search

urbit / urbit-key-generation

Key derivation and HD wallet generation functions for Urbit
MIT License
15 stars 8 forks source link

Use a double application of SHA-256 when deriving network seeds w/nonzero revisions #56

Closed jtobin closed 5 years ago

jtobin commented 5 years ago

(Resolves #55)

A single application of SHA256 in this setting can be subject to length-extension attacks; a double application eliminates this possibility.