Hello,

First, I'd like to thank everyone who has been working on the crypto package, the ripemd160 algorithm implementation, and who made it available to all gophers ! I feel personally indebted for all the fantastic tooling around golang that I rely on everyday.

I want to see if anyone is open to discussion about removing the deprecation mark for the ripemd160 algorithm 😄

I recently noticed VSCode was barring my ripemd160 code because of a deprecation warning:

Even though it's a good practice to warn users against using deprecated algorithms, it is still part of many non critical procedures to use these hash functions, and it is explicitly stated that no care has been or will be given to optimizing the underlying implementation, which is a bit sad. I felt like whoever wrote this wanted to punish me; and even though I know this was done with the best intentions, my maybe naive self thinks it make sense and is good for the community to properly maintain those deprecated hash functions. Take for example git, it still uses SHA-1 for its object storage. So I call on Hyrum's law to ask if anyone else feels like the hash function deprecation should not be in a bijective relation with the crypto module API deprecation.

As for a specific ripemd160 use case example: it's used (as an unofficial standard) by Bitcoin related developers (for blockchain explorers, due diligence analytics, etc..) in a sequence of hashing meant to generate a fallback address for transaction that are paying directly to public keys, the following way:

// Untested bit of code, I am currently porting it from another language.

// addrFromPubkeyScript generates an address for pay-to-pubkey outputs.
func addrFromPubkeyScript(scriptAsm string) string {
	// working example: http://gobittest.appspot.com/Address

	// public key is the first member of asm script
	pubkey := strings.Split(scriptAsm, " ")[0]

	// hash the pubkey with SHA256
	firstHashSha256 := sha256.Sum256([]byte(pubkey))

	// hash the sha256 with ripemd-160
	secondHashRipeMD := ripemd160.New().Sum(firstHashSha256[:])

	// add network bytes 00 to the second hash
	secondHashRipeMD = append([]byte{0x0, 0x0}, secondHashRipeMD...)

	// perform another sha256
	thirdHashSha256 := sha256.Sum256(secondHashRipeMD)

	// do it again
	fourthHashSha256 := sha256.Sum256(thirdHashSha256[:])

	// isolate the first four bytes of the 4th hash
	fourthHashPrefix := fourthHashSha256[:4]

	// // concatenates first 4 bytes of fourth hash with the secondHash with network prefix
	combinedHashes := append(secondHashRipeMD, fourthHashPrefix...)

	// base58 encode the string
	return base58.Encode(combinedHashes)
}

It may be a tiny minority of hashes use case, and I'm not in any way asking for active work on it, but at least not marking it at deprecated and not discouraging developers with inefficient implementation and unwillingness to have one would be really cool and it would stand for the values of respect I enjoy so much around the golang tooling !

Anyone feels the same ? Feel free to close the issue if it seems unreasonable, and again I want to express my gratitude to everyone who wrote this package 😛 .