tendermint - npm Package Compare versions

Comparing version 3.3.0 to 3.4.0

lib/verify.js

@@ -6,8 +6,6 @@ 'use strict';
 // TODO: try to load native ed25519 implementation, fall back to supercop.js
-var secp256k1 = require('secp256k1');
 
 var _require = require('./hash.js'),
     getBlockHash = _require.getBlockHash,
-    getValidatorSetHash = _require.getValidatorSetHash,
-    sha256 = _require.sha256;
+    getValidatorSetHash = _require.getValidatorSetHash;
 
@@ -158,3 +156,2 @@ var _require2 = require('./pubkey.js'),
       validatorsByAddress[validator.address] = validator;
-      validator.voting_power = safeParseInt(validator.voting_power);
     }
@@ -198,18 +195,5 @@ } catch (err) {
       var pubKey = Buffer.from(_validator.pub_key.value, 'base64');
-      var pubKeyType = _validator.pub_key.type;
 
-      var validSignature = void 0;
-      switch (pubKeyType) {
-        case 'tendermint/PubKeyEd25519':
-          validSignature = ed25519.verify(signature, signBytes, pubKey);
-          break;
-
-        case 'tendermint/PubKeySecp256k1':
-          validSignature = secp256k1.verify(sha256(signBytes), signature, pubKey);
-          break;
-
-        default:
-          throw Error('Unknown pubkey type "' + _validator.pub_key.type + '"');
-      }
-      if (validSignature !== true) {
+      // TODO: support secp256k1 sigs
+      if (!ed25519.verify(signature, signBytes, pubKey)) {
         throw Error('Invalid precommit signature');
@@ -272,5 +256,5 @@ }
 
-      var votingPower = safeParseInt(validator.voting_power);
-      verifyPositiveInt(votingPower);
-      if (votingPower === 0) {
+      validator.voting_power = safeParseInt(validator.voting_power);
+      verifyPositiveInt(validator.voting_power);
+      if (validator.voting_power === 0) {
         throw Error('Validator voting power must be > 0');
@@ -277,0 +261,0 @@ }

package.json

 {
   "name": "tendermint",
-  "version": "3.3.0",
+  "version": "3.4.0",
   "description": "A light client which talks to your Tendermint node over RPC",
@@ -23,3 +23,2 @@ "main": "index.js",
     "pumpify": "^1.3.5",
-    "secp256k1": "^3.5.2",
     "supercop.js": "^2.0.1",
@@ -26,0 +25,0 @@ "varstruct": "^6.1.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Dependency count

11

decreased by-8.33%

Worsened metrics

Total package byte prevSize

42724

decreased by-1.31%

Lines of code

976

decreased by-1.41%

Dependency changes

• - Removedsecp256k1@^3.5.2

• - Removedbindings@1.5.0(transitive)

• - Removedbip66@1.1.5(transitive)

• - Removedbn.js@4.12.0(transitive)

• - Removedbrorand@1.1.0(transitive)

• - Removedbrowserify-aes@1.2.0(transitive)

• - Removedbuffer-xor@1.0.3(transitive)

• - Removedcreate-hmac@1.1.7(transitive)

• - Removeddrbg.js@1.0.1(transitive)

• - Removedelliptic@6.5.7(transitive)

• - Removedevp_bytestokey@1.0.3(transitive)

• - Removedfile-uri-to-path@1.0.0(transitive)

• - Removedhash.js@1.1.7(transitive)

• - Removedhmac-drbg@1.0.1(transitive)

• - Removedminimalistic-assert@1.0.1(transitive)

• - Removedminimalistic-crypto-utils@1.0.1(transitive)

• - Removednan@2.20.0(transitive)

• - Removedsecp256k1@3.8.0(transitive)