doesn't actually detect native modules for ios or android anymore

[earonesty]

on android, there's a small change to fix it

on ios, not sure

either way, don't use this because it will keep working, while exporting an insecure polyfill

[timothyerwin]

what is the alternative?

[earonesty]

im working on fixing it. i don't think there is an alternative. the best thing to do is to get rid of the code in react_native.ts that does the Math.random stuff... that prevents it from actually being insecure. at least it will raise an error and fail to start the app if you have expo-crypto misconfigured, etc. getting rid of a lot of the detection around expo-crypto and just putting it in the "else" seems to be a better policy on native. i'll put up a pr. actively debugging now. for sure it can't work on android, since the module has been renamed.

[earonesty]

this is what im using now: https://github.com/earonesty/isomorphic-webcrypto
just blows up if expo isn't installed, instead of logging an error that no one will see and then giving you an attackable private key or something

[timothyerwin]

thanks. I have similar, but also upgraded the packages using ncu -u

master...icychat:isomorphic-webcrypto:master

[earonesty]

this apparently works better might switch to it.