Indeed! saljam asked me about a month ago what PAKE he should use with a Go implementation, and since there isn't a canonical one I put together a CPace implementation on top of ristretto255: filippo.io/cpace. It's a wonderfully simple algorithm when instantiated with a prime order group such as Ristretto.

There are some implementation notes in the README: https://github.com/FiloSottile/go-cpace-ristretto255

Nice spot, here's a link to the IETF draft spec for CPace mentioned.

https://tools.ietf.org/id/draft-haase-cpace-01.html

IETF post announcing the chosen candidates

https://mailarchive.ietf.org/arch/msg/cfrg/LKbwodpa5yXo6VuND...

Candidate selection process

https://github.com/cfrg/pake-selection

Implementation using libsodium https://github.com/jedisct1/cpace

Hey, the libsodium guy! Thanks a million for your work on that; I've really enjoyed using it. I actually ran across this the day after the CFRG meeting and was happy to see a respected implementer had already written a C version. Would you say it's mature enough to use yet?

Is this in the wasm version?