You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of latest secp master, there are a few things that we can take advantage of in the rust ecosystem.
Notes pasted from CHANGELOG.
Forbade randomizing (copies of) secp256k1_context_static. Randomizing a copy of secp256k1_context_static did not have any effect and did not provide defense-in-depth protection against side-channel attacks. Create a new context if you want to benefit from randomization.
Deprecated context flags SECP256K1_CONTEXT_VERIFY and SECP256K1_CONTEXT_SIGN. Use SECP256K1_CONTEXT_NONE instead.
Few suggestions to get things started:
Remove context altogether. Create a context as static Option. We can use crates like ctor or implement our own racy initialization with atomics. Contexts are really annoying as they leak everywhere in function signatures.
We can also keep two versions for each API. One with context param and one without.
Remove all randomization from the code and simplify our API? People may strong opinions here.
The text was updated successfully, but these errors were encountered:
As of latest secp master, there are a few things that we can take advantage of in the rust ecosystem.
Notes pasted from CHANGELOG.
secp256k1_context_static. Randomizing a copy ofsecp256k1_context_staticdid not have any effect and did not provide defense-in-depth protection against side-channel attacks. Create a new context if you want to benefit from randomization.SECP256K1_CONTEXT_VERIFYandSECP256K1_CONTEXT_SIGN. UseSECP256K1_CONTEXT_NONEinstead.Few suggestions to get things started:
The text was updated successfully, but these errors were encountered: