Switch from noble-secp to noble-curves

ethereumjs · Apr 13, 2023 · 3f9b315 · 3f9b315
1 parent e4d35ed
commit 3f9b315
Show file tree

Hide file tree

Showing 8 changed files with 115 additions and 97 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/devp2p/src/dpt/dpt.ts b/packages/devp2p/src/dpt/dpt.ts
@@ -1,5 +1,5 @@
 import { randomBytes } from 'crypto'
-import { getPublicKey } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 import { EventEmitter } from 'events'
 import ms = require('ms')
 
@@ -107,7 +107,7 @@ export class DPT extends EventEmitter {
     super()
 
     this.privateKey = Buffer.from(privateKey)
-    this._id = pk2id(Buffer.from(getPublicKey(this.privateKey, false)))
+    this._id = pk2id(Buffer.from(secp256k1.getPublicKey(this.privateKey, false)))
     this._shouldFindNeighbours = options.shouldFindNeighbours ?? true
     this._shouldGetDnsPeers = options.shouldGetDnsPeers ?? false
     // By default, tries to connect to 12 new peers every 3s

diff --git a/packages/devp2p/src/rlpx/ecies.ts b/packages/devp2p/src/rlpx/ecies.ts
@@ -2,7 +2,7 @@ import { RLP } from '@ethereumjs/rlp'
 import { bufArrToArr } from '@ethereumjs/util'
 import * as crypto from 'crypto'
 import { debug as createDebugLogger } from 'debug'
-import { getPublicKey } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 import { ecdh, ecdsaRecover, ecdsaSign } from 'ethereum-cryptography/secp256k1-compat'
 
 import {
@@ -82,7 +82,7 @@ export class ECIES {
 
     this._nonce = crypto.randomBytes(32)
     this._ephemeralPrivateKey = genPrivateKey()
-    this._ephemeralPublicKey = Buffer.from(getPublicKey(this._ephemeralPrivateKey, false))
+    this._ephemeralPublicKey = Buffer.from(secp256k1.getPublicKey(this._ephemeralPrivateKey, false))
   }
 
   _encryptMessage(data: Buffer, sharedMacData: Buffer | null = null): Buffer | undefined {
@@ -108,7 +108,7 @@ export class ECIES {
       .update(Buffer.concat([dataIV, sharedMacData]))
       .digest()
 
-    const publicKey = getPublicKey(privateKey, false)
+    const publicKey = secp256k1.getPublicKey(privateKey, false)
     return Buffer.concat([publicKey, dataIV, tag])
   }
 

diff --git a/packages/devp2p/src/rlpx/rlpx.ts b/packages/devp2p/src/rlpx/rlpx.ts
@@ -1,5 +1,5 @@
 import { debug as createDebugLogger } from 'debug'
-import { getPublicKey } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 import { EventEmitter } from 'events'
 import * as LRUCache from 'lru-cache'
 import ms = require('ms')
@@ -59,7 +59,7 @@ export class RLPx extends EventEmitter {
     super()
 
     this._privateKey = Buffer.from(privateKey)
-    this._id = pk2id(Buffer.from(getPublicKey(this._privateKey, false)))
+    this._id = pk2id(Buffer.from(secp256k1.getPublicKey(this._privateKey, false)))
 
     // options
     this._timeout = options.timeout ?? ms('10s')

diff --git a/packages/devp2p/src/util.ts b/packages/devp2p/src/util.ts
@@ -2,7 +2,7 @@ import { RLP } from '@ethereumjs/rlp'
 import { arrToBufArr } from '@ethereumjs/util'
 import { debug as createDebugLogger } from 'debug'
 import { keccak256 as _keccak256 } from 'ethereum-cryptography/keccak'
-import { utils } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 import { publicKeyConvert } from 'ethereum-cryptography/secp256k1-compat'
 
 import type { ETH } from './protocol/eth'
@@ -16,8 +16,8 @@ export function keccak256(...buffers: Buffer[]) {
 }
 
 export function genPrivateKey(): Buffer {
-  const privateKey = utils.randomPrivateKey()
-  return utils.isValidPrivateKey(privateKey) ? Buffer.from(privateKey) : genPrivateKey()
+  const privateKey = secp256k1.utils.randomPrivateKey()
+  return secp256k1.utils.isValidPrivateKey(privateKey) ? Buffer.from(privateKey) : genPrivateKey()
 }
 
 export function pk2id(pk: Buffer): Buffer {

diff --git a/packages/util/src/account.ts b/packages/util/src/account.ts
@@ -1,6 +1,6 @@
 import { RLP } from '@ethereumjs/rlp'
 import { keccak256 } from 'ethereum-cryptography/keccak'
-import { Point as ProjectivePoint, utils } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 import { bytesToHex } from 'ethereum-cryptography/utils'
 
 import {
@@ -239,7 +239,7 @@ export const generateAddress2 = function (from: Buffer, salt: Buffer, initCode:
  * Checks if the private key satisfies the rules of the curve secp256k1.
  */
 export const isValidPrivate = function (privateKey: Buffer): boolean {
-  return utils.isValidPrivateKey(privateKey)
+  return secp256k1.utils.isValidPrivateKey(privateKey)
 }
 
