Write a crypto library and blog about how great it is.
Apply the tools that other people used to find bugs in it and repeat blogging about how great it is.
...
In the end you get a library that is slower and smaller (because you left out the optimized code, duh). It's still not as small as the smallest.
Is this easier to audit? Dubious but it doesn't matter because if people hadn't wanted the extra speed they wouldn't have added the optimized code anyway.
Plus, that code is already audited and rolled out and works! Who cares about auditing another library that provides nothing new?
The only non obviously-garbage argument here is usability which I am too lazy to look at because it is too fuzzy to refute anyway.
By all means, write your own crypto but DON'T USE IT! And of course don't tell other people to use it either.
Let's list the pros and cons of each libraries (let's assume we trust all 3 libraries):
Monocypher vs TweetNaCl:
Good:
Monocypher uses more modern primitives (Blake2b, Chacha20)
Monocypher provides password derivation
Monocypher is a bit easier to use
Monocypher is much faster
Bad:
Monocypher is twice as big
Conclusion:
Monocypher utterly outclasses TweetNaCl.
Monocypher vs Libsodium:
Good:
Monocypher is much smaller
Monocypher is easier to deploy
Monocypher is a bit easier to use
Bad:
Monocypher is a bit slower (except Argon2i, which is faster)
Conclusion:
If performance matters, use NaCl. Otherwise, use Monocypher.
Nothing new, you say?
> By all means, write your own crypto but DON'T USE IT! And of course don't tell other people to use it either.
Get back to me in a couple years, we'll count the CEVs since version 1.0.
Apply the tools that other people used to find bugs in it and repeat blogging about how great it is.
...
In the end you get a library that is slower and smaller (because you left out the optimized code, duh). It's still not as small as the smallest.
Is this easier to audit? Dubious but it doesn't matter because if people hadn't wanted the extra speed they wouldn't have added the optimized code anyway.
Plus, that code is already audited and rolled out and works! Who cares about auditing another library that provides nothing new?
The only non obviously-garbage argument here is usability which I am too lazy to look at because it is too fuzzy to refute anyway.
By all means, write your own crypto but DON'T USE IT! And of course don't tell other people to use it either.