cgrigis
cgrigis
##### ISSUE TYPE - Bugfix pull-request ##### DSTAT VERSION ``` Dool 0.9.9 Written by Scott Baker Forked from Dstat written by Dag Wieers Homepage at https://github.com/scottchiefbaker/dool/ Platform posix/linux2 Kernel 5.8.0-1-amd64...
A URL with a fragment fails to validate: ``` >>> from strictyaml import Map, Url, load >>> schema = Map({"url": Url()}) >>> >>> load("url: https://example.com/bla", schema) YAML({'url': 'https://example.com/bla'}) >>> >>>...
_Security Code Review finding:_ Another modulo bias in `kyber` was found in [`pairing/bn256/point.go` on line 239](https://github.com/dedis/kyber/blob/9ac80102d756a21f318685e230e33791c44b5e2e/pairing/bn256/point.go#L239), notice this is not necessarily a danger depending how the `hashToPoint()` method is later...
_Security Code Review finding:_ A square-and-multiply algorithm without protection is not constant time and leaks information on the exponent. It is used in the following spots in kyber: - `pairing/bn256/gfp.go`...
_Security Code Review observation:_ The way the XOF is built from a keyed `blake2b` instance in Kyber is unusual: it is taking the `seed`, and if the seed is bigger...
_Security Code Review observation:_ For example, it seems the shuffle tests are not testing the verification of a wrong shuffle nor providing test-vectors.
_Security Code Review observation:_ We want to highlight what is already mentioned in BN256's `README.md` file: "previously claimed to operate at a 128-bit security level. However recent improvements in attacks...
The errors returned during the execution of [Dispatch()](https://github.com/dedis/cothority/blob/master/dkg/pedersen/dkg.go#L114-L151) are not handled, and will result in a hanging goroutine.
The ABI `constant` field has been deprecated in Solidity 0.5.0 and removed in 0.6.0. This confuses `bevmclient`: it uses this field to check that a method provided for a _view...