 </span><span class="w"> </span><span class="nv">sum</span><span class="o">=</span><span class="k">$(</span>md5sum<span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">'{print $1;}'</span><span class="k">)</span><span class="w">
+</span><span class="ln">16 </span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;downloading metadata for </span><span class="nv">$indir</span><span class="s2">/</span><span class="nv">$f</span><span class="s2">&quot;</span><span class="w">
+</span><span class="ln">17 </span><span class="w"> </span><span class="nv">srct</span><span class="o">=</span><span class="k">$(</span>mktemp<span class="k">)</span><span class="w">
+</span><span class="ln">18 </span><span class="w"> </span>curl<span class="w"> </span>-s<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>https://libgen.rs/book/bibtex.php?md5<span class="o">=</span><span class="nv">$sum</span><span class="w"> </span>-o<span class="w"> </span><span class="nv">$srct</span><span class="w">
+</span><span class="ln">19 </span><span class="w"> </span><span class="nv">dstt</span><span class="o">=</span><span class="k">$(</span>mktemp<span class="k">)</span><span class="w">
+</span><span class="ln">20 </span><span class="w"> </span>xmllint<span class="w"> </span>--html<span class="w"> </span>--xpath<span class="w"> </span><span class="s1">'string(/html/body/textarea[&#64;id=&quot;bibtext&quot;])'</span><span class="w"> </span><span class="nv">$srct</span><span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$dstt</span><span class="w">
+</span><span class="ln">21 </span><span class="w"> </span>kitab<span class="w"> </span>import<span class="w"> </span>--digest<span class="w"> </span>md5:<span class="nv">$sum</span><span class="w"> </span><span class="nv">$dstt</span><span class="w">
+</span><span class="ln">22 </span><span class="w"> </span>cp<span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="nv">$outdir</span>/<span class="w">
+</span><span class="ln">23 </span><span class="w"></span><span class="k">done</span><span class="w">
+</span><span class="ln">24 </span><span class="w">
+</span><span class="ln">25 </span><span class="w"></span><span class="c1"># Apply metadata imported from bibtex as xattr for the media files.
+</span><span class="ln">26 </span><span class="c1"></span><span class="nv">RUST_LOG</span><span class="o">=</span>info<span class="w"> </span>kitab<span class="w"> </span>apply<span class="w"> </span>--digest<span class="w"> </span>md5<span class="w"> </span><span class="nv">$outdir</span>/<span class="w">
+</span><span class="ln">27 </span><span class="w">
+</span><span class="ln">28 </span><span class="w"></span><span class="c1"># Rename the files according to the metadata title and media type.
+</span><span class="ln">29 </span><span class="c1"></span><span class="k">for</span><span class="w"> </span>f<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="k">$(</span>ls<span class="w"> </span><span class="nv">$outdir</span><span class="k">)</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+</span><span class="ln">30 </span><span class="w"> </span><span class="nv">title</span><span class="o">=</span><span class="k">$(</span>getfattr<span class="w"> </span>--only-values<span class="w"> </span>-n<span class="w"> </span>user.dcterms:title<span class="w"> </span><span class="nv">$outdir</span>/<span class="nv">$f</span><span class="k">)</span><span class="w">
+</span><span class="ln">31 </span><span class="w">
+</span><span class="ln">32 </span><span class="w"> </span><span class="nv">f_typ</span><span class="o">=</span><span class="k">$(</span>file<span class="w"> </span>-b<span class="w"> </span>--mime-type<span class="w"> </span><span class="nv">$outdir</span>/<span class="nv">$f</span><span class="k">)</span><span class="w">
+</span><span class="ln">33 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;&quot;</span><span class="w">
+</span><span class="ln">34 </span><span class="w"> </span><span class="k">case</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$f_typ</span><span class="s2">&quot;</span><span class="w"> </span><span class="k">in</span><span class="w">
+</span><span class="ln">35 </span><span class="w"> </span><span class="s2">&quot;application/pdf&quot;</span><span class="o">)</span><span class="w">
+</span><span class="ln">36 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;.pdf&quot;</span><span class="w">
+</span><span class="ln">37 </span><span class="w"> </span><span class="p">;;</span><span class="w">
+</span><span class="ln">38 </span><span class="w"> </span><span class="s2">&quot;application/epub+zip&quot;</span><span class="o">)</span><span class="w">
+</span><span class="ln">39 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;.epub&quot;</span><span class="w">
+</span><span class="ln">40 </span><span class="w"> </span><span class="p">;;</span><span class="w">
+</span><span class="ln">41 </span><span class="w"> </span><span class="s2">&quot;application/x-mobipocket-ebook&quot;</span><span class="o">)</span><span class="w">
+</span><span class="ln">42 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;.mobi&quot;</span><span class="w">
+</span><span class="ln">43 </span><span class="w"> </span><span class="p">;;</span><span class="w">
+</span><span class="ln">44 </span><span class="w"> </span><span class="s2">&quot;text/plain&quot;</span><span class="o">)</span><span class="w">
+</span><span class="ln">45 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;.txt&quot;</span><span class="w">
+</span><span class="ln">46 </span><span class="w"> </span><span class="p">;;</span><span class="w">
+</span><span class="ln">47 </span><span class="w"> </span><span class="s2">&quot;text/html&quot;</span><span class="o">)</span><span class="w">
+</span><span class="ln">48 </span><span class="w"> </span><span class="nv">f_ext</span><span class="o">=</span><span class="s2">&quot;.html&quot;</span><span class="w">
+</span><span class="ln">49 </span><span class="w"> </span><span class="p">;;</span><span class="w">
+</span><span class="ln">50 </span><span class="w"> </span>*<span class="o">)</span><span class="w">
+</span><span class="ln">51 </span><span class="w"> </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span>unhandled<span class="w"> </span>mime<span class="w"> </span><span class="nb">type</span><span class="w"> </span><span class="nv">$f_typ</span><span class="w">
+</span><span class="ln">52 </span><span class="w"> </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+</span><span class="ln">53 </span><span class="w"> </span><span class="k">esac</span><span class="w">
+</span><span class="ln">54 </span><span class="w"> </span>mv<span class="w"> </span>-v<span class="w"> </span><span class="nv">$outdir</span>/<span class="nv">$f</span><span class="w"> </span><span class="nv">$outdir</span>/<span class="si">${</span><span class="nv">title</span><span class="si">}${</span><span class="nv">f_ext</span><span class="si">}</span><span class="w">
+</span><span class="ln">55 </span><span class="w"></span><span class="k">done</span>
+</pre>
+<p>This last example will result in:</p>
+<ul class="simple">
+<li>A media file named <tt class="docutils literal">$outdir/Bitcoin: A <span class="pre">Peer-to-Peer</span> Electronic Cash System.epub</tt></li>
+<li>... with metadata applied as extended attributes</li>
+<li>An rdf-turtle metadata entry in <tt class="docutils literal"><span class="pre">~/.local/share/kitab/idx/bcd99f1ab4155f2a2a362e5b7938a852</span></tt></li>
+</ul>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>The relevant documentation for <tt class="docutils literal">kitab</tt> at the time of writing is <a class="reference external" href="https://defalsify.org/doc/crates/kitab/0.0.2/kitab/">here</a>. To build kitab, simply <em>clone</em> the repository and build with <code>cargo build --all-features</code>.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>The <code>kitab</code> command in the script assumes you have built the <em>kitab binary</em> and made it available in your path.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>the script uses <code>xmllint</code> which on archlinux is provided by the <tt class="docutils literal">libxml2</tt> package.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Archiving"></category><category term="hash"></category><category term="kitab"></category><category term="literature"></category><category term="metadata"></category><category term="dublincore"></category><category term="libgen"></category></entry><entry><title>Combining duplicity and rsync</title><link href="backup-rsync-duplicity.html" rel="alternate"></link><published>2022-01-15T16:57:00+01:00</published><updated>2022-01-15T16:57:00+01:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2022-01-15:backup-rsync-duplicity.html</id><summary type="html"><p class="first last">An exercise in combining plain and encrypted backups on local and remote hosts</p>
+</summary><content type="html"><p>There are two awesome, weathered tools out there that are all you really need for your personal backups. <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a> One is the <a class="reference external" href="https://rsync.samba.org/">rsync cli</a>, the other is <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a>.</p>
+<p>The former should need no introduction.</p>
+<p>The latter operates more like tar. But it still works over ssh like rsync. In fact, it's based on <a class="reference external" href="http://librsync.sourcefrog.net/">librsync</a> which implements the <a class="reference external" href="https://rsync.samba.org/tech_report/">rsync protocol</a>. The special sauce however is, of course, <em>encryption</em>.</p>
+<div class="section" id="backup-categories">
+<h2>Backup categories</h2>
+<p>Let's for the sake of argument say that our personal backups can be divided in three categories:</p>
+<div class="section" id="stuff-that-can-be-public">
+<h3>Stuff that can be public</h3>
+<p>Code snippets, git repositories, public data store states (e.g. blockchain ledgers), copies of OS packages and any other assets assets without redistribution issues.</p>
+<p>For this we will use <a class="reference external" href="https://rsync.samba.org/">rsync</a>.</p>
+</div>
+<div class="section" id="sensitive-stuff">
+<h3>Sensitive stuff</h3>
+<p>Passwords, keys, contacts, calendars, contracts, invoices, task lists, databases, system configurations, application data.</p>
+<p>For this we will use <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a>.</p>
+</div>
+<div class="section" id="secret-stuff">
+<h3>Secret stuff</h3>
+<p>Long-lived keys, password- and volume decryption keys, cryptocurrency keys and meta-information about the backups themselves.</p>
+<p>This will not be addressed now.</p>
+</div>
+</div>
+<div class="section" id="why-not-just-one-or-the-other">
+<h2>Why not just one or the other?</h2>
+<p><a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">Duplicity</a> stores everything in an archive file format. That means that you must first authenticate, decrypt and unpack the archive in order to even browse the files inside.</p>
+<p>If there is no reason to keep the files from prying eyes, then it's much more practical to be able to browse the files where they lie, with the regular filesystem tools. In such a case, <a class="reference external" href="https://rsync.samba.org/">rsync</a> will scratch your itch.</p>
+<p>For the <strong>sensitive</strong> and <strong>secret stuff</strong>, there would be no real need to use <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a> if you were only operating on your local host. You'd just use an encrypted volume <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a> and <a class="reference external" href="https://rsync.samba.org/">rsync</a> everything in there.</p>
+<p>But half the point here is to keep remote copies aswell as your local ones. You know, in case of fire, hardware-eating locust swarms or some totalitarian minions nabbing all your electronics. Unless &quot;remote&quot; here means some box hidden in some moated leisure castle of yours, you'll want to encrypt everything <em>before</em> you ship it off. And that's where <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a> comes in.</p>
+</div>
+<div class="section" id="vive-la-difference">
+<h2>Vive la difference</h2>
+<p>Of course, it would be too much to hope for that <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a> and <a class="reference external" href="https://rsync.samba.org/">rsync cli</a> have aligned the ways they parse their invocation parameters.</p>
+<p>Here are some examples <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a> of how they do <em>not</em> match:</p>
+<div class="section" id="local-to-local">
+<h3>local to local</h3>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>rsync<span class="w"> </span>-a<span class="w"> </span>src/<span class="w"> </span>/path/to/dst/
+
+$<span class="w"> </span>duplicity<span class="w"> </span>src/<span class="w"> </span>file:///path/to/dst/
+</pre></div>
+</div>
+<div class="section" id="local-to-remote-relative-path">
+<h3>local to remote, relative path</h3>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>rsync<span class="w"> </span>-a<span class="w"> </span>src/<span class="w"> </span>user@remotehost:path/to/dst/
+
+$<span class="w"> </span>duplicity<span class="w"> </span>src/<span class="w"> </span>scp://user@remotehost/path/to/dst
+</pre></div>
+</div>
+<div class="section" id="toggle-dotfiles-from-current-path">
+<h3>toggle dotfiles from current path</h3>
+<div class="highlight"><pre><span></span><span class="c1"># include only .foo/foo.txt given the current structure:</span>
+$<span class="w"> </span>tree<span class="w"> </span>src/<span class="w"> </span>-a
+src/
+├──<span class="w"> </span>.bar
+├──<span class="w"> </span>baz
+└──<span class="w"> </span>.foo
+<span class="w"> </span>└──<span class="w"> </span>foo.txt
+
+$<span class="w"> </span>rsync<span class="w"> </span>--exclude<span class="o">=</span><span class="s2">&quot;.b*&quot;</span><span class="w"> </span>--include<span class="o">=</span><span class="s2">&quot;.*/***&quot;</span><span class="w"> </span>--exclude<span class="o">=</span><span class="s2">&quot;*&quot;</span><span class="w"> </span>./<span class="w"> </span>../dst/
+
+$<span class="w"> </span>duplicity<span class="w"> </span>--exclude<span class="o">=</span><span class="s2">&quot;./.b*&quot;</span><span class="w"> </span>--include<span class="o">=</span><span class="s2">&quot;./.*/***&quot;</span><span class="w"> </span>--exclude<span class="o">=</span><span class="s2">&quot;*&quot;</span><span class="w"> </span>./<span class="w"> </span>file:///home/lash/tmp/dst/
+</pre></div>
+</div>
+<div class="section" id="logging">
+<h3>logging</h3>
+<div class="highlight"><pre><span></span><span class="c1"># spill the beans</span>
+$<span class="w"> </span>rsync<span class="w"> </span>-vv<span class="w"> </span>...
+
+$<span class="w"> </span>duplicity<span class="w"> </span>-v<span class="w"> </span>debug
+</pre></div>
+</div>
+</div>
+<div class="section" id="batchin">
+<h2>Batchin'</h2>
+<p>Since you will want to select up front which tool to use for which sensititivy category, you'll be writing the includes and excludes specifically for the tool anyway.</p>
+<p>So the only real issue with the above is the way remote host is specified.</p>
+<p>Let's say we choose to stick to the <a class="reference external" href="https://rsync.samba.org/">rsync cli</a> host format. That means we need to make the following translations:</p>
+<table border="1" class="docutils">
+<colgroup>
+<col width="50%" />
+<col width="50%" />
+</colgroup>
+<thead valign="bottom">
+<tr><th class="head">rsync</th>
+<th class="head">duplicity</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr><td><tt class="docutils literal">foo/bar</tt></td>
+<td><tt class="docutils literal"><span class="pre">file://foo/bar</span></tt></td>
+</tr>
+<tr><td><tt class="docutils literal">/foo/bar</tt></td>
+<td><tt class="docutils literal"><span class="pre">file:///foo/bar</span></tt></td>
+</tr>
+<tr><td><tt class="docutils literal">user&#64;host:foo/bar</tt></td>
+<td><tt class="docutils literal"><span class="pre">scp://user&#64;host/foo/bar</span></tt></td>
+</tr>
+<tr><td><tt class="docutils literal"><span class="pre">user&#64;host:/foo/bar</span></tt></td>
+<td><tt class="docutils literal"><span class="pre">scp://user&#64;host//foo/bar</span></tt></td>
+</tr>
+</tbody>
+</table>
+<p>Expressed in <tt class="docutils literal">bash</tt> that could look like this:</p>
+<pre class="code bash literal-block">
+to_duplicity_remote<span class="o">()</span><span class="w"> </span><span class="o">{</span><span class="w">
+
+ </span><span class="c1"># remote host is defined in rsync format
+</span><span class="w"> </span><span class="c1"># ... and we will only support scp
+</span><span class="w"> </span><span class="c1"># $remote_base is the path we want to parse
+</span><span class="w"> </span><span class="nv">remote_duplicity_base</span><span class="o">=</span><span class="w">
+ </span><span class="nv">remote_base</span><span class="o">=</span><span class="nv">$1</span><span class="w">
+
+ </span><span class="c1"># substring up until the first slash
+</span><span class="w"> </span><span class="nv">s_firstslash</span><span class="o">=</span><span class="si">${</span><span class="nv">remote_base</span><span class="p">%%/*</span><span class="si">}</span><span class="w">
+
+ </span><span class="c1"># substring up until the first colon
+</span><span class="w"> </span><span class="nv">s_firstcolon</span><span class="o">=</span><span class="si">${</span><span class="nv">remote_base</span><span class="p">%%:*</span><span class="si">}</span><span class="w">
+
+ </span><span class="c1"># string index of the first slash
+</span><span class="w"> </span><span class="nv">i_firstslash</span><span class="o">=</span><span class="k">$((</span><span class="si">${#</span><span class="nv">s_firstslash</span><span class="si">}</span><span class="k">))</span><span class="w">
+
+ </span><span class="c1"># string index of the first colon
+</span><span class="w"> </span><span class="nv">i_firstcolon</span><span class="o">=</span><span class="k">$((</span><span class="si">${#</span><span class="nv">s_firstcolon</span><span class="si">}</span><span class="k">))</span><span class="w">
+
+ </span><span class="c1"># if colon is before first slash that most likely means we have a remote host
+</span><span class="w"> </span><span class="c1"># (Exception is if first directory of path happens to have &quot;:&quot; in it. Seriously, don't use &quot;:&quot; in filenames)
+</span><span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$i_firstcolon</span><span class="s2">&quot;</span><span class="w"> </span>-gt<span class="w"> </span><span class="s2">&quot;0&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$i_firstcolon</span><span class="s2">&quot;</span><span class="w"> </span>-lt<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$i_firstslash</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+
+ </span><span class="c1"># pexpect addition due to lack of implicit private key fetch, without pexpect works only with key wo pwd
+</span><span class="w"> </span><span class="c1"># https://serverfault.com/questions/982591/duplicity-backup-fails-private-key-file-is-encrypted
+</span><span class="w"> </span><span class="nv">remote_duplicity_base</span><span class="o">=</span><span class="s2">&quot;pexpect+scp://&quot;</span><span class="w">
+
+ </span><span class="c1"># trim url so that colon after hostname is removed
+</span><span class="w"> </span><span class="c1"># (no support here for setting an alternate port number)
+</span><span class="w"> </span><span class="nv">remote_duplicity_base</span><span class="o">=</span><span class="si">${</span><span class="nv">remote_duplicity_base</span><span class="si">}${</span><span class="nv">remote_base</span><span class="p">:</span><span class="nv">0</span><span class="p">:</span><span class="nv">$i_firstcolon</span><span class="si">}</span><span class="w">
+ </span><span class="nv">remote_duplicity_base</span><span class="o">=</span><span class="si">${</span><span class="nv">remote_duplicity_base</span><span class="si">}</span>/<span class="si">${</span><span class="nv">remote_base</span><span class="p">:((</span><span class="nv">$i_firstcolon</span><span class="p">+1))</span><span class="si">}</span><span class="w">
+
+ </span><span class="c1"># indicate that we have a remote host
+</span><span class="w"> </span><span class="nv">remote</span><span class="o">=</span><span class="m">1</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+
+ </span><span class="c1"># If it's not a remote host, treat it as a file
+</span><span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-z<span class="w"> </span><span class="nv">$remote_duplicity_base</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">remote_duplicity_base</span><span class="o">=</span><span class="s2">&quot;file://</span><span class="si">${</span><span class="nv">remote_base</span><span class="si">}</span><span class="s2">&quot;</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+</span><span class="o">}</span><span class="w">
+
+</span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>!<span class="w"> </span>-z<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$BAK_TEST</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">src</span><span class="o">=(</span>/foo/bar<span class="w"> </span>foo/bar<span class="w"> </span>localhost:foo/bar<span class="w"> </span>localhost:/foo/bar<span class="o">)</span><span class="w">
+ </span><span class="nv">res</span><span class="o">=(</span>file:///foo/bar<span class="w"> </span>file://foo/bar<span class="w"> </span>pexpect+scp://localhost/foo/bar<span class="w"> </span>pexpect+scp://localhost//foo/bar<span class="o">)</span><span class="w">
+
+ </span><span class="nv">i</span><span class="o">=</span><span class="m">0</span><span class="w">
+ </span><span class="k">for</span><span class="w"> </span>case_src<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="si">${</span><span class="nv">src</span><span class="p">[&#64;]</span><span class="si">}</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">case_res</span><span class="o">=</span><span class="si">${</span><span class="nv">res</span><span class="p">[</span><span class="nv">$i</span><span class="p">]</span><span class="si">}</span><span class="w">
+
+ </span>to_duplicity_remote<span class="w"> </span><span class="nv">$case_src</span><span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$remote_duplicity_base</span><span class="s2">&quot;</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_res</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;expected </span><span class="nv">$case_res</span><span class="s2"> got </span><span class="nv">$remote_duplicity_base</span><span class="s2"> from </span><span class="nv">$case_src</span><span class="s2">&quot;</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+ </span><span class="k">elif</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$remote_base</span><span class="s2">&quot;</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_src</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_src</span><span class="s2"> got mangled into </span><span class="nv">$remote_base</span><span class="s2">&quot;</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span><span class="nv">i</span><span class="o">=</span><span class="k">$((</span><span class="nv">i</span><span class="o">+</span><span class="m">1</span><span class="k">))</span><span class="w">
+ </span><span class="k">done</span><span class="w">
+</span><span class="k">fi</span>
+</pre>
+<p>Let's behave and test our code:</p>
+<pre class="code bash literal-block">
+<span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>!<span class="w"> </span>-z<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$BAK_TEST</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">src</span><span class="o">=(</span>/foo/bar<span class="w"> </span>foo/bar<span class="w"> </span>localhost:foo/bar<span class="w"> </span>localhost:/foo/bar<span class="o">)</span><span class="w">
+ </span><span class="nv">res</span><span class="o">=(</span>file:///foo/bar<span class="w"> </span>file://foo/bar<span class="w"> </span>pexpect+scp://localhost/foo/bar<span class="w"> </span>pexpect+scp://localhost//foo/bar<span class="o">)</span><span class="w">
+
+ </span><span class="nv">i</span><span class="o">=</span><span class="m">0</span><span class="w">
