Yawning Angel

Related to all this, and supportive of the "provide ergonomic interfaces in some form" general idea, there is [this from the Cryptography Coding Standard](https://cryptocoding.net/index.php/Coding_rules#Avoid_mixing_security_and_abstraction_levels_of_cryptographic_primitives_in_the_same_API_layer). I think that providing and pointing...

Back on the NaCl side of things: https://github.com/Yawning/rust-crypto-nacl It's not registered on crates.io yet since it requires the changes in #245 to not crash with the latest nightly, and for...

@calvinmetcalf Hmm. I'm somewhat torn between "unsafe" vs "feature gating" as being better. Unsafe blocks allow the developer to do an awful lot of things that are scary that don't...

I haven't touched Rust in a personal capacity since around the time I last commented on this issue, sorry.

> Offhand...it seems like it'd be safe to move the NNP invocation until the final execve(). `SECCOMP_SET_MODE_FILTER` requires `CAP_SYS_ADMIN` or NNP to be set, so it's not quite as simple.

Defending against these sort of attacks is beyond the threat model of the obfs4 traffic shaper implementation (and to be honest is beyond the threat model of obfs4 in general)....

> * use `uint64` instead of `uint1` and drop addcarryxU64 and subborrowxU64 wrappers This is more than cosmetic. Getting rid of the wrappers and assuming that `bits.Add64` behaves as advertised...

> If you typedef uint1 to uint64, does that give you the performance benefit? ``` name \ time/op baseline typedef-ed no-wrapper CarryMult-8 66.4ns ± 1% 50.8ns ± 1% 45.9ns ±...

I continue to be against this because we shouldn't be in the business of determining what is dangerous or not. This is something that is up to the node operator,...

Considering that over 60% of the rust build time is consumed by building `grpcio-sys`, removing it (#3572) would go a long way to shortening build times.