V8 uses a linear PRNG, depending on the precision of system time fed,
   V8 is vulnerable to the same attacks PHP was regarding a weak seed: it
   could be derived through a brute force search or by reversing the
   outputs.

   Given that now that time stamps in browsers use reduced precision, it
   could be argued that using math.random, V8 is still vulnerable to
   spectre

   Never mind that this bug report was closed as working as intended long
   ago: https://bugs.chromium.org/p/v8/issues/detail?id=2905
   Personally I think a reduced round cryptographic function in OFB or
   something similar would be best.
   Sent from ProtonMail Mobile