From 52fdbd539ce5c3b4158b47f7d46d5b9e89f645af Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Thu, 7 Dec 2023 11:55:29 +0100
Subject: [PATCH 1/5] Use noble-hashes for SHA256

---
 package.json  | 2 +-
 src/verify.ts | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 54a368eb..57929f80 100644
--- a/package.json
+++ b/package.json
@@ -30,6 +30,7 @@
   },
   "dependencies": {
     "@metamask/utils": "^8.1.0",
+    "@noble/hashes": "^1.3.2",
     "@noble/secp256k1": "^1.7.1",
     "superstruct": "^1.0.3"
   },
@@ -43,7 +44,6 @@
     "@metamask/snaps-controllers": "^3.4.0",
     "@metamask/snaps-utils": "^5.0.0",
     "@noble/curves": "^1.2.0",
-    "@noble/hashes": "^1.3.2",
     "@types/jest": "^28.1.6",
     "@types/node": "^17.0.23",
     "@typescript-eslint/eslint-plugin": "^5.43.0",
diff --git a/src/verify.ts b/src/verify.ts
index 978a0425..32214747 100644
--- a/src/verify.ts
+++ b/src/verify.ts
@@ -1,3 +1,4 @@
+/* eslint-disable no-restricted-globals */
 import type { Hex } from '@metamask/utils';
 import {
   remove0x,
@@ -5,9 +6,9 @@ import {
   assertStruct,
   hexToBytes,
 } from '@metamask/utils';
+import { sha256 } from '@noble/hashes/sha256';
 import {
   verify as nobleVerify,
-  utils,
   Signature as NobleSignature,
 } from '@noble/secp256k1';
 import type { Infer } from 'superstruct';
@@ -48,7 +49,7 @@ export async function verify({
 
   return nobleVerify(
     NobleSignature.fromHex(remove0x(signature.signature)),
-    await utils.sha256(stringToBytes(registry)),
+    sha256(stringToBytes(registry)),
     publicKeyBytes,
   );
 }

From 7d9f52133eccc1c915b312533f4a9c12ff6f814c Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Thu, 7 Dec 2023 11:56:30 +0100
Subject: [PATCH 2/5] Remove unused linter directive

---
 src/verify.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/verify.ts b/src/verify.ts
index 32214747..d1859aa9 100644
--- a/src/verify.ts
+++ b/src/verify.ts
@@ -1,4 +1,3 @@
-/* eslint-disable no-restricted-globals */
 import type { Hex } from '@metamask/utils';
 import {
   remove0x,

From 6e6abe5f176235fd0f73a0223294145099bd0223 Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Thu, 7 Dec 2023 12:03:32 +0100
Subject: [PATCH 3/5] Make verify synchronous

---
 src/verify.test.ts | 8 ++++----
 src/verify.ts      | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/verify.test.ts b/src/verify.test.ts
index 7815b62c..0d3de572 100644
--- a/src/verify.test.ts
+++ b/src/verify.test.ts
@@ -13,7 +13,7 @@ const MOCK_SIGNATURE = {
 describe('verify', () => {
   it('verifies a valid signature', async () => {
     expect(
-      await verify({
+      verify({
         registry: MOCK_REGISTRY,
         signature: MOCK_SIGNATURE,
         publicKey: MOCK_PUBLIC_KEY,
@@ -23,7 +23,7 @@ describe('verify', () => {
 
   it('rejects an invalid signature', async () => {
     expect(
-      await verify({
+      verify({
         registry: MOCK_REGISTRY,
         signature: {
           ...MOCK_SIGNATURE,
@@ -36,7 +36,7 @@ describe('verify', () => {
   });
 
   it('throws an error if the signature format is invalid', async () => {
-    await expect(
+    expect(() =>
       verify({
         registry: MOCK_REGISTRY,
         signature: {
@@ -45,7 +45,7 @@ describe('verify', () => {
         },
         publicKey: MOCK_PUBLIC_KEY,
       }),
-    ).rejects.toThrow(
+    ).toThrow(
       'Invalid signature object: At path: signature -- Expected a string, but received: undefined.',
     );
   });
diff --git a/src/verify.ts b/src/verify.ts
index d1859aa9..fe9c61bd 100644
--- a/src/verify.ts
+++ b/src/verify.ts
@@ -37,11 +37,11 @@ type VerifyArgs = {
  * the signature to.
  * @returns Whether the signature is valid.
  */
-export async function verify({
+export function verify({
   registry,
   signature,
   publicKey,
-}: VerifyArgs): Promise<boolean> {
+}: VerifyArgs): boolean {
   assertStruct(signature, SignatureStruct, 'Invalid signature object');
 
   const publicKeyBytes = hexToBytes(publicKey);

