(no title)

From what I can tell the bulk of the work for it was done in 2018[1], but it needs updating to consider SIMD, and for legwork to be done on moving it along as a proper spec extension.

Until someone picks up this valuable work and lands this much-needed feature in Wasm, we're extremely vulnerable to timing attacks in all Wasm crypto.

[0] https://github.com/WebAssembly/proposals/blob/9fc7a85e/inact...

[1] https://github.com/PLSysSec/ct-wasm