Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Have you considered using CBOR? #16

Open
dwaite opened this issue Feb 20, 2021 · 1 comment
Open

Have you considered using CBOR? #16

dwaite opened this issue Feb 20, 2021 · 1 comment

Comments

@dwaite
Copy link

dwaite commented Feb 20, 2021

A CBOR equivalent of the SHA-256 hash might be

# tag (279;"SHA-256 hash") , byte array(32), data
0xd90117 5820  41dd7b6443542e75701aa98a0c235951a28a0d851b11564d20022ab11d2589a8

While this uses three more bytes than the example given in the document, it has the advantage of not requiring some additional parser and being usable directly in a CBOR document without additional bytes for framing as a byte array or tagging as a multihash.
@ChristopherA
Copy link

@dwaite:

I struggle when multihash and CBOR are mixed. I'm ok with multihash as a text encoding format for binary data, but when multihash is put into a CBOR object (and apprently there are some CBOR tags already registered for multihash inside of CBOR), when CBOR itself is an encoding format for binary data, it just feels seems off to me.

From a security perspective I'm also concerned that there is now twice the attack surface — a multihash parser and a CBOR parser.

I'd like to see more guidance on where it is best to use multihash instead of CBOR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dwaite @ChristopherA