+ </span><span class="k">for</span><span class="w"> </span>case_src<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="si">${</span><span class="nv">src</span><span class="p">[&#64;]</span><span class="si">}</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">case_res</span><span class="o">=</span><span class="si">${</span><span class="nv">res</span><span class="p">[</span><span class="nv">$i</span><span class="p">]</span><span class="si">}</span><span class="w">
+
+ </span>to_duplicity_remote<span class="w"> </span><span class="nv">$case_src</span><span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$remote_duplicity_base</span><span class="s2">&quot;</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_res</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;expected </span><span class="nv">$case_res</span><span class="s2"> got </span><span class="nv">$remote_duplicity_base</span><span class="s2"> from </span><span class="nv">$case_src</span><span class="s2">&quot;</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+ </span><span class="k">elif</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$remote_base</span><span class="s2">&quot;</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_src</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;</span><span class="nv">$case_src</span><span class="s2"> got mangled into </span><span class="nv">$remote_base</span><span class="s2">&quot;</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span><span class="nv">i</span><span class="o">=</span><span class="k">$((</span><span class="nv">i</span><span class="o">+</span><span class="m">1</span><span class="k">))</span><span class="w">
+ </span><span class="k">done</span><span class="w">
+</span><span class="k">fi</span>
+</pre>
+<div class="highlight"><pre><span></span><span class="c1"># 0 == good!</span>
+$<span class="w"> </span><span class="nv">BAK_TEST</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>bash<span class="w"> </span>remote.sh<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$?</span>
+<span class="m">0</span>
+</pre></div>
+<p>Now we can use the <a class="reference external" href="https://rsync.samba.org/">rsync cli</a> path input, and use that same input to a batch of single backup steps, each which may use <a class="reference external" href="https://rsync.samba.org/">rsync cli</a> or <a class="reference external" href="https://duplicity.gitlab.io/duplicity-web/">duplicity</a></p>
+<div class="highlight"><pre><span></span>to_duplicity_remote<span class="w"> </span>localhost:/foo/bar
+
+rsync<span class="w"> </span>-avzP<span class="w"> </span>pub/<span class="w"> </span><span class="nv">$remote_base</span>:src/
+
+duplicity<span class="w"> </span>-v<span class="w"> </span>info<span class="w"> </span>secret/<span class="w"> </span><span class="nv">$remote_duplicity_base</span>:secret/
+</pre></div>
+</div>
+<div class="section" id="see-also">
+<h2>See also</h2>
+<ul class="simple">
+<li><a class="reference external" href="https://git.defalsify.org/rsync-duplicity-backups">https://git.defalsify.org/rsync-duplicity-backups</a></li>
+</ul>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Ok, I know, I assuming that you are using <tt class="docutils literal">git</tt> in daily life, too.</td></tr>
+</tbody>
+</table>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>Provided, of course, that it's an encrypted volume that you don't keep unlocked all the time.</td></tr>
+</tbody>
+</table>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>Duplicity needs at a minimum a password for symmetric encryption, and will prompt for it unless it's set in the environment. Simply <tt class="docutils literal">export PASSPHRASE=test</tt> for these examples to relieve you of the annoyance.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+</blockquote>
+</div>
+</content><category term="Archiving"></category><category term="backup"></category><category term="rsync"></category><category term="duplicity"></category><category term="bash"></category></entry><entry><title>Homemade internet state monitor</title><link href="internet-up-monitor.html" rel="alternate"></link><published>2021-07-01T13:59:00+02:00</published><updated>2021-07-01T13:59:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-07-01:internet-up-monitor.html</id><summary type="html"><p class="first last">A small script to detect internet status</p>
+</summary><content type="html"><p>I use <a class="reference external" href="https://i3wm.org">i3wm</a>. I use it because it has a very low resource footprint, it has great documentation, and it's simple to configure.</p>
+<p>Complementing <em>i3wm</em> is the <em>i3status</em> status provider to the <em>i3bar</em>. It provides a good suite of preset components for things like temperatur measurement, disk capacity. It also provides a couple of generic ones, namely &quot;output the contents of a file&quot; or &quot;yes if file exists, no if not.&quot;</p>
+<div class="section" id="it-s-not-you-it-s-me">
+<h2>It's not you, it's me?</h2>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last"><strong>Always use a VPN! Always!!</strong></p>
+</div>
+<p>Now, I <em>always</em> use VPN <em>no matter what</em>, and I configure network manually. That is, I do not use a network manager. For this reason, when network applications start misbehaving, it's sometimes hard to tell whether it is because the host is gone, the local network is flaky, the internet route is flaky, or simply that the connection is gone for good.</p>
+<p>Evidently, it would be practical to have <strong>an item in the status bar telling me whether I have access to internet right now or not</strong>.</p>
+<p>The &quot;yes if file exists, no if not&quot; option seems to be the right one to go for. Basically, we need to stick an empty file in a runtime file store whenever we detect that internet is available.</p>
+</div>
+<div class="section" id="ping-rinse-repeat">
+<h2>Ping, rinse, repeat</h2>
+<p>There's not much trickery involved here. The check is a ping to a remote location every now and then.</p>
+<p>Some caveats to cover to grant it some minimum of intelligence:</p>
+<ul class="simple">
+<li>We need a few alternative destinations for the ping, that can take over if others happen to be down or take too long to repond.</li>
+<li>To make the script useful for general purpose use, we'd also want to be able to supply a custom list of hosts to ping.</li>
+<li>We also want to make sure that when the script is interrupted, it deletes the internet indicator file. That way, when it stops running, the internet indicator will be frozen in the &quot;no&quot; state.</li>
+<li>Lastly, it can be useful to log to syslog every time the state of the internet connection (or the script itself) changes.</li>
+</ul>
+<p>That can translate to a shell script like this;</p>
+<pre class="code bash literal-block">
+<span class="ch">#!/bin/bash
+</span><span class="w">
+</span><span class="c1"># this is our runtime file, if - which exists - tells us internet is up
+</span><span class="nv">f</span><span class="o">=</span><span class="s2">&quot;/run/user/</span><span class="nv">$UID</span><span class="s2">/probe_up&quot;</span><span class="w">
+</span>rm<span class="w"> </span>-f<span class="w"> </span><span class="nv">$f</span><span class="w">
+
+</span>up<span class="o">()</span><span class="w"> </span><span class="o">{</span><span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>!<span class="w"> </span>-f<span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>logger<span class="w"> </span>-p<span class="w"> </span>info<span class="w"> </span><span class="s2">&quot;iup up&quot;</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span>touch<span class="w"> </span><span class="nv">$f</span><span class="w">
+</span><span class="o">}</span><span class="w">
+</span>down<span class="o">()</span><span class="w"> </span><span class="o">{</span><span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-f<span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>logger<span class="w"> </span>-p<span class="w"> </span>info<span class="w"> </span><span class="s2">&quot;iup down&quot;</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span>rm<span class="w"> </span>-f<span class="w"> </span><span class="nv">$f</span><span class="w">
+</span><span class="o">}</span><span class="w">
+
+</span>argh<span class="o">()</span><span class="w"> </span><span class="o">{</span><span class="w">
+ </span>logger<span class="w"> </span>-p<span class="w"> </span>info<span class="w"> </span><span class="s2">&quot;iup die&quot;</span><span class="w">
+ </span>rm<span class="w"> </span>-f<span class="w"> </span><span class="nv">$f</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">0</span><span class="w">
+</span><span class="o">}</span><span class="w">
+
+</span><span class="nv">IUP_DELAY</span><span class="o">=</span><span class="si">${</span><span class="nv">IUP_DELAY</span><span class="k">:-</span><span class="nv">$1</span><span class="si">}</span><span class="w">
+</span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-z<span class="w"> </span><span class="nv">$IUP_DELAY</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">IUP_DELAY</span><span class="o">=</span><span class="m">5</span><span class="w">
+</span><span class="k">fi</span><span class="w">
+</span>logger<span class="w"> </span>-p<span class="w"> </span>debug<span class="w"> </span>iup<span class="w"> </span>started<span class="w"> </span>with<span class="w"> </span>delay<span class="w"> </span><span class="nv">$IUP_DELAY</span><span class="w">
+
+</span><span class="nv">hosts</span><span class="o">=()</span><span class="w">
+</span><span class="k">while</span><span class="w"> </span><span class="nb">read</span><span class="w"> </span>h<span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">hosts</span><span class="o">+=(</span><span class="nv">$h</span><span class="o">)</span><span class="w">
+</span><span class="k">done</span><span class="w"> </span>&lt;<span class="w"> </span><span class="nv">$HOME</span>/.config/iup<span class="w"> </span><span class="m">2</span>&gt;<span class="w"> </span>/dev/null<span class="w">
+</span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="si">${#</span><span class="nv">hosts</span><span class="p">[&#64;]</span><span class="si">}</span><span class="w"> </span>-eq<span class="w"> </span><span class="s2">&quot;0&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">hosts</span><span class="o">=(</span><span class="m">8</span>.8.8.8<span class="w"> </span><span class="m">151</span>.101.193.67<span class="o">)</span><span class="w"> </span><span class="c1"># google nameserver and cnn.com
+</span><span class="w"> </span>logger<span class="w"> </span>-p<span class="w"> </span>warn<span class="w"> </span>missing<span class="w"> </span>hosts<span class="w"> </span>input<span class="w"> </span>file,<span class="w"> </span>using<span class="w"> </span>evil<span class="w"> </span>default:<span class="w"> </span><span class="si">${</span><span class="nv">hosts</span><span class="p">[&#64;]</span><span class="si">}</span><span class="w">
+</span><span class="k">fi</span><span class="w">
+
+</span><span class="nb">trap</span><span class="w"> </span>argh<span class="w"> </span>SIGINT<span class="w">
+</span><span class="nb">trap</span><span class="w"> </span>argh<span class="w"> </span>SIGTERM<span class="w">
+</span><span class="nb">trap</span><span class="w"> </span>argh<span class="w"> </span>SIGQUIT<span class="w">
+
+</span><span class="k">while</span><span class="w"> </span>true<span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">isup</span><span class="o">=</span><span class="s2">&quot;&quot;</span><span class="w">
+ </span><span class="k">for</span><span class="w"> </span>h<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="si">${</span><span class="nv">hosts</span><span class="p">[&#64;]</span><span class="si">}</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span>ping<span class="w"> </span>-c1<span class="w"> </span><span class="nv">$h</span><span class="w"> </span>-w1<span class="w"> </span>-q<span class="w"> </span><span class="p">&amp;</span>&gt;<span class="w"> </span>/dev/null<span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="nv">$?</span><span class="w"> </span>-eq<span class="w"> </span><span class="s1">'0'</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>up<span class="w">
+ </span><span class="nv">isup</span><span class="o">=</span><span class="m">1</span><span class="w">
+ </span><span class="c1">#logger -p debug &quot;ping success $h&quot;
+</span><span class="w"> </span><span class="k">break</span><span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span><span class="k">done</span><span class="w">
+ </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-z<span class="w"> </span><span class="nv">$isup</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>down<span class="w">
+ </span><span class="k">fi</span><span class="w">
+ </span>sleep<span class="w"> </span><span class="nv">$IUP_DELAY</span><span class="w">
+</span><span class="k">done</span>
+</pre>
+<p>Since we'll want this to run when network interfaces allegedly are up, it makes sense to link it to systemd and the network target:</p>
+<pre class="code ini literal-block">
+<span class="k">[Unit]</span><span class="w">
+</span><span class="na">Description</span><span class="o">=</span><span class="s">Internet connection poller</span><span class="w">
+</span><span class="na">After</span><span class="o">=</span><span class="s">multi-user.target</span><span class="w">
+
+</span><span class="k">[Service]</span><span class="w">
+</span><span class="na">ExecStart</span><span class="o">=</span><span class="s">/usr/local/bin/iup.sh</span><span class="w">
+</span><span class="na">Restart</span><span class="o">=</span><span class="s">always</span><span class="w">
+
+</span><span class="k">[Install]</span><span class="w">
+</span><span class="na">WantedBy</span><span class="o">=</span><span class="s">multi-user.target</span>
+</pre>
+<p>Stick this in <code>~/.config/systemd/user/iup.service</code> and enable and start the service:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>systemctl<span class="w"> </span>--user<span class="w"> </span><span class="nb">enable</span><span class="w"> </span>iup.service
+$<span class="w"> </span>systemctl<span class="w"> </span>--user<span class="w"> </span>start<span class="w"> </span>iup.service
+</pre></div>
+</div>
+<div class="section" id="checking-what-status-our-status-is-in">
+<h2>Checking what status our status is in</h2>
+<p>Now, in the i3status configuration, assuming that your system uid is 1000 <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>, add:</p>
+<div class="highlight"><pre><span></span>order += &quot;run_watch INET&quot;
+
+kj
+
+run_watch INET {
+ pidfile = &quot;/run/user/1000/probe_up&quot;
+}
+</pre></div>
+<p>To reload the config on the fly, press <code>mod+r</code> (that's <code>ctrl+r</code> on mine). The result should be a new item in your bar showing <code>INET: yes</code> (most likely yes, anyway, since you're currently reading this).</p>
+</div>
+<div class="section" id="safety-first-eh-second">
+<h2>Safety first, eh ... second</h2>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last"><strong>Did I mention that you should always use a VPN?</strong></p>
+</div>
+<p>The same <code>run_watch</code> trick can be used for VPN.</p>
+<p>I use <code>openvpn</code>, and it defines a flag <code>--writepid</code>. If you pass a file path to this parameter, either through the <code>writepid</code> config directiry or on the <code>--writepid</code> flag on the command line, it will write the openvpn pid to that file, and similarly remove it when the openvpn service ends.</p>
+<p>However, this raises another issue. Namely the fact that a location is needed for openvpn to write the file to, for which it also has access.</p>
+<p>If we want to use the <code>/run</code> directory again, now we also has to make sure that this directory exists.</p>
+<div class="section" id="got-the-runs">
+<h3>Got the runs?</h3>
+<p>This is exactly what <code>systemd-tmpfiles</code> is for. You can add files to <code>/etc/tmpfiles.d</code> which describe what kind of temporary files or directories to add <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a>.</p>
+<p>Create a file <code>/etc/tmpfiles.d/openvpn.conf</code> and add a single line to it:</p>
+<div class="highlight"><pre><span></span>d /run/openvpn 0755 openvpn openvpn
+</pre></div>
+<p>This will ensure that the folder is created at startup.</p>
+<p>Now, to create one right away for the current session, run <code>systemd-tmpfiles --create</code>.</p>
+<p>Now we have everything we need to add the VPN status to <em>i3status</em> aswell. Provided that we chose <code>/run/openvpn/openvpn.pid</code> as our argument to <code>openvpn --writepid</code>, the setup is more or less the same as before:</p>
+<div class="highlight"><pre><span></span>order += &quot;run_watch VPN&quot;
+
+kj
+
+run_watch VPN {
+ pidfile = &quot;/run/openvpn/openvpn.pid&quot;
+}
+</pre></div>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>The <code>/run/user/$UID</code> folder will be created on system startup, and will be writable by that user. It provides a tmpfs storage location for processes that run in early stages of boot, before the entire filesystem tree (which may include <code>/var/run</code> because <code>/var</code> may be on a separate partition) has been mounted. More in that here: <a class="reference external" href="https://lwn.net/Articles/436012/">https://lwn.net/Articles/436012/</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>This service has an impressive amount of flexibility, which you can inspect yourself by visiting the <code>tmpfiles.d</code> (and <code>systemd-tmpfiles</code>) manpage.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</div>
+</content><category term="Hygiene"></category><category term="bash"></category><category term="systemd"></category><category term="network"></category><category term="i3wm"></category><category term="tmpfs"></category><category term="openvpn"></category></entry><entry><title>Making sense of Ethereum log bloom filters</title><link href="eth-log-bloom.html" rel="alternate"></link><published>2021-06-27T11:17:00+02:00</published><updated>2021-06-27T15:56:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-06-27:eth-log-bloom.html</id><summary type="html"><p class="first last">How to generate values to match the log bloom filters in Ethereum</p>
+</summary><content type="html"><p>Ethereum blocks and transaction receipts both carry a bloom filter. They provide a shortcut to check whether a particular event of a particular contract was triggered. The filter in the transaction indexes all events that occurred in the transaction. The filter in the block carries all the filter bits of the individual transactions within the block.</p>
+<p>Somewhat surprisingly, there are practically no friendly descriptions out there that tell you how to generate filters to match them with. In fact, the <a class="reference external" href="https://holbrook.no/doc/ethereum/yellowpaper.pdf">Ethereum Yellow Paper</a> was the only source I found.</p>
+<p><strong>So let's make a friendly description</strong></p>
+<p>Before we get to the friendliness, though, an ever so slight dose of brain melt is due:</p>
+<div class="section" id="the-formalities">
+<h2>The formalities</h2>
+<p>The formal definition of the filter calculation in the <a class="reference external" href="https://holbrook.no/doc/ethereum/yellowpaper.pdf">Ethereum Yellow Paper section 4.3.1</a> is (here cited in painfully inadequate math formatting):</p>
+<blockquote>
+<div class="formula">
+<i>M</i>(<i>O</i>) ≡ <span class="limits"><span class="limit"><span class="bigoperator">⋁</span></span></span><i>x</i> ∈ {<i>Oa</i>}∪<i>Ot</i>(<i>M</i><sub>3 : 2048</sub>(<i>x</i>))
+</div>
+</blockquote>
+<p>Where <span class="formula"><i>Oa</i></span> is the contract address and <span class="formula"><i>Ot</i></span> is all of the topics.</p>
+<p>In the context of <em>Solidity</em>, &quot;all&quot; of the topics means the actual event signature, along with all the <em>indexed</em> parameters to the event.</p>
+<p>The <span class="formula"><i>M</i></span> is the filter bit generator. The filter 2048 bits long, and for each entry that is added, 3 bits need to be set.</p>
+<p>Reading further, we learn that the bits to set are the &quot;first three&quot; pairs of bytes of the keccak256 hash <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a>, modulo the length of the filter - 2048.</p>
+<p>In the context of hashes, I usually assume &quot;first&quot; means from the left. That happens to be the case here, too. In other words, the &quot;first&quot; bytes are actually the bytes of most significance in big-endian order.</p>
+<p>What's less clear, however, is which bits to set in the filter. The paper says:</p>
+<blockquote>
+<span class="formula">ℬ</span> is the bit reference function such that <span class="formula">ℬ<sub><i>j</i></sub>(<i>x</i>)</span> equals the bit of index <span class="formula"><i>j</i></span> (indexed from 0) in the byte array <span class="formula"><i>x</i></span>.</blockquote>
+<p>Turns out after some trial and error that &quot;index 0&quot; means the <em>right</em> end of the byte array. So when setting the bits, we have to count from the right side.</p>
+</div>
+<div class="section" id="the-friendly-recipe">
+<h2>The friendly recipe</h2>
+<p>Now let's try to bring this down to a mortal level:</p>
+<ol class="arabic simple">
+<li>Take the keccak256 hash of the contract address</li>
+<li>Take the keccak256 hash of the first topic value</li>
+<li>Optionally, take the keccak256 hash of the remaining topic values (the indexed parameters of the event) <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a></li>
+<li>Instantiate a byte array with length 256</li>
+<li>Now, <em>for each</em> of the hashes:<ol class="arabic">
+<li>Get the <em>big-endian</em> integer of the <em>first two</em> bytes of the hash</li>
+<li>Calculate the 2048-modulo of that integer <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a></li>
+<li><em>Bitwise or</em> the filter bit at the index corresponding to the modulated value, counting from <em>right to left</em> (i.e. the value <span class="formula">0</span> corresponds to the <em>rightmost bit</em>).</li>
+<li>Repeat 2 and 3 for the two next pairs of bytes of the hash.</li>
+</ol>
+</li>
+</ol>
+</div>
+<div class="section" id="the-code">
+<h2>The code</h2>
+<p>All that taken into account, we can take a stab at implementing a filter generator:</p>
+<pre class="code python literal-block">
+<span class="ln"> 0 </span><span class="c1"># external imports</span><span class="w">
+</span><span class="ln"> 1 </span><span class="w"></span><span class="kn">import</span> <span class="nn">sha3</span><span class="w">
+</span><span class="ln"> 2 </span><span class="w">
+</span><span class="ln"> 3 </span><span class="w">
+</span><span class="ln"> 4 </span><span class="w"></span><span class="k">class</span> <span class="nc">LogBloom</span><span class="p">:</span><span class="w">
+</span><span class="ln"> 5 </span><span class="w">
+</span><span class="ln"> 6 </span><span class="w"></span> <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span><span class="w">
+</span><span class="ln"> 7 </span><span class="w"></span> <span class="bp">self</span><span class="o">.</span><span class="n">content</span> <span class="o">=</span> <span class="nb">bytearray</span><span class="p">(</span><span class="mi">256</span><span class="p">)</span><span class="w">
+</span><span class="ln"> 8 </span><span class="w">
+</span><span class="ln"> 9 </span><span class="w">
+</span><span class="ln">10 </span><span class="w"></span> <span class="k">def</span> <span class="nf">add</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">element</span><span class="p">):</span><span class="w">
+</span><span class="ln">11 </span><span class="w"></span> <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">element</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span><span class="w">
+</span><span class="ln">12 </span><span class="w"></span> <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s1">'element must be bytes'</span><span class="p">)</span><span class="w">
+</span><span class="ln">13 </span><span class="w"></span> <span class="n">h</span> <span class="o">=</span> <span class="n">sha3</span><span class="o">.</span><span class="n">keccak_256</span><span class="p">()</span><span class="w">
+</span><span class="ln">14 </span><span class="w"></span> <span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">element</span><span class="p">)</span><span class="w">
