Closed mflaxman closed 10 years ago
Nice proposal @mflaxman !
Thanks @reiven!
Done, thanks!
https://github.com/vbuterin/pybitcointools/commit/82359ba9992a146c67be97d5c01ea1a2488bd226
On Tue, Aug 12, 2014 at 4:50 PM, Michael Flaxman notifications@github.com wrote:
Thanks @reiven https://github.com/reiven!
— Reply to this email directly or view it on GitHub https://github.com/vbuterin/pybitcointools/pull/20#issuecomment-51975271 .
Hey @vbuterin, awesome library you've created. Thanks for putting it out there!
I was making some changes to bitmerchant and come across what I think is a weakness in your library. It's only a minor flaw, but I don't think this is behaving as you intended. Please see commit to understand what I'm doing, here is an example for clarity:
The odds of a compromised CSPRNG are low, but I think this PR only improves pybitcointools with no downsides. I think your usage of
time.time()
is really clever, and this PR will improve the efficacy of that technique by 10**6.You can see the bitmerchant discussion here.
As a side note, I'm not sure I agree with using
random.randrange
here. From the docs:Since it's adding entropy, I can't see it doing any harm either.