Tony Arcieri

@bstrie as someone who has strived to keep the number of [transitive dependencies of Abscissa as low as possible](https://github.com/iqlusioninc/abscissa#depencencies), it's really hard to say. Re: 150, that's fewer than the...

Whoops sorry, seems I was looking at the wrong property in an index of these things, it's >150 inverse dependencies, not transitive dependencies.

@bstrie there are several cases where that may happen, e.g. dependencies which are gated on by OS in Cargo.toml, but are not explicitly tagged as `optional = true` will still...

@bstrie I've done the same in several projects. [getrandom](https://github.com/rust-random/getrandom) suits my needs for cryptography, and avoids rand's many dependencies

As a huge fan of server-side Rust who also likes doing frontend stuff, my personal preference for this sort of thing is TypeScript

@emschwartz you can use Miscreant for AES-SIV ([RFC 5297](https://tools.ietf.org/html/rfc5297)) and I'd consider that implementation fairly robust. I've been working on implementing AES-GCM-SIV (which will be available in a standalone `aes-gcm-siv`...

They have roughly equivalent security properties. AES-GCM-SIV provides "beyond birthday bound" security by deriving a unique keys for each message. As of the final version, it provides good security bounds...

AES-SIV was originally created for the keywrap use case, which it sounds like is what you're doing. Its big advantage there is no nonce is required, which saves space. If...

Note the relevant crate is here: https://github.com/RustCrypto/AEADs/tree/master/aes-gcm-siv There may be a security audit happening soon too.

I had a (rather "ambitious") idea of how this could be done using BFT consensus around quorum builds: https://github.com/iqlusioninc/synchronicity/blob/develop/README.md#about A simpler approach would be to log to something like [Google...