feat!: opt-in V2-only records, IPIP-428 verification

[hacdias]

For context, see: ipfs/specs#428. Similar thing has already been done in the Go side: ipfs/boxo#339.

• Abstracts the IPNS Record into a IPNSRecord type.
• IPNSRecord values come from the CBOR data field.
• Allows for creation of V2-only fields. V1+V2 is default.
• Relaxed verification of records. Allow for V2-only records.
• Added creation and validation tests.

Note that from the JS API point of view this is a breaking change as the public programmatic interface for creating/verifying IPNS Record has been changed.

Closes #217

[hacdias]

I'm opening this for review. It would be great to get feedback regarding correctness and JavaScript-y-ness.

[lidel]

Thank you for cleaning this up @hacdias 👍

Found some divergence in Value tests here and the ones we have in GO (details + other small nits inline).

[lidel]

ℹ️ tldr for drive-by readers: this keeps the existing default behavior so js-ipns library still produces V1+V2 records (as noted in IPIP-428)

[hacdias]

@lidel I've addressed your feedback and we now normalize the value both at creation and reading time 😄 I think this is ready to go.

[achingbrain]

This PR makes create return an instance of an IPNSRecord class, but the class methods don't do anything that couldn't be done in the constructor.

It also does the work of validating/parsing on every method invocation which is inefficient.

Please refactor this PR to have IPNSRecord as an interface like IPNSEntry before it, then have .create return an implementation of this interface.

My preference would be for a simple object that has the interface properties, unless there's a good reason to have a class.

Finally - I think these changes could have been made in a backwards-compatible way by overloading the method signature like:

export interface IPNSEntry {
  // ..fields
}

export interface IPNSEntryV2 {
  // ..fields
}

export interface CreateOptions {
  v1Compatible?: boolean
}

export interface CreateV2OrV1Options {
  v1Compatible: true
}

export interface CreateV2Options {
  v1Compatible: false
}

const defaultCreateOptions = {
  v1Compatible: true
}

export async function create (peerId: PeerId, value: Uint8Array, seq: number | bigint, lifetime: number, options?: CreateV2OrV1Options): Promise<IPNSEntry>
export async function create (peerId: PeerId, value: Uint8Array, seq: number | bigint, lifetime: number, options: CreateV2Options): Promise<IPNSEntryV2>
export async function create (peerId: PeerId, value: Uint8Array, seq: number | bigint, lifetime: number, options: CreateOptions = defaultCreateOptions): Promise<IPNSEntry> {
  // ...implementation
}

[achingbrain]

Parsing the CID like this is not free - if we want to accept CIDs as an argument, we should accept a CID object instead of trying to parse it from a string.

[hacdias]

Again, we don't want to. But that's what's already happening (no validation of what value was whatsoever): #234 (comment) - this is just a way of ensuring that the value is a CID and building a content path out of it.

[achingbrain]

I think more validation needs to be done here, as written '/' will be accepted, as will '/foo', '/foo/bar/baz', etc.

[lidel]

I think these are valid.
Value can be "can be any path", so IPNS Records should be useful beyond /ipfs and /ipns paths.
IPNS should be concerned only about value being a valid CID or a path (arbitrary string starting with /)

[achingbrain]

A path of / probably isn't valid?

[lidel]

Depends: it would error if IPNS name is resolved by IPFS Gateway, but there could be JS app that uses IPNS records for publishing application-specific paths, and in that use case / or /foo could be ok.

(namely, we have CBOR Data field where people can now put arbitrary data, so users may end up putting noop / in the Value field)

[achingbrain]

If ignoring the error the following can be used:

Suggested change

	} catch (_) {
	} catch {

Though I think we should at least log it here.

Better yet, accept a CID argument so we re-use the validation from that class, then this try/catch can be removed.

[hacdias]

Finally - I think these changes could have been made in a backwards-compatible way by overloading the method signature like.

I think the hardest thing here will be on marshalling. Right now, IPNSEntry is just a carbon copy of its Protobuf version. Marshalling is therefore extremely easy. The problem I see from now on is: when marshalling, how do we know to which version we should do it? That's why I tried with the class which contains the protobuf since the moment of creation.

Maybe I can make some change to IPNSEntry (and IPNSEntryV2) to be able to distinguish both after creation, and therefore for marshalling. I'll take a look at this.

[hacdias]

@achingbrain I mostly rewrote it using interfaces. Could you pls take a look?

[hacdias]

We cannot allow the interface here as it abstracts us from the actual protobuf. We need to validate the protobuf.

[lidel]

• PR with IPIP-428 is merged, spec now includes test vectors: https://specs.ipfs.tech/ipips/ipip-0428/#test-fixtures
  • Kubo runs gateway-conformance tests in CI, so it will benefit from these being included once feat: ipns v2 and v2 record combination and tests gateway-conformance#157 lands.
  • Helia does not have gateway tests atm, which means tests in this PR are all we have and it comes with concern described in fix!: only accept CIDs, PeerIds or strings as values #255 (comment)
    • 👉 I think the fastest way to remove risk is to include these static test vectors in this PR.

[achingbrain]

@lidel I've added the conformance tests, I think we're good to go here?

[lidel]

@achingbrain thank you for adding these, yes, looks good to me, feel free to merge and bubble up to Helia whenever you have time.

(small cosmetic suggestion below, but up to you, not a blocker)