From 2522cdccffe4dd5c001e8d2444d9420b9abdb1d4 Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Thu, 7 Dec 2023 12:14:38 +0100
Subject: [PATCH 4/5] Use noble/curves

---
 package.json          | 2 +-
 scripts/create-key.ts | 2 +-
 src/verify.ts         | 9 +++------
 yarn.lock             | 3 +--
 4 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/package.json b/package.json
index 57929f80..000a1304 100644
--- a/package.json
+++ b/package.json
@@ -30,8 +30,8 @@
   },
   "dependencies": {
     "@metamask/utils": "^8.1.0",
+    "@noble/curves": "^1.2.0",
     "@noble/hashes": "^1.3.2",
-    "@noble/secp256k1": "^1.7.1",
     "superstruct": "^1.0.3"
   },
   "devDependencies": {
diff --git a/scripts/create-key.ts b/scripts/create-key.ts
index 2476863f..04a61d0b 100644
--- a/scripts/create-key.ts
+++ b/scripts/create-key.ts
@@ -1,5 +1,5 @@
 import { bytesToHex, hasProperty } from '@metamask/utils';
-import * as secp256k1 from '@noble/secp256k1';
+import { secp256k1 } from '@noble/curves/secp256k1';
 import assert from 'assert';
 import * as dotenv from 'dotenv';
 import fs from 'fs/promises';
diff --git a/src/verify.ts b/src/verify.ts
index fe9c61bd..093ff9df 100644
--- a/src/verify.ts
+++ b/src/verify.ts
@@ -5,11 +5,8 @@ import {
   assertStruct,
   hexToBytes,
 } from '@metamask/utils';
+import { secp256k1 } from '@noble/curves/secp256k1';
 import { sha256 } from '@noble/hashes/sha256';
-import {
-  verify as nobleVerify,
-  Signature as NobleSignature,
-} from '@noble/secp256k1';
 import type { Infer } from 'superstruct';
 import { literal, object, pattern, string } from 'superstruct';
 
@@ -46,8 +43,8 @@ export function verify({
 
   const publicKeyBytes = hexToBytes(publicKey);
 
-  return nobleVerify(
-    NobleSignature.fromHex(remove0x(signature.signature)),
+  return secp256k1.verify(
+    remove0x(signature.signature),
     sha256(stringToBytes(registry)),
     publicKeyBytes,
   );
diff --git a/yarn.lock b/yarn.lock
index 0a88def2..cf7745ba 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1182,7 +1182,6 @@ __metadata:
     "@metamask/utils": ^8.1.0
     "@noble/curves": ^1.2.0
     "@noble/hashes": ^1.3.2
-    "@noble/secp256k1": ^1.7.1
     "@types/jest": ^28.1.6
     "@types/node": ^17.0.23
     "@typescript-eslint/eslint-plugin": ^5.43.0
@@ -1351,7 +1350,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@noble/secp256k1@npm:^1.5.5, @noble/secp256k1@npm:^1.7.1":
+"@noble/secp256k1@npm:^1.5.5":
   version: 1.7.1
   resolution: "@noble/secp256k1@npm:1.7.1"
   checksum: d2301f1f7690368d8409a3152450458f27e54df47e3f917292de3de82c298770890c2de7c967d237eff9c95b70af485389a9695f73eb05a43e2bd562d18b18cb

From e79f965dfb522d841a10d3854d19e2ee9b8414f9 Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Thu, 7 Dec 2023 12:18:55 +0100
Subject: [PATCH 5/5] Fix lint

---
 scripts/verify-registry.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/verify-registry.ts b/scripts/verify-registry.ts
index 39e9b333..505a0093 100644
--- a/scripts/verify-registry.ts
+++ b/scripts/verify-registry.ts
@@ -56,7 +56,7 @@ async function main() {
   assertStruct(signature, SignatureStruct);
   const registry = await fs.readFile(registryPath, 'utf-8');
 
-  const isValid = await verify({ registry, signature, publicKey });
+  const isValid = verify({ registry, signature, publicKey });
   if (!isValid) {
     console.error('Signature is invalid.');
     // eslint-disable-next-line n/no-process-exit