Merge pull request #5 from AriajSarkar/dev

feat: v3.1

Author: AriajSarkar

.github/workflows/fuzz.yml

@@ -11,21 +11,43 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: dtolnay/rust-toolchain@nightly
-      - name: Install cargo-fuzz
-        run: cargo install cargo-fuzz
-      - name: Run fuzzing (short duration for CI)
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Cache Docker layers
+        uses: actions/cache@v4
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-fuzz-${{ hashFiles('Dockerfile.fuzz', 'Cargo.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-fuzz-
+      
+      - name: Build fuzz Docker image
+        run: |
+          docker-compose -f docker-compose.fuzz.yml build \
+            --build-arg BUILDKIT_INLINE_CACHE=1
+      
+      - name: Run fuzzing (60 seconds per target)
+        run: |
+          docker-compose -f docker-compose.fuzz.yml up || echo "Fuzzing completed with findings"
+      
+      - name: Check for artifacts
+        id: check_artifacts
         run: |
-          # Run each fuzz target for 60 seconds
-          cd fuzz
-          for target in fuzz_targets/*.rs; do
-            target_name=$(basename "$target" .rs)
-            echo "Fuzzing $target_name..."
-            cargo fuzz run "$target_name" -- -max_total_time=60 || true
-          done
+          if [ -d "fuzz/artifacts" ] && [ "$(ls -A fuzz/artifacts 2>/dev/null)" ]; then
+            echo "artifacts_found=true" >> $GITHUB_OUTPUT
+            echo "Found crash artifacts:"
+            find fuzz/artifacts -type f -name "crash-*" -o -name "leak-*" -o -name "timeout-*"
+          else
+            echo "artifacts_found=false" >> $GITHUB_OUTPUT
+            echo "No artifacts found"
+          fi
+      
       - name: Upload artifacts if crashes found
         uses: actions/upload-artifact@v4
-        if: failure()
+        if: always() && steps.check_artifacts.outputs.artifacts_found == 'true'
         with:
           name: fuzz-artifacts
           path: fuzz/artifacts/
+          if-no-files-found: ignore

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "crabgraph"
-version = "0.3.0"
+version = "0.3.1"
 authors = ["Raj Sarkar <ariajsarkar@gmail.com>"]
 edition = "2021"
 rust-version = "1.70"

Dockerfile.fuzz

@@ -0,0 +1,78 @@
+# Lightweight Rust fuzzing image based on Debian Slim (compatible with sanitizers)
+FROM rust:slim AS builder
+
+# Install required build tools
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    pkg-config \
+    libssl-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install nightly toolchain and cargo-fuzz
+RUN rustup default nightly && \
+    cargo install cargo-fuzz
+
+# Production image
+FROM rust:slim
+
+# Install runtime dependencies
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    pkg-config \
+    libssl-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy cargo-fuzz from builder
+COPY --from=builder /usr/local/cargo/bin/cargo-fuzz /usr/local/cargo/bin/cargo-fuzz
+
+# Set nightly as default
+RUN rustup default nightly
+
+WORKDIR /workspace
+
+# Copy Cargo files first for better layer caching
+COPY Cargo.toml Cargo.lock ./
+COPY fuzz/Cargo.toml ./fuzz/
+
+# Create dummy src to build dependencies (caching layer)
+RUN mkdir src && \
+    echo "fn main() {}" > src/lib.rs && \
+    mkdir -p fuzz/fuzz_targets && \
+    echo "#![no_main]\nuse libfuzzer_sys::fuzz_target;\nfuzz_target!(|_data: &[u8]| {});" > fuzz/fuzz_targets/dummy.rs
+
+# Build dependencies to cache them
+RUN cd fuzz && cargo +nightly build --release 2>/dev/null || true
+
+# Remove dummy files
+RUN rm -rf src fuzz/fuzz_targets/dummy.rs
+
+# Copy actual source code
+COPY src ./src
+COPY fuzz ./fuzz
+
+# Default command runs all fuzz targets for 60 seconds each
+# Cleans up old artifacts before starting
+CMD ["sh", "-c", "cd fuzz && \
+    echo '=========================================='; \
+    echo 'Cleaning old artifacts...'; \
+    echo '=========================================='; \
+    rm -rf artifacts/*/* 2>/dev/null || true; \
+    echo 'Old artifacts removed. Starting fuzzing...' && \
+    echo '' && \
+    for target in fuzz_targets/*.rs; do \
+    target_name=$(basename $target .rs); \
+    echo '=========================================='; \
+    echo 'Fuzzing: '$target_name; \
+    echo '=========================================='; \
+    cargo fuzz run $target_name -- -max_total_time=60 || echo 'Issues found in '$target_name; \
+    done && \
+    echo '' && \
+    echo '=========================================='; \
+    echo 'Fuzzing complete!'; \
+    echo '=========================================='; \
+    if [ -d artifacts ] && [ \"$(find artifacts -type f 2>/dev/null)\" ]; then \
+        echo 'Artifacts found:'; \
+        find artifacts -type f -exec echo '  {}' \\;; \
+    else \
+        echo 'No artifacts generated (no crashes/issues found)'; \
+    fi"]

