-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Andrew
> In the release notes for 0.12, it says that we have moved from > using OpenSSL to libsecp256k1 for signature validation. So what > else is it being used for that we need to keep it as a dependency? Openssl was dropped from the consensus layer (ECC) in 0.12, though, it still used for... 1) ... getting random numbers (randomize the ECC signing context) 2) [wallet only] ... AES256 encryption of private keys 3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol) Openssl dependency for 1) and 2) could be removed. There are some – outdated – relevant PRs: Entropy: https://github.com/bitcoin/bitcoin/pull/5885 AES: https://github.com/bitcoin/bitcoin/pull/5949 I guess for point 3) [BIP70] it makes sense to keep openssl. /jonas -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWoIwAAAoJECnUvLZBb1PsWSMP/2VyURcUUmnFodX1UUkkTQSu KmEMqRe3Ak1v4B5S+7raodYE+7ePONedHrciUgNfj0GBDu7/5Wl3LD0GnFb0//Nl JEHPzNQB8xhRjhXux17rq+Kf60qjc+uybJQDDs9KfQQYS+hFTUKXX61s7wwY/QAy 6Vi5FxZRThzFUFWFZvG9KbRLWEbBVONnXLaA4pB0o7UnU2wAHkmPP5wyeCJLy3cW uggeLYh3X6GBF/+IQ0ndO4yFJ09ROXBS7N1VisJy2Z4zTJr0y6rAVVG9XcPtlkMc SvMULeiB34odvlZMRMFdCYLHCuff30jN2+aEJST/d+lr4IB2ai8veXwt69yya4p2 4UUL5ueOzKWfgcxVT/qDDcVkZJFqrhdHmMaEggelRakQCSdLly+4X7Mdo/Dx/RC2 PYUDQVGGFephTpzBTQ3fpRGtZu2JX45T2RKyF2qcVlzXrRW7SjqzwGWWuutwbbrS V9cSMMVS7NU90mgCE4e3G2oqi40H8dOzg+opf5ynChEccgJwUlxrfjj4kJbQZRH1 X00tGeVs93MxQes+vacYq7VYX4pzM1kiU3EMNStyAvCzd8FbGxmiv3C1VKhRj3xK Oo98Yg18OBL2jQCWHza3nOU5jN8AnjlkXNvrqsaGedjVNirlnR6a+qmklNIiY1lE kBxMbfAhTLPY3ukqtaSh =4GfM -----END PGP SIGNATURE----- _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