+</span><span class="ln">15 </span><span class="w"></span> <span class="n">z</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">digest</span><span class="p">()</span><span class="w">
+</span><span class="ln">16 </span><span class="w">
+</span><span class="ln">17 </span><span class="w"></span> <span class="k">for</span> <span class="n">j</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="mi">3</span><span class="p">):</span><span class="w">
+</span><span class="ln">18 </span><span class="w"></span> <span class="n">c</span> <span class="o">=</span> <span class="n">j</span> <span class="o">*</span> <span class="mi">2</span><span class="w">
+</span><span class="ln">19 </span><span class="w"></span> <span class="n">v</span> <span class="o">=</span> <span class="nb">int</span><span class="o">.</span><span class="n">from_bytes</span><span class="p">(</span><span class="n">z</span><span class="p">[</span><span class="n">c</span><span class="p">:</span><span class="n">c</span><span class="o">+</span><span class="mi">2</span><span class="p">],</span> <span class="n">byteorder</span><span class="o">=</span><span class="s1">'big'</span><span class="p">)</span><span class="w">
+</span><span class="ln">20 </span><span class="w"></span> <span class="n">v</span> <span class="o">&amp;=</span> <span class="mh">0x07ff</span><span class="w">
+</span><span class="ln">21 </span><span class="w"></span> <span class="n">m</span> <span class="o">=</span> <span class="mi">255</span> <span class="o">-</span> <span class="nb">int</span><span class="p">(</span><span class="n">v</span> <span class="o">/</span> <span class="mi">8</span><span class="p">)</span><span class="w">
+</span><span class="ln">22 </span><span class="w"></span> <span class="n">n</span> <span class="o">=</span> <span class="n">v</span> <span class="o">%</span> <span class="mi">8</span><span class="w">
+</span><span class="ln">23 </span><span class="w"></span> <span class="bp">self</span><span class="o">.</span><span class="n">content</span><span class="p">[</span><span class="n">m</span><span class="p">]</span> <span class="o">|=</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="n">n</span><span class="p">)</span>
+</pre>
+<p>Let's say we'd want to check if an Solidity-defined event <code>Foo(uint256,bytes32)</code> emitted by a contract at address <code>0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee</code> exists in a filter.</p>
+<p>Using the class above, we would have to do something like this:</p>
+<pre class="code python literal-block">
+<span class="c1"># external imports</span><span class="w">
+</span><span class="kn">import</span> <span class="nn">sha3</span><span class="w">
+</span><span class="kn">import</span> <span class="nn">some_block_getter</span><span class="w">
+
+</span><span class="c1"># local imports</span><span class="w">
+</span><span class="kn">from</span> <span class="nn">the_above</span> <span class="kn">import</span> <span class="n">LogBloom</span><span class="w">
+
+</span><span class="c1"># all set bits in our filter must be set in theirs</span><span class="w">
+</span><span class="k">def</span> <span class="nf">filter_match</span><span class="p">(</span><span class="n">theirs</span><span class="p">,</span> <span class="n">ours</span><span class="p">):</span><span class="w">
+</span> <span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">ours</span><span class="p">)):</span><span class="w">
+</span> <span class="k">if</span> <span class="n">ours</span><span class="p">[</span><span class="n">i</span><span class="p">]</span> <span class="o">&amp;</span> <span class="n">theirs</span><span class="p">[</span><span class="n">i</span><span class="p">]</span> <span class="o">!=</span> <span class="n">ours</span><span class="p">[</span><span class="n">i</span><span class="p">]:</span><span class="w">
+</span> <span class="k">return</span> <span class="kc">False</span><span class="w">
+</span> <span class="k">return</span> <span class="kc">True</span><span class="w">
+
+</span><span class="n">fltr</span> <span class="o">=</span> <span class="n">LogBloom</span><span class="p">()</span><span class="w">
+
+</span><span class="c1"># add the contract address to the filter</span><span class="w">
+</span><span class="n">address</span> <span class="o">=</span> <span class="nb">bytes</span><span class="o">.</span><span class="n">fromhex</span><span class="p">(</span><span class="s1">'eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee'</span><span class="p">)</span><span class="w">
+</span><span class="n">h</span> <span class="o">=</span> <span class="n">sha3</span><span class="o">.</span><span class="n">keccak_256</span><span class="p">()</span><span class="w">
+</span><span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">address</span><span class="p">)</span><span class="w">
+</span><span class="n">address_element</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">digest</span><span class="p">()</span><span class="w">
+</span><span class="n">fltr</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">address_element</span><span class="p">)</span><span class="w">
+
+</span><span class="c1"># create the topic signature for the event</span><span class="w">
+</span><span class="n">h</span> <span class="o">=</span> <span class="n">sha3</span><span class="o">.</span><span class="n">keccak_256</span><span class="p">()</span><span class="w">
+</span><span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="sa">b</span><span class="s1">'Foo(uint256,bytes32)'</span><span class="p">)</span><span class="w">
+</span><span class="n">topic</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">digest</span><span class="p">()</span><span class="w">
+
+</span><span class="c1"># add the topic to the filter</span><span class="w">
+</span><span class="n">h</span> <span class="o">=</span> <span class="n">sha3</span><span class="o">.</span><span class="n">keccak_256</span><span class="p">()</span><span class="w">
+</span><span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">topic</span><span class="p">)</span><span class="w">
+</span><span class="n">topic_element</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">digest</span><span class="p">()</span><span class="w">
+</span><span class="n">fltr</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">topic_element</span><span class="p">)</span><span class="w">
+
+</span><span class="c1"># get the filter from a block</span><span class="w">
+</span><span class="n">block</span> <span class="o">=</span> <span class="n">some_block_getter</span><span class="p">()</span><span class="w">
+</span><span class="n">block_bloom</span> <span class="o">=</span> <span class="nb">bytes</span><span class="o">.</span><span class="n">fromhex</span><span class="p">(</span><span class="n">block</span><span class="p">[</span><span class="s1">'logsBloom'</span><span class="p">][</span><span class="mi">2</span><span class="p">:])</span> <span class="c1"># assumes there is a 0x-prefix</span><span class="w">
+
+</span><span class="c1"># check if it matches</span><span class="w">
+</span><span class="n">match</span> <span class="o">=</span> <span class="n">filter_match</span><span class="p">(</span><span class="n">block_bloom</span><span class="p">,</span> <span class="n">fltr</span><span class="o">.</span><span class="n">contents</span><span class="p">)</span><span class="w">
+</span><span class="nb">print</span><span class="p">(</span><span class="n">match</span><span class="p">)</span>
+</pre>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Remember the keccak hash used in Ethereum/Bitcoin is _not_ the official <cite>sha3</cite> hash. The padding parameter is different. More on that <a class="reference external" href="nft-tokenid-content.html#id8">here</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>Solidity supports up to 3 indexed parameters, which maps to the <em>evm</em> opcodes <code>LOGn</code> where <span class="formula"><i>n</i> ∈ {1, 2, 3, 4}</span></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>Since <span class="formula">2<sup>11</sup> = 2048</span>, this is the same as zeroing out all bits above bit number 11; <span class="formula"><i>x</i>∧2048</span>. In other words, the result is an <em>11 bit integer</em>.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Code"></category><category term="crypto"></category><category term="ethereum"></category><category term="bloom filter"></category></entry><entry><title>Local npm repository</title><link href="docker-offline-3-npm.html" rel="alternate"></link><published>2021-05-25T11:47:00+02:00</published><updated>2021-05-25T11:47:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-05-25:docker-offline-3-npm.html</id><summary type="html"><p class="first last">Feeding npm packages to your offline Docker setup</p>
+</summary><content type="html"><p>As expected, serving a local <tt class="docutils literal">npm</tt> repository is a <em>lot</em> less straightforward than that for <tt class="docutils literal">pip</tt> and <tt class="docutils literal">python</tt>.</p>
+<p>The npm registry uses the <code>CouchDB</code> nosql server as backend to resolve dependencies and serve resource metadata. The <code>npm</code> CLI tool expects a corresponding json response to requests that cite the <em>name</em> (and not the path) of the package.</p>
+<p>Let's ask the <a class="reference external" href="https://registry.npmjs.org">registry</a> <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a> for the package <tt class="docutils literal">ftp</tt>, and have a look at the response (excerpt):</p>
+<div class="highlight"><pre><span></span><span class="gp">$ </span>curl<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span>https://registry.npmjs.org/ftp<span class="w"> </span><span class="p">|</span><span class="w"> </span>jq
+<span class="go">{</span>
+<span class="go"> &quot;_id&quot;: &quot;ftp&quot;,</span>
+<span class="go"> &quot;_rev&quot;: &quot;113-89fe76508a7ece41b4c9a157114f966f&quot;,</span>
+<span class="go"> &quot;name&quot;: &quot;ftp&quot;,</span>
+<span class="go"> &quot;description&quot;: &quot;An FTP client module for node.js&quot;,</span>
+<span class="go"> &quot;dist-tags&quot;: {</span>
+<span class="go"> &quot;latest&quot;: &quot;0.3.10&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;versions&quot;: {</span>
+
+
+
+<span class="go"> &quot;0.3.10&quot;: {</span>
+<span class="go"> &quot;name&quot;: &quot;ftp&quot;,</span>
+<span class="go"> &quot;version&quot;: &quot;0.3.10&quot;,</span>
+<span class="go"> &quot;author&quot;: {</span>
+<span class="go"> &quot;name&quot;: &quot;Brian White&quot;,</span>
+<span class="go"> &quot;email&quot;: &quot;mscdex@mscdex.net&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;description&quot;: &quot;An FTP client module for node.js&quot;,</span>
+<span class="go"> &quot;main&quot;: &quot;./lib/connection&quot;,</span>
+<span class="go"> &quot;engines&quot;: {</span>
+<span class="go"> &quot;node&quot;: &quot;&gt;=0.8.0&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;dependencies&quot;: {</span>
+<span class="go"> &quot;xregexp&quot;: &quot;2.0.0&quot;,</span>
+<span class="go"> &quot;readable-stream&quot;: &quot;1.1.x&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;scripts&quot;: {</span>
+<span class="go"> &quot;test&quot;: &quot;node test/test.js&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;keywords&quot;: [</span>
+<span class="go"> &quot;ftp&quot;,</span>
+<span class="go"> &quot;client&quot;,</span>
+<span class="go"> &quot;transfer&quot;</span>
+<span class="go"> ],</span>
+<span class="go"> &quot;licenses&quot;: [</span>
+<span class="go"> {</span>
+<span class="go"> &quot;type&quot;: &quot;MIT&quot;,</span>
+<span class="go"> &quot;url&quot;: &quot;http://github.com/mscdex/node-ftp/raw/master/LICENSE&quot;</span>
+<span class="go"> }</span>
+<span class="go"> ],</span>
+<span class="go"> &quot;repository&quot;: {</span>
+<span class="go"> &quot;type&quot;: &quot;git&quot;,</span>
+<span class="go"> &quot;url&quot;: &quot;http://github.com/mscdex/node-ftp.git&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;bugs&quot;: {</span>
+<span class="go"> &quot;url&quot;: &quot;https://github.com/mscdex/node-ftp/issues&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;homepage&quot;: &quot;https://github.com/mscdex/node-ftp&quot;,</span>
+<span class="go"> &quot;_id&quot;: &quot;ftp@0.3.10&quot;,</span>
+<span class="go"> &quot;_shasum&quot;: &quot;9197d861ad8142f3e63d5a83bfe4c59f7330885d&quot;,</span>
+<span class="go"> &quot;_from&quot;: &quot;https://github.com/mscdex/node-ftp/tarball/v0.3.10&quot;,</span>
+<span class="go"> &quot;_resolved&quot;: &quot;https://github.com/mscdex/node-ftp/tarball/v0.3.10&quot;,</span>
+<span class="go"> &quot;_npmVersion&quot;: &quot;1.4.28&quot;,</span>
+<span class="go"> &quot;_npmUser&quot;: {</span>
+<span class="go"> &quot;name&quot;: &quot;mscdex&quot;,</span>
+<span class="go"> &quot;email&quot;: &quot;mscdex@mscdex.net&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;maintainers&quot;: [</span>
+<span class="go"> {</span>
+<span class="go"> &quot;name&quot;: &quot;mscdex&quot;,</span>
+<span class="go"> &quot;email&quot;: &quot;mscdex@mscdex.net&quot;</span>
+<span class="go"> }</span>
+<span class="go"> ],</span>
+<span class="go"> &quot;dist&quot;: {</span>
+<span class="go"> &quot;shasum&quot;: &quot;9197d861ad8142f3e63d5a83bfe4c59f7330885d&quot;,</span>
+<span class="go"> &quot;tarball&quot;: &quot;https://registry.npmjs.org/ftp/-/ftp-0.3.10.tgz&quot;</span>
+<span class="go"> },</span>
+<span class="go"> &quot;directories&quot;: {}</span>
+<span class="go"> }</span>
+<span class="go"> },</span>
+</pre></div>
+<p>That looks a lot like embellished contents of the basic package.json set up by <code>npm init</code>, except it's wrapped in a versions array. It also explicitly defines an <em>absolute</em> url to a <cite>tarball</cite> under the <cite>dist</cite> key. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a></p>
+<div class="section" id="how-low-can-you-go">
+<h2>How low can you go</h2>
+<p>It seems that all that's needed is a json index page served for the package name subpath of repository path, together with the tarball itself. We check this by putting together an utterly pointless package <tt class="docutils literal">foobarbarbar</tt>:</p>
+<p><strong>foobarbarbar/index.js</strong></p>
+<pre class="code javascript literal-block" id="foobarbarbar-index-js">
+<span class="nx">module</span><span class="p">.</span><span class="nx">exports</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="s1">'smth'</span><span class="o">:</span><span class="w"> </span><span class="nx">smth</span><span class="p">,</span><span class="w">
+</span><span class="p">}</span><span class="w">
+
+</span><span class="kd">function</span><span class="w"> </span><span class="nx">smth</span><span class="p">()</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="s1">'foo'</span><span class="p">);</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+<p><strong>foobarbarbar/package.json</strong></p>
+<pre class="code json literal-block" id="foobarbarbar-package-json">
+<span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;foobarbarbar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;version&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1.0.0&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo repo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;main&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;index.js&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;author&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo Bar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;license&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;GPL3&quot;</span><span class="p">,</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+<p>Then make a tarball from those two files named <tt class="docutils literal"><span class="pre">foobarbarbar-1.0.0.tgz</span></tt>, take the sha1 sum of it,</p>
+<p>Remembering our <a class="reference external" href="docker-offline-2-python.html">virtual interface setup from the pip example</a> we stick it behind our webserver (here with npm sub-path) and add our minimal version json wrapper:</p>
+<p><strong>package.json</strong></p>
+<pre class="code json literal-block" id="package-json">
+<span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;foobarbarbar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;versions&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;1.0.0&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;foobarbarbar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;version&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1.0.0&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo repo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;main&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;index.js&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;author&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo Bar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;license&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;GPL3&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;dist&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;shasum&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;2ccd68498ef5f2bfa00f0e1e59f44686fdb296ee&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;tarball&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;http://10.1.2.1/npm/foobarbarbar-1.0.0.tgz&quot;</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+
+ </span><span class="p">}</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+</div>
+<div class="section" id="making-introductions">
+<h2>Making introductions</h2>
+<p>The central trick here is to serve a json document as the &quot;directory index&quot; of the HTTP server. It's useful to remind ourselves at this point that we are <em>not</em> setting up a <em>registry</em> but a <em>repository</em> that contains provisions for a <em>locked</em> or <em>frozen</em> dependency graph. The former would surely need some of the <tt class="docutils literal">CouchDB</tt> magic to resolve dependencies. Our assumption is that the latter can theoretically be realized using static files.</p>
+<p>In other words; just as with the previous <a class="reference external" href="docker-offline-2-python.html">python repository example</a>, we don't try to handle dependency resolutions for pip, but merely serve the actual package files after dependences have been resolved.</p>
+<p>With Apache Web Server, using the <tt class="docutils literal">package.json</tt> as the directory index is as easy as:</p>
+<div class="highlight"><pre><span></span>&lt;Directory &quot;/srv/http/npm&quot;&gt;
+ DirectoryIndex package.json
+&lt;/Directory&gt;
+</pre></div>
+<p>Of course adjusting the <cite>Directory</cite> path as needed to match the local setup.</p>
+<p>Make sure that the tarball and the latter <cite>package.json</cite> can be found in the <cite>foobarbarbar</cite> virtual subfolder of the above <cite>Directory</cite> directive path:</p>
+<div class="highlight"><pre><span></span><span class="gp">$ </span>ls<span class="w"> </span>/srv/http/npm/foobarbarbar/
+<span class="go">-rw-r--r-- 1 root root 351 May 24 18:38 foobarbarbar-1.0.0.tgz</span>
+<span class="go">-rw-r--r-- 1 root root 380 May 25 09:36 package.json</span>
+</pre></div>
+<p>Set the registry entry in your <tt class="docutils literal"><span class="pre">~./npmrc</span></tt> as follows:</p>
+<div class="highlight"><pre><span></span><span class="na">registry</span><span class="o">=</span><span class="s">http://10.1.2.1/npm</span>
+</pre></div>
+<p>Then restart the Apache server and give it a go:</p>
+<div class="highlight"><pre><span></span><span class="gp">$ </span>npm<span class="w"> </span>install<span class="w"> </span>--verbose<span class="w"> </span>foobarbarbar
+<span class="go">npm verb cli [ &#39;/usr/bin/node&#39;, &#39;/usr/bin/npm&#39;, &#39;install&#39;, &#39;--verbose&#39;, &#39;foobarbarbar&#39; ]</span>
+<span class="go">npm info using npm@7.13.0</span>
+<span class="go">npm info using node@v16.1.0</span>
+<span class="go">[...]</span>
+<span class="go">npm http fetch GET 200 http://10.1.2.1/npm/foobarbarbar/ 6ms</span>
+<span class="go">[...]</span>
+<span class="go">npm http fetch GET 200 http://10.1.2.1/npm/foobarbarbar/foobarbarbar-1.0.0.tgz 25ms</span>
+<span class="go">[...]</span>
+<span class="go">added 2 packages in 545ms</span>
+<span class="go">npm timing command:install Completed in 70ms</span>
+<span class="go">[...]</span>
+</pre></div>
+</div>
+<div class="section" id="cache-dodging">
+<h2>Cache dodging</h2>
+<p>Seriously, <tt class="docutils literal">npm <span class="pre">--help</span></tt> leaves a lot to be desired. However, the online <tt class="docutils literal">npm install</tt> documentation does not yield any more clues as to whether it gives you an option of ignoring local cache like you can with <tt class="docutils literal">pip <span class="pre">--no-cache</span></tt>. This is a major pain in the ass, as you have to remember to keep your <tt class="docutils literal"><span class="pre">~/.npm</span></tt> folder clean between each install attempt. Otherwise, changes you make to the repository won't be used by <tt class="docutils literal">npm install</tt>.</p>
+<p>While testing, it pays to use a folder fairly close to the fs root, like a subfolder in <cite>tmp</cite>. That way, you won't be thrown off by some stray <cite>node_modules</cite> folder somewhere down the tree.</p>
+</div>
+<div class="section" id="think-locally-act-locally">
+<h2>Think locally, act locally</h2>
+<p>Serving packages globally apparently comes down to this:</p>
+<ol class="arabic simple">
+<li>Pull the <tt class="docutils literal">package.json</tt> versions list from a proper registry.</li>
+<li>Get the tarball</li>
+<li>Transform the absolute package url to our host instead. (sigh)</li>
+<li>(optional) Prune all the versions and metadata which is not needed (anything that's not in our minimal <tt class="docutils literal">foobarbarbar</tt> example above).</li>
+</ol>
+<p>Obviously, this is an annoyingly large amount of work to code up parsing and retrieval for.</p>
+<p>Incidentally, there is a very nice tool called <a class="reference external" href="https://verdaccio.org">verdaccio</a> which gets us most of the way there. <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a> Its <em>storage</em> directory <a class="footnote-reference" href="#footnote-4" id="footnote-reference-4">[4]</a> uses exactly the directory structure we need. After retrieving a package collection using it as a proxy, getting the files in place is merely a case of copying <a class="footnote-reference" href="#footnote-5" id="footnote-reference-5">[5]</a> the files from the <em>storage</em> directory to the corresponding webserver directory.</p>
+<p>Looking at the <tt class="docutils literal">package.json</tt> versions wrapper saved by <tt class="docutils literal">verdaccio</tt>, however, we see that it still preserves the absolute path of the upstream registry. Sadly we are still left with doing the third task ourselves.</p>
+<p>As parsing json is one of my least favorite things in the world, I won't include the code for this last step here. For now it's sufficient that we understand the minimums required for manually setting up and serving a static, local, offline npm repository. Regardless of the pain involved.</p>
+</div>
+<div class="section" id="making-it-personal">
+<h2>Making it personal</h2>
+<p>Whether we massage jsons ourselves or lazily resort to <tt class="docutils literal">verdaccio</tt>, the final step we need to take is the same: Setting the registry url in the npm configuration of the docker image.</p>
+<p>This is merely a case of setting the registry url in the <a class="reference external" href="https://docs.npmjs.com/cli/v6/configuring-npm/npmrc#files">npmrc</a> inside the container.</p>
+<div class="highlight"><pre><span></span><span class="gp">$ </span>docker<span class="w"> </span>run<span class="w"> </span>-it<span class="w"> </span><span class="o">[</span>...<span class="o">]</span><span class="w"> </span>npm<span class="w"> </span>config<span class="w"> </span>ls<span class="w"> </span>-l<span class="w"> </span><span class="p">|</span><span class="w"> </span>grep<span class="w"> </span>etc/npmrc
+<span class="go">globalconfig = &quot;/usr/etc/npmrc&quot;</span>
+</pre></div>
+<p>To get at our manually provided <tt class="docutils literal">foobarbarbar</tt> package from before, the dockerfile will be (using archlinux):</p>
+<div class="highlight"><pre><span></span><span class="o">[</span>...<span class="o">]</span>
+<span class="k">RUN</span><span class="w"> </span>pacman<span class="w"> </span>-S<span class="w"> </span>nodejs<span class="w"> </span>npm
