adding entropy

[jeremyawon]

I'd like to be able to add entropy through a text field (e.g., from flipping a coin). Is this a reasonable feature, or should I just pursue this in my own fork?

[pointbiz]

Yes this is a good feature request. A way to input entropy into a text field will be added to the site.

[weissjeffm]

I notice that mouse movements and timestamps continue to be folded into the seed, even after the first address is generated. Is that deliberate?

I am not sure if each operation that needs random numbers should use the exact same PRNG or seed a fresh one each time. I am guessing that it's easier to guarantee uniformity when you use a single PRNG, however I have no idea if it makes any practical difference in this case.

[jeremyawon]

The rc4 prng is only seeded once, when bytes are first requested. seed* calls continue to mix the pool but they aren't used.

[weissjeffm]

I noticed that the constructor to SecureRandom is called many times throughout the codebase, I wasn't sure if that re-read the seed or not. Javascript is not one of my main languages.

If it doesn't start a new PRNG what exactly is it constructing?

[jeremyawon]

SecureRandom instances don't have their own state. They just expose nextByte, which uses module level state. I don't understand why it's designed like this..

[pointbiz]

The design of SecureRandom is from Tom Wu. I refactored it to a module pattern but kept nextBytes as an instance function because I left functions static or instance as they were in the original.

I can confirm that it only seeds once when the bytes are first requested. I think we should aim for one good seed and that reseeding would be for usability after a lot of mouse movements or copy/paste entropy from another source into a text field.