Re: [Monotone-devel] Re: RFC: Fake IDs

[Zack Weinberg]

On 7/18/06, Nathaniel Smith <address@hidden> wrote:
> The situation under discussion is whether there is a danger that the
> string "0000000000000000000000000000000000000000" hard-coded into the
> source has a danger of colliding with any real hash, not whether some
> sneaky evil function could be constructed.

To be clear, my primary motivation for the original patch was a worry
that two places in the source code might decide to hard-code the
*same* fake hash, and that they would then somehow collide.  (I think
that in all of the places that currently use fake hashes, this can't
happen, and anyway all the existing fake hashes are unique; however, I
don't think we should have to rely on this staying so.  It would
already be an unpleasant auditing exercise to verify that the existing
fake hashes do not ever interact.)

zw