+<span class="k">RUN</span><span class="w"> </span>mkdir<span class="w"> </span>-vp<span class="w"> </span>/usr/etc
+<span class="k">RUN</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;registry=http:/10.1.2.1/npm&quot;</span><span class="w"> </span>&gt;<span class="w"> </span>/usr/etc/npmrc
+<span class="k">WORKDIR</span><span class="w"> </span><span class="s">/root</span>
+<span class="k">RUN</span><span class="w"> </span>npm<span class="w"> </span>install<span class="w"> </span>foobarbarbar
+</pre></div>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>This was the registry address I had in my <cite>~/.npmrc</cite> or whether I put it in myself.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>I have tried using a relative path instead, both with and without a leading <tt class="docutils literal">/</tt>, but in either case the install then errors our complaining that the lock file is &quot;corrupt.&quot; Whether the schema allows a base-url setting I do not know, as the schema documentation doesn't seem to be readily available.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>In fact, <tt class="docutils literal">verdaccio</tt> by itself solves the particular problem that we're trying to solve; providing an offline repository alternative. The task at hand, however, is to understand how to cope <em>without</em> using other tools than what can be considered base infrastructure (i.e. a web server).</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[4]</a></td><td>Should be <tt class="docutils literal">/etc/verdaccio/storage</tt>; see <tt class="docutils literal">/etc/verdaccio/config.yaml</tt></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[5]</a></td><td>An alternative approach would be to set the storage path to point to the same folder as the web server is serving. However, since we need to mess with the tarball paths</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Offlining"></category><category term="docker"></category><category term="npm"></category><category term="nodejs"></category><category term="javascript"></category><category term="devops"></category></entry><entry><title>A village network protocol</title><link href="village-network-protocol.html" rel="alternate"></link><published>2021-05-19T10:40:00+02:00</published><updated>2021-05-19T10:40:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-05-19:village-network-protocol.html</id><summary type="html"><p class="first last">What would truly peer-to-peer CRM backend look like?</p>
+</summary><content type="html"><p>What would truly peer-to-peer CRM backend look like? And at that, once that respected the right of the &quot;customer&quot; to choose how it wants to represent itself in the context?</p>
+<p>Perhaps by Modeling the network on how villages treat strangers and their own, and how you would go about interacting with them.</p>
+<p>Here's an initial stab at describing what such a meta-protocol could look like.</p>
+<!-- There is no truth. There is only perspective and predictability. -->
+<div class="section" id="terms">
+<h2>Terms</h2>
+<dl class="docutils">
+<dt>Individual</dt>
+<dd>A subjective structure where the thing being described is the thing that described it.</dd>
+<dt>User</dt>
+<dd>A particular perception of an individual by an entity in the network.</dd>
+<dt>Userspec</dt>
+<dd>Data structure containing details about a user. May or may not be public.</dd>
+<dt>Locals</dt>
+<dd>A group of individuals acknowledging each other as part of a group, and who share views on users.</dd>
+<dt>Local</dt>
+<dd>A member of a group of locals, from the shared perspective of an individual and another local.</dd>
+<dt>Localslist</dt>
+<dd>The individuals making up a group of locals, from the perspective of a local.</dd>
+<dt>Stranger</dt>
+<dd>A user as percieved by a group of locals.</dd>
+<dt>Strangerlist</dt>
+<dd>All users that may speak to the locals, from the perspective of a local. To be shared among locals.</dd>
+<dt>Strangerspec</dt>
+<dd>Userspec created by a local describing a user. To be shared among locals.</dd>
+<dt>Entity</dt>
+<dd>An individual or any derived representation of it (user, stranger, local).</dd>
+<dt>Peer</dt>
+<dd>An entity coupled with connection information</dd>
+<dt>Content address</dt>
+<dd>SHA256 sum of arbitrary content</dd>
+<dt>Key setup</dt>
+<dd>May be an individual key, or a specification describing how to generate keys for a particular relation.</dd>
+</dl>
+</div>
+<div class="section" id="roles">
+<h2>Roles</h2>
+<div class="section" id="the-individuals">
+<h3>The individuals</h3>
+<p>Are free to have their own opinion of what they are.</p>
+<p>When interacting with others, they are free to choose what they say about what they are.</p>
+<p>An individual initially <em>defines itself</em> in the network.</p>
+</div>
+<div class="section" id="the-users">
+<h3>The users</h3>
+<p>A user is a view of an individual as defined by one or more other individuals.</p>
+<p>It may be how an individual presents itself to an particular individual or a group.</p>
+<p>It may also be how an individual or a group presents another individual to itself.</p>
+</div>
+<div class="section" id="the-locals">
+<h3>The locals</h3>
+<p>Locals are a group of individuals who wish to share a view of themselves and prejudice about others.</p>
+<p>An individual will not be treated as a local unless it and its local counterpart considers it a local.</p>
+<p>Locals may acknowledge strangers with or without proof.</p>
+<p>If one local changes opinion about a stranger, all locals should change their opinon to the same.</p>
+<p>If one local excludes a stranger, all locals should exclude the stranger.</p>
+<p>You can't keep secrets in a village. If someone says something to another local, it must assume all locals will get to know what was said.</p>
+</div>
+<div class="section" id="the-strangers">
+<h3>The strangers</h3>
+<p>A stranger is a user that's not considered local by a group of locals.</p>
+<p>A stranger may not speak to a local until the local has decided it can.</p>
+<p>If a stranger may speak to one local, it may speak all locals.</p>
+</div>
+</div>
+<div class="section" id="identifiers">
+<h2>Identifiers</h2>
+<p>The <code>individual_id</code> is the identifier of an individual consists of the content address of some basic public data about the entity registering itself. The <code>individual_id</code> is immutable.</p>
+<p>Any local will refer to another local by its <code>individual_id</code>.</p>
+<p>A <code>user_id</code> is the content address of an <code>individual_id</code> together with the content address of some basic data describing the perception of the individual.</p>
+<p>Locals describe stranger by a pair of <code>individual_id</code> and <code>user_id</code>. Let us call this <code>stranger_id</code>. The <code>stranger_id</code> is immutable.</p>
+<p>The data represented by the <code>user_id</code> in a <code>stranger_id</code> is visible to locals, and may or may not be public.</p>
+</div>
+<div class="section" id="state-description">
+<h2>State description</h2>
+<p>A user keeps a state towards other entities consisting of the following content-addresses, in the given order:</p>
+<ol class="arabic simple">
+<li>Previous state</li>
+<li>Userspec</li>
+</ol>
+<p>A local keeps a state towards its locals consisting of the following content-addresses, in the given order.</p>
+<ol class="arabic simple">
+<li>Previous state</li>
+<li>Userspec</li>
+<li>Localslist</li>
+<li>Locals state</li>
+<li>Strangerslist</li>
+<li>Strangers state</li>
+</ol>
+<p>The state is represented by the content address of the concatenation of these content-addresses, in the given order.</p>
+<p>Any state change will be signed by the key resolvable through the <code>individual_id</code>.</p>
+<div class="section" id="previous-state">
+<h3>Previous state</h3>
+<p>The content address of the previous state. Will be <code>0</code> in the first state.</p>
+</div>
+<div class="section" id="userspec">
+<h3>Userspec</h3>
+<p>The individual as it wants to be perceived in the current context. There is no guarantee that the individual will be viewed in this way by others.</p>
+</div>
+<div class="section" id="localslist">
+<h3>Localslist</h3>
+<p>A lexiographically ordered array of <code>individual_id</code> that define the individuals in a group of locals.</p>
+<p>All locals must keep this list in the same state.</p>
+</div>
+<div class="section" id="locals-state">
+<h3>Locals state</h3>
+<p>A local's last recorded state of each of the locals, in the same order as <code>Localslist</code>.</p>
+<p>The recorded state is the same content address as in the state description section above.</p>
+<p>All locals must strive to keep this in the same state.</p>
+</div>
+<div class="section" id="strangerslist">
+<h3>Strangerslist</h3>
+<p>A lexiographically ordered pointer array representing a local's opinion of which users that can communicate with locals. <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a></p>
+<p>Combination of <code>stranger_id</code> and a <em>vote</em> on the specific user.</p>
+<p>The vote can be in one of three states:</p>
+<ul class="simple">
+<li>Value <code>0</code>, meaning local has acknowledged the user, explicitly or by following other locals. We call this state &quot;deferred.&quot;</li>
+<li>Value <code>-1</code>, meaning a local has vetoed the user. We call this state &quot;vetoed.&quot;</li>
+<li>Any other value, which is the content-address of the proof accepted by the local. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a> We call this state &quot;accepted.&quot;</li>
+</ul>
+<p>Typically, the initial vote value is <code>0</code>. The value may change at any time, but may never change back to <code>0</code> once set to another value.</p>
+<p>A user that is part of the list, but not vetoed, is referred to as &quot;acknowledged.&quot;</p>
+<p>The Strangerslist state may be differ between locals, but they should strive to keep it the same.</p>
+</div>
+<div class="section" id="strangers-state">
+<h3>Strangers state</h3>
+<p>The local's version of the current user state of the strangers, in the same order as the <code>Strangerlist</code>.</p>
+<p>The Strangers state may differ between locals, but they should strive to keep it the same.</p>
+</div>
+</div>
+<div class="section" id="behavior-of-locals">
+<h2>Behavior of locals</h2>
+<p>A local may announce itself as <em>active</em> or <em>passive</em>. This should be part of the <code>Userspec</code> in the locals context.</p>
+<p>Specifically, this affects the way it &quot;votes&quot; on strangers. A passive local:</p>
+<ul class="simple">
+<li>Will always <em>veto</em> a user if <em>at least one active local</em> has vetoed it.</li>
+<li>Will always <em>accept</em> a user if <em>all active locals</em> have accepted it. <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a></li>
+</ul>
+<p>Typically, a passive local will be a bot, for example an always-online node that guarantees availability of the locals so users can request state changes.</p>
+<p>There must be at least two active locals in any group of locals.</p>
+<div class="section" id="veto-dissent">
+<h3>Veto dissent</h3>
+<p>If a local vetoes a stranger, then all locals should cut communication with that stranger.</p>
+<p>Vetoes should be adopted by all locals.</p>
+<p>If, however, other locals consider the veto to be issued in error, there are two possible outcomes:</p>
+<ol class="arabic simple">
+<li>The vetoing local(s) abandon(s) the veto. <a class="footnote-reference" href="#footnote-4" id="footnote-reference-4">[4]</a></li>
+<li>The vetoing individual(s) is/are excluded by the locals.</li>
+</ol>
+</div>
+</div>
+<div class="section" id="network">
+<h2>Network</h2>
+<p>Any entity needs to define and announce itself as a <code>peer</code> in order to be available on the network.</p>
+<p>A &quot;peer&quot; is the coupling of network connection information to an <code>individual_id</code>.</p>
+<div class="section" id="discoverability">
+<h3>Discoverability</h3>
+<p>Peers are kept in a <a class="reference external" href="https://en.wikipedia.org/wiki/Distributed_hash_table">DHT</a>.</p>
+<p>Peers must be discoverable by their locals affiliation. <a class="footnote-reference" href="#footnote-5" id="footnote-reference-5">[5]</a></p>
+</div>
+<div class="section" id="users">
+<h3>Users</h3>
+<p>Users open single-request connections to other users to annonunce, look up and prune peers.</p>
+<p>Users may request state changes for themselves, or relay such requests for other users.</p>
+</div>
+<div class="section" id="locals">
+<h3>Locals</h3>
+<p>Locals keep open connections (streams) with each other.</p>
+<p>Locals continually exchange state changes.</p>
+<p>Locals should be able to audit the chain of state changes of other locals.</p>
+</div>
+<div class="section" id="between-locals-and-users">
+<h3>Between locals and users</h3>
+<p>Strangers <em>acknowledged</em> by locals open single-request connections to a local to announce state changes.</p>
+<p>Locals may open single-request connections to a user to announce a change to the state of the <code>Userspec</code> of a stranger. <a class="footnote-reference" href="#footnote-6" id="footnote-reference-6">[6]</a></p>
+<p>Individuals are free to deny connections from non-locals, for example if the entity has been sending garbage requests. The implementation of such sanctions is deferred to the application layer.</p>
+</div>
+</div>
+<div class="section" id="encryption">
+<h2>Encryption</h2>
+<p>An individual may keep content totally private on the network.</p>
+<p>A user may keep different encryption keys for different contexts.</p>
+<p>If a stranger shares a key setup with a local, that setup will be shared among all locals. A local will expect to be able to communicate with a strangerr using this key setup.</p>
+<p>The stranger must be able to change the key setup towards locals.</p>
+<p>The locals may be able to change the key setup towards a stranger.</p>
+<p>The protocol should allow anything from simple symmetric key exchanges to complex forward/backward secrecy schemes.</p>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Insert in this sorted list will face scaling issues when locals need to acknowledge a lot of users. The lists can be split into <a class="reference external" href="https://en.wikipedia.org/wiki/Bucket_%28computing%29">buckets</a>, either statically (for example two-byte prefixes) or dynamically after crossing a certain threshold. It should not be necessary to store empty buckets.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>This proof may map to what's commonly known as <em>kyc information</em>.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>Perhaps with the further limitation that all active users must have accepted with the <em>same</em> proof. Otherwise, how will the passive local choose which proof to accept.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[4]</a></td><td>Observe that since the vote state cannot change back to <code>0</code>, &quot;cancelling&quot; the veto can only be done by adding proof.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[5]</a></td><td>What exactly uniquely identifies a group of locals on the network in such a way that it cannot be hi-jacked or spoofed still needs to be thought through. Perhaps it can be a combination of a specific name with a signature from the &quot;founders;&quot; the first (two or more) locals in it.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-6" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-6">[6]</a></td><td>A use-case here would be where the locals make a change for the user due to an out-of-band request from the user. This is <em>not</em> the <code>Strangerspec</code>; it is the user's current <code>Userspec</code> for the given context. Of course, it's up to the user to accept the change. It may in turn request a new state change to the locals to revert it.</td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Hygiene"></category><category term="p2p"></category><category term="protocol"></category><category term="network"></category><category term="crm"></category><category term="privacy"></category><category term="f2f"></category><category term="community"></category></entry><entry><title>The NFT token id as URI</title><link href="nft-tokenid-content.html" rel="alternate"></link><published>2021-05-08T19:14:00+02:00</published><updated>2021-05-10T09:18:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-05-08:nft-tokenid-content.html</id><summary type="html"><p class="first last">How to embed asset references for NFTs that are independent of providers in the current standard.</p>
+</summary><content type="html"><p>Let's consider an NFT that works like a badge for participating in development of a software project.</p>
+<p>This token is awarded as a proof that the task was completed.</p>
+<p>To make things more fun, each NFT should have some unique, immutable content attached to it.</p>
+<p>In other words, the properties of this token, once set, should never change.</p>
+<p>Nor should they disappear.</p>
+<p>So how do we refer to the artwork asset within the token standard?</p>
+<div class="section" id="it-was-acceptable-at-the-time">
+<h2>It was acceptable at the time</h2>
+<p>The ERC721 standard is not explicit about where the assets that belong with the NFT can be discovered and resolved.</p>
+<p>At the time when the standard was adopted by the Ethereum community, there were multiple <em>&quot;[...] Alternatives considered: put all metadata for each asset on the blockchain (too expensive), use URL templates to query metadata parts (URL templates do not work with all URL schemes, especially P2P URLs), multiaddr network address (not mature enough).&quot;</em> Furthermore, they <em>&quot;[...] considered an NFT representing ownership of a house, in this case metadata about the house (image, occupants, etc.) can naturally change.&quot;</em> <a class="citation-reference" href="#eip721" id="citation-reference-1">[EIP721]</a></p>
+<p>A &quot;changing house&quot; doesn't sound quite like what we need. And anyway; if we stick a good old web2 URI in there, then that will end up on the great bonfire of dead links before long.</p>
+</div>
+<div class="section" id="image-schmimage">
+<h2>Image, schmimage</h2>
+<p>To be honest, I find the presumption in the optional EIP721 metadata structure to be surprisingly short-sighted. It <em>specifically</em> defines the asset as an image, and at the same time is presupposes that only a <em>single</em> asset file will be used.</p>
+<p>We may want to add <em>multiple</em> sources, so this is another obstacle for us.</p>
+<p>So how to get around this, while still playing nice with existing implementations out there? Two ideas come to mind:</p>
+<ul class="simple">
+<li>Embed a <em>thumbnail</em> as a preview of the artwork using a <code>base64</code> <em>data URI</em> <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a> in the metadata. Stick <code>name</code> and <code>description</code> on it, and the schema is still fulfilled.</li>
+<li><em>Extend</em> the structure with a list of <em>attachments</em> that <em>our</em> application layer knows about. Of course, each of these can have the same format as above.</li>
+</ul>
+<p>In other words:</p>
+<pre class="code json literal-block">
+<span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="nt">&quot;data:image/gif;base64,R0lGODlhDgARAKEDAAAAAOjqAPP1APDw8CH+EUNyZWF0ZWQgd2l0aCBHSU1QACwAAAAADgARAAACO5wHqXdrClocodbUaGg34qoBHaJtl7VYIfqBZxepb5C6NBvbIlyucO6jPUIK1CMiSCYvDIVS4GhCJoYCADs=&quot;</span><span class="w">
+ </span><span class="nt">&quot;attachments&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w">
+ </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Bar&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Bar image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;data:image/gif;base64,&quot;</span><span class="w">
+ </span><span class="p">},</span><span class="w">
+ </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Baz&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Baz image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;data:image/gif;base64,&quot;</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+ </span><span class="p">]</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+</div>
+<div class="section" id="mirror-mirror">
+<h2>Mirror, mirror</h2>
+<p>Since the asset reference shouldn't change, we can refer to it by its fingerprint or <a class="reference external" href="https://en.wikipedia.org/wiki/Content-addressable_storage">content address</a>. If we define that the resource can be looked up over HTTP by that fingerprint as its basename, then we are free to define and modify whatever list of mirrors for that resource that's valid for any point in time. The application layer would simply try the endpoints one after another.</p>
+<p>We take the <code>sha2-256</code> <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a> of the asset reference (the json file above, free of evil whitespace and newlines):</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>cat<span class="w"> </span>reference.json<span class="w"> </span><span class="p">|</span><span class="w"> </span>jq<span class="w"> </span>-c<span class="w"> </span>-j<span class="w"> </span><span class="p">|</span><span class="w"> </span>sha256sum<span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{ print $1; }&#39;</span>
+3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551
+</pre></div>
+<p>Imagine we had a mirror list of <a class="reference external" href="https://foo.com">https://foo.com</a> and <a class="reference external" href="https://bar.com/baz/">https://bar.com/baz/</a>. Then our application would try these urls in sequence, stopping at the first that returns a valid result:</p>
+<div class="highlight"><pre><span></span>https://foo.com/3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551
+https://bar.com/baz/3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551
+</pre></div>
+<p>Once we receive the content, all we have to do is hash it ourselves and verify that the sum matches the basename of the URI. If it doesn't the result is of course not valid and we continue down the list, appropriately banning the mischievous server then throrougly harassing its admin.</p>
+</div>
+<div class="section" id="cast-away">
+<h2>Cast away</h2>
+<p>Since our fingerprint is 32 bytes, it fits exactly inside the <code>tokenId</code> (<code>uint256</code>). Let's decide to big-endian numbers when converting (I find them easier to make sense of). In that case our hash from the reference turns into this modest number:</p>
+<div class="highlight"><pre><span></span><span class="c1"># python3</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="n">hx</span> <span class="o">=</span> <span class="nb">bytes</span><span class="o">.</span><span class="n">fromhex</span><span class="p">(</span><span class="s1">&#39;3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551&#39;</span><span class="p">)</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="nb">int</span><span class="o">.</span><span class="n">from_bytes</span><span class="p">(</span><span class="n">hx</span><span class="p">,</span> <span class="n">byteorder</span><span class="o">=</span><span class="s1">&#39;big&#39;</span><span class="p">)</span>
+<span class="mi">28891040728719892888467057134569335350980764617882743994259054993630416573777</span>
+</pre></div>
+<p>As long as we're composing the <code>evm</code> inputs ourselves, we don't really have to worry about the integer representation in this particular case. But the interface is defined as an integer type, and other mortals may be using higher level interfaces, we have to be explicit about our choice.</p>
+</div>
+<div class="section" id="welcoming-mint">
+<h2>Welcoming mint</h2>
+<p>Assume we have a method <code>mintTo(address _recipient, uint256 _tokenId)</code> on our NFT contract. The Solidity signature of that contract is <code>edb20b7e</code> <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a>. If I were to mint to myself then the input to the contract would be:</p>
+<div class="highlight"><pre><span></span>edb20b7e000000000000000000000000185cbce7650ff7ad3b587e26b2877d95568805e33fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551
+</pre></div>
+<p>Broken down:</p>
+<div class="highlight"><pre><span></span>signature: edb20b7e
+address, zero-padded: 000000000000000000000000185cbce7650ff7ad3b587e26b2877d95568805e3
+token id: 3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551
+</pre></div>
+<p>The corresponding web3.js code would look like:</p>
