Anna fae0970d44 | ||
---|---|---|
src | ||
.gitignore | ||
Cargo.lock | ||
Cargo.toml | ||
LICENCE | ||
README.md | ||
config.example.toml |
README.md
git-vain
Generate vanity commit hashes quickly.
Supports:
- pgp signing (via gpg-agent or sequoia)
- integration with system key store for saving pgp passwords (sequoia only)
- arbitrary commits from history
- various methods (date increment/decrement, random text, counter text, header)
- multithreading
- config file for saving common options
Performance
Performance depends on hardware, method, and number of threads. The tests below
were performed on Framework Laptop (A6) with an 11th Gen Intel® Core™ i7-1165G7
@ 2.80GHz. Each method was tested attempting to generate the prefix deadbeef
for 30 seconds using one thread.
counter: 163,504,123 hashes (5,461,682.8102/s)
header: 124,617,875 hashes (4,150,993.2260/s)
random: 110,886,440 hashes (3,715,452.2177/s)
increment: 107,137,532 hashes (3,573,438.8338/s)
sequoia*: 864,486 hashes ( 28,923.1870/s)
sequoia: 339,407 hashes ( 11,403.6102/s)
gpg-agent: 353 hashes ( 11.7519/s)
The asterisked sequoia is using the crypto-rust
feature.
Methods
git-vain
can use one of several methods to generate different hashes for a
commit.
Note that none of these are necessary when using PGP signing. Since the signature will be different every time, the hash will also be different every time. If signing is enabled, none of these methods will be used.
increment
and decrement
Increases or decreases the commit's timestamp by one second each try. This is not recommended for longer prefixes (or really at all, in the author's opinion).
counter
Appends an increasing counter to the end of the commit message (in the body).
random
Appends a random 32-character hexadecimal string to the end of the commit message (in the body).
header
Adds an additional xvain
header to the commit, which contains an increasing
counter. Git ignores additional headers that aren't gpgsig
, so this does work
and is considered valid by git fsck
. In the author's opinion, it is doubtful
that Git would change the way headers are parsed, but it is possible, and that
would break this method (and possibly the commits created by it).
PGP performance
Signing commits drastically reduces the speed at which git-vain
operates. By
default, OpenSSL is used as the cryptography backend. For a moderate speedup
(see table above), you can use the RustCrypto libraries as the cryptography
backend instead. See the warnings below from sequoia.
As of this writing, the RustCrypto crates are not recommended for general use as they cannot offer the same security guarantees as more mature cryptographic libraries.
Some cryptographic backends can not guarantee that cryptographic operations require a constant amount of time. This may leak secret keys in some settings.
The author cannot think of a scenario in which a timing attack would matter for
git-vain
, but these warnings are worth acknowledging.
To use the RustCrypto libraries instead, compile with cargo build --release --no-default-features --features crypto-rust
.