[Question] Restore snapshot from bytes

[andrewweston]

Description

We are investigating using Stronghold in combination with iroh peer-to-peer data sharing (Rust) library.

With a small amount of effort, we can load a Stronghold snapshot from an iroh blob store, persist it, and see the blob/snapshot synchronised to an iroh peer node. Our preference, however, is to use iroh's API to retrieve and restore a snapshot as bytes.

Motivation

Our primary motivation is to make it straightforward (for users) to securely share sensitive data (private keys) between a native and web wallet without recourse to centralised storage or services.

Requirements

Our primary requirement is to serialise a Stronghold snapshot between peer iroh nodes with (direct) recourse to the file system.

Future plans to use an in-memory iroh node (no file system) rule out using export_to_serialized_state/import_from_serialized_state. Also, it requires Stronghold to be established on both peers before sharing snapshot state.

Open questions (optional)

On experimenting with a fork of the Stronghold dev branch, we successfully restored a snapshot on one peer using a byte array synced from a second iroh peer. The only change we needed to make the Stronghold source was to change the Client::restore method from pub(crate) to pub.

Very rough PoC code:

...

// load snapshot from bytes
let pt = snapshot::read(&mut snapshot_bytes, &key_bytes, &[])?;
let data = snapshot::decompress(&pt)?;
let state = bincode::deserialize(&data)?;
let snapshot = Snapshot::from_state(state, key_bytes, None)?;

// load client from snapshot
let mut client = Client::default();
let client_id = ClientId::load_from_path(CLIENT, CLIENT);
let client_state = snapshot.get_state(client_id)?;
client.restore(client_state, client_id)?; // <- 

...

My question is: before requesting a change, does this in any way compromise Stronghold's integrity or security?

Are you planning to do it yourself in a pull request?

Yes.