[detrites]

Developers should never end up in a situation where they feel the best cryptography solution is to "roll their own". That's likely what happened here. And the situation needs to change. It doesn't matter where in the stack that change is affected.

[lxgr]

So you're saying all languages (and in fact ISAs, because that really describes WASM more accurately!) need to come with a static analyzer that detects and prevents any attempts of implementing low-level cryptography rather than calling out to a high-quality library? Because that's what happened here.

What we can do is provide well-tested and ergonomic high-level cryptographic libraries; I don't see how we can enforce their use.

[detrites]

Well if you know of a simple way to target - reliably - a high-quality crypto lib that can access any underlying OS entropy source to generate a decently random number, with WASM, please inform us of it here; it'd be great to know.

Though admittedly, it seemed terrible if there wasn't, so I would be happy if the post can be proven deficient. I'd have ordinarily assumed many options available in the .js ecosystem, instead accepting it's a WASM OS-access issue.