Soatok DreamseekerMar 2

Loup-Vaillant wrote this on Lobste.rs in a dumb rant about my Matrix disclosure:

Personally I would actively avoid the check,

Hmm. What a weird thing to say.

Loup-Vaillant wrote a cryptography library called Monocypher, which famously had an EdDSA vulnerability mostly caused by their insistence on rolling their own custom EdDSA variant to avoid SHA512.

"I wonder how Monocypher holds up in 2026?"

Who said that? Well, anyway:

https://github.com/LoupVaillant/Monocypher/issues/285

Cryptographic Issues in Matrix’s Rust Library Vodozemac

47 comments

Lobsters
Show threadSayuri 💛⬜️💜🖤‏ ΘΔMar 3

@soatok because who checks for buffer lengths in c anyways it just wastes cycles

wat

also pretty sure "user error" is exactly how exploits are born

Show threadAlex@rtnVFRmedia Suffolk UKMar 3
@wolfcoder @soatok hang on what /century/ are we in? not like we are still programming Z80 or 6502 and trying to squeeze out every last bit of performance, surely a few extra clock cycles won't break the bank these days?
Show threadSayuri 💛⬜️💜🖤‏ ΘΔMar 3

@vfrmedia @soatok everything* starts with c, if you're writing a fundamental library, a video game engine, part of an operating system, etc. you do want to be as lightweight as possible.

you do want to fight the attitude of not optimizing because then we get Electron apps and e-waste.

not buffer checking (for whatever reason) however saves you very little vs. how dangerous it is, i'll even range check when i'm writing Z80 or 6502 programs just to save headaches.

Show threadElladan

@wolfcoder @vfrmedia @soatok even in the hypothetical situation where saving half a cycle on a bounds check mattered, the right thing to do would be to litter the code base with debug asserts or, even better, come up with an api where the bounds check isn't needed.

C isn't a forgiving language and a good programmer doesn't trust that their own code does what it's supposed to unless they can prove it, much less anyone else's.

Mar 3 at 9:53pmWeb