From 90636d14c85163ef105ac47f7c007f71a68d3e1b Mon Sep 17 00:00:00 2001
From: Brendan Hansknecht <brendan.hansknecht@gmail.com>
Date: Fri, 26 May 2023 07:31:35 -0700
Subject: [PATCH] add extra note on security

---
 crates/compiler/builtins/bitcode/src/utils.zig | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/crates/compiler/builtins/bitcode/src/utils.zig b/crates/compiler/builtins/bitcode/src/utils.zig
index 68b7013695..aa2a9605e3 100644
--- a/crates/compiler/builtins/bitcode/src/utils.zig
+++ b/crates/compiler/builtins/bitcode/src/utils.zig
@@ -442,6 +442,9 @@ test "increfC, static data" {
 // This avoids all roc Dicts using a known seed and being trivial to DOS.
 // Still not as secure as true random, but a lot better.
 // This value must not change between calls unless Dict is changed to store the seed on creation.
+// Note: On esstentially all OSes, this will be affected by ASLR and different each run.
+// In wasm, the value will be constant to the build as a whole.
+// Either way, it can not be know by an attacker unless they get access to the executable.
 pub fn dictPseudoSeed() callconv(.C) u64 {
     return @intCast(u64, @ptrToInt(dictPseudoSeed));
 }