May 30, 2026
Zero alloc, maximum discourse
wolfSSL releases a new product; wolfCOSE a zero alloc C embbedded COSE stack
Tiny new security tool drops, and the comments instantly turn into a specs fight
TLDR: wolfSSL launched wolfCOSE, a tiny security library for small devices that promises lots of protection features without using dynamic memory. Commenters were split between helpful explainers and skeptical nitpickers, with the loudest debate over whether the tiny-size claims are impressive engineering or just clever marketing.
wolfSSL has unveiled wolfCOSE, a tiny new software library for signing and encrypting data on small devices, and the community reaction is basically: “cool idea, but show your homework.” The pitch is flashy — no dynamic memory allocation, very small size, support for lots of security methods, even future-facing post-quantum signing — which in plain English means it’s aimed at cramped little gadgets that need serious security without gobbling memory.
But the comments? That’s where the real action is. One camp jumped in to play translator for everyone outside the crypto bubble, explaining that COSE is essentially the compact binary cousin of the more familiar JSON-based security standards. That got a few approving nods, because let’s be honest: half the battle in security announcements is figuring out what the acronym soup even means.
Then came the skeptics, and they were not in a generous mood. The hottest pushback centered on wolfSSL’s brag about tiny code size and “zero .bss/.data.” Critics basically said: that’s not magic, that just means the memory has to come from somewhere else. Others side-eyed the size claims entirely, arguing that a number without details like hardware, compiler, and build settings is more marketing than measurement. In other words, the launch landed with a classic nerd-drama twist: neat product, impressive claims, and commenters immediately hauling out the microscopes. It’s less “wow, amazing” and more “receipts, please.”
Key Points
- •wolfSSL released wolfCOSE, a lightweight C library for CBOR and COSE that uses wolfSSL as its cryptographic backend.
- •The library implements all six RFC 9052 COSE message types, including single- and multi-actor variants, plus COSE_Key and COSE_KeySet serialization.
- •wolfCOSE supports 40 algorithms across signing, encryption, MAC, and key distribution, including post-quantum ML-DSA-44/65/87.
- •The article states that wolfCOSE uses caller-provided buffers with zero dynamic allocation and offers a minimal 7.5 KB text footprint for a Sign1+ECC build.
- •The project requires wolfSSL v5.8.0-stable or newer and includes build configurations for minimal, post-quantum-only, and full algorithm support, along with tests, demos, and a CLI tool.