[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Actor model implementation, seeking feedback
From: |
Vasilij Schneidermann |
Subject: |
Re: Actor model implementation, seeking feedback |
Date: |
Sat, 26 Jun 2021 20:38:03 +0200 |
Hello Ariela,
> But that's just my opinion, so I'd like to hear some feedback about it before
> I
> decide if it's worth submitting to the coop now, or ever.
>
> The project uses nng[1] for communication (I made some rudimentary bindings to
> the bare minimum), protobuf for serialization and tweetnacl for encryption.
> Now, I'm FAR from an expert on communication, security, or even concurrency,
> so there's probably a lot to pick on :)
0. Funny how history repeats itself with the actor model and Scheme:
<https://en.wikipedia.org/wiki/History_of_the_Scheme_programming_language#Carl_Hewitt,_the_Actor_model,_and_the_birth_of_Scheme>
1. Why Protobuf? Why in combination with JSON? Why not just JSON? Or
just Protobuf, but consider it's been designed for the cases where JSON
is too expensive to use, so not for this project I guess...
2. Cool that you use tweetnacl for encryption, but please don't use
random numbers for nonces, that's just wrong. Nonces are not supposed to
be secret, random or unpredictable, but unique numbers that do not
repeat. Random numbers do repeat eventually. If a nonce repeats, this
allows certain cryptographical attacks to be performed on the
corresponding ciphertexts.
Vasilij
signature.asc
Description: PGP signature