Skip to content

chore(vetkeys): split password_manager into self-contained motoko + rust examples#1446

Open
marc0olo wants to merge 8 commits into
masterfrom
chore/split-vetkeys-password-manager
Open

chore(vetkeys): split password_manager into self-contained motoko + rust examples#1446
marc0olo wants to merge 8 commits into
masterfrom
chore/split-vetkeys-password-manager

Conversation

@marc0olo

Copy link
Copy Markdown
Member

Summary

Splits the vetkeys password_manager example into two self-contained examples (one per language) — same restructure as #1443#1445. Previously it lived only under rust/vetkeys/password_manager/ with a shared Svelte frontend symlinked into motoko/ and rust/ subdirs.

motoko/vetkeys/password_manager/   backend/app.mo + own frontend/ + icp.yaml + mops.toml
rust/vetkeys/password_manager/     backend/ (flattened) + own frontend/ + icp.yaml + Cargo.toml

Why this one differs (no camelCase, no bindgen)

This example uses the Encrypted Maps abstraction. The frontend talks to the backend via the @icp-sdk/vetkeys Encrypted Maps client (DefaultEncryptedMapsClient), not generated bindings — so there's no icpBindgen step. The backend keeps the Encrypted Maps library interface (snake_case), which the SDK client calls verbatim, so there's no camelCase conversion (it's a fixed library API, like the vetKD system API). Both frontends are therefore identical.

Changes

  • Frontend (Svelte): per-language copy; canister renamed to backend (env key PUBLIC_CANISTER_ID:backend); dropped eslint/prettier and the BACKEND-env dev logic; root workspace package.json so npm run dev / npm run build run from the example root.
  • Motoko: moc 1.11.0 + --default-persistent-actors (dropped persistent); committed backend/backend.did.
  • Rust: unchanged; relocated; the .did renamed to backend/backend.did and the Makefile updated to match.
  • README split per language (linked prerequisites); test.sh added (query method called with --query); vetkeys-password-manager.yml split into motoko + rust jobs.

CODEOWNERS

Unchanged — /motoko/vetkeys/ and /rust/vetkeys/ both map to @dfinity/core-protocol.

Verification (local)

  • Motoko: vite build + deploy, test.sh PASS, and an inserted value survives an upgrade.
  • Rust: cargo/wasm build + deploy, test.sh PASS.
  • Both frontends build and serve.

Part of the vetkeys split series (#1443, #1444, #1445). Last remaining: password_manager_with_metadata.

🤖 Generated with Claude Code

…ust examples

Same split as the earlier vetkeys examples (#1443#1445): move the Motoko
variant to motoko/vetkeys/password_manager and flatten the Rust variant to
rust/vetkeys/password_manager, each self-contained with its own frontend copy
(previously a shared Svelte frontend symlinked into motoko/ and rust/ subdirs).

Note: this example uses the Encrypted Maps abstraction. The frontend talks to
the backend via the @icp-sdk/vetkeys Encrypted Maps client (DefaultEncryptedMapsClient),
NOT generated bindings — so there is no icpBindgen step, and the backend keeps
the Encrypted Maps library interface (snake_case), which the SDK client calls
verbatim. No camelCase conversion here (it is a fixed library API, like the
vetKD system API).

- Frontend (Svelte): per-language copy (identical); canister renamed to `backend`
  (env key PUBLIC_CANISTER_ID:backend); dropped eslint/prettier and the
  BACKEND-env dev logic; root workspace package.json so `npm run dev` runs from
  the example root.
- Motoko: moc 1.11.0 + --default-persistent-actors (dropped `persistent`);
  committed backend/backend.did.
- Rust: unchanged; relocated; the .did renamed to backend/backend.did and the
  Makefile updated accordingly.
- READMEs split per language (linked prerequisites); test.sh added (query method
  called with --query); CI split into motoko + rust jobs.

CODEOWNERS unchanged: /motoko/vetkeys/ and /rust/vetkeys/ both map to
@dfinity/core-protocol.

Verified: Motoko deploy + test.sh + an inserted value survives an upgrade; Rust
cargo build + deploy + test.sh; both frontends build/serve.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
marc0olo and others added 4 commits July 16, 2026 18:17
…he mixin

The Motoko backend uses snake_case method names (not idiomatic camelCase)
because the @icp-sdk/vetkeys Encrypted Maps client calls the canister by those
exact names — camelCasing would break the frontend. Document this in app.mo and
the Motoko README so a developer doesn't "clean it up" and break the SDK
integration, and point to the upstream Motoko actor mixin (dfinity/vetkeys#405)
that will generate this endpoint set automatically.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…macro

Acknowledge the WIP Rust macro `ic_vetkeys::export_encrypted_maps_canister!`
(dfinity/vetkeys#404) that generates the whole Encrypted Maps canister with far
less boilerplate — the Rust counterpart to the Motoko mixin (#405).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… Makefile

Bump the Rust recipe to @dfinity/rust@v3.3.0 and rename the Cargo package to
`backend` (drops the custom `package:` in the recipe config). Drop
backend/Makefile and add a README "Updating the Candid interface" section using
`icp build backend && candid-extractor … > backend/backend.did`.

