diff --git a/rust/account-keys/src/lib.rs b/rust/account-keys/src/lib.rs
index 9a516100a..20dd2d1ea 100644
--- a/rust/account-keys/src/lib.rs
+++ b/rust/account-keys/src/lib.rs
@@ -15,8 +15,8 @@ pub use backup::*;
 pub use error::{Error, Result};
 pub use hash::{PinHash, local_pin_hash, verify_local_pin_hash};
 use hkdf::Hkdf;
-use rand::Rng;
 use rand::distr::slice;
+use rand::{CryptoRng, Rng};
 use sha2::Sha256;
 
 pub const SVR_KEY_LEN: usize = 32;
@@ -32,7 +32,7 @@ impl AccountEntropyPool {
     const LENGTH: usize = 64;
     const ALPHABET: &'static [u8] = b"0123456789abcdefghijklmnopqrstuvwxyz";
 
-    pub fn generate(rng: &mut impl Rng) -> AccountEntropyPool {
+    pub fn generate(rng: &mut (impl Rng + CryptoRng + ?Sized)) -> AccountEntropyPool {
         let alphabet_dist = slice::Choose::new(Self::ALPHABET).expect("non-empty");
         let entropy_pool: [u8; Self::LENGTH] = std::array::from_fn(|_| *rng.sample(alphabet_dist));
         Self { entropy_pool }
@@ -116,11 +116,11 @@ mod tests {
         use assert_matches::assert_matches;
         use proptest::prelude::*;
         use rand::rngs::StdRng;
-        use rand::{Rng, SeedableRng as _};
+        use rand::{CryptoRng, SeedableRng as _};
 
         use crate::{AccountEntropyPool, InvalidAccountEntropyPool};
 
-        fn test_rng(seed: u64) -> impl Rng {
+        fn test_rng(seed: u64) -> impl CryptoRng {
             StdRng::seed_from_u64(seed)
         }
 
diff --git a/rust/core/src/curve.rs b/rust/core/src/curve.rs
index 190a30942..0c8f12f9e 100644
--- a/rust/core/src/curve.rs
+++ b/rust/core/src/curve.rs
@@ -272,7 +272,7 @@ impl PrivateKey {
         }
     }
 
-    pub fn calculate_signature<R: CryptoRng + Rng>(
+    pub fn calculate_signature<R: CryptoRng + Rng + ?Sized>(
         &self,
         message: &[u8],
         csprng: &mut R,
@@ -280,7 +280,7 @@ impl PrivateKey {
         self.calculate_signature_for_multipart_message(&[message], csprng)
     }
 
-    pub fn calculate_signature_for_multipart_message<R: CryptoRng + Rng>(
+    pub fn calculate_signature_for_multipart_message<R: CryptoRng + Rng + ?Sized>(
         &self,
         message: &[&[u8]],
         csprng: &mut R,
@@ -324,7 +324,7 @@ pub struct KeyPair {
 }
 
 impl KeyPair {
-    pub fn generate<R: Rng + CryptoRng>(csprng: &mut R) -> Self {
+    pub fn generate<R: Rng + CryptoRng + ?Sized>(csprng: &mut R) -> Self {
         let private_key = curve25519::PrivateKey::new(csprng);
 
         let public_key = PublicKey::from(PublicKeyData::DjbPublicKey(
@@ -359,7 +359,7 @@ impl KeyPair {
         })
     }
 
-    pub fn calculate_signature<R: CryptoRng + Rng>(
+    pub fn calculate_signature<R: CryptoRng + Rng + ?Sized>(
         &self,
         message: &[u8],
         csprng: &mut R,
diff --git a/rust/core/src/curve/curve25519.rs b/rust/core/src/curve/curve25519.rs
index 08cf5fdfb..48adc6ce3 100644
--- a/rust/core/src/curve/curve25519.rs
+++ b/rust/core/src/curve/curve25519.rs
@@ -26,7 +26,7 @@ pub struct PrivateKey {
 impl PrivateKey {
     pub fn new<R>(csprng: &mut R) -> Self
     where
-        R: CryptoRng + Rng,
+        R: CryptoRng + Rng + ?Sized,
     {
         // This is essentially StaticSecret::random_from_rng only with clamping
         let mut bytes = [0u8; 32];
@@ -68,7 +68,7 @@ impl PrivateKey {
         message: &[&[u8]],
     ) -> [u8; SIGNATURE_LENGTH]
     where
-        R: CryptoRng + Rng,
+        R: CryptoRng + Rng + ?Sized,
     {
         let mut random_bytes = [0u8; 64];
         csprng.fill_bytes(&mut random_bytes);