ckLee8
commented
1 year ago duplicate of #1526
Open paulmillr opened 1 year ago
ckLee8
commented
1 year ago duplicate of #1526
paulmillr
commented
1 year ago not really a duplicate, more an extension: hdkey != bip39
ai-slave
commented
1 year ago I feel like the priority of this should be bumped
It's pretty old and uncool. Uses a lot of sub-deps. Unaudited subdeps which could be updated by different authors is a supply chain security issue.
The suggestion is to switch to https://github.com/paulmillr/scure-bip32 which is being used by
ethereum-cryptographyin your dep tree. Scure has been audited, paid for by EF.bip39could also be replaced with scure-bip39.