Verified: rust deploy + test.sh pass.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The example never had a test.sh on master; drop the ones added during the
split and run deploy-only CI (the deploy verifies build + install). Persistence
is unchanged (flag-based).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
marc0olo added a commit that referenced this pull request Jul 17, 2026
…list, drop web3 jargon

- Motoko README "API level": link to the Motoko password_manager examples
  (../password_manager, ../password_manager_with_metadata) instead of the Rust
  ones (depends on the password_manager split PRs #1446/#1447 being merged).
- security-checklist.md: condense to a focused, language-specific version for
  each of Motoko and Rust (was a 165-line identical copy carried from the older
  device-based encrypted_notes — it wrongly claimed "no inter-canister calls"
  (this version calls the vetKD management canister) and referenced
  submit_ciphertexts / device removal that don't exist here). Link it from each
  README.
- Drop "smart contract" web3 jargon from the backend comments (app.mo, lib.rs):
  "a single canister smart contract" -> "a single canister".

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
marc0olo and others added 2 commits July 17, 2026 12:35
Replace "dapp" with "app" in the READMEs and normalize the security
best-practices link to https://docs.internetcomputer.org/guides/security/overview/.
The functional vetKD domain-separator string ("password_manager_example_dapp")
is left unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…parator

Rename the EncryptedMaps vetKD domain separator "password_manager_example_dapp"
-> "password_manager_example_app" in the Motoko backend. Fresh example, no
previously derived keys to stay compatible with. Backend-only: the frontend
(DefaultEncryptedMapsClient) does not reference the separator.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@marc0olo
marc0olo requested a review from Copilot July 17, 2026 15:00
@marc0olo
marc0olo marked this pull request as ready for review July 17, 2026 15:00
@marc0olo
marc0olo requested review from a team as code owners July 17, 2026 15:00

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR restructures the vetkeys password_manager example into two self-contained examples (Motoko + Rust), each with its own frontend, updated icp.yaml canister naming (backend/frontend), and language-specific build/deploy scaffolding consistent with the other vetkeys split work.

Changes:

  • Split the previously shared/symlinked password manager setup into standalone motoko/vetkeys/password_manager/ and rust/vetkeys/password_manager/ example roots.
  • Update canister naming and frontend dev-server wiring to target backend (via PUBLIC_CANISTER_ID:backend) and standardize frontend build steps in icp.yaml.
  • Add a new Rust backend implementation and new Motoko frontend/app code under the split structure, plus CI workflow path updates.

Reviewed changes

Copilot reviewed 63 out of 76 changed files in this pull request and generated 9 comments.

