lilyannehall
commented
4 years ago Using a static salt makes generating a new rainbow table possible and largely defeats the purpose of using a salt at all. While this cases is different than salting passwords - assuming that the entropy source for keygen is not compromised there shouldn't be any key reuse between users (see https://github.com/LeastAuthority/bls-keygen/issues/1), I think we still want to recommend using unique salts.
https://github.com/LeastAuthority/bls-hd-key/blob/master/src/key-derivation.ts#L9
Salt is hard-coded to the string
BLS-SIG-KEYGEN-SALT-. Shouldn't we generate a new unique salt for every Hkdf and return it along with the result?