New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider an alternative to random_32_bytes
#522
Comments
There are several places in this library where we need 32 uniformly random bytes, and zero where we need a different number of bytes or a different distribution. In fact if we ever use a different distribution this is nearly guaranteed to be a key-leaking catastrophe. If we generate too few bytes this is also a catastrophe. If we generate too many I guess that's fine, though depending how we implement things it could cause panics or something. Secondly, the Thirdly, I worry that using all these generics and stuff will make it hard to move away from Basically, I think any move away from "always generate 32 bytes uniformly" will create an ongoing maintenance/review burden as we manually check that the new generic code is only ever used to uniformly generate 32 bytes. |
Oh, interesting footgun, I totally missed that. Yeah, it'd have to be
Unless that crate is Another approach is to only call |
Yeah, I wouldn't mind this. |
I don't like non-generic
32_bytes
much. I was thinking of some alternative designs: https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=3123fb72993eabdeeb4a51eb2558be88Originally posted by @Kixunil in #520 (comment)
The text was updated successfully, but these errors were encountered: