chore: Fix blst dep

[acolytec3]

@chainsafe/blst is imported here but is listed as a devDependency in package.json so causes errors when @chainsafe/bls is imported by a consuming application.

[CLAassistant]

All committers have signed the CLA.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[jeluard]

This is on purpose, blst is an optional dependency. To use it downstream you need to install it as a peer dependency. See https://github.com/ChainSafe/bls?tab=readme-ov-file#usage

[acolytec3]

Hmm, ok, we aren't using BLS anywhere in our code but it's imported via @lodestar/light-client and our tests then fail because @chainsafe/blst isn't installed by default (since it's imported by a transitive dependency - @chainsafe/bls for us. Is the appropriate place to update this within @lodestar/light-client? Seems like it shouldn't be on a consumer of a downstream library to have to find an optional transitive dependency four layers deep in the stack.

[jeluard]

I think it is in this case as the usage of blst is an optimization that works only depending on your target runtime (relies on native code). i.e. it wouldn't work if your project was targeting a browser runtime for instance.

The idea is that it should work as-in by relying on the wasm based implementation, just slower.

and our tests then fail because @chainsafe/blst isn't installed by default

This sounds weird, probably something to fix here. What framework do you use to run tests? I am assuming that you are using node?

[acolytec3]

I think it is in this case as the usage of blst is an optimization that works only depending on your target runtime (relies on native code). i.e. it wouldn't work if your project was targeting a browser runtime for instance.

The idea is that it should work as-in by relying on the wasm based implementation, just slower.

and our tests then fail because @chainsafe/blst isn't installed by default

This sounds weird, probably something to fix here. What framework do you use to run tests? I am assuming that you are using node?

We're using vitest, running our tests in node. I'm going to open an issue on lodestar/light-client for now and just import it directly within Ultralight until the deps get ironed out on the lodestar side.

[g11tech]

yes if the downstream lib doesn't use bls, then may be its not required

cc @wemeetagain @nflaig

[acolytec3]

ChainSafe/lodestar#6589 Opened an issue on the lodestar repo for further discussion purposes. Can close here.