|
|
|
|
|
|
by happynaut
3065 days ago
|
|
|
What's your reservations about it being implemented in nodejs? It's not my favourite technology stack either (I much prefer scala / haskell), but it hasn't deterred me from using it or contributing to the project. I wonder if a security review is something that can be funded through the open collective that is being set up (https://opencollective.com/secure-scuttlebutt-consortium ) or some other funding source. By the way, the repositories that I mentioned earlier for the Rust implementation of the protocol in progress are mostly here: https://github.com/AljoschaMeyer?tab=repositories |
|
|
https://www.csoonline.com/article/3214624/security/malicious... The sprawling dependencies alongside potential security/breaking issues are huge. It is a large and vulnerable attack surface.