Something off on how the RNG is initialized? Lack of entropy? If the rng is not customized it wil...

juancn • yesterday at 1:52 PM • 2 replies • view on HN

Something off on how the RNG is initialized? Lack of entropy?

If the rng is not customized it will use:

    const rnds8 = new Uint8Array(16);
    export default function rng() {
        return crypto.getRandomValues(rnds8);
    }

getRandomValues doesn't specify a minimum amount of entropy.

Hizonner • yesterday at 1:57 PM

It's a near certainty that something is badly wrong with the RNG, and, yes, probably in how it's seeded.

It's probably messing up the cryptography, too.

➕ show 1 reply

alt Hacker News