Open
Description
As of latest secp master, there are a few things that we can take advantage of in the rust ecosystem.
Notes pasted from CHANGELOG.
- Forbade randomizing (copies of)
secp256k1_context_static. Randomizing a copy ofsecp256k1_context_staticdid not have any effect and did not provide defense-in-depth protection against side-channel attacks. Create a new context if you want to benefit from randomization. - Deprecated context flags
SECP256K1_CONTEXT_VERIFYandSECP256K1_CONTEXT_SIGN. UseSECP256K1_CONTEXT_NONEinstead.
Few suggestions to get things started:
- Remove context altogether. Create a context as static Option. We can use crates like ctor or implement our own racy initialization with atomics. Contexts are really annoying as they leak everywhere in function signatures.
- We can also keep two versions for each API. One with context param and one without.
- Remove all randomization from the code and simplify our API? People may strong opinions here.
Metadata
Metadata
Assignees
Labels
No labels