undefined | Better HN

0 pointsTekMol7y ago0 comments

    there is nothing much the library _can_ do IMHO

It's code that runs on your machine. What would prevent it to do whatever it wants? Like sending your private keys somewhere? Or using a weak form of crypto to create them so that somebody can guess them?

0 comments

1 comments · 1 top-level

brown-dragon7y ago

That's an excellent point. The only place the library has access to the private keys are during account creation and message signing. Perhaps I should implement both directly in the wallet so it's visible and clear to everyone.

j / k navigate · click thread line to collapse