feat: add ECDSA public key recover from message, signature and recovery info

[ivokub]

Works for secp256k1, but not yet for the other curves as for computing y from x I need b from the curve equation, but it doesn't seem to be readily available outside the main curve package.

@yelhousni, do you have suggestions?

[CLAassistant]

All committers have signed the CLA.

[ivokub]

So, right now implemented only for secp256k1. The cofactors are huge for all curves except stark, bn254 and secp256k1. But ECDSA recover over other curves do not make too much sense, so implemented code generation only for secp256k1, as this is widely-used primitive.

[yelhousni]

LGTM except from a couple of thoughts and a fix for stark-curve (a=1).

[ivokub]

@yelhousni - I had some premature optimization when computing y-coordinate part of v. It kinda worked by accident for secp256k1, but not at all for bn254 and start-curve. Now removed the optimisation and am doing it properly.

[yelhousni]

looks great to me!
suggested edit:

diff --git a/ecc/bls12-377/bls12-377.go b/ecc/bls12-377/bls12-377.go
index 1df86e09..43fbe1f6 100644
--- a/ecc/bls12-377/bls12-377.go
+++ b/ecc/bls12-377/bls12-377.go
@@ -42,8 +42,6 @@ const ID = ecc.BLS12_377
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // twist
diff --git a/ecc/bls12-378/bls12-378.go b/ecc/bls12-378/bls12-378.go
index 7a9578e1..d80db02f 100644
--- a/ecc/bls12-378/bls12-378.go
+++ b/ecc/bls12-378/bls12-378.go
@@ -42,8 +42,6 @@ const ID = ecc.BLS12_378
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // bTwistCurveCoeff b coeff of the twist (defined over 𝔽p²) curve
diff --git a/ecc/bls12-381/bls12-381.go b/ecc/bls12-381/bls12-381.go
index 6c50c196..db989bce 100644
--- a/ecc/bls12-381/bls12-381.go
+++ b/ecc/bls12-381/bls12-381.go
@@ -42,8 +42,6 @@ const ID = ecc.BLS12_381
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // twist
diff --git a/ecc/bls24-315/bls24-315.go b/ecc/bls24-315/bls24-315.go
index 75158e32..9fc45546 100644
--- a/ecc/bls24-315/bls24-315.go
+++ b/ecc/bls24-315/bls24-315.go
@@ -43,8 +43,6 @@ const ID = ecc.BLS24_315
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // twist
diff --git a/ecc/bls24-317/bls24-317.go b/ecc/bls24-317/bls24-317.go
index 3c96d705..00589b87 100644
--- a/ecc/bls24-317/bls24-317.go
+++ b/ecc/bls24-317/bls24-317.go
@@ -43,8 +43,6 @@ const ID = ecc.BLS24_317
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // twist
diff --git a/ecc/bn254/bn254.go b/ecc/bn254/bn254.go
index c527e676..602a1c7a 100644
--- a/ecc/bn254/bn254.go
+++ b/ecc/bn254/bn254.go
@@ -56,8 +56,6 @@ const ID = ecc.BN254
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // twist
diff --git a/ecc/bw6-633/bw6-633.go b/ecc/bw6-633/bw6-633.go
index e5b835ee..b34f6c21 100644
--- a/ecc/bw6-633/bw6-633.go
+++ b/ecc/bw6-633/bw6-633.go
@@ -40,8 +40,6 @@ const ID = ecc.BW6_633
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // bTwistCurveCoeff b coeff of the twist (defined over 𝔽p) curve
diff --git a/ecc/bw6-756/bw6-756.go b/ecc/bw6-756/bw6-756.go
index 12def21a..6a1c71fe 100644
--- a/ecc/bw6-756/bw6-756.go
+++ b/ecc/bw6-756/bw6-756.go
@@ -40,8 +40,6 @@ const ID = ecc.BW6_756
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // bTwistCurveCoeff b coeff of the twist (defined over 𝔽p) curve
diff --git a/ecc/bw6-761/bw6-761.go b/ecc/bw6-761/bw6-761.go
index 80f333db..acbb635f 100644
--- a/ecc/bw6-761/bw6-761.go
+++ b/ecc/bw6-761/bw6-761.go
@@ -42,8 +42,6 @@ const ID = ecc.BW6_761
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // bTwistCurveCoeff b coeff of the twist (defined over 𝔽p) curve
diff --git a/ecc/secp256k1/secp256k1.go b/ecc/secp256k1/secp256k1.go
index 1ed96ebd..c3154083 100644
--- a/ecc/secp256k1/secp256k1.go
+++ b/ecc/secp256k1/secp256k1.go
@@ -41,8 +41,6 @@ const ID = ecc.SECP256K1
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+b
 var bCurveCoeff fp.Element
 
 // generator of the r-torsion group
diff --git a/ecc/stark-curve/stark_curve.go b/ecc/stark-curve/stark_curve.go
index 810b534c..c7ec96f8 100644
--- a/ecc/stark-curve/stark_curve.go
+++ b/ecc/stark-curve/stark_curve.go
@@ -38,8 +38,6 @@ const ID = ecc.STARK_CURVE
 
 // aCurveCoeff is the a coefficients of the curve Y²=X³+ax+b
 var aCurveCoeff fp.Element
-
-// bCurveCoeff b coeff of the curve Y²=X³+x+b
 var bCurveCoeff fp.Element
 
 // generator of the r-torsion group