noble-secp256k1 - npm Package Compare versions

Comparing version 1.1.1 to 1.1.2

index.d.ts

		@@ -24,3 +24,2 @@ declare const CURVE: {
		_setWindowSize(windowSize: number): void;
		private static fromX;
		private static fromCompressedHex;
		@@ -27,0 +26,0 @@ private static fromUncompressedHex;

index.js

		@@ -246,24 +246,21 @@ 'use strict';
		}
		static fromX(bytes) {
		const x = bytesToNumber(bytes);
		const sqrY = weistrass(x);
		let y = powMod(sqrY, P_DIV4_1, CURVE.P);
		const isYOdd = (y & 1n) === 1n;
		if (isYOdd)
		y = mod(-y);
		const point = new Point(x, y);
		point.assertValidity();
		return point;
		}
		static fromCompressedHex(bytes) {
		if (bytes.length !== 33) {
		throw new TypeError(`Point.fromHex: compressed expects 33 bytes, not ${bytes.length * 2}`);
		const isShort = bytes.length === 32;
		if (!isShort && bytes.length !== 33) {
		throw new TypeError(`Point.fromHex: compressed expects 32/33 bytes, not ${bytes.length * 2}`);
		}
		const x = bytesToNumber(bytes.slice(1));
		const x = bytesToNumber(isShort ? bytes : bytes.slice(1));
		const sqrY = weistrass(x);
		let y = powMod(sqrY, P_DIV4_1, CURVE.P);
		const isFirstByteOdd = (bytes[0] & 1) === 1;
		const isYOdd = (y & 1n) === 1n;
		if (isFirstByteOdd !== isYOdd)
		y = mod(-y);
		if (isShort) {
		const isYOdd = (y & 1n) === 1n;
		if (isYOdd)
		y = mod(-y);
		}
		else {
		const isFirstByteOdd = (bytes[0] & 1) === 1;
		const isYOdd = (y & 1n) === 1n;
		if (isFirstByteOdd !== isYOdd)
		y = mod(-y);
		}
		const point = new Point(x, y);
		@@ -285,7 +282,6 @@ point.assertValidity();
		const bytes = hex instanceof Uint8Array ? hex : hexToBytes(hex);
		if (bytes.length === 32)
		return this.fromX(bytes);
		const header = bytes[0];
		if (header === 0x02 \|\| header === 0x03)
		if (bytes.length === 32 \|\| header === 0x02 \|\| header === 0x03) {
		return this.fromCompressedHex(bytes);
		}
		if (header === 0x04)
		@@ -292,0 +288,0 @@ return this.fromUncompressedHex(bytes);

package.json

		{
		"name": "noble-secp256k1",
		"version": "1.1.1",
		"description": "Noble secp256k1. Very fast, high-security, auditable, 0-dep, 1-file ECDSA & Schnorr.",
		"version": "1.1.2",
		"description": "Fastest JS implementation of secp256k1. Zero-dependency, high-security, auditable ECDSA & Schnorr",
		"main": "index.js",
		@@ -6,0 +6,0 @@ "files": [

README.md

		# noble-secp256k1 ![Node CI](https://github.com/paulmillr/noble-secp256k1/workflows/Node%20CI/badge.svg) [![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)

		[Very fast](#speed) JS implementattion of [secp256k1](https://www.secg.org/sec2-v2.pdf),
		[Fastest](#speed) JS implementation of [secp256k1](https://www.secg.org/sec2-v2.pdf),
		an elliptic curve that could be used for asymmetric encryption,
		@@ -11,3 +11,3 @@ ECDH key agreement protocol and signature schemes.

		Check out a blog post about this library: [Learning fast elliptic-curve cryptography in JS](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/).
		Check out [the online demo](https://paulmillr.com/ecc) and blog post: [Learning fast elliptic-curve cryptography in JS](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/)

		@@ -20,4 +20,4 @@ ### This library belongs to noble crypto
		- Easily auditable TypeScript/JS code
		- Uses es2020 bigint. Supported in Chrome, Firefox, Safari, node 10+
		- All releases are signed and trusted
		- Supported in all major browsers and stable node.js versions
		- All releases are signed with PGP keys
		- Check out all libraries:
		@@ -37,3 +37,3 @@ [secp256k1](https://github.com/paulmillr/noble-secp256k1),
		(async () => {
		// You can also pass Uint8Array and BigInt.
		// You pass either a hex string, or Uint8Array
		const privateKey = "6b911fd37cdf5c81d4c0adb1ab7fa822ed253ab0ad9aa18d77257c88b29b718e";
		@@ -45,5 +45,6 @@ const messageHash = "9c1185a5c5e9fc54612808977ee8f548b2258d31";

