From 5bf319b10e9a0ee59a0c2fd84dcf90904d544be4 Mon Sep 17 00:00:00 2001
From: Dave Bakker <github@davebakker.io>
Date: Tue, 10 Mar 2026 21:40:01 +0100
Subject: [PATCH] Allow `get(-insecure)-random-bytes` to return fewer bytes
 than requested

---
 proposals/random/wit-0.3.0-draft/insecure.wit | 11 +++++++++--
 proposals/random/wit-0.3.0-draft/random.wit   | 12 ++++++++++--
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/proposals/random/wit-0.3.0-draft/insecure.wit b/proposals/random/wit-0.3.0-draft/insecure.wit
index 9ce8c2d9..c1a8fd1a 100644
--- a/proposals/random/wit-0.3.0-draft/insecure.wit
+++ b/proposals/random/wit-0.3.0-draft/insecure.wit
@@ -5,7 +5,7 @@ package wasi:random@0.3.0-rc-2026-02-09;
 /// Windows.
 @since(version = 0.3.0-rc-2026-02-09)
 interface insecure {
-    /// Return `len` insecure pseudo-random bytes.
+    /// Return up to `max-len` insecure pseudo-random bytes.
     ///
     /// This function is not cryptographically secure. Do not use it for
     /// anything related to security.
@@ -13,8 +13,15 @@ interface insecure {
     /// There are no requirements on the values of the returned bytes, however
     /// implementations are encouraged to return evenly distributed values with
     /// a long period.
+    ///
+    /// Implementations MAY return fewer bytes than requested (a short read).
+    /// Callers that require exactly `max-len` bytes MUST call this function in
+    /// a loop until the desired number of bytes has been accumulated.
+    /// Implementations MUST return at least 1 byte when `max-len` is greater
+    /// than zero. When `max-len` is zero, implementations MUST return an empty
+    /// list without trapping.
     @since(version = 0.3.0-rc-2026-02-09)
-    get-insecure-random-bytes: func(len: u64) -> list<u8>;
+    get-insecure-random-bytes: func(max-len: u64) -> list<u8>;
 
     /// Return an insecure pseudo-random `u64` value.
     ///
diff --git a/proposals/random/wit-0.3.0-draft/random.wit b/proposals/random/wit-0.3.0-draft/random.wit
index 5adbdca4..5957bd52 100644
--- a/proposals/random/wit-0.3.0-draft/random.wit
+++ b/proposals/random/wit-0.3.0-draft/random.wit
@@ -5,7 +5,8 @@ package wasi:random@0.3.0-rc-2026-02-09;
 /// Windows.
 @since(version = 0.3.0-rc-2026-02-09)
 interface random {
-    /// Return `len` cryptographically-secure random or pseudo-random bytes.
+    /// Return up to `max-len` cryptographically-secure random or pseudo-random
+    /// bytes.
     ///
     /// This function must produce data at least as cryptographically secure and
     /// fast as an adequately seeded cryptographically-secure pseudo-random
@@ -14,11 +15,18 @@ interface random {
     /// request and on requests for numbers of bytes. The returned data must
     /// always be unpredictable.
     ///
+    /// Implementations MAY return fewer bytes than requested (a short read).
+    /// Callers that require exactly `max-len` bytes MUST call this function in
+    /// a loop until the desired number of bytes has been accumulated.
+    /// Implementations MUST return at least 1 byte when `max-len` is greater
+    /// than zero. When `max-len` is zero, implementations MUST return an empty
+    /// list without trapping.
+    ///
     /// This function must always return fresh data. Deterministic environments
     /// must omit this function, rather than implementing it with deterministic
     /// data.
     @since(version = 0.3.0-rc-2026-02-09)
-    get-random-bytes: func(len: u64) -> list<u8>;
+    get-random-bytes: func(max-len: u64) -> list<u8>;
 
     /// Return a cryptographically-secure random or pseudo-random `u64` value.
     ///