Open uPvtkBlpiucvDUf opened 2 years ago
Using Math.random() here seems wrong given it's not suited for cryptographic purposes
Math.random()
https://github.com/vector-im/chatterbox/blob/3c8df045579bce9682bd03e44b0e86f6fbb6a8d6/src/random.ts#L17-L29
I haven't looked into it very deeply, but it seems to me this is actually used for stuff that should use cryptographically strong random values
https://github.com/vector-im/chatterbox/blob/3c8df045579bce9682bd03e44b0e86f6fbb6a8d6/src/viewmodels/AccountSetupViewModel.ts#L40-L62
Using
Math.random()here seems wrong given it's not suited for cryptographic purposeshttps://github.com/vector-im/chatterbox/blob/3c8df045579bce9682bd03e44b0e86f6fbb6a8d6/src/random.ts#L17-L29
I haven't looked into it very deeply, but it seems to me this is actually used for stuff that should use cryptographically strong random values
https://github.com/vector-im/chatterbox/blob/3c8df045579bce9682bd03e44b0e86f6fbb6a8d6/src/viewmodels/AccountSetupViewModel.ts#L40-L62