Use in production environments

[nicoodeimos]

Hello keeshux!

I saw you recommend not to use your work since it’s still experimental. At which point can we consider your code to be « unsafe » ? I’d like to integrate it to general public apps but would like to know your opinion first, since it may handle real money, I need to make sure it is (at a minimum) reliable.

Bye for now! Thanks.

[keeshux]

Hi Nicolas,

Well, there's some cryptography code here and there that I "borrowed" from breadwallet, which means I took it for granted. Generally speaking, I haven't tested the library in scenarios that could involve very unpredictable or hard-to-reproduce outcomes, mainly DoS attacks.

Follows a short summary:

• Core: should be solid, but some crypto internals aren't tested.
• Blockchain: as well, with forks and reorgs handled just fine. Consensus isn't well tested though and may even be outdated.
• Wallet: same as Core.
• Network: only tested in optimistic contexts, peer code might deadlock at some point (but it hasn't for months).

In fact, it'd be great help if somebody contributed with solid unit tests. Mine are kind of personal and overall code coverage is pretty low.

Cheers!