Perform a security audit to this library

[c0dearm]

I would like help from the community to run a serious security audit around this library and write issues about possible vulnerabilities

[librelois]

After studying the source code it seems to me that you do not deal with this problem:

https://en.wikipedia.org/wiki/Shamir's_Secret_Sharing#Problem

Maybe there's something I didn't understand. Are you treating this problem? And if so how?

[c0dearm]

Hi @librelois, thanks for you input.

We deal with this problem by using finite field arithmetic, like the solution proposed in the link you shared.

More concretely, we use the Galois Field of characteristic 2 and dimension 8. This a good tradeoff because it makes it difficult to gain information for the reasons stated in the link and at the same time is computationally efficient because it allows to implement the algorithm using binary operations.

[librelois]

Indeed I had focused only on the math module and I thought that the additions and multiplications were done like on a classical u8.
I just saw in the field module that it's not, thank you for your answer :)

[RyanSquared]

Howdy, an organization I'm affiliated with has paid for a security audit of a project that uses sharks, and I have some information I'd like to disclose. Would you mind reaching out to me? I can be reached at [email protected].