crypto/merkle: innerHash is unnecessarily inefficient by creating an entire fresh byteslice, copying just to invoke tmhash.Sum once yet it cloud invoke sha256.Hash.Write multiple times #1881
Labels
Milestone
Comments
|
This would be appreciated imo, though we should probably make a hasher API on tmhash right? |
|
Yeah I think that could work @ValarDragon but I was trying to avoid any API surface changes as always that would require lots of input but sure this addition is simple enough as // SumMany takes at least 1 byteslice along with a variadic
// number of other byteslices and produces the SHA256 sum from
// hashing them as if they were 1 joined slice.
// Its purpose is to avoid programmers from thinking of inefficient patterns
// like manually joining byteslices before hashing them altogether.
func SumMany(data []byte, rest ...[]byte) []byte {
h := sha256.New()
h.Write(data)
for _, data := range rest {
h.Write(data)
}
return h.Sum(nil)
}Let me send a PR for it. |
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 2, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69. 10000 1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 2, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 2, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 3, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 3, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 3, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 3, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
odeke-em
added a commit
to orijtech/cometbft
that referenced
this issue
Jan 5, 2024
…of multiple byteslices This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes cometbft#1881
github-merge-queue bot
pushed a commit
that referenced
this issue
Jan 5, 2024
…of multiple byteslices (#1921) This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes #1881
mergify bot
pushed a commit
that referenced
this issue
Jan 5, 2024
…of multiple byteslices (#1921) This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes #1881 (cherry picked from commit 8acc13c)
mergify bot
pushed a commit
that referenced
this issue
Jan 5, 2024
…of multiple byteslices (#1921) This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes #1881 (cherry picked from commit 8acc13c)
melekes
added a commit
that referenced
this issue
Jan 5, 2024
…of multiple byteslices (backport #1921) (#1968) * perf(crypto/merkle, crypto/tmhash): simplify+optimize SHA256 hashing of multiple byteslices (#1921) This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes #1881 (cherry picked from commit 8acc13c) * format code * make linter happy --------- Co-authored-by: Emmanuel T Odeke <emm.odeke@gmail.com> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
melekes
added a commit
that referenced
this issue
Jan 5, 2024
…of multiple byteslices (backport #1921) (#1969) * perf(crypto/merkle, crypto/tmhash): simplify+optimize SHA256 hashing of multiple byteslices (#1921) This change adds a more efficient API in tmhash with "SumMany" whose job is to produce the SHA256 sum of multiple byteslices. It is used inside crypto/merkle.innerHash which used a naive and inefficient way of hashing multiple byteslices. Benchmark results reflect these improvements: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 161µs ± 1% 160µs ± 5% ~ (p=0.143 n=10+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=10+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10) ``` Fixes #1881 (cherry picked from commit 8acc13c) * format code * make linter happy --------- Co-authored-by: Emmanuel T Odeke <emm.odeke@gmail.com> Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug Report
Noticed while in a security audit, if we look at this code
cometbft/crypto/merkle/hash.go
Lines 34 to 40 in f68ba59
meanwhile that code could simply be self contained and much simpler and more efficient just by using crypto/sha256.New then .Write on each byte slice like this
Suggested change
or as a diff
Exhibit
Benchmarking code
Benchmark results
$ benchstat before.txt after.txt name old time/op new time/op delta InnerHash-8 357µs ± 3% 353µs ± 2% ~ (p=0.129 n=9+10) name old alloc/op new alloc/op delta InnerHash-8 69.1kB ± 0% 60.1kB ± 0% -12.98% (p=0.000 n=9+9) name old allocs/op new allocs/op delta InnerHash-8 24.0 ± 0% 23.0 ± 0% -4.17% (p=0.000 n=10+10)Have you tried the latest version: yes
/cc @elias-orijtech @thanethomson @lasarojc
The text was updated successfully, but these errors were encountered: