@nomicfoundation/ethereumjs-util - npm Package Compare versions

Comparing version 8.0.0-rc.1 to 8.0.0-rc.2

dist/account.js

@@ -7,3 +7,2 @@ "use strict";
 const secp256k1_1 = require("ethereum-cryptography/secp256k1");
-const utils_1 = require("ethereum-cryptography/utils");
 const bytes_1 = require("./bytes");
@@ -123,3 +122,3 @@ const constants_1 = require("./constants");
     const buf = Buffer.from(prefix + address, 'utf8');
-    const hash = (0, utils_1.bytesToHex)((0, keccak_1.keccak256)(buf));
+    const hash = (0, keccak_1.keccak256)(buf).toString('hex');
     let ret = '0x';
@@ -157,6 +156,6 @@ for (let i = 0; i < address.length; i++) {
         // read the RLP documentation for an answer if you dare
-        return Buffer.from((0, keccak_1.keccak256)(ethereumjs_rlp_1.RLP.encode((0, bytes_1.bufArrToArr)([from, null])))).slice(-20);
+        return (0, bytes_1.toBuffer)((0, keccak_1.keccak256)((0, bytes_1.arrToBufArr)(ethereumjs_rlp_1.RLP.encode([from, null])))).slice(-20);
     }
     // Only take the lower 160bits of the hash
-    return Buffer.from((0, keccak_1.keccak256)(ethereumjs_rlp_1.RLP.encode((0, bytes_1.bufArrToArr)([from, nonce])))).slice(-20);
+    return Buffer.from((0, keccak_1.keccak256)((0, bytes_1.arrToBufArr)(ethereumjs_rlp_1.RLP.encode((0, bytes_1.bufArrToArr)([from, nonce]))))).slice(-20);
 };
@@ -188,3 +187,3 @@ exports.generateAddress = generateAddress;
 const isValidPrivate = function (privateKey) {
-    return secp256k1_1.utils.isValidPrivateKey(privateKey);
+    return (0, secp256k1_1.privateKeyVerify)(privateKey);
 };
@@ -202,10 +201,3 @@ exports.isValidPrivate = isValidPrivate;
         // Convert to SEC1 for secp256k1
-        // Automatically checks whether point is on curve
-        try {
-            secp256k1_1.Point.fromHex(Buffer.concat([Buffer.from([4]), publicKey]));
-            return true;
-        }
-        catch (e) {
-            return false;
-        }
+        return (0, secp256k1_1.publicKeyVerify)(Buffer.concat([Buffer.from([4]), publicKey]));
     }
@@ -215,9 +207,3 @@ if (!sanitize) {
     }
-    try {
-        secp256k1_1.Point.fromHex(publicKey);
-        return true;
-    }
-    catch (e) {
-        return false;
-    }
+    return (0, secp256k1_1.publicKeyVerify)(publicKey);
 };
@@ -234,3 +220,3 @@ exports.isValidPublic = isValidPublic;
     if (sanitize && pubKey.length !== 64) {
-        pubKey = Buffer.from(secp256k1_1.Point.fromHex(pubKey).toRawBytes(false).slice(1));
+        pubKey = Buffer.from((0, secp256k1_1.publicKeyConvert)(pubKey, false).slice(1));
     }
@@ -252,3 +238,3 @@ if (pubKey.length !== 64) {
     // skip the type flag and use the X, Y points
-    return Buffer.from(secp256k1_1.Point.fromPrivateKey(privateKey).toRawBytes(false).slice(1));
+    return Buffer.from((0, secp256k1_1.publicKeyCreate)(privateKey, false)).slice(1);
 };
@@ -270,3 +256,3 @@ exports.privateToPublic = privateToPublic;
     if (publicKey.length !== 64) {
-        publicKey = Buffer.from(secp256k1_1.Point.fromHex(publicKey).toRawBytes(false).slice(1));
+        publicKey = Buffer.from((0, secp256k1_1.publicKeyConvert)(publicKey, false).slice(1));
     }
@@ -273,0 +259,0 @@ return publicKey;

dist/constants.js

@@ -5,3 +5,2 @@ "use strict";
 const buffer_1 = require("buffer");
-const secp256k1_1 = require("ethereum-cryptography/secp256k1");
 /**
@@ -19,4 +18,4 @@ * 2^64-1
 exports.MAX_INTEGER_BIGINT = BigInt(2) ** BigInt(256) - BigInt(1);
-exports.SECP256K1_ORDER = secp256k1_1.CURVE.n;
-exports.SECP256K1_ORDER_DIV_2 = secp256k1_1.CURVE.n / BigInt(2);
+exports.SECP256K1_ORDER = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141');
+exports.SECP256K1_ORDER_DIV_2 = exports.SECP256K1_ORDER / BigInt(2);
 /**
@@ -23,0 +22,0 @@ * 2^256

dist/signature.js

@@ -5,3 +5,3 @@ "use strict";
 const keccak_1 = require("ethereum-cryptography/keccak");
-const secp256k1_1 = require("ethereum-cryptography/secp256k1");
+const secp256k1_1 = require("secp256k1");
 const bytes_1 = require("./bytes");
@@ -17,3 +17,3 @@ const constants_1 = require("./constants");
 function ecsign(msgHash, privateKey, chainId) {
-    const [signature, recovery] = (0, secp256k1_1.signSync)(msgHash, privateKey, { recovered: true, der: false });
+    const { signature, recid: recovery } = (0, secp256k1_1.ecdsaSign)(msgHash, privateKey);
     const r = Buffer.from(signature.slice(0, 32));
@@ -49,4 +49,4 @@ const s = Buffer.from(signature.slice(32, 64));
     }
-    const senderPubKey = (0, secp256k1_1.recoverPublicKey)(msgHash, signature, Number(recovery));
-    return Buffer.from(senderPubKey.slice(1));
+    const senderPubKey = (0, secp256k1_1.ecdsaRecover)(signature, Number(recovery), msgHash);
+    return Buffer.from((0, secp256k1_1.publicKeyConvert)(senderPubKey, false).slice(1));
 };
@@ -53,0 +53,0 @@ exports.ecrecover = ecrecover;

package.json

 {
   "name": "@nomicfoundation/ethereumjs-util",
-  "version": "8.0.0-rc.1",
+  "version": "8.0.0-rc.2",
   "description": "A collection of utility functions for Ethereum",
@@ -86,3 +86,3 @@ "keywords": [
     "@nomicfoundation/ethereumjs-rlp": "^4.0.0-beta.2",
-    "ethereum-cryptography": "^1.1.2"
+    "ethereum-cryptography": "0.1.3"
   },
@@ -89,0 +89,0 @@ "devDependencies": {

src/account.ts

 import { RLP } from '@nomicfoundation/ethereumjs-rlp'
 import { keccak256 } from 'ethereum-cryptography/keccak'
-import { Point, utils } from 'ethereum-cryptography/secp256k1'
-import { bytesToHex } from 'ethereum-cryptography/utils'
+import {
+  privateKeyVerify,
+  publicKeyConvert,
+  publicKeyCreate,
+  publicKeyVerify,
+} from 'ethereum-cryptography/secp256k1'
 
@@ -167,3 +171,3 @@ import {
   const buf = Buffer.from(prefix + address, 'utf8')
-  const hash = bytesToHex(keccak256(buf))
+  const hash = keccak256(buf).toString('hex')
   let ret = '0x'
@@ -206,7 +210,7 @@
     // read the RLP documentation for an answer if you dare
-    return Buffer.from(keccak256(RLP.encode(bufArrToArr([from, null] as any)))).slice(-20)
+    return toBuffer(keccak256(arrToBufArr(RLP.encode([from, null])))).slice(-20)
   }
 
   // Only take the lower 160bits of the hash
-  return Buffer.from(keccak256(RLP.encode(bufArrToArr([from, nonce])))).slice(-20)
+  return Buffer.from(keccak256(arrToBufArr(RLP.encode(bufArrToArr([from, nonce]))))).slice(-20)
 }
@@ -243,3 +247,3 @@
 export const isValidPrivate = function (privateKey: Buffer): boolean {
-  return utils.isValidPrivateKey(privateKey)
+  return privateKeyVerify(privateKey)
 }
@@ -257,9 +261,3 @@
     // Convert to SEC1 for secp256k1
-    // Automatically checks whether point is on curve
-    try {
-      Point.fromHex(Buffer.concat([Buffer.from([4]), publicKey]))
-      return true
-    } catch (e) {
-      return false
-    }
+    return publicKeyVerify(Buffer.concat([Buffer.from([4]), publicKey]))
   }
@@ -271,8 +269,3 @@
 
-  try {
-    Point.fromHex(publicKey)
-    return true
-  } catch (e) {
-    return false
-  }
+  return publicKeyVerify(publicKey)
 }
@@ -289,3 +282,3 @@
   if (sanitize && pubKey.length !== 64) {
-    pubKey = Buffer.from(Point.fromHex(pubKey).toRawBytes(false).slice(1))
+    pubKey = Buffer.from(publicKeyConvert(pubKey, false).slice(1))
   }
@@ -307,3 +300,3 @@ if (pubKey.length !== 64) {
   // skip the type flag and use the X, Y points
-  return Buffer.from(Point.fromPrivateKey(privateKey).toRawBytes(false).slice(1))
+  return Buffer.from(publicKeyCreate(privateKey, false)).slice(1)
 }
@@ -325,3 +318,3 @@
   if (publicKey.length !== 64) {
-    publicKey = Buffer.from(Point.fromHex(publicKey).toRawBytes(false).slice(1))
+    publicKey = Buffer.from(publicKeyConvert(publicKey, false).slice(1))
   }
@@ -328,0 +321,0 @@ return publicKey

src/constants.ts

 import { Buffer } from 'buffer'
-import { CURVE } from 'ethereum-cryptography/secp256k1'
 
@@ -21,4 +20,6 @@ /**
 
-export const SECP256K1_ORDER = CURVE.n
-export const SECP256K1_ORDER_DIV_2 = CURVE.n / BigInt(2)
+export const SECP256K1_ORDER = BigInt(
+  '0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141'
+)
+export const SECP256K1_ORDER_DIV_2 = SECP256K1_ORDER / BigInt(2)
 
@@ -25,0 +26,0 @@ /**

src/signature.ts

 import { keccak256 } from 'ethereum-cryptography/keccak'
-import { recoverPublicKey, signSync } from 'ethereum-cryptography/secp256k1'
+import { ecdsaRecover, ecdsaSign, publicKeyConvert } from 'secp256k1'
 
@@ -21,3 +21,3 @@ import { bufferToBigInt, bufferToHex, bufferToInt, setLengthLeft, toBuffer } from './bytes'
 export function ecsign(msgHash: Buffer, privateKey: Buffer, chainId?: bigint): ECDSASignature {
-  const [signature, recovery] = signSync(msgHash, privateKey, { recovered: true, der: false })
+  const { signature, recid: recovery } = ecdsaSign(msgHash, privateKey)
 
@@ -66,4 +66,4 @@ const r = Buffer.from(signature.slice(0, 32))
 
-  const senderPubKey = recoverPublicKey(msgHash, signature, Number(recovery))
-  return Buffer.from(senderPubKey.slice(1))
+  const senderPubKey = ecdsaRecover(signature, Number(recovery), msgHash)
+  return Buffer.from(publicKeyConvert(senderPubKey, false).slice(1))
 }
@@ -70,0 +70,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

178492

decreased by-0.4%

Number of low license alerts

4

increased by33.33%

Lines of code

3351

decreased by-0.62%

Dependency changes

• + Added@types/node@22.7.0(transitive)

• + Added@types/pbkdf2@3.1.2(transitive)

• + Added@types/secp256k1@4.0.6(transitive)

• + Addedbase-x@3.0.10(transitive)

• + Addedblakejs@1.2.1(transitive)

• + Addedbn.js@4.12.0(transitive)

• + Addedbrorand@1.1.0(transitive)

• + Addedbrowserify-aes@1.2.0(transitive)

• + Addedbs58@4.0.1(transitive)

• + Addedbs58check@2.1.2(transitive)

• + Addedbuffer-xor@1.0.3(transitive)

• + Addedcipher-base@1.0.4(transitive)

• + Addedcreate-hash@1.2.0(transitive)

• + Addedcreate-hmac@1.1.7(transitive)

• + Addedelliptic@6.5.7(transitive)

• + Addedethereum-cryptography@0.1.3(transitive)

• + Addedevp_bytestokey@1.0.3(transitive)

• + Addedhash-base@3.1.0(transitive)

• + Addedhash.js@1.1.7(transitive)

• + Addedhmac-drbg@1.0.1(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedkeccak@3.0.4(transitive)

• + Addedmd5.js@1.3.5(transitive)

• + Addedminimalistic-assert@1.0.1(transitive)

• + Addedminimalistic-crypto-utils@1.0.1(transitive)

• + Addednode-addon-api@2.0.2(transitive)

• + Addednode-gyp-build@4.8.2(transitive)

• + Addedpbkdf2@3.1.2(transitive)

• + Addedrandombytes@2.1.0(transitive)

• + Addedreadable-stream@3.6.2(transitive)

• + Addedripemd160@2.0.2(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedscrypt-js@3.0.1(transitive)

• + Addedsecp256k1@4.0.3(transitive)

• + Addedsetimmediate@1.0.5(transitive)

• + Addedsha.js@2.4.11(transitive)

• + Addedstring_decoder@1.3.0(transitive)

• + Addedundici-types@6.19.8(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• - Removed@noble/hashes@1.2.0(transitive)

• - Removed@noble/secp256k1@1.7.1(transitive)

• - Removed@scure/base@1.1.9(transitive)

• - Removed@scure/bip32@1.1.5(transitive)

• - Removed@scure/bip39@1.1.1(transitive)

• - Removedethereum-cryptography@1.2.0(transitive)

• Updatedethereum-cryptography@0.1.3