challenge-bypass-extension
challenge-bypass-extension copied to clipboard
privacypass
sjcl is getting a bit long in the tooth
Perhaps replace with something more modern (using native BigInt) like: https://github.com/paulmillr/noble-curves
What's your usecase? It would be great if you could provide examples, or a proposal PR.
Actually, a separate (publishable) lib would be good. We used modified version of this code in a Web Monetization project, and another org may do so again.
Could do PR if it gets a lookin!
@thibmeu the use case is safety of library users. You will have a lot more of it with audited curves versus 10-year unsupported and buggy sjcl.
I'm a bit puzzled at the state of these privacy pass repositories (this extension and the Go server).
There seems to be a lot of work done on the protocol and surrounding elements, but this extension still uses hashAndInc as the default for the voprf module. From my cursory viewings I can't rule out that the settings aren't updated or configured dynamically by server side responses, but it seems like the SWU method is just dead code.
An impl of the publicly verifiable tokens (blindrsa) was added last year, but it's not actually used yet. I see a lot of bad reviews recently at the chromestore
It made me wonder if development is happening in some other repo[s]? Or if perhaps efforts are placed into the related web standards and this will no longer be needed soon ?
Seems progress continues elsewhere. Here seems a decent entry point to find more: https://github.com/ietf-wg-privacypass/base-drafts