> A bit surprised that it’s written in rust, rather than Go. I suppose rust can take advantage of more low level apis, plus no overhead of garbage collection.
It’s security-focused technology. Rust has huge advantages over Go in this area.
Could you name some advantages? I would agree Rust has huge advantages compared to C/C++, and Rust also has a much bigger presence in the "security space". But I would say that's more because of Rust's lack of GC, smaller footprint which works in embedded systems etc.
I guess you could say that Rust's type system being more expressive might eliminate certain classes of bugs, which have security implications. But "huge advantages"?
(Honestly I'm not flame baiting, I'm genuinely curious if my worldview is wrong)
I think lack of union/sum types, i.e. lack of compiler exhaustivity checks on cases is pretty relevant here. For security applications the goal is maximum stringency w.r.t. correctness so I think “huge advantage “ isn’t an exaggeration regarding sum types. It’s not like “have you checked all cases” is an unimportant question when trying to prove correctness.
does it really? aside from a handful of crates and the default std hashmap i being slow but cryptographically sound: I would not have assumed so.
Go usage inside Google is actually quite low, people talk a lot about Go being a google project but in reality its a project made by some people who work at Google.
When I last checked it was a bronze supported language (with C++, Python and Java being Gold).
It’s security-focused technology. Rust has huge advantages over Go in this area.