+<div class="highlight"><pre><span></span><span class="kd">const</span><span class="w"> </span><span class="nx">c</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">web3</span><span class="p">.</span><span class="nx">eth</span><span class="p">.</span><span class="nx">Contract</span><span class="p">([...],</span><span class="w"> </span><span class="s1">&#39;0x...&#39;</span><span class="p">);</span>
+<span class="nx">c</span><span class="p">.</span><span class="nx">methods</span><span class="p">.</span><span class="nx">mintTo</span><span class="p">(</span><span class="s1">&#39;0x185cbce7650ff7ad3b587e26b2877d95568805e3&#39;</span><span class="p">,</span><span class="w"> </span><span class="mf">28891040728719892888467057134569335350980764617882743994259054993630416573777</span><span class="p">).</span><span class="nx">call</span><span class="p">();</span>
+</pre></div>
+<p>To satisfy the <cite>tokenURI</cite> method, we can generate a string that's prefix with sha256 as a &quot;scheme&quot; <a class="footnote-reference" href="#footnote-4" id="footnote-reference-4">[4]</a>. A bit of (unoptimized) solidity helps us out here:</p>
+<pre class="code solidity literal-block">
+<span class="k">contract</span><span class="w"> </span><span class="ni">NFT</span><span class="w"> </span><span class="p">{</span><span class="w">
+
+ </span><span class="kt">uint256</span><span class="p">[]</span><span class="w"> </span>token<span class="p">;</span><span class="w">
+ </span><span class="kt">mapping</span><span class="p">(</span><span class="kt">uint256</span><span class="w"> </span><span class="o">=&gt;</span><span class="w"> </span><span class="kt">uint256</span><span class="p">)</span><span class="w"> </span>tokenIndex<span class="p">;</span><span class="w"> </span><span class="c1">// map token id to master token array index position
+</span><span class="w">
+ </span><span class="p">[...]</span><span class="w">
+
+ </span><span class="kt">function</span><span class="w"> </span><span class="nv">tokenURI</span><span class="p">(</span><span class="kt">uint256</span><span class="w"> </span><span class="nv">_tokenId</span><span class="p">)</span><span class="w"> </span><span class="kt">public</span><span class="w"> </span>pure<span class="w"> </span><span class="kt">returns</span><span class="p">(</span><span class="kt">string</span><span class="w"> </span><span class="nv">memory</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span><span class="kt">bytes32</span><span class="w"> </span><span class="nv">token_bytes</span><span class="p">;</span><span class="w">
+ </span><span class="kt">bytes</span><span class="w"> </span><span class="nv">memory</span><span class="w"> </span>out<span class="p">;</span><span class="w">
+ </span><span class="kt">uint8</span><span class="w"> </span><span class="nv">t</span><span class="p">;</span><span class="w">
+ </span><span class="kt">uint256</span><span class="w"> </span><span class="nv">c</span><span class="p">;</span><span class="w">
+
+ </span>token_bytes<span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kt">bytes32</span><span class="p">(</span>token<span class="p">[</span>tokenIndex<span class="p">[</span>_tokenId<span class="p">]]);</span><span class="w">
+
+ </span>out<span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kt">new</span><span class="w"> </span><span class="kt">bytes</span><span class="p">(</span><span class="m-Decimal">64</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="m-Decimal">7</span><span class="p">);</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">0</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;s&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">1</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;h&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">2</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;a&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">3</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;2&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">4</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;5&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">5</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;6&quot;</span><span class="p">;</span><span class="w">
+ </span>out<span class="p">[</span><span class="m-Decimal">6</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">&quot;:&quot;</span><span class="p">;</span><span class="w">
+
+ </span>c<span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m-Decimal">7</span><span class="p">;</span><span class="w">
+ </span><span class="kt">for</span><span class="w"> </span><span class="p">(</span><span class="kt">uint256</span><span class="w"> </span><span class="nv">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="m-Decimal">0</span><span class="p">;</span><span class="w"> </span>i<span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="m-Decimal">32</span><span class="p">;</span><span class="w"> </span>i<span class="o">++</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span>t<span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="kt">uint8</span><span class="p">(</span>_data<span class="p">[</span>i<span class="p">])</span><span class="w"> </span><span class="o">&amp;</span><span class="w"> </span><span class="mh">0xf0</span><span class="p">)</span><span class="w"> </span><span class="o">&gt;&gt;</span><span class="w"> </span><span class="m-Decimal">4</span><span class="p">;</span><span class="w">
+ </span><span class="kt">if</span><span class="w"> </span><span class="p">(</span>t<span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="m-Decimal">10</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span>out<span class="p">[</span>c<span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span>bytes1<span class="p">(</span>t<span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="mh">0x30</span><span class="p">);</span><span class="w">
+ </span><span class="p">}</span><span class="w"> </span><span class="kt">else</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span>out<span class="p">[</span>c<span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span>bytes1<span class="p">(</span>t<span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="mh">0x57</span><span class="p">);</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+ </span>t<span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kt">uint8</span><span class="p">(</span>_data<span class="p">[</span>i<span class="p">])</span><span class="w"> </span><span class="o">&amp;</span><span class="w"> </span><span class="mh">0x0f</span><span class="p">;</span><span class="w">
+ </span><span class="kt">if</span><span class="w"> </span><span class="p">(</span>t<span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="m-Decimal">10</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span>out<span class="p">[</span>c<span class="o">+</span><span class="m-Decimal">1</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span>bytes1<span class="p">(</span>t<span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="mh">0x30</span><span class="p">);</span><span class="w">
+ </span><span class="p">}</span><span class="w"> </span><span class="kt">else</span><span class="w"> </span><span class="p">{</span><span class="w">
+ </span>out<span class="p">[</span>c<span class="o">+</span><span class="m-Decimal">1</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span>bytes1<span class="p">(</span>t<span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="mh">0x57</span><span class="p">);</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+ </span>c<span class="w"> </span><span class="o">+=</span><span class="w"> </span><span class="m-Decimal">2</span><span class="p">;</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+ </span><span class="kt">return</span><span class="w"> </span><span class="kt">string</span><span class="p">(</span>out<span class="p">);</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+<p>This will return <code>sha256:3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551</code> for <code>tokenId</code> <code>3fdfbfe3b510b69f90cd92618e4c1ec76cf8b9c330bc2da1922acda8f84f9551</code> as input, provided that the <code>tokenId</code> actually exists. That may seem a bit useless at first, but consider the scenario where we want to interface with other NFTs aswell. Or perhaps we are implementing a contract that optionally can support a static web2 URI in storage. By doing it this way, all bases are covered.</p>
+</div>
+<div class="section" id="decentralized-identifiers">
+<h2>Decentralized identifiers</h2>
+<p>Even better would be to add redundancy with autonomous decentralized storage. However, networks like <a class="reference external" href="https://ethswarm.org">Swarm</a> and <a class="reference external" href="https://ipfs.io">IPFS</a> use their own hashing recipes. That means that for every network referenced, we'd have to define an <em>alternative</em> in our reference structure.</p>
+<p>Referencing the canonical <code>sha256</code> aswell as the <code>Swarmhash</code> for the same item could then look like this <a class="footnote-reference" href="#footnote-5" id="footnote-reference-5">[5]</a>:</p>
+<pre class="code json literal-block">
+<span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="nt">&quot;data:image/gif;base64,R0lGODlhDgARAKEDAAAAAOjqAPP1APDw8CH+EUNyZWF0ZWQgd2l0aCBHSU1QACwAAAAADgARAAACO5wHqXdrClocodbUaGg34qoBHaJtl7VYIfqBZxepb5C6NBvbIlyucO6jPUIK1CMiSCYvDIVS4GhCJoYCADs=&quot;</span><span class="w">
+ </span><span class="nt">&quot;alternatives&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w">
+ </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;bzz:4b9149ee4550f2d786f9ba6584b79a30ee14ae05ff6e84a0f7c7561a14e3b779&quot;</span><span class="w">
+ </span><span class="p">},</span><span class="w">
+ </span><span class="p">{</span><span class="w">
+ </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Foo image&quot;</span><span class="p">,</span><span class="w">
+ </span><span class="nt">&quot;image&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;sha256:d036a4ce7f929b632256225b2bebd81bdd558d3bfe3d96faae61db664708c16f&quot;</span><span class="w">
+ </span><span class="p">}</span><span class="w">
+ </span><span class="p">]</span><span class="w">
+</span><span class="p">}</span>
+</pre>
+<hr class="docutils" />
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>Yes, they are valid URIs actually: <a class="reference external" href="https://www.rfc-archive.org/getrfc.php?rfc=2397">https://www.rfc-archive.org/getrfc.php?rfc=2397</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>Likely it would be prudent to start using the official <code>sha3</code> instead of <code>sha2</code> these days, also because the <code>sha2</code> hash is not a builtin for <code>evm</code>. But neither is <code>sha3</code>. The <code>keccak256</code> Bitcoin uses, which EVM has inherited, is a pre-cursor to the <code>keccak</code> published as the <em>official</em> <code>sha3</code>. Still, <code>keccak256</code> and <code>sha3</code> is used interchangeably in opcode lists (and previously in <a class="reference external" href="https://docs.soliditylang.org/en/v0.8.0/050-breaking-changes.html#functions">Solidity</a> too). This has caused me quite a fair bit of confusion, I might add. Apart from it being ambiguous, the <code>keccak256</code> tooling is also less common in the wild. Therefore <code>sha2</code> seems like a safer bet for our experiments. It's not broken yet, after all.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>The hex result of <code>keccak256(&quot;mintTo(address,uint256)&quot;)</code></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[4]</a></td><td><em>Data URI</em> is of no use here, because the hash itself is just nondescript binary data. Luckily <code>&lt;scheme&gt;:&lt;path&gt;</code> is still a valid URI.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[5]</a></td><td>Here the hashes represent the media content itself, not the reference. That's why the <code>sha256</code> one is different than before.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils citation" frame="void" id="eip721" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#citation-reference-1">[EIP721]</a></td><td><a class="reference external" href="https://eips.ethereum.org/EIPS/eip-721">https://eips.ethereum.org/EIPS/eip-721</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Code"></category><category term="nft"></category><category term="evm"></category><category term="hash"></category><category term="key-value store"></category><category term="decentralized storage"></category></entry><entry><title>wasm and C - The bare necessities</title><link href="wasm-c-bare.html" rel="alternate"></link><published>2021-05-05T06:15:00+02:00</published><updated>2021-05-05T06:15:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-05-05:wasm-c-bare.html</id><summary type="html"><p class="first last">The bare minimum needed for two-way communication between wasm and C</p>
+</summary><content type="html"><p>I am currently resuming my self-improvement task of learning Webassembly. Or, I should rather say, <em>using</em> Webassembly.</p>
+<p>Since I have some optimized small code chunks that I want to use in an embedded environment, it seemed sensible that the first step would be to establish two-way communication with C.</p>
+<p>In my last outing around three years ago, I was using <a class="reference external" href="https://emscripten.org/">Emscripten</a> to bridge the gap. That tool adds quite a few bells and whistles, and doesn't quite yield that warm, fuzzy bare-metal rush. <a class="reference external" href="https://emscripten.org/">Emscripten</a> relies on <a class="reference external" href="http://clang.org/">Clang</a> and <a class="reference external" href="https://llvm.org/">LLVM</a>, all of which seem to have gotten their <code>wasm</code> support built-in in the meantime (at least on my archlinux system). This it integrates nicely with <a class="reference external" href="https://github.com/WebAssembly/wabt">wabt</a> - the swiss-army knife of Webassembly.</p>
+<p>So how far do we get with just <a class="reference external" href="http://clang.org/">clang</a>, <a class="reference external" href="https://llvm.org/">LLVM</a> and <a class="reference external" href="https://github.com/WebAssembly/wabt">wabt</a> ? Let's see if we at least can set up a code snippet which simply writes <em>&quot;foobar&quot;</em> to memory. The host will write <em>&quot;foo&quot;</em>, and <code>wasm</code> will write <em>&quot;bar&quot;</em>.</p>
+<div class="section" id="without-libc">
+<h2>Without libc</h2>
+<p>This excellent <a class="reference external" href="https://surma.dev/things/c-to-webassembly/">tutorial by Surma</a> provides a good starting point. Go ahead and <strong>read that first</strong>. This text is not a Webassembly primer, so the following will make a lot more sense if you do.</p>
+<p>That setup still adds some magic. Namely, the <em>memory</em> and <em>symbol table</em> are here added by the <em>wasm linker</em>. It would be even more fun to pass this from the host system instead.</p>
+<p>And so we start:&nbsp;<a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a></p>
+<pre class="code c literal-block">
+<span class="ln"> 0 </span><span class="cp">#include</span><span class="w"> </span><span class="cpf">&quot;string.h&quot;</span><span class="cp">
+</span><span class="ln"> 1 </span><span class="cp"></span><span class="w">
+</span><span class="ln"> 2 </span><span class="w"></span><span class="k">extern</span><span class="w"> </span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="n">__heap_base</span><span class="p">;</span><span class="w">
+</span><span class="ln"> 3 </span><span class="w"></span><span class="k">extern</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">call_me_sometime</span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">b</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 4 </span><span class="w">
+</span><span class="ln"> 5 </span><span class="w"></span><span class="kt">void</span><span class="w"> </span><span class="nf">foo</span><span class="p">()</span><span class="w"> </span><span class="p">{</span><span class="w">
+</span><span class="ln"> 6 </span><span class="w"> </span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">buf</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="o">*</span><span class="p">)</span><span class="o">&amp;</span><span class="n">__heap_base</span><span class="p">;</span><span class="w">
+</span><span class="ln"> 7 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">3</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'b'</span><span class="p">;</span><span class="w">
+</span><span class="ln"> 8 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">4</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'a'</span><span class="p">;</span><span class="w">
+</span><span class="ln"> 9 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">5</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'r'</span><span class="p">;</span><span class="w">
+</span><span class="ln">10 </span><span class="w"> </span><span class="n">call_me_sometime</span><span class="p">(</span><span class="n">buf</span><span class="p">);</span><span class="w">
+</span><span class="ln">11 </span><span class="w"></span><span class="p">}</span>
+</pre>
+<p>Compiling this without linking gives us a hint on what needs to be defined.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>clang<span class="w"> </span>--target<span class="o">=</span>wasm32<span class="w"> </span>-nostdlib<span class="w"> </span>-nostartfiles<span class="w"> </span>-o<span class="w"> </span>bare.wasm<span class="w"> </span>-c<span class="w"> </span>bare.c
+$<span class="w"> </span>wasm-objdump<span class="w"> </span>-x<span class="w"> </span>bare.wasm
+bare.wasm:<span class="w"> </span>file<span class="w"> </span>format<span class="w"> </span>wasm<span class="w"> </span>0x1
+
+Section<span class="w"> </span>Details:
+
+Type<span class="o">[</span><span class="m">2</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>type<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="o">()</span><span class="w"> </span>-&gt;<span class="w"> </span>nil
+<span class="w"> </span>-<span class="w"> </span>type<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="o">(</span>i32<span class="o">)</span><span class="w"> </span>-&gt;<span class="w"> </span>nil
+Import<span class="o">[</span><span class="m">4</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>memory<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span>pages:<span class="w"> </span><span class="nv">initial</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;-<span class="w"> </span>env.__linear_memory
+<span class="w"> </span>-<span class="w"> </span>table<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="nv">type</span><span class="o">=</span>funcref<span class="w"> </span><span class="nv">initial</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;-<span class="w"> </span>env.__indirect_function_table
+<span class="w"> </span>-<span class="w"> </span>global<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span>i32<span class="w"> </span><span class="nv">mutable</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;-<span class="w"> </span>env.__stack_pointer
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;env.call_me_sometime&gt;<span class="w"> </span>&lt;-<span class="w"> </span>env.call_me_sometime
+Function<span class="o">[</span><span class="m">1</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;foo&gt;
+Code<span class="o">[</span><span class="m">1</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">138</span><span class="w"> </span>&lt;foo&gt;
+Custom:
+<span class="w"> </span>-<span class="w"> </span>name:<span class="w"> </span><span class="s2">&quot;linking&quot;</span>
+<span class="w"> </span>-<span class="w"> </span>symbol<span class="w"> </span>table<span class="w"> </span><span class="o">[</span><span class="nv">count</span><span class="o">=</span><span class="m">4</span><span class="o">]</span>
+<span class="w"> </span>-<span class="w"> </span><span class="m">0</span>:<span class="w"> </span>F<span class="w"> </span>&lt;foo&gt;<span class="w"> </span><span class="nv">func</span><span class="o">=</span><span class="m">1</span><span class="w"> </span><span class="nv">binding</span><span class="o">=</span>global<span class="w"> </span><span class="nv">vis</span><span class="o">=</span>hidden
+<span class="w"> </span>-<span class="w"> </span><span class="m">1</span>:<span class="w"> </span>G<span class="w"> </span>&lt;env.__stack_pointer&gt;<span class="w"> </span><span class="nv">global</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>undefined<span class="w"> </span><span class="nv">binding</span><span class="o">=</span>global<span class="w"> </span><span class="nv">vis</span><span class="o">=</span>default
+<span class="w"> </span>-<span class="w"> </span><span class="m">2</span>:<span class="w"> </span>D<span class="w"> </span>&lt;__heap_base&gt;<span class="w"> </span>undefined<span class="w"> </span><span class="nv">binding</span><span class="o">=</span>global<span class="w"> </span><span class="nv">vis</span><span class="o">=</span>default
+<span class="w"> </span>-<span class="w"> </span><span class="m">3</span>:<span class="w"> </span>F<span class="w"> </span>&lt;env.call_me_sometime&gt;<span class="w"> </span><span class="nv">func</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>undefined<span class="w"> </span><span class="nv">binding</span><span class="o">=</span>global<span class="w"> </span><span class="nv">vis</span><span class="o">=</span>default
+Custom:
+<span class="w"> </span>-<span class="w"> </span>name:<span class="w"> </span><span class="s2">&quot;reloc.CODE&quot;</span>
+<span class="w"> </span>-<span class="w"> </span>relocations<span class="w"> </span><span class="k">for</span><span class="w"> </span>section:<span class="w"> </span><span class="m">3</span><span class="w"> </span><span class="o">(</span>Code<span class="o">)</span><span class="w"> </span><span class="o">[</span><span class="m">5</span><span class="o">]</span>
+<span class="w"> </span>-<span class="w"> </span>R_wasm_GLOBAL_INDEX_LEB<span class="w"> </span><span class="nv">offset</span><span class="o">=</span>0x000007<span class="o">(</span><span class="nv">file</span><span class="o">=</span>0x000099<span class="o">)</span><span class="w"> </span><span class="nv">symbol</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;env.__stack_pointer&gt;
+<span class="w"> </span>-<span class="w"> </span>R_wasm_GLOBAL_INDEX_LEB<span class="w"> </span><span class="nv">offset</span><span class="o">=</span>0x00001c<span class="o">(</span><span class="nv">file</span><span class="o">=</span>0x0000ae<span class="o">)</span><span class="w"> </span><span class="nv">symbol</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;env.__stack_pointer&gt;
+<span class="w"> </span>-<span class="w"> </span>R_wasm_MEMORY_ADDR_SLEB<span class="w"> </span><span class="nv">offset</span><span class="o">=</span>0x000031<span class="o">(</span><span class="nv">file</span><span class="o">=</span>0x0000c3<span class="o">)</span><span class="w"> </span><span class="nv">symbol</span><span class="o">=</span><span class="m">2</span><span class="w"> </span>&lt;__heap_base&gt;
+<span class="w"> </span>-<span class="w"> </span>R_wasm_FUNCTION_INDEX_LEB<span class="w"> </span><span class="nv">offset</span><span class="o">=</span>0x000073<span class="o">(</span><span class="nv">file</span><span class="o">=</span>0x000105<span class="o">)</span><span class="w"> </span><span class="nv">symbol</span><span class="o">=</span><span class="m">3</span><span class="w"> </span>&lt;env.call_me_sometime&gt;
+<span class="w"> </span>-<span class="w"> </span>R_wasm_GLOBAL_INDEX_LEB<span class="w"> </span><span class="nv">offset</span><span class="o">=</span>0x000086<span class="o">(</span><span class="nv">file</span><span class="o">=</span>0x000118<span class="o">)</span><span class="w"> </span><span class="nv">symbol</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;env.__stack_pointer&gt;
+Custom:
+<span class="w"> </span>-<span class="w"> </span>name:<span class="w"> </span><span class="s2">&quot;producers&quot;</span>
+</pre></div>
+<p>Using nodejs as the host, we check if we can instantiate a <code>WebAssembly</code> object</p>
+<pre class="code javascript literal-block">
+<span class="ln"> 0 </span><span class="kd">const</span><span class="w"> </span><span class="nx">fs</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">require</span><span class="p">(</span><span class="s1">'fs'</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 1 </span><span class="w">