 /**
@@ -254,7 +254,7 @@ export const isValidPublic = function (publicKey: Buffer, sanitize: boolean = fa
     // Convert to SEC1 for secp256k1
     // Automatically checks whether point is on curve
     try {
-      ProjectivePoint.fromHex(Buffer.concat([Buffer.from([4]), publicKey]))
+      secp256k1.ProjectivePoint.fromHex(Buffer.concat([Buffer.from([4]), publicKey]))
       return true
     } catch (e) {
       return false
@@ -266,7 +266,7 @@ export const isValidPublic = function (publicKey: Buffer, sanitize: boolean = fa
   }
 
   try {
-    ProjectivePoint.fromHex(publicKey)
+    secp256k1.ProjectivePoint.fromHex(publicKey)
     return true
   } catch (e) {
     return false
@@ -282,7 +282,7 @@ export const isValidPublic = function (publicKey: Buffer, sanitize: boolean = fa
 export const pubToAddress = function (pubKey: Buffer, sanitize: boolean = false): Buffer {
   assertIsBuffer(pubKey)
   if (sanitize && pubKey.length !== 64) {
-    pubKey = Buffer.from(ProjectivePoint.fromHex(pubKey).toRawBytes(false).slice(1))
+    pubKey = Buffer.from(secp256k1.ProjectivePoint.fromHex(pubKey).toRawBytes(false).slice(1))
   }
   if (pubKey.length !== 64) {
     throw new Error('Expected pubKey to be of length 64')
@@ -299,7 +299,9 @@ export const publicToAddress = pubToAddress
 export const privateToPublic = function (privateKey: Buffer): Buffer {
   assertIsBuffer(privateKey)
   // skip the type flag and use the X, Y points
-  return Buffer.from(ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(false).slice(1))
+  return Buffer.from(
+    secp256k1.ProjectivePoint.fromPrivateKey(privateKey).toRawBytes(false).slice(1)
+  )
 }
 
 /**
@@ -316,7 +318,7 @@ export const privateToAddress = function (privateKey: Buffer): Buffer {
 export const importPublic = function (publicKey: Buffer): Buffer {
   assertIsBuffer(publicKey)
   if (publicKey.length !== 64) {
-    publicKey = Buffer.from(ProjectivePoint.fromHex(publicKey).toRawBytes(false).slice(1))
+    publicKey = Buffer.from(secp256k1.ProjectivePoint.fromHex(publicKey).toRawBytes(false).slice(1))
   }
   return publicKey
 }

diff --git a/packages/util/src/constants.ts b/packages/util/src/constants.ts
@@ -1,5 +1,5 @@
 import { Buffer } from 'buffer'
-import { CURVE } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 
 /**
  * 2^64-1
@@ -22,8 +22,8 @@ export const MAX_INTEGER_BIGINT = BigInt(
   '115792089237316195423570985008687907853269984665640564039457584007913129639935'
 )
 
-export const SECP256K1_ORDER = CURVE.n
-export const SECP256K1_ORDER_DIV_2 = CURVE.n / BigInt(2)
+export const SECP256K1_ORDER = secp256k1.CURVE.n
+export const SECP256K1_ORDER_DIV_2 = secp256k1.CURVE.n / BigInt(2)
 
 /**
  * 2^256

diff --git a/packages/util/src/signature.ts b/packages/util/src/signature.ts
@@ -1,5 +1,5 @@
 import { keccak256 } from 'ethereum-cryptography/keccak'
-import { Signature, sign } from 'ethereum-cryptography/secp256k1'
+import { secp256k1 } from 'ethereum-cryptography/secp256k1'
 
 import { bufferToBigInt, bufferToHex, bufferToInt, setLengthLeft, toBuffer } from './bytes'
 import { SECP256K1_ORDER, SECP256K1_ORDER_DIV_2 } from './constants'
@@ -18,15 +18,15 @@ export interface ECDSASignature {
  * accordingly, otherwise return a "static" `v` just derived from the `recovery` bit
  */
 export function ecsign(msgHash: Buffer, privateKey: Buffer, chainId?: bigint): ECDSASignature {
-  const [signature, recovery] = sign(msgHash, privateKey, { recovered: true, der: false })
-
-  const r = Buffer.from(signature.slice(0, 32))
-  const s = Buffer.from(signature.slice(32, 64))
+  const sig = secp256k1.sign(msgHash, privateKey)
+  const buf = sig.toCompactRawBytes()
+  const r = Buffer.from(buf.slice(0, 32))
+  const s = Buffer.from(buf.slice(32, 64))
 
   const v =
     chainId === undefined
-      ? BigInt(recovery + 27)
-      : BigInt(recovery + 35) + BigInt(chainId) * BigInt(2)
+      ? BigInt(sig.recovery! + 27)
+      : BigInt(sig.recovery! + 35) + BigInt(chainId) * BigInt(2)
 
   return { r, s, v }
 }
@@ -62,9 +62,9 @@ export const ecrecover = function (
     throw new Error('Invalid signature v value')
   }
 
-  const sig = Signature.fromCompact(signature).addRecoveryBit(Number(recovery))
+  const sig = secp256k1.Signature.fromCompact(signature).addRecoveryBit(Number(recovery))
   const senderPubKey = sig.recoverPublicKey(msgHash)
-  return Buffer.from(senderPubKey.slice(1))
+  return Buffer.from(senderPubKey.toRawBytes(false).slice(1))
 }
 
 /**