replace Christian's FIXME with an explanation

diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 96d546185f5b1b2e425090fbe327326aa9e58856..e1608ae551d5cfb25735af8dbd0ae2ce1a7f488f 100644 (file)
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -544,10 +544,18 @@ void
 GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 {
   BENCHMARK_START (eddsa_key_create);
+  /*
+   * We do not clamp for EdDSA, since all functions that use the private key do
+   * their own clamping (just like in libsodium).  What we call "private key"
+   * here, actually corresponds to the seed in libsodium.
+   *
+   * (Contrast this to ECDSA, where functions using the private key can't clamp
+   * due to properties needed for GNS.  That is a worse/unsafer API, but
+   * required for the GNS constructions to work.)
+   */
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
                               pk,
                               sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
-  // FIXME: should we not do the clamping here? Or is this done elsewhere?
   BENCHMARK_END (eddsa_key_create);
 }