coinbin icon indicating copy to clipboard operation
coinbin copied to clipboard
verified publisher icon OutCast3k

Use CSPRNG for private keys

Open junderw opened this issue 4 years ago • 2 comments

Fixes #245

In the event that Web Crypto API is not existent, nothing changes. But this usage will cover even IE11 so most browsers should be covered.

junderw avatar Dec 15 '21 17:12 junderw

@junderw, Thanks for your quick response to issue 245. This PR seems like it ought to solve the problem.

I like how you made the solution backward-compatible, so that if the user’s browser does not support Crypto.getRandomValues(), it falls back to the old method of generating random values for the private key.

In that case, perhaps the application should warn the user that it is using a non-CSPRNG to generate the private key?

meixler avatar Dec 16 '21 23:12 meixler

@OutCast3k This PR is a must have feature, could you review this?

ghost avatar May 16 '22 09:05 ghost