+</span><span class="ln"> 2 </span><span class="w"></span><span class="kd">const</span><span class="w"> </span><span class="nx">imports</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{}</span><span class="w">
+</span><span class="ln"> 3 </span><span class="w">
+</span><span class="ln"> 4 </span><span class="w"></span><span class="k">async</span><span class="w"> </span><span class="kd">function</span><span class="w"> </span><span class="nx">init</span><span class="p">()</span><span class="w">&nbsp;</span><span class="p">{</span><span class="w">
+</span><span class="ln"> 5 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">code</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">fs</span><span class="p">.</span><span class="nx">readFileSync</span><span class="p">(</span><span class="s1">'./bare.wasm'</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 6 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">m</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Module</span><span class="p">(</span><span class="nx">code</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 7 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Instance</span><span class="p">(</span><span class="nx">m</span><span class="p">,</span><span class="w"> </span><span class="nx">imports</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 8 </span><span class="w"></span><span class="p">}</span><span class="w">
+</span><span class="ln"> 9 </span><span class="w"></span><span class="nx">init</span><span class="p">();</span>
+</pre>
+<p>Running this tells us we are apparently missing a property <code>env</code> in the imports object.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>node<span class="w"> </span>bare_naive.js
+/home/lash/src/tests/wasm/bare/bare_naive.js:8
+const<span class="w"> </span><span class="nv">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span>new<span class="w"> </span>WebAssembly.Instance<span class="o">(</span>m,<span class="w"> </span>imports<span class="o">)</span><span class="p">;</span>
+<span class="w"> </span>^
+
+TypeError:<span class="w"> </span>WebAssembly.Instance<span class="o">()</span>:<span class="w"> </span>Import<span class="w"> </span><span class="c1">#0 module=&quot;env&quot; error: module is not an object or function</span>
+</pre></div>
+<p>That seems to match with the <code>Import</code> section in the <code>objdump</code> output above. Let's stick the <em>memory</em> and <em>table</em> in there. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a></p>
+<p>And let's make a bold guess that the callback function <code>call_me_sometime</code> needs to go in there aswell.</p>
+<pre class="code javascript literal-block">
+<span class="ln"> 0 </span><span class="kd">const</span><span class="w"> </span><span class="nx">fs</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">require</span><span class="p">(</span><span class="s1">'fs'</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 1 </span><span class="w">
+</span><span class="ln"> 2 </span><span class="w"></span><span class="kd">const</span><span class="w"> </span><span class="nx">memory</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Memory</span><span class="p">({</span><span class="nx">initial</span><span class="o">:</span><span class="w"> </span><span class="mf">2</span><span class="p">});</span><span class="w">
+</span><span class="ln"> 3 </span><span class="w"></span><span class="kd">const</span><span class="w"> </span><span class="nx">table</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Table</span><span class="p">({</span><span class="nx">initial</span><span class="o">:</span><span class="w"> </span><span class="mf">3</span><span class="p">,</span><span class="w"> </span><span class="nx">element</span><span class="o">:</span><span class="w"> </span><span class="s1">'anyfunc'</span><span class="p">});</span><span class="w">
+</span><span class="ln"> 4 </span><span class="w"></span><span class="kd">const</span><span class="w"> </span><span class="nx">importsObj</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span><span class="w">
+</span><span class="ln"> 5 </span><span class="w"> </span><span class="nx">env</span><span class="o">:</span><span class="w"> </span><span class="p">{</span><span class="w">
+</span><span class="ln"> 6 </span><span class="w"> </span><span class="nx">memory</span><span class="o">:</span><span class="w"> </span><span class="nx">memory</span><span class="p">,</span><span class="w">
+</span><span class="ln"> 7 </span><span class="w"> </span><span class="nx">__linear_memory</span><span class="o">:</span><span class="w"> </span><span class="nx">memory</span><span class="p">,</span><span class="w">
+</span><span class="ln"> 8 </span><span class="w"> </span><span class="nx">__indirect_function_table</span><span class="o">:</span><span class="w"> </span><span class="nx">table</span><span class="p">,</span><span class="w">
+</span><span class="ln"> 9 </span><span class="w"> </span><span class="nx">call_me_sometime</span><span class="o">:</span><span class="w"> </span><span class="p">(</span><span class="nx">n</span><span class="p">)</span><span class="w"> </span><span class="p">=&gt;</span><span class="w"> </span><span class="p">{</span><span class="w">
+</span><span class="ln">10 </span><span class="w"> </span><span class="kd">let</span><span class="w"> </span><span class="nx">a</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nb">Uint8Array</span><span class="p">(</span><span class="nx">memory</span><span class="p">.</span><span class="nx">buffer</span><span class="p">,</span><span class="w"> </span><span class="nx">n</span><span class="p">,</span><span class="w"> </span><span class="mf">9</span><span class="p">)</span><span class="w">
+</span><span class="ln">11 </span><span class="w"> </span><span class="nx">a</span><span class="p">.</span><span class="nx">set</span><span class="p">([</span><span class="mh">0x66</span><span class="p">,</span><span class="w"> </span><span class="mh">0x6f</span><span class="p">,</span><span class="w"> </span><span class="mh">0x6f</span><span class="p">],</span><span class="w"> </span><span class="mf">0</span><span class="p">);</span><span class="w">
+</span><span class="ln">12 </span><span class="w"> </span><span class="nx">console</span><span class="p">.</span><span class="nx">debug</span><span class="p">(</span><span class="s1">'heap is at: '</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="nx">n</span><span class="p">);</span><span class="w">
+</span><span class="ln">13 </span><span class="w"> </span><span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="s1">'heap contains: '</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">TextDecoder</span><span class="p">().</span><span class="nx">decode</span><span class="p">(</span><span class="nx">a</span><span class="p">));</span><span class="w">
+</span><span class="ln">14 </span><span class="w"> </span><span class="p">},</span><span class="w">
+</span><span class="ln">15 </span><span class="w"> </span><span class="p">},</span><span class="w">
+</span><span class="ln">16 </span><span class="w"></span><span class="p">}</span><span class="w">
+</span><span class="ln">17 </span><span class="w">
+</span><span class="ln">18 </span><span class="w"></span><span class="k">async</span><span class="w"> </span><span class="kd">function</span><span class="w"> </span><span class="nx">init</span><span class="p">()</span><span class="w">&nbsp;</span><span class="p">{</span><span class="w">
+</span><span class="ln">19 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">code</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">fs</span><span class="p">.</span><span class="nx">readFileSync</span><span class="p">(</span><span class="s1">'./bare.wasm'</span><span class="p">);</span><span class="w">
+</span><span class="ln">20 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">m</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Module</span><span class="p">(</span><span class="nx">code</span><span class="p">);</span><span class="w">
+</span><span class="ln">21 </span><span class="w"> </span><span class="kd">const</span><span class="w"> </span><span class="nx">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ow">new</span><span class="w"> </span><span class="nx">WebAssembly</span><span class="p">.</span><span class="nx">Instance</span><span class="p">(</span><span class="nx">m</span><span class="p">,</span><span class="w"> </span><span class="nx">importsObj</span><span class="p">);</span><span class="w">
+</span><span class="ln">22 </span><span class="w"> </span><span class="nx">i</span><span class="p">.</span><span class="nx">exports</span><span class="p">.</span><span class="nx">foo</span><span class="p">();</span><span class="w">
+</span><span class="ln">23 </span><span class="w"></span><span class="p">}</span><span class="w">
+</span><span class="ln">24 </span><span class="w"></span><span class="nx">init</span><span class="p">();</span>
+</pre>
+<p>The linker needs a little help from us for this:</p>
+<ul class="simple">
+<li>Our callback function will not be available at link time, so we have to <code>--allow-undefined</code> to promise that the host has got this covered.</li>
+<li><code>--import-memory</code> and <code>--import-table</code> to enable us to get memory and symbol table from the host.</li>
+<li><code>--export=&quot;foo&quot;</code> to make sure we only export exactly what we intend to from our <code>wasm</code>.</li>
+</ul>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>clang<span class="w"> </span>--target<span class="o">=</span>wasm32<span class="w"> </span>-nostdlib<span class="w"> </span>-nostartfiles<span class="w"> </span>-Wl,--no-entry<span class="w"> </span>-Wl,--export<span class="o">=</span><span class="s2">&quot;foo&quot;</span><span class="w"> </span>-Wl,--import-memory<span class="w"> </span>-Wl,--import-table<span class="w"> </span>-Wl,--allow-undefined<span class="w"> </span>-o<span class="w"> </span>bare.wasm<span class="w"> </span>bare.c
+</pre></div>
+<p>And that should give us:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>node<span class="w"> </span>bare.js
+heap<span class="w"> </span>is<span class="w"> </span>at:<span class="w"> </span><span class="m">66560</span>
+heap<span class="w"> </span>contains:<span class="w"> </span>foobar
+</pre></div>
+<p>This way of pointing to memory is of course grossly inadequate <em>and</em> unsafe <em>and</em> ridiculous for any purpose more advanced that this one. So some proper memory management would not be a bad thing.</p>
+</div>
+<div class="section" id="adding-libc">
+<h2>Adding libc</h2>
+<p>And what do you know. In other news since last time I looked at this is the addition of &quot;a libc for WebAssembly programs built on top of WASI system calls.&quot; <a class="citation-reference" href="#wasi-libc" id="citation-reference-1">[wasi-libc]</a>. Let's see if we can add a slightly less manual way of handling memory with <code>malloc</code> and <code>memcpy</code></p>
+<pre class="code c literal-block">
+<span class="ln"> 0 </span><span class="cp">#ifdef HAVE_LIBC
+</span><span class="ln"> 1 </span><span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;string.h&gt;</span><span class="cp">
+</span><span class="ln"> 2 </span><span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdlib.h&gt;</span><span class="cp">
+</span><span class="ln"> 3 </span><span class="cp">#endif
+</span><span class="ln"> 4 </span><span class="cp"></span><span class="w">
+</span><span class="ln"> 5 </span><span class="w"></span><span class="k">extern</span><span class="w"> </span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="n">__heap_base</span><span class="p">;</span><span class="w">
+</span><span class="ln"> 6 </span><span class="w"></span><span class="k">extern</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">call_me_sometime</span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">b</span><span class="p">);</span><span class="w">
+</span><span class="ln"> 7 </span><span class="w">
+</span><span class="ln"> 8 </span><span class="w"></span><span class="kt">void</span><span class="w"> </span><span class="nf">foo</span><span class="p">()</span><span class="w"> </span><span class="p">{</span><span class="w">
+</span><span class="ln"> 9 </span><span class="w">
+</span><span class="ln">10 </span><span class="w"></span><span class="cp">#ifdef HAVE_LIBC
+</span><span class="ln">11 </span><span class="cp"></span><span class="w"> </span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">buf</span><span class="p">;</span><span class="w">
+</span><span class="ln">12 </span><span class="w"> </span><span class="n">buf</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">malloc</span><span class="p">(</span><span class="mi">9</span><span class="p">);</span><span class="w">
+</span><span class="ln">13 </span><span class="w"> </span><span class="n">memcpy</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">3</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;bazbar&quot;</span><span class="p">,</span><span class="w"> </span><span class="mi">6</span><span class="p">);</span><span class="w">
+</span><span class="ln">14 </span><span class="w"></span><span class="cp">#else
+</span><span class="ln">15 </span><span class="cp"></span><span class="w"> </span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">buf</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">char</span><span class="o">*</span><span class="p">)</span><span class="o">&amp;</span><span class="n">__heap_base</span><span class="p">;</span><span class="w">
+</span><span class="ln">16 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">3</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'b'</span><span class="p">;</span><span class="w">
+</span><span class="ln">17 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">4</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'a'</span><span class="p">;</span><span class="w">
+</span><span class="ln">18 </span><span class="w"> </span><span class="o">*</span><span class="p">(</span><span class="n">buf</span><span class="o">+</span><span class="mi">5</span><span class="p">)</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="sc">'r'</span><span class="p">;</span><span class="w">
+</span><span class="ln">19 </span><span class="w"></span><span class="cp">#endif
+</span><span class="ln">20 </span><span class="cp"></span><span class="w"> </span><span class="n">call_me_sometime</span><span class="p">(</span><span class="n">buf</span><span class="p">);</span><span class="w">
+</span><span class="ln">21 </span><span class="w">
+</span><span class="ln">22 </span><span class="w"></span><span class="cp">#ifdef HAVE_LIBC
+</span><span class="ln">23 </span><span class="cp"></span><span class="w"> </span><span class="n">free</span><span class="p">(</span><span class="n">buf</span><span class="p">);</span><span class="w">
+</span><span class="ln">24 </span><span class="w"></span><span class="cp">#endif
+</span><span class="ln">25 </span><span class="cp"></span><span class="w">
+</span><span class="ln">26 </span><span class="w"></span><span class="p">}</span>
+</pre>
+<p>As you see, we need a few more parameters for the compiler and linker at this point. The <code>--target=wasm32-unknown-wasi --sysroot /opt/wasi-libc .. /opt/wasi-libc/lib/wasm32-wasi/libc.a</code> is needed to hook us up with headers and symbols for the libc.</p>
+<p>My archlinux puts that sysroot in <code>/opt/wasi-libc</code>, that may of course not be the case elsewhere.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>clang<span class="w"> </span>-DHAVE_LIBC<span class="o">=</span><span class="m">1</span><span class="w"> </span>--target<span class="o">=</span>wasm32-unknown-wasi<span class="w"> </span>--sysroot<span class="w"> </span>/opt/wasi-libc<span class="w"> </span>-nostdlib<span class="w"> </span>-nostartfiles<span class="w"> </span>-Wl,--no-entry<span class="w"> </span>-Wl,--export<span class="o">=</span><span class="s2">&quot;foo&quot;</span><span class="w"> </span>-Wl,--import-memory<span class="w"> </span>-Wl,--import-table<span class="w"> </span>-Wl,--allow-undefined<span class="w"> </span>-o<span class="w"> </span>bare.wasm<span class="w"> </span>bare.c<span class="w"> </span>/opt/wasi-libc/lib/wasm32-wasi/libc.a
+$<span class="w"> </span>wasm-objdump<span class="w"> </span>-x<span class="w"> </span>bare.wasm
+
+bare.wasm:<span class="w"> </span>file<span class="w"> </span>format<span class="w"> </span>wasm<span class="w"> </span>0x1
+
+Section<span class="w"> </span>Details:
+
+Type<span class="o">[</span><span class="m">3</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>type<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="o">(</span>i32<span class="o">)</span><span class="w"> </span>-&gt;<span class="w"> </span>nil
+<span class="w"> </span>-<span class="w"> </span>type<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="o">()</span><span class="w"> </span>-&gt;<span class="w"> </span>nil
+<span class="w"> </span>-<span class="w"> </span>type<span class="o">[</span><span class="m">2</span><span class="o">]</span><span class="w"> </span><span class="o">(</span>i32<span class="o">)</span><span class="w"> </span>-&gt;<span class="w"> </span>i32
+Import<span class="o">[</span><span class="m">3</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>memory<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span>pages:<span class="w"> </span><span class="nv">initial</span><span class="o">=</span><span class="m">2</span><span class="w"> </span>&lt;-<span class="w"> </span>env.memory
+<span class="w"> </span>-<span class="w"> </span>table<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="nv">type</span><span class="o">=</span>funcref<span class="w"> </span><span class="nv">initial</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;-<span class="w"> </span>env.__indirect_function_table
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;call_me_sometime&gt;<span class="w"> </span>&lt;-<span class="w"> </span>env.call_me_sometime
+Function<span class="o">[</span><span class="m">7</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;foo&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">2</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">2</span><span class="w"> </span>&lt;malloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">3</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">2</span><span class="w"> </span>&lt;dlmalloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">4</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;free&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">5</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;dlfree&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">6</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>&lt;abort&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">7</span><span class="o">]</span><span class="w"> </span><span class="nv">sig</span><span class="o">=</span><span class="m">2</span><span class="w"> </span>&lt;sbrk&gt;
+Global<span class="o">[</span><span class="m">2</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>global<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span>i32<span class="w"> </span><span class="nv">mutable</span><span class="o">=</span><span class="m">1</span><span class="w"> </span>-<span class="w"> </span>init<span class="w"> </span><span class="nv">i32</span><span class="o">=</span><span class="m">67072</span>
+<span class="w"> </span>-<span class="w"> </span>global<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span>i32<span class="w"> </span><span class="nv">mutable</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>&lt;__heap_base&gt;<span class="w"> </span>-<span class="w"> </span>init<span class="w"> </span><span class="nv">i32</span><span class="o">=</span><span class="m">67072</span>
+Export<span class="o">[</span><span class="m">2</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span>&lt;foo&gt;<span class="w"> </span>-&gt;<span class="w"> </span><span class="s2">&quot;foo&quot;</span>
+<span class="w"> </span>-<span class="w"> </span>global<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span>-&gt;<span class="w"> </span><span class="s2">&quot;__heap_base&quot;</span>
+Code<span class="o">[</span><span class="m">7</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">171</span><span class="w"> </span>&lt;foo&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">2</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">10</span><span class="w"> </span>&lt;malloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">3</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">6984</span><span class="w"> </span>&lt;dlmalloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">4</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">10</span><span class="w"> </span>&lt;free&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">5</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">1908</span><span class="w"> </span>&lt;dlfree&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">6</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">4</span><span class="w"> </span>&lt;abort&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">7</span><span class="o">]</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">78</span><span class="w"> </span>&lt;sbrk&gt;
+Data<span class="o">[</span><span class="m">2</span><span class="o">]</span>:
+<span class="w"> </span>-<span class="w"> </span>segment<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span><span class="nv">memory</span><span class="o">=</span><span class="m">0</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">7</span><span class="w"> </span>-<span class="w"> </span>init<span class="w"> </span><span class="nv">i32</span><span class="o">=</span><span class="m">1024</span>
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000400</span>:<span class="w"> </span><span class="m">6261</span><span class="w"> </span>7a62<span class="w"> </span><span class="m">6172</span><span class="w"> </span><span class="m">00</span><span class="w"> </span>bazbar.
+<span class="w"> </span>-<span class="w"> </span>segment<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span><span class="nv">memory</span><span class="o">=</span><span class="m">0</span><span class="w"> </span><span class="nv">size</span><span class="o">=</span><span class="m">500</span><span class="w"> </span>-<span class="w"> </span>init<span class="w"> </span><span class="nv">i32</span><span class="o">=</span><span class="m">1032</span>
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000408</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000418</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000428</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000438</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000448</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000458</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000468</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000478</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000488</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000498</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004a8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004b8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004c8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004d8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004e8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00004f8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000508</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000518</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000528</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000538</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000548</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000558</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000568</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000578</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000588</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span><span class="m">0000598</span>:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005a8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005b8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005c8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005d8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005e8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>................
+<span class="w"> </span>-<span class="w"> </span>00005f8:<span class="w"> </span><span class="m">0000</span><span class="w"> </span><span class="m">0000</span><span class="w"> </span>....
