-
Notifications
You must be signed in to change notification settings - Fork 314
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
README warning about optional dependency 'ed25519' is out of date, sodium-native
now used.
#534
Comments
…536) #534 - Remove section of README discussing fixes for Win ed25519 install that no longer apply. - Change "Warning" to "Important". There is no danger in use of `tweetnacl` and no need to be alarmist. - Remove unsubstantiated speed language. This is not a concern for most as `tweetnacl` can perform at least 200 signing ops/s and negative comparisons are not backed by data. Comparison might also have been against `ed25519` lib.
Fixed in #536 |
@abuiles PS I plan to file an issue over on stellar-base questioning the need for this native dependency at all in favor of just using tweetnacl. This would keep things simpler, eliminate compilation issues (which are even trickier when using in a Docker container), and the speed diff, if any, is likely insignificant for most/all use cases. tweetnacl is also the only JS lib that I am aware of that also has had a full Cure53 security audit. |
@grempe sounds good! This libraries haven't change much in the last couple of years, so if something doesn't make sense, please let me know and I'm happy to work together to address those issues. |
Describe the bug
There is a warning in the README file recommending installation of the
ed25519
library. This library is in fact no longer used bystellar-base
since version 0.13.12 was released a year ago.The current version of
stellar-base
now instead makes use ofsodium-native
.https://github.com/sodium-friends/sodium-native
See release changes and CHANGELOG:
stellar/js-stellar-base@v0.13.1...v0.13.2
The text was updated successfully, but these errors were encountered: