Closed P-E-Meunier closed 4 years ago
jedisct1
commented
4 years ago It has only 3 2 small dependencies!
getrandom, base64 and scrypt.gerandom and scrypt.
And if you only need verification, there is the minisign-verify crate, that only has one dependency, has zero dependencies.base64
There’s no need for libsodium here.
(updated for the current versions, that have even less dependencies)
P-E-Meunier
commented
4 years ago I'm not really talking about dependencies, rather about the size of my binaries. If the ed25519 parts of minisign were exposed, I could potentially get rid of a dependency on libsodium. Conversely, if I had the option to use libsodium instead of the reimplementation of ed25519, I'd save code duplication in the binary.
jedisct1
commented
4 years ago The implementations here are really meant to be only used internally. They don't have a stable interface and are limited to only what minisign needs.
But they are pretty small and just got even smaller.
P-E-Meunier
commented
4 years ago Alright, that's good to know, thanks (and thanks for the update).
This project is great, but one minor problem is that it reimplements lots of stuff without exposing it. For example, libsodium is reimplemented, but what if other parts of my projects also need libsodium? I would like to be able to compile this crate with another implementation of libsodium (libsodium-sys?).