The client integration point library currently depends on the libcrypto library, from the OpenSSL project. This dependency can be problematic for some client applications, because they would need to link against libcrypto as well.

Linking against static libcrypto also has a considerable effect on the resultant binary sizes. This is most visible in case of mocwrapper, which in 3.4.0 is multiple times larger than in 3.3.x versions, which did not have the libcrypto linkage.

As the CIP only utilizes the sha256 function from the library, we should consider switching to some more lightweight alternative.