Constant-time decoding

[silverpill]

A constant-time decoding algorithm could be necessary when working with base58-encoded secret keys, because the use of variable time algorithm may make a system vulnerable to side-channel attacks.

For example, there is a constant-time implementation of base64, designed for encoding/decoding secret keys: https://docs.rs/base64ct/latest/base64ct/

[Nemo157]

I'm not sure if constant time decoding is possible given that base58 is a variable length encoding.

[silverpill]

@Nemo157 This Go implementation is described as cryptographically secure: https://github.com/koba-e964/base58-go. But I don't know enough about this subject to verify that claim.

[Nemo157]

Skimming it I guess that's a constant-time decode for a specific input string length. I'm not sure if that is enough given the length of the string leaks information about its content (shorter strings have more leading zero bits IIRC).