You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Precompile the .proto schemas into a static protobuf module (src/generated/protocol.js, regenerated with npm run proto) instead of parsing them at runtime (which required an unsafe-eval CSP policy).
Harden SessionRecord deserialization against prototype-chain mutation.
Curve25519: fail closed on a nonzero WASM status, reject low-order/all-zero ECDH outputs (RFC 7748), and stop mutating/aliasing the caller's private key.
Behaviour change: the DH/signature paths now require the 33-byte 0x05-prefixed public-key form; raw 32-byte keys are rejected.
Constant-time util.isEqual (only used for public signatures currently)