		// Supports Schnorr signatures.
		const signature2 = await secp.schnorr.sign(messageHash, privateKey);
		const isSigned2 = await secp.schnorr.verify(signature2, messageHash, privateKey);
		// Supports Schnorr signatures
		const rpub = secp.schnorr.getPublicKey(privateKey);
		const rsignature = await secp.schnorr.sign(messageHash, privateKey);
		const risSigned = await secp.schnorr.verify(rsignature, messageHash, rpub);
		})();
		@@ -66,2 +67,3 @@ ```
		- [`recoverPublicKey(hash, signature, recovery)`](#recoverpublickeyhash-signature-recovery)
		- [`schnorr.getPublicKey(privateKey)`](#schnorrgetpublickeyprivatekey)
		- [`schnorr.sign(hash, privateKey)`](#schnorrsignhash-privatekey)
		@@ -195,4 +197,4 @@ - [`schnorr.verify(signature, hash, publicKey)`](#schnorrverifysignature-hash-publickey)
		```typescript
		secp256k1.CURVE.P // 2 256 - 2 32 - 977
		secp256k1.CURVE.n // 2 ** 256 - 432420386565659656852420866394968145599
		secp256k1.CURVE.P // Field, 2 256 - 2 32 - 977
		secp256k1.CURVE.n // Order, 2 ** 256 - 432420386565659656852420866394968145599
		secp256k1.Point.BASE // new secp256k1.Point(Gx, Gy) where
		@@ -222,3 +224,3 @@ // Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240n
		}
		secp256k1.SignResult {
		secp256k1.Signature {
		constructor(r: bigint, s: bigint);
		@@ -233,3 +235,3 @@ // DER encoded ECDSA signature

		Noble is production-ready & secure. Our goal is to have it audited by a good security expert.
		Noble is production-ready. Our goal is to have it audited by a good security expert.

		@@ -246,31 +248,33 @@ We're using built-in JS `BigInt`, which is "unsuitable for use in cryptography" as [per official spec](https://github.com/tc39/proposal-bigint#cryptography). This means that the lib is potentially vulnerable to [timing attacks](https://en.wikipedia.org/wiki/Timing_attack). But:

		Benchmarks measured with 2.9Ghz i9-8950HK.
		Benchmarks measured with Apple M1.

		getPublicKey(utils.randomPrivateKey()) x 4,017 ops/sec @ 248μs/op
		sign x 2,620 ops/sec @ 381μs/op
		verify x 558 ops/sec @ 1ms/op
		recoverPublicKey x 301 ops/sec @ 3ms/op
		getSharedSecret aka ecdh x 435 ops/sec @ 2ms/op
		getSharedSecret (precomputed) x 4,079 ops/sec @ 245μs/op
		schnorr.sign x 252 ops/sec @ 3ms/op
		schnorr.verify x 319 ops/sec @ 3ms/op
		getPublicKey(utils.randomPrivateKey()) x 5,605 ops/sec @ 178μs/op
		sign x 3,915 ops/sec @ 255μs/op
		verify x 820 ops/sec @ 1ms/op
		recoverPublicKey x 436 ops/sec @ 2ms/op
		getSharedSecret aka ecdh x 482 ops/sec @ 2ms/op
		getSharedSecret (precomputed) x 6,152 ops/sec @ 162μs/op
		schnorr.sign x 371 ops/sec @ 2ms/op
		schnorr.verify x 469 ops/sec @ 2ms/op

		Compare to other libraries:
		Compare to other libraries (`openssl` uses native bindings, not JS):

		elliptic#sign x 1,326 ops/sec
		sjcl#sign x 185 ops/sec
		openssl#sign x 1,926 ops/sec
		ecdsa#sign x 69.32 ops/sec
		elliptic#getPublicKey x 1,940 ops/sec
		sjcl#getPublicKey x 211 ops/sec

		elliptic#verify x 575 ops/sec
		sjcl#verify x 155 ops/sec
		openssl#verify x 2,392 ops/sec
		ecdsa#verify x 45.64 ops/sec
		elliptic#sign x 1,808 ops/sec
		sjcl#sign x 199 ops/sec
		openssl#sign x 4,243 ops/sec
		ecdsa#sign x 116 ops/sec
		bip-schnorr#sign x 60 ops/sec

		(gen is getPublicKey)
		elliptic#gen x 1,434 ops/sec
		sjcl#gen x 194 ops/sec
		elliptic#verify x 812 ops/sec
		sjcl#verify x 166 ops/sec
		openssl#verify x 4,452 ops/sec
		ecdsa#verify x 80 ops/sec
		bip-schnorr#verify x 56 ops/sec

		elliptic#ecdh x 704 ops/sec
		elliptic#ecdh x 971 ops/sec


		## Contributing
		@@ -277,0 +281,0 @@

noble-secp256k1 - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics