Specifications and Dependencies
At Spruce, we consider it essential to be very explicit and up-front about our definition of standards compliance, our evidence to back that up, and the open-source dependencies and libraries which power our security and trust guarantees. To this end, we maintain both lists here, and think that both are as important as our changelogs.
To demonstrate our commitment to standards and interoperability, we have ensured that our implementation conforms to the following specifications and aspire to pass their test suites where applicable:
We strongly prefer tried and tested implementations of cryptographic functions and believe that it's most responsible to list them out in a forthcoming manner to any potential users.
DIDKit is engineered so that the target platform and compile-time flags may be used to specify different cryptographic backends, such as to leverage native hardware capabilities, cross-compile to e.g. WASM, or to give advanced users the option to only use libraries that they trust.
ring, v0.16: default for hashes, ed25519 functions, RSA, and randomness. The ed25519 functions here cannot currently compile to WASM.
If you have constructive opinions about the set of cryptographic libraries that should be supported, please open an issue.