@fedithom @servo

AFAIK WebCrypto is the JavaScript API toward natively implemented cryptography primitives so that web applications don't have to ship their own implementations, which WILL be prone to all sorts of side channel attacks (because sent through an optimizing JIT compiler that will strip away a lot of the extra safeguards required to prevent secrets from leaking).