Ink & Switch develops Bijou64 variable-length integer encoding
Original: Bijou64: A variable-length integer encoding
Why This Matters
Addresses security vulnerabilities in signed protocols while improving performance
Ink & Switch created Bijou64, a new variable-length integer encoding for the Subduction CRDT sync protocol that ensures canonical representation and runs several times faster than LEB128.
Ink & Switch developed Bijou64 to solve a signature-verification bug in their Subduction CRDT sync protocol caused by LEB128's non-canonical representations. LEB128 allows the same number to be encoded multiple ways - for example, zero can be 0x00 or 0x80 0x00. This creates security vulnerabilities in signed protocols where different byte strings could represent the same value. Bijou64 ensures each number has only one representation, eliminating runtime canonicalization checks. The encoding unexpectedly also performs several times faster than LEB128 due to design constraints that require less computational work. The team noted that canonicalization attacks have previously affected ASN.1, PKCS#1 v1.5, Mozilla NSS, and Bitcoin transactions.