Boring crypto that simply works

Quality Assurance

Monocypher’s primitives have been selected for their ease of implementation and lack of subtle trap. Most are relatively easy to get right, given the proper methodology.

We run a comprehensive test suite with sanitisers (ASan, MSan, UBSan, Valgrind), use automated code coverage, and conducted a proof of correctness for Poly1305. Of course, every time a bug is found (which is not often), we add a regression test. Vulnerabilities that are serious enough are addressed behind closed door. Full disclosure follows.