README.md

@@ -32,13 +32,19 @@ For security issues, please see [SECURITY.md](SECURITY.md).
 - 🚀 **Performance**: Zero-copy operations, hardware acceleration support
 - 📦 **No-std Support**: Core functionality available in embedded contexts
 
+## 🌐 Live Demo
+
+**[Try CrabGraph in WebAssembly!](https://ariajsarkar.github.io/keyring-wasm/)**
+
+Experience CrabGraph's cryptographic capabilities directly in your browser. This interactive demo showcases real-world usage of the library compiled to WebAssembly, demonstrating encryption, key derivation, and signing operations with zero installation required.
+
 ## 🚀 Quick Start
 
 Add to your `Cargo.toml`:
 
 ```toml
 [dependencies]
-crabgraph = "0.1"
+crabgraph = "0.3.1"
 ```
 
 ### Authenticated Encryption (AES-GCM)
@@ -196,9 +202,27 @@ fn main() -> CrabResult<()> {
 ## 📚 Documentation
 
 - [API Documentation](https://docs.rs/crabgraph)
+- [GitHub Pages Docs](https://ariajsarkar.github.io/crabgraph/crabgraph/)
+- [📊 Performance Benchmarks](https://ariajsarkar.github.io/crabgraph-bench/) 
 - [Migration from CryptoJS](docs/MIGRATE_CRYPTOJS.md)
 - [Examples](examples/)
 
+## ⚡ Performance
+
+CrabGraph delivers excellent performance with minimal overhead over raw primitives:
+
+| Operation | Speed | Throughput |
+|-----------|-------|------------|
+| AES-256-GCM Encrypt (1KB) | ~0.95 μs | **~1,079 MB/s** |
+| ChaCha20-Poly1305 Encrypt (1KB) | ~2.7 μs | **~378 MB/s** |
+| Ed25519 Sign | ~16 μs | **~62,500 ops/sec** |
+| Ed25519 Verify | ~47 μs | **~21,277 ops/sec** |
+| Argon2id KDF (32B) | ~11 ms | Intentionally slow (security) |
+
+📊 **Full benchmark results**: [ariajsarkar.github.io/crabgraph-bench](https://ariajsarkar.github.io/crabgraph-bench/)
+
+*Benchmarks run on modern hardware with AES-NI. Your results may vary.*
+
 ## 🏗️ Architecture
 
 CrabGraph is built on these audited cryptographic libraries:

TODOs.md

@@ -259,7 +259,7 @@ This document tracks planned features, improvements, and ongoing work for CrabGr
 
 ## Known Issues
 
-- None reported yet (v0.1.0)
+- None reported yet (v0.3.0)
 
 ## Contribution Estimates