sjcl is getting a bit long in the tooth #391
Comments
|
What's your usecase? It would be great if you could provide examples, or a proposal PR. |
|
Actually, a separate (publishable) lib would be good. We used modified
version of this code in a Web Monetization project, and another org may do
so again.
Could do PR if it gets a lookin!
|
|
@thibmeu the use case is safety of library users. You will have a lot more of it with audited curves versus 10-year unsupported and buggy sjcl. |
|
I'm a bit puzzled at the state of these privacy pass repositories (this extension and the Go server). There seems to be a lot of work done on the protocol and surrounding elements, but this extension still uses hashAndInc as the default for the voprf module. From my cursory viewings I can't rule out that the settings aren't updated or configured dynamically by server side responses, but it seems like the SWU method is just dead code. An impl of the publicly verifiable tokens (blindrsa) was added last year, but it's not actually used yet. I see a lot of bad reviews recently at the chromestore It made me wonder if development is happening in some other repo[s]? Or if perhaps efforts are placed into the related web standards and this will no longer be needed soon ? |
|
Seems progress continues elsewhere. Here seems a decent entry point to find more: |
Perhaps replace with something more modern (using native BigInt) like:
https://github.com/paulmillr/noble-curves
The text was updated successfully, but these errors were encountered: