grepsuzette
commented
1 year ago Cryptography is both small in terms of volume of code and critical in terms of impact. That being said, it's almost the same about some of our stdlibs or the VM itself for example.
When it comes to those areas we need to:
- discourage changes, as a default stance (it's the opposite for non-critical areas),
- document problems with external documentation or references,
- have more than 1 reviewer for those PR/projects,
- the reviewers need to study the doc, the references if not familiar yet,
- if no consensus, reach out to Jae, or relevant experts,
I think more than 1 label here.
moul
thehowl
sbibek086
I recently approved a pull request for merging on GitHub without conducting a thorough analysis (#670). However, upon reflection, I realize that this was not the best approach, and I should have taken the time to conduct a more thorough review. Moving forward, I suggest defining additional policies and identifying areas that require extra attention to ensure that we achieve both efficiency and security.
When adding new features or extending the surface of our programs, we need to justify their necessity, and we must ensure that they are future-proof and minimalist. In particular, when working with cryptography, we should perform entropy and security benchmarks and document our findings. I welcome suggestions on the rules that we could add to ensure that we maintain our security standards.
To implement these changes, I propose adding a new label to identify pull requests that require extra attention and updating the CONTRIBUTING.md file. We may also need to reconsider (revert) two recent pull requests and conduct a thorough analysis before merging (#670 and #580).
Edit: related with #687.