Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
React Native:Warning of missing secure random source after installing react-native-get-random-values
See original GitHub issueMy React Native 63.2 app get the following warning about missing a secure random source, after installing react-native-get-random-values
[Wed Oct 21 2020 11:43:11.514] BUNDLE ./index.js
[Wed Oct 21 2020 11:43:19.165] LOG WARNING: This environment is missing a secure random source; generated private keys may be at risk, think VERY carefully about not adding a better secure source.
[Wed Oct 21 2020 11:43:19.170] LOG Shims Injected:
[Wed Oct 21 2020 11:43:19.172] LOG - atob
[Wed Oct 21 2020 11:43:19.173] LOG - btoa
[Wed Oct 21 2020 11:43:19.175] LOG - nextTick
[Wed Oct 21 2020 11:43:19.177] LOG - crypto.getRandomValues
[Wed Oct 21 2020 11:43:19.178] LOG - FileReader.prototype.readAsArrayBuffer
Here is the related package.json:
"dependencies": {
"@ethersproject/shims": "^5.0.6", //<<==ethers shim
"ethers": "^5.0.17", //<<==ethers
"native-base": "^2.13.14",
"react": "16.13.1",
"react-native": "0.63.2",
"react-native-get-random-values": "^1.5.0", //<<==secure random string source
},
Here is the import header:
import React, { Component, useEffect, useState} from 'react';
import {View, Image, Dimensions, Text, Alert } from 'react-native';
import DeviceInfo from 'react-native-device-info';
import "@ethersproject/shims" //for ethers.js //<<==etherjs shim. Tried import shim in App.js and warning is the same.
// Import the ethers library
import { ContractFactory, ethers } from "ethers"; //<<==ethers
Does the warning smell trouble? Or just a warning and can be ignored after installing react-native-get-random-values.
Issue Analytics
- State:
- Created 3 years ago
- Comments:11 (3 by maintainers)
Top Results From Across the Web
React Native:Warning of missing secure random source after ...
React Native:Warning of missing secure random source after installing react-native-get-random-values.
Read more >React Native Synchronous Secure Random Number Generation
I have found an answer that usually works. However, it is imperfect, because it works only if the randomBytes method is not required...
Read more >react-native-get-random-values - npm
A small implementation of crypto.getRandomValues for React Native. This is useful to polyfill for libraries like uuid that depend on it.
Read more >react-native-securerandom - npm package - Snyk
Generate cryptographically-secure random bytes in react native For more information about how to use this package see README · Ensure you're using the...
Read more >react-native-get-random-values v1.8.0 - npm.io
This is useful to polyfill for libraries like uuid that depend on it. Installation. npm install react-native-get-random-values npx pod-install. If ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
The solution found is that the module
react-native-get-random-valueshas to be imported before the initial importing of ethers shim. (even the module may not be used in the component). Here is the working sequence:The warning disappears after importing random module before shim as above.
ethersjs recognize the polyfill of crypto.getRandomBytes but seems viewing it as insecure source of PRNG.