+Custom:
+<span class="w"> </span>-<span class="w"> </span>name:<span class="w"> </span><span class="s2">&quot;name&quot;</span>
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">0</span><span class="o">]</span><span class="w"> </span>&lt;call_me_sometime&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">1</span><span class="o">]</span><span class="w"> </span>&lt;foo&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">2</span><span class="o">]</span><span class="w"> </span>&lt;malloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">3</span><span class="o">]</span><span class="w"> </span>&lt;dlmalloc&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">4</span><span class="o">]</span><span class="w"> </span>&lt;free&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">5</span><span class="o">]</span><span class="w"> </span>&lt;dlfree&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">6</span><span class="o">]</span><span class="w"> </span>&lt;abort&gt;
+<span class="w"> </span>-<span class="w"> </span>func<span class="o">[</span><span class="m">7</span><span class="o">]</span><span class="w"> </span>&lt;sbrk&gt;
+Custom:
+<span class="w"> </span>-<span class="w"> </span>name:<span class="w"> </span><span class="s2">&quot;producers&quot;</span>
+</pre></div>
+<p>What luxury. And of course, our <code>bare.wasm</code> file just grew from 350 bytes to 10k...</p>
+<p>We don't have to change our <code>javascript</code> code at this point. Simply run again, and get:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>node<span class="w"> </span>bare.js
+heap<span class="w"> </span>is<span class="w"> </span>at:<span class="w"> </span><span class="m">67088</span>
+heap<span class="w"> </span>contains:<span class="w"> </span>foobazbar
+</pre></div>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td><code>__heap_base</code> will be set by default by the wasm environment, and is thus available as an external symbol.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>After linking the memory symbol meeds to be called <code>memory</code> instead of <code>__linear_memory</code> for some reason. Thus we add both here for clarity.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils citation" frame="void" id="wasi-libc" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#citation-reference-1">[wasi-libc]</a></td><td><a class="reference external" href="https://github.com/WebAssembly/wasi-libc">https://github.com/WebAssembly/wasi-libc</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+</div>
+</content><category term="Code"></category><category term="wasm"></category><category term="c"></category><category term="clang"></category><category term="llvm"></category></entry><entry><title>Proving what you link to</title><link href="web-snapshot.html" rel="alternate"></link><published>2021-05-03T14:22:00+02:00</published><updated>2024-06-19T16:21:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-05-03:web-snapshot.html</id><summary type="html"><p class="first last">Generating proof of a web resource when you read and share</p>
+</summary><content type="html"><p>When we send a link to someone, we are trusting that whoever is behind that link will serve that someone the content we actually saw. Give or take an ad or two.</p>
+<p>Also, when we bookmark the link for later retrieval. We are trusting that the entity will be serving that content at any time in the future that you may want it.</p>
+<p>This may not be a huge problem if the page is merely a list of <a class="reference external" href="https://thoughtcatalog.com/clint-conway/2016/08/50-of-the-funniest-dead-baby-jokes-of-all-time/">dead baby jokes</a> <a class="footnote-reference" href="#footnote-6" id="footnote-reference-1">[6]</a>. They are objectively funny, of course. But you can also get along without them.</p>
+<p>But what of the case of formal, scientific texts we may depend on, and that use citations from the web as part of their source material? Usually, they refer to a source by <em>link</em> and <em>date of retrieval</em>. This is not of much use unless the actual source and/or render they saw at that time also is available.</p>
+<p>That may not always be the case.</p>
+<div class="section" id="take-care-of-your-shelf">
+<h2>Take care of your shelf</h2>
+<blockquote>
+&quot;No worries, the <a class="reference external" href="https://archive.org">Wayback Machine</a> has me covered.&quot;</blockquote>
+<p>Yes. But no. The Wayback Machine is a (thus far) centralized entity that depend on a few idealists and donations to keep going. If they stop to keep going, they depend on passing the buck to someone else. If that someone is evil, they may take it and rewrite history to suit themselves. If that someone else cannot be found, it becomes a garbage collection blip on Bezos' <a class="reference external" href="https://gizmodo.com/i-tried-to-block-amazon-from-my-life-it-was-impossible-1830565336">infrastructure monopoly</a> dashboard. <a class="footnote-reference" href="#footnote-1" id="footnote-reference-2">[1]</a></p>
+<p>That aside, sources like Wayback Machine are like libraries. Libraries are, of course, essential. Not only because they serve as one of the pillars of democracy, providing free access to knowledge for everyone. They are also essential because it's simply not very practical for you to pre-emptively own all the books that you may at some point want to read. Let alone ask around in your neighborhood if they happen to have a copy (although a crowd-sourced library app sounds like a fun decentralization project to explore).</p>
+<p>You may however want to keep a copy of the books you <em>depend</em> on, and the ones you <em>really like</em>. Just to make really sure you have it available when you want it. Then, if some New Public Management clowns get the chance to gut public infrastructure where you live, or someone starts a good old-fashioned fascist book burning, you have yourself covered.</p>
+</div>
+<div class="section" id="a-lack-of-friction">
+<h2>A lack of friction</h2>
+<p>Yes, stuff may disappear on the web. Just as books may.</p>
+<p>On the web that stuff can get <em>rewritten</em>. Books may be rewritten, too. <a class="footnote-reference" href="#footnote-2" id="footnote-reference-3">[2]</a> The previous editions of the books will still exist as independent physical objects until they degrade, as long as something is not actively done to them. But so too with data on storage media. If it is not renewed or copied during that lifetime it may degrade until it becomes illegible. And of course, it may also simply be deleted. And without the smell of smoke at that.</p>
+<p>That's the difference that seems to leap out when using this imagery. How <em>easy</em> it is to change and destroy stuff at scale on the web compared with the real world of books. And how inconspicuously it can happen, without <em>anyone</em> noticing. And for those who notice, it is very hard to prove what has changed, unless you have a copy. <a class="footnote-reference" href="#footnote-5" id="footnote-reference-4">[5]</a></p>
+<p>So what can we do? Copies and proofs are definitely keywords here. Fortunately, copying is what computers are all about. And making a cryptographical proof of what you see is easy enough these days, too. The tricky bit is to build <em>credibility</em> around that proof. But let's stick our head in the sand and start with the easy part and see where it takes us.</p>
+</div>
+<div class="section" id="look-no-head">
+<h2>Look, no head</h2>
+<!-- .. WARNING::
+
+ Nerdy zone ahead -->
+<p>A good start is to dump the document source to disk, then calculating and storing the sum of it.</p>
+<p>In many cases this will be insufficient, though, as many sites populates the DOM through scripts, either in part or in full. As the use-case here is humans voting on what they see is what they get, human aids will be needed. In other words, we need to render the page to store what we actually see.</p>
+<p>Printing to PDF from the browser is an option, but that is really difficult to automate. Fortunately, modern browser engines provide command line access to rendering. Since I mostly use <a class="reference external" href="https://brave.com/">Brave Browser</a> these days, we'll use <em>headless Chromium</em> here.</p>
+<p>In addition to source, sum and rendering, we should also include a copy of the request headers for good measure.</p>
+<p>Thus, we end up with something like this.</p>
+<pre class="code bash literal-block">
+<span class="ch">#!/bin/bash
+</span><span class="w">
+</span><span class="nv">f</span><span class="o">=</span><span class="si">${</span><span class="nv">WEBSHOT_OUTPUT_DIR</span><span class="k">:-</span><span class="p">/tmp</span><span class="si">}</span><span class="w">
+</span><span class="nv">url</span><span class="o">=</span><span class="nv">$1</span><span class="w">
+</span><span class="nv">title</span><span class="o">=</span><span class="nv">$2</span><span class="w">
+</span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span>using<span class="w"> </span>outdir<span class="w"> </span><span class="nv">$f</span><span class="w">
+
+</span><span class="nb">set</span><span class="w"> </span>+e<span class="w">
+
+</span><span class="c1"># prepare
+</span><span class="nv">d</span><span class="o">=</span><span class="sb">`</span><span class="nv">TZ</span><span class="o">=</span>UTC<span class="w"> </span>date<span class="w"> </span>+%Y%m%d%H%M<span class="sb">`</span><span class="w">
+</span><span class="nv">t</span><span class="o">=</span><span class="sb">`</span>mktemp<span class="w"> </span>-d<span class="sb">`</span><span class="w">
+</span><span class="nb">pushd</span><span class="w"> </span><span class="nv">$t</span><span class="w">
+
+</span><span class="c1"># store raw outputs
+</span><span class="nb">echo</span><span class="w"> </span><span class="nv">$1</span><span class="w"> </span>&gt;<span class="w"> </span>url.txt<span class="w">
+</span>curl<span class="w"> </span>-s<span class="w"> </span>-I<span class="w"> </span><span class="nv">$1</span><span class="w"> </span>&gt;<span class="w"> </span>headers.txt<span class="w">
+</span>curl<span class="w"> </span>-s<span class="w"> </span>-X<span class="w"> </span>GET<span class="w"> </span><span class="nv">$1</span><span class="w"> </span>&gt;<span class="w"> </span>contents.txt<span class="w">
+</span><span class="nv">z</span><span class="o">=</span><span class="sb">`</span>sha256sum<span class="w"> </span>contents.txt<span class="sb">`</span><span class="w">
+</span><span class="nb">echo</span><span class="w"> </span><span class="nv">$z</span><span class="w"> </span>&gt;<span class="w"> </span>contents.txt.sha256<span class="w">
+</span><span class="nv">h</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span>-n<span class="w"> </span><span class="nv">$z</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">'{ print $1; }'</span><span class="sb">`</span><span class="w">
+
+</span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-z<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$title</span><span class="s2">&quot;</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span><span class="nv">title</span><span class="o">=</span><span class="nv">$h</span><span class="w">
+</span><span class="k">fi</span><span class="w">
+</span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span>using<span class="w"> </span>title<span class="w"> </span><span class="nv">$title</span><span class="w">
+
+</span><span class="c1"># rendered snapshot
+</span>chromium<span class="w"> </span>--headless<span class="w"> </span>--print-to-pdf<span class="w"> </span><span class="nv">$url</span><span class="w">
+</span><span class="nv">n</span><span class="o">=</span><span class="si">${</span><span class="nv">d</span><span class="si">}</span>_<span class="si">${</span><span class="nv">h</span><span class="si">}</span><span class="w">
+</span>mv<span class="w"> </span>output.pdf<span class="w"> </span><span class="nv">$n</span>.pdf<span class="w">
+
+</span><span class="c1"># store result
+</span>mkdir<span class="w"> </span>-p<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$f</span><span class="s2">/</span><span class="nv">$title</span><span class="s2">&quot;</span><span class="w">
+</span>tar<span class="w"> </span>-zcvf<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$f</span><span class="s2">/</span><span class="nv">$title</span><span class="s2">/</span><span class="nv">$n</span><span class="s2">.tar.gz&quot;</span><span class="w"> </span>*<span class="w">
+
+</span><span class="c1"># clean up
+</span><span class="nb">popd</span><span class="w">
+
+</span><span class="nb">set</span><span class="w"> </span>-e
+</pre>
+</div>
+<div class="section" id="what-does-this-mean">
+<h2>What does this mean</h2>
+<p>Let's sum up what information we've managed to store with this operation.</p>
+<ul class="simple">
+<li>We have a copy of the unrendered source. It may or may not include all the information we want to store.</li>
+<li>We have a fingerprint of that source.</li>
+<li>We have a copy of the headers we were served when retrieving the document. <a class="footnote-reference" href="#footnote-3" id="footnote-reference-5">[3]</a></li>
+<li>We have a image copy of what we actually saw when visiting the page.</li>
+<li>We have a date and time for retrieval (file attributes).</li>
+</ul>
+<p>To link the headers together with the visual copy, we could sum the header file and image file aswell, put those sums together with the content sum in a deterministic order, and calculate the sum of those sums. E.g. <a class="footnote-reference" href="#footnote-4" id="footnote-reference-6">[4]</a></p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>cp<span class="w"> </span>contents.txt.sha256<span class="w"> </span>sums.txt
+$<span class="w"> </span>sha256sum<span class="w"> </span>headers.txt<span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{ print $1; }&#39;</span><span class="w"> </span>&gt;&gt;<span class="w"> </span>sums.txt
+$<span class="w"> </span>sha256sum<span class="w"> </span>&lt;pdf<span class="w"> </span>file&gt;<span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{ print $1; }&#39;</span><span class="w"> </span>&gt;&gt;<span class="w"> </span>sums.txt
+$<span class="w"> </span>sha256sum<span class="w"> </span>sums.txt<span class="w"> </span><span class="p">|</span><span class="w"> </span>awk<span class="w"> </span><span class="s1">&#39;{ print $1; }&#39;</span><span class="w"> </span>&gt;<span class="w"> </span>topsum.txt
+</pre></div>
+<p>If we now sign <em>this</em> sum, we are confirming that for this particuar resource:</p>
+<blockquote>
+&quot;This was the source. These were the headers for that source. This is how that source served in that manner looked for <strong>ME</strong> at the time&quot;</blockquote>
+</div>
+<div class="section" id="proving-links-in-this-post">
+<h2>Proving links in this post</h2>
+<p>This post makes use of several external links to articles. So as a final step, let's eat our own dogfood and add proofs for them.</p>
+<table border="1" class="docutils">
+<caption>Article retrieval proofs</caption>
+<colgroup>
+<col width="34%" />
+<col width="22%" />
+<col width="22%" />
+<col width="22%" />
+</colgroup>
+<thead valign="bottom">
+<tr><th class="head">Link</th>
+<th class="head">Content</th>
+<th class="head">Header</th>
+<th class="head">Image</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr><td><a class="reference external" href="https://gizmodo.com/i-tried-to-block-amazon-from-my-life-it-was-impossible-1830565336">https://gizmodo.com/i-tried-to-block-amazon-from-my-life-it-was-impossible-1830565336</a></td>
+<td><a class="reference external" href="misc/web_snapshot/0c657ec25e55e72702b0473f62e6d632dece992485f67c407ed1f748b3f40bc2.txt">0c657ec2</a></td>
+<td><a class="reference external" href="misc/web_snapshot/360125fa513b8db8380eb2b62c4479164baa5b48d8544b2242bcc7305bad0de4.txt">360125fa</a></td>
+<td><a class="reference external" href="misc/web_snapshot/a2584ca07ba16b15b9fad315a767cbb0c4b7124abdfd578cab2afb4dce9d1971.pdf">a2584ca0</a></td>
+</tr>
+<tr><td><a class="reference external" href="https://www.thelocal.se/20111109/37244/">https://www.thelocal.se/20111109/37244/</a></td>
+<td><a class="reference external" href="misc/web_snapshot/be8741ff91c6e3eac760a3a4652b57f47bce92fa9b617662296c2ab5b3c5fe31.txt">be8741ff</a></td>
+<td><a class="reference external" href="misc/web_snapshot/6c20e7678a0235467687425b9818718ab143fd477afee2087d7f79c933abdc75.txt">6c20e767</a></td>
+<td><a class="reference external" href="misc/web_snapshot/f1c557b9555149dde570976ed956ffb17d17b99cea5f2651020f66408dacf301.pdf">f1c557b9</a></td>
+</tr>
+<tr><td><a class="reference external" href="https://www.statista.com/chart/18819/worldwide-market-share-of-leading-cloud-infrastructure-service-providers/">https://www.statista.com/chart/18819/worldwide-market-share-of-leading-cloud-infrastructure-service-providers/</a></td>
+<td><a class="reference external" href="misc/web_snapshot/595a07b85e6b75a41fe0880c8538f15c4b6da5770db230d986efa2e080ca479a.txt">595a07b8</a></td>
+<td><a class="reference external" href="misc/web_snapshot/f2aa95b42c5420cb11ccbf1cb084d5e5ccc3fc6cd575c51e9ee473b9df19c890.txt">f2aa95b4</a></td>
+<td><a class="reference external" href="misc/web_snapshot/6a610fa69d4909cc9aa1dcb7105203cc50c1bcf26733411964f95cbcbdf37eb5.pdf">6a610fa6</a></td>
+</tr>
+<tr><td><a class="reference external" href="https://web.archive.org/web/20170710185409/https://www.botkyrka.se/arkiv/nyhetsarkiv/nyheter-startsida/2017-07-10-angaende-uttalanden-av-journalisten-janne-josefsson-om-bibliotek-botkyrka.html">https://web.archive.org/web/20170710185409/https://www.botkyrka.se/arkiv/nyhetsarkiv/nyheter-startsida/2017-07-10-angaende-uttalanden-av-journalisten-janne-josefsson-om-bibliotek-botkyrka.html</a></td>
+<td><a class="reference external" href="misc/web_snapshot/5a806be410da82986a85f68658279234c1a5cf3bb6dc55da137d5274dc722f26.txt">5a806be4</a></td>
+<td><a class="reference external" href="misc/web_snapshot/078d9fe6be070de0d378a6e903f8558a7da4917cba5c95ca453ae1936541e4f6.txt">078d9fe6</a></td>
+<td><a class="reference external" href="misc/web_snapshot/2d0f0e69e7c8b6ffe9ff8ffc8702a78d6a2d46ab1edd4123e84eb211171d6cde.pdf">2d0f0e69</a></td>
+</tr>
+<tr><td><a class="reference external" href="https://www.breitbart.com/europe/2017/07/19/swedens-libraries-pulp-traditional-children-books-racist-phrases/">https://www.breitbart.com/europe/2017/07/19/swedens-libraries-pulp-traditional-children-books-racist-phrases/</a></td>
+<td><a class="reference external" href="misc/web_snapshot/a8c6b61cec2cce1a58bcf7a65091a6c2e8510ca5fa17f2d242d286f087d95cd5.txt">a8c6b61c</a></td>
+<td><a class="reference external" href="misc/web_snapshot/3ba9094b295a898cfe8cba256f4ebf65ef98ff05bb3034e048e517d52fc13d33.txt">3ba9094b</a></td>
+<td><a class="reference external" href="misc/web_snapshot/eb76a87f224b0e4f4e5d1673b1505aaeee28d8ad03ce544656b6f5ac7c4d9983.pdf">eb76a87f</a></td>
+</tr>
+</tbody>
+</table>
+<p>Clicking on the &quot;image&quot; links, we see that thanks to the recent ubiquity of cookie nag boxes screaming &quot;accept all&quot; at you, those very boxes are now blocking the content we want to get at. So we will need more work to get to where we want by automation. But it's s start.</p>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[1]</a></td><td>Early 2021 survey puts Amazon at one-third of the global market share. <a class="reference external" href="https://www.statista.com/chart/18819/worldwide-market-share-of-leading-cloud-infrastructure-service-providers/">https://www.statista.com/chart/18819/worldwide-market-share-of-leading-cloud-infrastructure-service-providers/</a></td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[2]</a></td><td>2011 sparked a <a class="reference external" href="https://www.thelocal.se/20111109/37244/">controversy</a> around Astrid Lindgren's Pippi Longstockings. Echoing those viewpoints, the books were edited in 2015 during which some alleged &quot;racist&quot; content was altered. The rabid rightwing media later spun a <a class="reference external" href="https://www.breitbart.com/europe/2017/07/19/swedens-libraries-pulp-traditional-children-books-racist-phrases/">false tale of mass purges</a> of Pippi books around one single swedish library's decision to throw out copies of the originial &quot;racist&quot; versions. Case-in-point, a public statement in which the library tries to justify its actions is no longer available on their website, and has to be retrieved by the Wayback Machine. <a class="reference external" href="https://web.archive.org/web/20170710185409/https://www.botkyrka.se/arkiv/nyhetsarkiv/nyheter-startsida/2017-07-10-angaende-uttalanden-av-journalisten-janne-josefsson-om-bibliotek-botkyrka.html">https://web.archive.org/web/20170710185409/https://www.botkyrka.se/arkiv/nyhetsarkiv/nyheter-startsida/2017-07-10-angaende-uttalanden-av-journalisten-janne-josefsson-om-bibliotek-botkyrka.html</a> (in swedish)</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[3]</a></td><td>Well actually, not quite. We did the same request twice, but they were two separate requests. Using a single request would improve the script.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-6">[4]</a></td><td>We use the hex representation for clarity here. A proper tool would convert the hex values to bytes before calculating sum on them.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[5]</a></td><td>Another important difference is that the book does not need to be <em>interpreted</em> by a <em>machine</em> in order to make sense for a human. Availability of tooling is definitely an equally important topic in this discussion. However this post limits focus to the actual data itself.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- -->
+<blockquote>
+<table class="docutils footnote" frame="void" id="footnote-6" rules="none">
+<colgroup><col class="label" /><col /></colgroup>
+<tbody valign="top">
+<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[6]</a></td><td>How ironic; that site is gone. And I don't have a snapshot. What a shame. I've changed the link to some different baby jokes. The original url was <a class="reference external" href="https://dead-baby-joke.com">https://dead-baby-joke.com</a>.</td></tr>
+</tbody>
+</table>
+</blockquote>
+<!-- .. _data availability: https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.433.3480 -->
+<!-- https://web.archive.org/web/20170710185409/https://www.botkyrka.se/arkiv/nyhetsarkiv/nyheter-startsida/2017-07-10-angaende-uttalanden-av-journalisten-janne-josefsson-om-bibliotek-botkyrka.html <- not available on link, no result on search https://www.mhpbooks.com/the-trouble-with-pippi/ -->
+</div>
+</content><category term="Archiving"></category><category term="web"></category><category term="hash"></category><category term="chromium"></category></entry><entry><title>Local python repository</title><link href="docker-offline-2-python.html" rel="alternate"></link><published>2021-04-26T07:55:00+02:00</published><updated>2021-04-26T07:55:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-04-26:docker-offline-2-python.html</id><summary type="html"><p class="first last">Feeding python packages to your offline Docker setup</p>
+</summary><content type="html"><!-- .. CAUTION::
+
+ This is a purely technical article. You should probably be `this geeky <https://g33k.holbrook.no/c18beedd>`_ to continue reading. -->
+<p>In the previous part of this series we were able to connect a Docker network to a virtual interface on our host, neither of which have access to the internet. That means we are ready to host content for the container locally. And we will start out with creating a local Python repository.</p>
+<div class="section" id="packaging-the-packages">
+<h2>Packaging the packages</h2>
+<p>I'll be so bold as to assume that you are using <tt class="docutils literal">pip</tt> to manage your packages. It gives you not only the option to <em>install</em> packages, but merely <em>download</em> them to storage aswell. So let's do that and try to serve the packages.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>pip<span class="w"> </span>download<span class="w"> </span>faker
+<span class="o">[</span>...<span class="o">]</span>
+Successfully<span class="w"> </span>downloaded<span class="w"> </span>faker<span class="w"> </span>python-dateutil<span class="w"> </span>six<span class="w"> </span>text-unidecode
+$<span class="w"> </span>ls
+Faker-8.1.0-py3-none-any.whl<span class="w"> </span>python_dateutil-2.8.1-py2.py3-none-any.whl<span class="w"> </span>six-1.15.0-py2.py3-none-any.whl<span class="w"> </span>text_unidecode-1.3-py2.py3-none-any.whl
+$<span class="w"> </span>python<span class="w"> </span>-m<span class="w"> </span>RangeHTTPServer
+</pre></div>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>python<span class="w"> </span>-m<span class="w"> </span>venv<span class="w"> </span>.venv
+$<span class="w"> </span>.<span class="w"> </span>.venv/bin/activate
+<span class="o">(</span>.venv<span class="o">)</span><span class="w"> </span>$<span class="w"> </span>pip<span class="w"> </span>install<span class="w"> </span>--index<span class="w"> </span>http://localhost:8000<span class="w"> </span>faker
+Looking<span class="w"> </span><span class="k">in</span><span class="w"> </span>indexes:<span class="w"> </span>http://localhost:8000
