-
|
Is it safe enough to transfer secret params through rust-in-flutter. If it is safe, what methods are used to ensure the safety, and what is the safety level. |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
|
It is completely safe to pass secret parameters between Dart and Rust. That's because this framework uses C ABI to pass messages. In other words, the Flutter executable is directly linked with the library files compiled from Rust. I know that some other Rust GUI frameworks use HTTP or websockets to communicate between GUI and Rust, which is quite insecure. However, that's not the case for Rust-In-Flutter because messages are passed within the Flutter app's process. This is not only secure but also performant because message passing is a zero-copy operation on the memory. Hope this helps :) Please tell me if anything is not clear yet. |
Beta Was this translation helpful? Give feedback.
-
|
However, please note that while it is hard to reverse-engineer compiled native binaries to search for secret keys or params, it is generally not recommended to hardcode sensitive information in the application itself. This caution applies to this framework as well as any other distributed binaries. |
Beta Was this translation helpful? Give feedback.
It is completely safe to pass secret parameters between Dart and Rust.
That's because this framework uses C ABI to pass messages. In other words, the Flutter executable is directly linked with the library files compiled from Rust.
I know that some other Rust GUI frameworks use HTTP or websockets to communicate between GUI and Rust, which is quite insecure. However, that's not the case for Rust-In-Flutter because messages are passed within the Flutter app's process. This is not only secure but also performant because message passing is a zero-copy operation on the memory.
Hope this helps :) Please tell me if anything is not clear yet.