Can a secure application be written in Motoko today, or is Rust the only way?

The Certified Variables example refers to IC’s Security best practices page, Certify query responses if they are relevant for security section, which in turn points at the ic-certified-map Rust package… Please advise.

I was just looking at that example, and it’s nearly 2 years out of date. provides the core support needed for variable certification in Motoko.

There are other packages built on top of it, such as a couple I’ve written. provides a simple interface to store both the response and the certification through a single call provides an http server in the style of express.js, and takes care of inserting the certificate as a header that will pass certification in the service worker or in the newly announced validating boundary node


I wanted to try these packages first to post an informed reply, should be able to do so over the weekend. Cheers.


please do test it! would be very useful.