+ERROR:<span class="w"> </span>Could<span class="w"> </span>not<span class="w"> </span>find<span class="w"> </span>a<span class="w"> </span>version<span class="w"> </span>that<span class="w"> </span>satisfies<span class="w"> </span>the<span class="w"> </span>requirement<span class="w"> </span>faker<span class="w"> </span><span class="o">(</span>from<span class="w"> </span>versions:<span class="w"> </span>none<span class="o">)</span>
+ERROR:<span class="w"> </span>No<span class="w"> </span>matching<span class="w"> </span>distribution<span class="w"> </span>found<span class="w"> </span><span class="k">for</span><span class="w"> </span>faker
+</pre></div>
+<p>Dag nabbit. Apparently not that simple. And indeed, if we read up on the spec for <a class="reference external" href="https://www.python.org/dev/peps/pep-0503">PEP 503 spec for Simple Repository API</a>, we learn that we are going to stick those package files under directories named after the packages.</p>
+<p>Well, nothing that a bit of bash scripting can't sort out:</p>
+<pre class="code bash literal-block">
+<span class="ch">#!/usr/bin/env
+</span><span class="w">
+</span><span class="nv">s</span><span class="o">=</span><span class="nv">$1</span><span class="w">
+</span><span class="nv">d</span><span class="o">=</span><span class="nv">$2</span><span class="w">
+</span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>-z<span class="w"> </span><span class="nv">$d</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span><span class="w">
+ </span>&gt;<span class="p">&amp;</span><span class="m">2</span><span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;usage: pep503.sh &lt;source_dir&gt; &lt;dest_dir&gt;&quot;</span><span class="w">
+ </span><span class="nb">exit</span><span class="w"> </span><span class="m">1</span><span class="w">
+</span><span class="k">fi</span><span class="w">
+
+</span><span class="k">for</span><span class="w"> </span>df<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="sb">`</span>find<span class="w"> </span><span class="nv">$s</span><span class="w"> </span>-name<span class="w"> </span><span class="s2">&quot;*.whl&quot;</span><span class="w"> </span>-type<span class="w"> </span>f<span class="sb">`</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">f</span><span class="o">=</span><span class="sb">`</span>basename<span class="w"> </span><span class="nv">$df</span><span class="sb">`</span><span class="w">
+ </span><span class="nv">pd</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sed<span class="w"> </span>-e<span class="w"> </span><span class="s2">&quot;s/^\(.*\)-[[:digit:]]*\.[[:digit:]].*</span>$<span class="s2">/\1/g&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;[:upper:]&quot;</span><span class="w"> </span><span class="s2">&quot;[:lower:]&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;_&quot;</span><span class="w"> </span><span class="s2">&quot;-&quot;</span><span class="sb">`</span><span class="w">
+ </span>mkdir<span class="w"> </span>-v<span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span><span class="w">
+ </span>cp<span class="w"> </span>-v<span class="w"> </span><span class="nv">$df</span><span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span>/<span class="w">
+</span><span class="k">done</span><span class="w">
+</span><span class="k">for</span><span class="w"> </span>df<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="sb">`</span>find<span class="w"> </span><span class="nv">$s</span><span class="w"> </span>-name<span class="w"> </span><span class="s2">&quot;*.tar.gz&quot;</span><span class="w"> </span>-type<span class="w"> </span>f<span class="sb">`</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">f</span><span class="o">=</span><span class="sb">`</span>basename<span class="w"> </span><span class="nv">$df</span><span class="sb">`</span><span class="w">
+ </span><span class="nv">pd</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sed<span class="w"> </span>-e<span class="w"> </span><span class="s2">&quot;s/^\(.*\)-[[:digit:]]*\.[[:digit:]].*</span>$<span class="s2">/\1/g&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;[:upper:]&quot;</span><span class="w"> </span><span class="s2">&quot;[:lower:]&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;_&quot;</span><span class="w"> </span><span class="s2">&quot;-&quot;</span><span class="sb">`</span><span class="w">
+ </span>mkdir<span class="w"> </span>-v<span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span><span class="w">
+ </span>cp<span class="w"> </span>-v<span class="w"> </span><span class="nv">$df</span><span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span>/<span class="w">
+</span><span class="k">done</span><span class="w">
+</span><span class="k">for</span><span class="w"> </span>df<span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="sb">`</span>find<span class="w"> </span><span class="nv">$s</span><span class="w"> </span>-name<span class="w"> </span><span class="s2">&quot;*.zip&quot;</span><span class="w"> </span>-type<span class="w"> </span>f<span class="sb">`</span><span class="p">;</span><span class="w"> </span><span class="k">do</span><span class="w">
+ </span><span class="nv">f</span><span class="o">=</span><span class="sb">`</span>basename<span class="w"> </span><span class="nv">$df</span><span class="sb">`</span><span class="w">
+ </span><span class="nv">pd</span><span class="o">=</span><span class="sb">`</span><span class="nb">echo</span><span class="w"> </span><span class="nv">$f</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>sed<span class="w"> </span>-e<span class="w"> </span><span class="s2">&quot;s/^\(.*\)-[[:digit:]]*\.[[:digit:]].*</span>$<span class="s2">/\1/g&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;[:upper:]&quot;</span><span class="w"> </span><span class="s2">&quot;[:lower:]&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>tr<span class="w"> </span><span class="s2">&quot;_&quot;</span><span class="w"> </span><span class="s2">&quot;-&quot;</span><span class="sb">`</span><span class="w">
+ </span>mkdir<span class="w"> </span>-v<span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span><span class="w">
+ </span>cp<span class="w"> </span>-v<span class="w"> </span><span class="nv">$df</span><span class="w"> </span><span class="nv">$d</span>/<span class="nv">$pd</span>/<span class="w">
+</span><span class="k">done</span>
+</pre>
+<p>Armed with this, let's try again:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>sh<span class="w"> </span>/home/lash/bin/shell/pep503.sh<span class="w"> </span>.<span class="w"> </span>packages
+$<span class="w"> </span>mkdir<span class="w"> </span>packages
+$<span class="w"> </span>bash<span class="w"> </span>/home/lash/bin/shell/pep503.sh<span class="w"> </span>.<span class="w"> </span>packages
+mkdir:<span class="w"> </span>created<span class="w"> </span>directory<span class="w"> </span><span class="s1">&#39;packages/text-unidecode&#39;</span>
+<span class="s1">&#39;./text_unidecode-1.3-py2.py3-none-any.whl&#39;</span><span class="w"> </span>-&gt;<span class="w"> </span><span class="s1">&#39;packages/text-unidecode/text_unidecode-1.3-py2.py3-none-any.whl&#39;</span>
+mkdir:<span class="w"> </span>created<span class="w"> </span>directory<span class="w"> </span><span class="s1">&#39;packages/six&#39;</span>
+<span class="s1">&#39;./six-1.15.0-py2.py3-none-any.whl&#39;</span><span class="w"> </span>-&gt;<span class="w"> </span><span class="s1">&#39;packages/six/six-1.15.0-py2.py3-none-any.whl&#39;</span>
+mkdir:<span class="w"> </span>created<span class="w"> </span>directory<span class="w"> </span><span class="s1">&#39;packages/python-dateutil&#39;</span>
+<span class="s1">&#39;./python_dateutil-2.8.1-py2.py3-none-any.whl&#39;</span><span class="w"> </span>-&gt;<span class="w"> </span><span class="s1">&#39;packages/python-dateutil/python_dateutil-2.8.1-py2.py3-none-any.whl&#39;</span>
+mkdir:<span class="w"> </span>created<span class="w"> </span>directory<span class="w"> </span><span class="s1">&#39;packages/faker&#39;</span>
+<span class="s1">&#39;./Faker-8.1.0-py3-none-any.whl&#39;</span><span class="w"> </span>-&gt;<span class="w"> </span><span class="s1">&#39;packages/faker/Faker-8.1.0-py3-none-any.whl&#39;</span>
+$<span class="w"> </span>find<span class="w"> </span>packages/<span class="w"> </span>-type<span class="w"> </span>f
+packages/faker/Faker-8.1.0-py3-none-any.whl
+packages/python-dateutil/python_dateutil-2.8.1-py2.py3-none-any.whl
+packages/six/six-1.15.0-py2.py3-none-any.whl
+packages/text-unidecode/text_unidecode-1.3-py2.py3-none-any.whl
+k<span class="w"> </span>$<span class="w"> </span>python<span class="w"> </span>-m<span class="w"> </span>RangeHTTPServer
+</pre></div>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>pip<span class="w"> </span>install<span class="w"> </span>--index<span class="w"> </span>http://localhost:8000/packages<span class="w"> </span>faker
+Looking<span class="w"> </span><span class="k">in</span><span class="w"> </span>indexes:<span class="w"> </span>http://localhost:8000/packages
+Collecting<span class="w"> </span>faker
+<span class="o">[</span>...<span class="o">]</span>
+Successfully<span class="w"> </span>installed<span class="w"> </span>faker-8.1.0<span class="w"> </span>python-dateutil-2.8.1<span class="w"> </span>six-1.15.0<span class="w"> </span>text-unidecode-1.3
+</pre></div>
+</div>
+<div class="section" id="extra-prepping">
+<h2>Extra prepping</h2>
+<p>There are some basic packages you will most always need, and which <tt class="docutils literal">pip</tt> often will expect to find in at least one of its available repositories, even regardless of whether its installed or not. If you don't have this on your local offline repository when the internet goes <em>poof</em>, then that will block any build you are trying to do.</p>
+<p>Let's make sure we have the packages around all the time:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>pip<span class="w"> </span>download<span class="w"> </span>pip<span class="w"> </span>setuptools<span class="w"> </span>setuptools-markdown<span class="w"> </span>wheel
+<span class="o">[</span>...<span class="o">]</span>
+$<span class="w"> </span>bash<span class="w"> </span>/home/lash/bin/shell/pep503.sh<span class="w"> </span>.<span class="w"> </span>packages
+<span class="o">[</span>...<span class="o">]</span>
+</pre></div>
+</div>
+<div class="section" id="choosing-a-server">
+<h2>Choosing a server</h2>
+<p>As I tend to favor the classics, I still use <tt class="docutils literal">Apache Web Server</tt> to host stuff to my local environment. One practical (if not all too safe) thing about it is that it will automatically bind to all interfaces. So to make the repository available, we simply link or add the <tt class="docutils literal">packages</tt> directory to the virtual root, and restart the server e.g. with</p>
+<div class="highlight"><pre><span></span>systemctl<span class="w"> </span>restart<span class="w"> </span>httpd
+</pre></div>
+<p>Of course you can use any HTTP server you like, as long as you know how to bind it to the virtual interface.</p>
+<p>To verify that the service is providing what's needed, simply point your web browser to the location, e.g.</p>
+<div class="highlight"><pre><span></span>lynx<span class="w"> </span>http://10.1.2.1/packages/
+</pre></div>
+</div>
+<div class="section" id="serving-the-packages">
+<h2>Serving the packages</h2>
+<p>Now that we are all prepped, the next step is to do install packages from within a Docker container.</p>
+<p>Let's start with an Archlinux base image with basic python provisions.</p>
+<pre class="code docker literal-block">
+<span class="k">FROM</span><span class="w"> </span><span class="s">archlinux:latest</span><span class="w">
+
+</span><span class="k">RUN</span><span class="w"> </span>pacman<span class="w"> </span>-Sy<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="se">\
+</span><span class="w"> </span>pacman<span class="w"> </span>-S<span class="w"> </span>--noconfirm<span class="w"> </span>python<span class="w"> </span>python-pip
+</pre>
+<p>Build and tag it with <tt class="docutils literal">pythonbase</tt>, and then let's add the Dockerfile to test the repository:</p>
+<div class="highlight"><pre><span></span><span class="o">[</span>...<span class="o">]</span>
+
+<span class="k">RUN</span><span class="w"> </span>pip<span class="w"> </span>install<span class="w"> </span>--index<span class="w"> </span>http://10.1.2.1/packages<span class="w"> </span>--trusted-host<span class="w"> </span><span class="m">10</span>.1.2.1<span class="w"> </span>faker
+</pre></div>
+<p>Now, turn internet off (and lights, too, if you'd like some extra suspense), and build the second file.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>docker<span class="w"> </span>build<span class="w"> </span>.
+Sending<span class="w"> </span>build<span class="w"> </span>context<span class="w"> </span>to<span class="w"> </span>Docker<span class="w"> </span>daemon<span class="w"> </span><span class="m">3</span>.072kB
+<span class="o">[</span>...<span class="o">]</span>
+Successfully<span class="w"> </span>installed<span class="w"> </span>faker-8.1.0<span class="w"> </span>python-dateutil-2.8.1<span class="w"> </span>six-1.15.0<span class="w"> </span>text-unidecode-1.3
+Removing<span class="w"> </span>intermediate<span class="w"> </span>container<span class="w"> </span>2c10ffcdf3ad
+---&gt;<span class="w"> </span>1ba83bb8e111
+Successfully<span class="w"> </span>built<span class="w"> </span>1ba83bb8e111
+</pre></div>
+<!-- -->
+<blockquote>
+</blockquote>
+</div>
+</content><category term="Offlining"></category><category term="docker"></category><category term="python"></category><category term="devops"></category></entry><entry><title>The routing to freedom</title><link href="docker-offline-1-routing.html" rel="alternate"></link><published>2021-04-26T07:54:00+02:00</published><updated>2021-04-26T07:54:00+02:00</updated><author><name>Louis Holbrook</name></author><id>tag:None,2021-04-26:docker-offline-1-routing.html</id><summary type="html"><p class="first last">How to not be forced being online when forced to use docker</p>
+</summary><content type="html"><!-- .. CAUTION::
+
+ This is a purely technical article. You should probably be `this geeky <https://g33k.holbrook.no/8319a926>`_ to continue reading. -->
+<p>Five years ago I decided that I wanted to be able to work from anywhere, anytime. Four years ago, that promise was kept. In part.</p>
+<p>I do not need to go to an office somewhere. I can work outside in a park if I want to. I can ride on to a new town every day. I only ever need to bring my trusty old <a class="reference external" href="https://www.tuxedocomputers.com/en">Tuxedo Laptop</a> whereever I go.</p>
+<p>All of this as true, as long as there is internet available. And, as it turns out, <em>good</em> internet available.</p>
+<p>This has become especially obvious to me once I started to work with a project that involves a collection of microservices contained in a Docker environment, which also makes extensive use of custom packages that change frequently alongside the development process. Turns out, every time I want to rebuild my cluster of containers when sitting in the sun in a park, I need my LTE modem to play along. If it doesn't, then a single package that can't be reached will thwart the build.</p>
+<p>This does not feel much like freedom after all. So let's see how we can serve all of these locally from our host instead.</p>
+<p>First of all, we have to be able to reach our local host from the Docker containers. This is less straightforward than it may seem at first. The most obvious solution is to use the <tt class="docutils literal">host</tt> network driver, but this exposes your <em>whole</em> localhost interface and routes to internet, too. Aside from the security issues that raises, it can also also trick you into assuming that some resources are available when they in fact will not be when you move on to a different environment. What we want is to <em>block</em> access to internet, while <em>choosing</em> which services to let the Docker container use.</p>
+<p>Once we have this in place, we want to create local repositories for all the stuff we otherwise need to download. In this particular case, that means a <strong>Docker</strong> repository, a <strong>Python</strong> repository, a <strong>nodejs</strong> repository and a <strong>linux</strong> repository. We'll use <a class="reference external" href="https://archlinux.org">Archlinux</a> for this exercise, because that's been my home environment for the last four years.</p>
+<p>In fact, having your own mirror of all these and anything else you base most of your work on is not only a good idea for the purpose of <em>offlining</em> in itself, but wasting on bandwidth for items you've already downloaded hundreds of times is not exactly a nod to climate awareness either. And even more importantly, ensuring <em>availability</em> of software is something we should all participate in, and not merely defer to a couple of git repository giants.</p>
+<blockquote>
+</blockquote>
+<!-- -->
+<blockquote>
+</blockquote>
+<div class="section" id="reaching-the-local-host">
+<h2>Reaching the local host</h2>
+<p><em>Local host</em> not <em>localhost</em>, mind you. Which means we need a different interface to connect to. And since we are not wiring up in any physical sense, a virtual interface seems to be the reasonable way to go.</p>
+<p>First, let's prepare a base Docker layer with some tools that you should never leave home without.</p>
+<div class="section" id="prepare-the-docker-image">
+<h3>Prepare the docker image</h3>
+<pre class="code docker literal-block">
+<span class="k">FROM</span><span class="w"> </span><span class="s">archlinux:latest</span><span class="w">
+
+</span><span class="k">RUN</span><span class="w"> </span>pacman<span class="w"> </span>-Sy<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="se">\
+</span><span class="w"> </span>pacman<span class="w"> </span>-S<span class="w"> </span>--noconfirm<span class="w"> </span>gnu-netcat<span class="w"> </span>socat<span class="w"> </span>inetutils<span class="w"> </span>iproute2
+</pre>
+<p>Let's build this as an image called <tt class="docutils literal">archbase</tt>. Provided the content above is a file called <tt class="docutils literal">Dockerfile.archbase</tt> in your current directory:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>docker<span class="w"> </span>build<span class="w"> </span>-t<span class="w"> </span>archbase<span class="w"> </span>-f<span class="w"> </span>Dockerfile.archbase<span class="w"> </span>.
+</pre></div>
+</div>
+<div class="section" id="set-up-network-interfaces">
+<h3>Set up network interfaces</h3>
+<p>Bring up a virtual interface</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>ip<span class="w"> </span>link<span class="w"> </span>add<span class="w"> </span>foo<span class="w"> </span><span class="nb">type</span><span class="w"> </span>dummy
+</pre></div>
+<p>Find the subnet of the <tt class="docutils literal"><span class="pre">no-internet</span></tt> Docker network. This network driver is a builtin that provides exactly what it advertises.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>docker<span class="w"> </span>network<span class="w"> </span>inspect<span class="w"> </span>no-internet
+<span class="o">[</span>...<span class="o">]</span>
+<span class="s2">&quot;Config&quot;</span>:<span class="w"> </span><span class="o">[</span>
+<span class="w"> </span><span class="o">{</span>
+<span class="w"> </span><span class="s2">&quot;Subnet&quot;</span>:<span class="w"> </span><span class="s2">&quot;10.1.1.0/24&quot;</span>,
+<span class="w"> </span><span class="s2">&quot;Gateway&quot;</span>:<span class="w"> </span><span class="s2">&quot;10.1.1.1&quot;</span>
+<span class="w"> </span><span class="o">}</span>
+<span class="o">]</span>
+</pre></div>
+<p>Assign an IP address to the dummy interface in a <em>different</em> subnet than the one the Docker network uses.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>ip<span class="w"> </span>addr<span class="w"> </span>add<span class="w"> </span><span class="m">10</span>.1.2.1/24<span class="w"> </span>dev<span class="w"> </span>foo
+</pre></div>
+</div>
+<div class="section" id="traverse-the-firewall">
+<h3>Traverse the firewall</h3>
+<p>Find the bridge used by the Docker container. Look for an ip address that matches the gateway of the docker network config.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>ip<span class="w"> </span>addr<span class="w"> </span>ls
+<span class="m">17</span>:<span class="w"> </span>br-d4ddb68f9938:<span class="w"> </span>&lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt;<span class="w"> </span>mtu<span class="w"> </span><span class="m">1500</span><span class="w"> </span>qdisc<span class="w"> </span>noqueue<span class="w"> </span>state<span class="w"> </span>UP<span class="w"> </span>group<span class="w"> </span>default
+link/ether<span class="w"> </span><span class="m">02</span>:42:9c:1a:58:d2<span class="w"> </span>brd<span class="w"> </span>ff:ff:ff:ff:ff:ff
+inet<span class="w"> </span><span class="m">10</span>.1.1.1/24<span class="w"> </span>brd<span class="w"> </span><span class="m">10</span>.1.1.255<span class="w"> </span>scope<span class="w"> </span>global<span class="w"> </span>br-d4ddb68f9938
+valid_lft<span class="w"> </span>forever<span class="w"> </span>preferred_lft<span class="w"> </span>forever
+inet6<span class="w"> </span>fe80::42:9cff:fe1a:58d2/64<span class="w"> </span>scope<span class="w"> </span>link
+valid_lft<span class="w"> </span>forever<span class="w"> </span>preferred_lft<span class="w"> </span>forever
+<span class="o">[</span>...<span class="o">]</span>
+<span class="m">7614</span>:<span class="w"> </span>foo:<span class="w"> </span>&lt;BROADCAST,NOARP,UP,LOWER_UP&gt;<span class="w"> </span>mtu<span class="w"> </span><span class="m">1500</span><span class="w"> </span>qdisc<span class="w"> </span>noqueue<span class="w"> </span>master<span class="w"> </span>br-496e528b928c<span class="w"> </span>state<span class="w"> </span>UNKNOWN<span class="w"> </span>group<span class="w"> </span>default<span class="w"> </span>qlen<span class="w"> </span><span class="m">1000</span>
+link/ether<span class="w"> </span>1a:50:53:2b:96:98<span class="w"> </span>brd<span class="w"> </span>ff:ff:ff:ff:ff:ff
+inet<span class="w"> </span><span class="m">10</span>.1.3.1/24<span class="w"> </span>scope<span class="w"> </span>global<span class="w"> </span>foo
+valid_lft<span class="w"> </span>forever<span class="w"> </span>preferred_lft<span class="w"> </span>forever
+inet6<span class="w"> </span>fe80::1850:53ff:fe2b:9698/64<span class="w"> </span>scope<span class="w"> </span>link
+valid_lft<span class="w"> </span>forever<span class="w"> </span>preferred_lft<span class="w"> </span>forever
+</pre></div>
+<p>Add the virtual interface to the bridge.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>ip<span class="w"> </span>link<span class="w"> </span><span class="nb">set</span><span class="w"> </span>foo<span class="w"> </span>master<span class="w"> </span>br-d4ddb68f9938
+</pre></div>
+<p>Long story short, the previous step will make the traffic from the container reach the <tt class="docutils literal">INPUT</tt> chain in <tt class="docutils literal">iptables</tt>. Now we can make an exception for incoming traffic from the <tt class="docutils literal"><span class="pre">no-internet</span></tt> Docker bridge.</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>iptables<span class="w"> </span>-I<span class="w"> </span>INPUT<span class="w"> </span><span class="m">1</span><span class="w"> </span>--source<span class="w"> </span>br-d4ddb68f9938<span class="w"> </span>--destination<span class="w"> </span><span class="m">10</span>.1.2.1/24<span class="w"> </span>-j<span class="w"> </span>ACCEPT
+</pre></div>
+</div>
+<div class="section" id="verify">
+<h3>Verify</h3>
+<p>Provided you don't have any other hurdles in your local <tt class="docutils literal">ìptables</tt> setup, a port on device <tt class="docutils literal">foo</tt> should be reachable from the docker container. We can use socat to check.</p>
+<p>On local host:</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>socat<span class="w"> </span>TCP4-LISTEN:8000,bind<span class="o">=</span><span class="m">10</span>.1.2.1,reuseaddr<span class="w"> </span>-
+</pre></div>
+<p>Start the docker container with shell prompt</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span>docker<span class="w"> </span>run<span class="w"> </span>--network<span class="w"> </span>no-internet<span class="w"> </span>-it<span class="w"> </span>archbase<span class="w"> </span>/bin/bash
+</pre></div>
+<p>The moment of truth</p>
+<div class="highlight"><pre><span></span>$<span class="w"> </span><span class="nb">echo</span><span class="w"> </span>bar<span class="w"> </span><span class="p">|</span><span class="w"> </span>socat<span class="w"> </span>-<span class="w"> </span>TCP4:10.1.2.1:8000
+</pre></div>
+<p>Spoiler: <tt class="docutils literal">bar</tt> should pop up on the local host side.</p>
+</div>
+</div>
+</content><category term="Offlining"></category><category term="docker"></category><category term="networking"></category><category term="iptables"></category><category term="iproute"></category></entry></feed>
+\ No newline at end of file
