9 comments

[ 3.1 ms ] story [ 33.5 ms ] thread
Also interesting and I think with some overlapping features:

Google Tink: https://github.com/google/tink

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

I wonder why Go and not Rust. Cloudflare iirc does use Rust for other infrastructure. I think Rust is probably the mainstream language with the best support for implementing high-performance/high-security software which cryptographic primitives certainly are. In addition, it is pretty easy to use Rust to write a library that can be callable from C allowing it to be used from multiple languages easily.

Go is a pretty good language in general but it does not have the raw performance that Rust/C/C++ have and doesn’t have the same support for correctness that say Rust does with its powerful type system. (For example affine types you that can help make state machines more robust to incorrect uses).

The library was made public in 2018, which is before the somewhat more recent rust fad had taken hold.
(comment deleted)
Go makes it easy to integrate it with network applications already written in Go, and linking Rust/C/C++ code to Go is generally a crapfest.
BTW where I can find a good open source multi-party computation (MPC) library. There are good resources at [1] but it seems most or all of these libraries are outdates, unmaintained, and/or unaudited. Some of them were acquired and removed from the market [2] IMHO MPC based solutions will be everywhere in the near future for identity, data privacy, yes, and crypto assets.

[1] https://github.com/rdragos/awesome-mpc

[2] https://www.coinbase.com/blog/coinbase-to-acquire-leading-cr...