Show a summary per file
File Description
rust/vetkeys/password_manager/rust/icp.yaml Removed legacy nested Rust icp.yaml (old canister names and build steps).
rust/vetkeys/password_manager/rust/backend/README.md Removed legacy nested backend README (old structure).
rust/vetkeys/password_manager/rust/backend/Makefile Removed legacy Makefile (old build/test/extract flow).
rust/vetkeys/password_manager/rust-toolchain.toml Added Rust toolchain target config for wasm build.
rust/vetkeys/password_manager/README.md Updated Rust example README for split layout and icp-cli-based deploy flow.
rust/vetkeys/password_manager/package.json Added root workspace package.json to run frontend scripts from example root.
rust/vetkeys/password_manager/motoko/mops.toml Removed legacy Motoko mops.toml from old nested layout.
rust/vetkeys/password_manager/motoko/backend/Makefile Removed legacy Motoko backend Makefile (old cross-language testing approach).
rust/vetkeys/password_manager/motoko/backend/.prettierrc Removed legacy prettier config from old nested layout.
rust/vetkeys/password_manager/icp.yaml Added new Rust example icp.yaml with backend/frontend canisters.
rust/vetkeys/password_manager/frontend/vite.config.ts Simplified dev-server config to target local backend and inject PUBLIC_CANISTER_ID:backend.
rust/vetkeys/password_manager/frontend/src/lib/encrypted_maps.ts Updated Encrypted Maps client wiring to use PUBLIC_CANISTER_ID:backend.
rust/vetkeys/password_manager/frontend/package.json Simplified frontend package scripts/deps (removed lint/prettier plumbing).
rust/vetkeys/password_manager/frontend/eslint.config.mjs Removed ESLint configuration.
rust/vetkeys/password_manager/frontend/.prettierrc Removed Prettier configuration.
rust/vetkeys/password_manager/frontend/.prettierignore Removed Prettier ignore rules.
rust/vetkeys/password_manager/frontend/.gitignore Added frontend-local ignores for node_modules and dist.
rust/vetkeys/password_manager/Cargo.toml Added Rust workspace config and shared dependency versions.
rust/vetkeys/password_manager/backend/src/lib.rs Added Rust canister exposing Encrypted Maps methods (new backend entrypoint).
rust/vetkeys/password_manager/backend/README.md Added backend README under the new flattened Rust layout.
rust/vetkeys/password_manager/backend/Cargo.toml Renamed Rust crate/package to backend for the new canister naming convention.
rust/vetkeys/password_manager/backend/backend.did Added committed Rust backend Candid interface at canonical path.
motoko/vetkeys/password_manager/README.md Added Motoko example README for split layout and icp-cli flow.
motoko/vetkeys/password_manager/package.json Added root workspace package.json to run frontend scripts from example root.
motoko/vetkeys/password_manager/mops.toml Added Motoko toolchain/deps config and canister entrypoint wiring.
motoko/vetkeys/password_manager/icp.yaml Updated Motoko example icp.yaml to backend/frontend and standard frontend build steps.
motoko/vetkeys/password_manager/frontend/vite.config.ts Added Motoko frontend Vite config with local dev injection for PUBLIC_CANISTER_ID:backend.
motoko/vetkeys/password_manager/frontend/tsconfig.json Added frontend TS config.
motoko/vetkeys/password_manager/frontend/tailwind.config.mjs Added Tailwind/DaisyUI configuration.
motoko/vetkeys/password_manager/frontend/svelte.config.js Added Svelte config for Vite preprocessing.
motoko/vetkeys/password_manager/frontend/src/vite-env.d.ts Added Vite/Svelte type references.
motoko/vetkeys/password_manager/frontend/src/store/vaults.ts Added vault/password store logic using Encrypted Maps client.
motoko/vetkeys/password_manager/frontend/src/store/notifications.ts Added notification store + error helper.
motoko/vetkeys/password_manager/frontend/src/store/draft.ts Added local draft persistence store.
motoko/vetkeys/password_manager/frontend/src/store/auth.ts Added auth flow wiring (Internet Identity + Encrypted Maps client bootstrap).
motoko/vetkeys/password_manager/frontend/src/main.ts Added frontend entrypoint.
motoko/vetkeys/password_manager/frontend/src/lib/vault.ts Added vault model helpers.
motoko/vetkeys/password_manager/frontend/src/lib/sleep.ts Added sleep utility.
motoko/vetkeys/password_manager/frontend/src/lib/password.ts Added password model helpers.
motoko/vetkeys/password_manager/frontend/src/lib/init.ts Added/kept frontend init module (currently empty).
motoko/vetkeys/password_manager/frontend/src/lib/encrypted_maps.ts Added Encrypted Maps client initialization using PUBLIC_CANISTER_ID:backend.
motoko/vetkeys/password_manager/frontend/src/components/Vaults.svelte Added vault list UI.
motoko/vetkeys/password_manager/frontend/src/components/Vault.svelte Added single-vault view UI.
motoko/vetkeys/password_manager/frontend/src/components/Spinner.svelte Added spinner component.
motoko/vetkeys/password_manager/frontend/src/components/SidebarLayout.svelte Added authenticated layout with navigation + principal display.
motoko/vetkeys/password_manager/frontend/src/components/SharingEditor.svelte Added vault sharing editor UI and user management actions.
motoko/vetkeys/password_manager/frontend/src/components/Passwords.svelte Added password list UI.
motoko/vetkeys/password_manager/frontend/src/components/PasswordEditor.svelte Added rich-text editor wrapper component.
motoko/vetkeys/password_manager/frontend/src/components/Password.svelte Added password detail view.
motoko/vetkeys/password_manager/frontend/src/components/Notifications.svelte Added notification UI.
motoko/vetkeys/password_manager/frontend/src/components/NewPassword.svelte Added new-password creation UI.
motoko/vetkeys/password_manager/frontend/src/components/LayoutAuthenticated.svelte Added authenticated router/layout wiring.
motoko/vetkeys/password_manager/frontend/src/components/Hero.svelte Added unauthenticated landing/login UI.
motoko/vetkeys/password_manager/frontend/src/components/Header.svelte Added shared header component.
motoko/vetkeys/password_manager/frontend/src/components/EditVault.svelte Added vault edit screen scaffolding.
motoko/vetkeys/password_manager/frontend/src/components/EditPassword.svelte Added password edit screen and move/delete logic.
motoko/vetkeys/password_manager/frontend/src/components/DisclaimerCopy.svelte Added disclaimer copy component.
motoko/vetkeys/password_manager/frontend/src/components/Disclaimer.svelte Added dismissible disclaimer UI.
motoko/vetkeys/password_manager/frontend/src/assets/svelte.svg Added asset.
motoko/vetkeys/password_manager/frontend/src/App.svelte Added app root component wiring auth vs. app layout.
motoko/vetkeys/password_manager/frontend/src/app.css Added Tailwind CSS entrypoint.
motoko/vetkeys/password_manager/frontend/README.md Updated/added frontend README (needs alignment with new icp-cli flow).
motoko/vetkeys/password_manager/frontend/public/vite.svg Added asset.
motoko/vetkeys/password_manager/frontend/public/.ic-assets.json5 Added asset canister headers/security policy config.
motoko/vetkeys/password_manager/frontend/package.json Added Motoko frontend package manifest.
motoko/vetkeys/password_manager/frontend/index.html Added frontend HTML entry.
motoko/vetkeys/password_manager/frontend/.gitignore Added frontend-local ignores for node_modules and dist.
motoko/vetkeys/password_manager/backend/backend.did Added committed Motoko backend Candid interface.
motoko/vetkeys/password_manager/backend/app.mo Updated Motoko backend actor class and naming/notes for Encrypted Maps interface.
.github/workflows/vetkeys-password-manager.yml Updated CI workflow paths and split jobs for Motoko vs Rust deploy.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread motoko/vetkeys/password_manager/frontend/src/store/draft.ts
Comment thread motoko/vetkeys/password_manager/frontend/src/store/vaults.ts
Comment thread motoko/vetkeys/password_manager/frontend/README.md Outdated
Comment thread .github/workflows/vetkeys-password-manager.yml
@marc0olo

