ruvector

vrr/ruvector

Fork 0

mirror of https://github.com/ruvnet/RuVector.git synced 2026-05-23 04:27:11 +00:00

Commit graph

Author	SHA1	Message	Date
Claude	717acc1eb9	fix(security): Address critical security and performance issues Security Fixes: - Remove blinding factor from Commitment struct (was leaking secrets) - Add per-installation unique salt for key derivation (was hardcoded) - Add prominent security warnings to zkproofs.rs (demo-only crypto) - Document that ZK implementation is for API demonstration only Performance Fixes: - Fix memory leak: category_embeddings now uses HashMap instead of Vec - Add LRU-style eviction at 10k embeddings capacity - Prevents unbounded memory growth that would crash browser Code Quality: - Add max_embeddings configuration option - Better documentation for data structures - Add security audit report and optimization guides ⚠️ IMPORTANT: The ZK proof cryptography is simplified for demonstration. For production use, replace with bulletproofs, curve25519-dalek, merlin crates.	2026-01-01 18:36:58 +00:00

Author

SHA1

Message

Date

Claude

717acc1eb9

fix(security): Address critical security and performance issues

Security Fixes:
- Remove blinding factor from Commitment struct (was leaking secrets)
- Add per-installation unique salt for key derivation (was hardcoded)
- Add prominent security warnings to zkproofs.rs (demo-only crypto)
- Document that ZK implementation is for API demonstration only

Performance Fixes:
- Fix memory leak: category_embeddings now uses HashMap instead of Vec
- Add LRU-style eviction at 10k embeddings capacity
- Prevents unbounded memory growth that would crash browser

Code Quality:
- Add max_embeddings configuration option
- Better documentation for data structures
- Add security audit report and optimization guides

⚠️ IMPORTANT: The ZK proof cryptography is simplified for demonstration.
For production use, replace with bulletproofs, curve25519-dalek, merlin crates.

2026-01-01 18:36:58 +00:00

1 commit