Two years ago, I glanced at Matrix’s Olm library and immediately found several side-channel vulnerabilities. After dragging their feet for 90 days, they ended up not bothering to fix any of i…
3 year old subpackage blob. Maybe it’s from before the switch to PQC? They have a published threat model that helped guide the audits and seemed well reasoned. I’m not sure where that version of curve would be used in the current client or server.
3 year old subpackage blob. Maybe it’s from before the switch to PQC? They have a published threat model that helped guide the audits and seemed well reasoned. I’m not sure where that version of curve would be used in the current client or server.