Copy link
Copy Markdown
Member Author

Thanks @Copilot. I checked each item against the original shared frontend. Every flagged file is byte-identical to the pre-split version — this PR only splits the example into self-contained Motoko/Rust copies (import paths, the PUBLIC_CANISTER_ID:backend env key, vite/bindgen wiring). None of these were introduced here, so to keep the split faithful and avoid re-testing behavior that already works, I'm leaving them untouched. They're better addressed upstream:

Pre-existing frontend items:

  • store/vaults.ts — uninitialized vaultPollerHandle: harmless; clearInterval(undefined) is a no-op.
  • store/draft.ts — draft restore checks content && tags: pre-existing; draft restore is effectively disabled.
  • components/NewPassword.svelte / SharingEditor.sveltePrincipal.fromText can throw outside the try/catch: pre-existing input-validation gap.
  • components/EditPassword.svelte (move error handling): pre-existing; sets deleting instead of clearing updating.
  • components/SharingEditor.svelte filter with .compareTo(): this is a real pre-existing bug — .compareTo() returns a string, which is always truthy, so the filter keeps all users. Worth fixing upstream.
  • components/EditPassword.svelte class ternary: pre-existing and malformed, but a minor correction — it does not fail to compile. Svelte parses {'Read' in accessRights} as a complete interpolation and treats the trailing ? 'hidden' : ''} as literal text, so the class renders incorrectly rather than breaking the build.

Other:

  • frontend/README.md (dfx / encrypted_maps_example / old env var): pre-existing and now stale relative to the icp-based setup; carried over unchanged.
  • CI has no test.sh: intentional. None of these vetKeys examples shipped a test.sh on master, and CI's default identity is anonymous (2vxsx-fae), which several of these backends reject — a CLI test.sh would trap in CI even though it passes locally. The workflow is deploy-only, which still verifies build + install.

This standalone frontend README was carried over from the original shared
frontend and is the only frontend/README.md in the repo — no other example
ships one. It still referenced dfx, an `encrypted_maps_example` canister, and
the old `CANISTER_ID_IC_VETKEYS_ENCRYPTED_MAPS_CANISTER` env var, all of which
contradict the icp-based setup documented in the top-level README. Remove it
rather than maintain duplicate, misleading instructions.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@marc0olo

Copy link
Copy Markdown
Member Author

Follow-up: I removed frontend/README.md from both the Motoko and Rust copies (697d597). It was carried over from the original shared frontend and was the only frontend/README.md in the repo — no other example ships one — and it referenced dfx, an encrypted_maps_example canister, and the old CANISTER_ID_IC_VETKEYS_ENCRYPTED_MAPS_CANISTER env var, all contradicting the icp-based top-level README. Rather than maintain duplicate, misleading instructions, it's dropped.

On the CI point: the workflow already deploys both backends from their own working directories in separate jobs (motoko/vetkeys/password_manager and rust/vetkeys/password_manager), and both jobs pass. It stays deploy-only (build + install + asset sync) by design, consistent with the other vetKeys examples.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants