hackage-security is using the ed25519 package, which in itself is
wrapper library around a C/Assembly implementation.
I have just released a pure Haskell implementation of that (modulo
slightly different API the same signature bytes), without using C bits
other than the well known integer-gmp. Tests and benchmarks are
included, if you want to see those for yourselves, but the proofs for
timing attack security still need to be written up for
scientific publishing.

Would you as developers of hackage-security / Cabal / stack be
interested in adopting such a replacement? And, if yes, what conditions
would such a library have to fulfill?

Best wishes and thank you all for your work,
cabal-devel mailing list

Reply via email to