Skip to content

refactor: Workerize message signing #3376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mondoreale wants to merge 15 commits into
base: NET-1663-validation
Choose a base branch
from
Open

refactor: Workerize message signing #3376

mondoreale wants to merge 15 commits into from
+515 −63

Conversation

@mondoreale
Copy link
Contributor

@mondoreale mondoreale commented Jan 29, 2026
edited by cursor bot
Loading

Summary

Offload message signing to a Web Worker to avoid blocking the main thread during cryptographic operations. This mirrors the existing signature validation workerization pattern.

Changes

  • Extract SigningService from MessageSigner for clearer separation of concerns
  • Add SigningWorker and signingUtils for worker-based signing
  • Add platform-specific worker factories (_nodejs, _browser, _jest, _karma)
  • Extend Identity with getPrivateKey() method to detect workerizable identities
  • Update MessageSigner to use worker when identity provides a private key, falling back to direct signing for ERC-1271
  • Consolidate worker bundling in rollup config with declarative WORKERS registry
  • Inline browser worker dependencies to avoid chunk copying issues
  • Export DestroySignal and SigningService from SDK for external usage
  • Add createMockSigningService() and createMessageSigner() test utilities
  • Register SigningService in FakeEnvironment for test compatibility

Limitations and future improvements

  • External wallet identities (EthereumProviderIdentity) cannot be workerized as they require browser UI interaction
  • Worker startup has minor overhead; could consider worker pooling for high-frequency signing scenarios

Note

Medium Risk
Touches core message signing flow and adds worker lifecycle/build configuration; regressions would affect publishing/signature generation across environments.

Overview
Moves message signing onto a dedicated worker thread via new SigningService/SigningWorker, with MessageSigner choosing the worker path when the Identity exposes a private key (and falling back to direct signing for ERC_1271).

Adds platform-specific createSigningWorker factories and updates build/test tooling (Rollup worker registry + inlined browser worker bundles, Jest/Karma module mapping, and increased timeouts). Tests are refactored to use new helpers (createMessageSigner/mock signing service), FakeEnvironment now registers a shared SigningService, and the SDK exports SigningService and DestroySignal.

Written by Cursor Bugbot for commit 3209476. This will update automatically on new commits. Configure here.

@github-actions github-actions bot added the sdk label Jan 29, 2026
@mondoreale mondoreale marked this pull request as ready for review January 29, 2026 15:55
@mondoreale mondoreale marked this pull request as draft January 29, 2026 16:11
@mondoreale
Simplify signing worker types
afb7cab
@mondoreale
Make Identity#getPrivateKey() synchronous
5f158ab
@mondoreale
Reuse MessageSigner instance in test to avoid worker startup overhead
384b718
@mondoreale
Inline browser worker dependencies to avoid chunk copying issues
4145e1e
@mondoreale
Extract SigningService from MessageSigner for clearer separation of c…
90f46f3 
…oncerns

- SigningService: Container-scoped service that owns the signing worker,
  provides sign() method, and handles worker lifecycle (lazy init, cleanup)
- MessageSigner: Now injects SigningService instead of managing worker directly

This decouples the worker management from message signing logic. Each
StreamrClient gets its own SigningService instance, with the worker
destroyed automatically when the client is destroyed.

Test utilities updated with createMessageSigner() helper that uses a
mock SigningService (no worker) for faster, simpler tests.
@mondoreale
Add unit tests for SigningService with actual worker
902eb49
@mondoreale
Eslint
618b89e
@mondoreale
Export DestroySignal and SigningService from SDK for external usage
ae85fd7
@github-actions github-actions bot added the cli-tools Related to CLI Tools Package label Jan 29, 2026
@mondoreale
Register SigningService in FakeEnvironment dependency container
718b098 
This makes the fake env create clients that share the same signing worker.
@mondoreale
Increase test timeout for CLI tools
3e84fc6 
Firing up them SigningService instances takes a while in tests.
@mondoreale mondoreale marked this pull request as ready for review January 29, 2026 20:32
@mondoreale
Use transferable objects for signing worker communication
3209476 
Transfer signature buffer back to main thread instead of copying, improving performance for large messages.
@mondoreale mondoreale force-pushed the worker-based-signing branch from 13dac37 to 3209476 Compare January 29, 2026 20:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ptesavol ptesavol Awaiting requested review from ptesavol

@juslesan juslesan Awaiting requested review from juslesan

Assignees

No one assigned

Labels

cli-tools Related to CLI Tools Package sdk

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mondoreale