The Story
zlib is a data compression library that has been around since 1995. It's quite useful and as a result it's widely used. Unfortunately it has a history of memory safety vulnerabilities, a common phenomenon for compression libraries written in C/C++.
We would like to see a high performance implementation of zlib in Rust. We'd like it to have both a Rust API and a C API that's compatible with the C version of zlib so that existing C/C++ programs can use a safer version of zlib.
What We've Done
We contracted with Tweede golf in December of 2023 for an initial implementation of zlib-rs based on zlib-ng, with a focus on maintaining excellent performance while introducing memory safety.
Tweede golf did a great job with the initial implemenation of zlib-rs under contract with ISRG, then they really ran with it and turned it into a more mature piece of software. It made a lot of sense to turn the project over to their associated Trifecta Tech Foundation in November of 2024.
What's Next
Prossimo's involvement with zlib-rs is largely complete, but we will continue to support Trifecta Tech Foundation's efforts by helping with audits and keeping an eye out for funding.
Links
More from the Prossimo blog
A new home for memory safe Zlib
Zlib-rs, an open source memory safe implementation of zlib, has a new long-term home at the Trifecta Tech Foundation.
Funders
