[shakna]

> Homebrew crypto written by 4chan.

Where did you get that from? Tox uses libsodium. [0]

[0] https://github.com/irungentoo/toxcore/blob/master/docs/updat...

[veeti]

There is more to building a secure end-to-end messaging protocol than dropping in libsodium and calling it a day. See issues like https://github.com/TokTok/c-toxcore/issues/426.

[shakna]

There is a lot more. But Tox is hardly "homebrew crypto" from "4chan" hackers.

Though, even the issue you've linked show the thought that the tox team have been putting into their protocol. (A stolen private key is game over, as in most situations. KCI is hard, let's rework.)