use decred secp256k1 directly

crypto/signature_nocgo.go

@@ -25,8 +25,8 @@ import (
 	"fmt"
 	"math/big"
 
-	"github.com/btcsuite/btcd/btcec/v2"
-	btc_ecdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	"github.com/decred/dcrd/dcrec/secp256k1/v4"
+	decred_ecdsa "github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa"
 )
 
 // Ecrecover returns the uncompressed public key that created the given signature.
@@ -39,16 +39,16 @@ func Ecrecover(hash, sig []byte) ([]byte, error) {
 	return bytes, err
 }
 
-func sigToPub(hash, sig []byte) (*btcec.PublicKey, error) {
+func sigToPub(hash, sig []byte) (*secp256k1.PublicKey, error) {
 	if len(sig) != SignatureLength {
 		return nil, errors.New("invalid signature")
 	}
-	// Convert to btcec input format with 'recovery id' v at the beginning.
+	// Convert to secp256k1 input format with 'recovery id' v at the beginning.
 	btcsig := make([]byte, SignatureLength)
 	btcsig[0] = sig[RecoveryIDOffset] + 27
 	copy(btcsig[1:], sig)
 
-	pub, _, err := btc_ecdsa.RecoverCompact(btcsig, hash)
+	pub, _, err := decred_ecdsa.RecoverCompact(btcsig, hash)
 	return pub, err
 }
 
@@ -82,15 +82,14 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) {
 	if prv.Curve != S256() {
 		return nil, errors.New("private key curve is not secp256k1")
 	}
-	// ecdsa.PrivateKey -> btcec.PrivateKey
-	var priv btcec.PrivateKey
+	// ecdsa.PrivateKey -> secp256k1.PrivateKey
+	var priv secp256k1.PrivateKey
 	if overflow := priv.Key.SetByteSlice(prv.D.Bytes()); overflow || priv.Key.IsZero() {
 		return nil, fmt.Errorf("invalid private key")
 	}
 	defer priv.Zero()
-	sig := btc_ecdsa.SignCompact(&priv, hash, false) // ref uncompressed pubkey
-
-	// Convert to Cortex signature format with 'recovery id' v at the end.
+	sig := decred_ecdsa.SignCompact(&priv, hash, false) // ref uncompressed pubkey
+	// Convert to Ethereum signature format with 'recovery id' v at the end.
 	v := sig[0] - 27
 	copy(sig, sig[1:])
 	sig[RecoveryIDOffset] = v
@@ -104,19 +103,19 @@ func VerifySignature(pubkey, hash, signature []byte) bool {
 	if len(signature) != 64 {
 		return false
 	}
-	var r, s btcec.ModNScalar
+	var r, s secp256k1.ModNScalar
 	if r.SetByteSlice(signature[:32]) {
 		return false // overflow
 	}
 	if s.SetByteSlice(signature[32:]) {
 		return false
 	}
-	sig := btc_ecdsa.NewSignature(&r, &s)
-	key, err := btcec.ParsePubKey(pubkey)
+	sig := decred_ecdsa.NewSignature(&r, &s)
+	key, err := secp256k1.ParsePubKey(pubkey)
 	if err != nil {
 		return false
 	}
-	// Reject malleable signatures. libsecp256k1 does this check but btcec doesn't.
+	// Reject malleable signatures. libsecp256k1 does this check but decred doesn't.
 	if s.IsOverHalfOrder() {
 		return false
 	}
@@ -128,7 +127,7 @@ func DecompressPubkey(pubkey []byte) (*ecdsa.PublicKey, error) {
 	if len(pubkey) != 33 {
 		return nil, errors.New("invalid compressed public key length")
 	}
-	key, err := btcec.ParsePubKey(pubkey)
+	key, err := secp256k1.ParsePubKey(pubkey)
 	if err != nil {
 		return nil, err
 	}
@@ -149,20 +148,20 @@ func DecompressPubkey(pubkey []byte) (*ecdsa.PublicKey, error) {
 // when constructing a PrivateKey.
 func CompressPubkey(pubkey *ecdsa.PublicKey) []byte {
 	// NOTE: the coordinates may be validated with
-	// btcec.ParsePubKey(FromECDSAPub(pubkey))
-	var x, y btcec.FieldVal
+	// secp256k1.ParsePubKey(FromECDSAPub(pubkey))
+	var x, y secp256k1.FieldVal
 	x.SetByteSlice(pubkey.X.Bytes())
 	y.SetByteSlice(pubkey.Y.Bytes())
-	return btcec.NewPublicKey(&x, &y).SerializeCompressed()
+	return secp256k1.NewPublicKey(&x, &y).SerializeCompressed()
 }
 
 // S256 returns an instance of the secp256k1 curve.
 func S256() EllipticCurve {
-	return btCurve{btcec.S256()}
+	return btCurve{secp256k1.S256()}
 }
 
 type btCurve struct {
-	*btcec.KoblitzCurve
+	*secp256k1.KoblitzCurve
 }
 
 // Marshall converts a point given as (x, y) into a byte slice.

go.mod

@@ -24,6 +24,7 @@ require (
 	github.com/crate-crypto/go-kzg-4844 v1.1.0
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 	github.com/deckarep/golang-set/v2 v2.6.0
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0
 	github.com/dop251/goja v0.0.0-20241009100908-5f46f2705ca3
 	github.com/ethereum/c-kzg-4844 v1.0.3
 	github.com/ethereum/go-verkle v0.1.1-0.20240306133620-7d920df305f0
@@ -138,7 +139,6 @@ require (
 	github.com/consensys/bavard v0.1.22 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
 	github.com/crate-crypto/go-ipa v0.0.0-20240724233137-53bbb0ceb27a // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
 	github.com/dgraph-io/badger/v4 v4.3.1 // indirect
 	github.com/dgraph-io/ristretto v1.0.0 // indirect
 	github.com/dlclark/regexp2 v1.11.4 // indirect

go.sum

@@ -315,11 +315,8 @@ github.com/bradfitz/iter v0.0.0-20190303215204-33e6a9893b0c/go.mod h1:PyRFw1Lt2w
 github.com/bradfitz/iter v0.0.0-20191230175014-e8f45d346db8 h1:GKTyiRCL6zVf5wWaqKnf+7Qs6GbEPfd4iMOitWzXJx8=
 github.com/bradfitz/iter v0.0.0-20191230175014-e8f45d346db8/go.mod h1:spo1JLcs67NmW1aVLEgtA8Yy1elc+X8y5SRW1sFW4Og=
 github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ=
-github.com/btcsuite/btcd v0.23.4 h1:IzV6qqkfwbItOS/sg/aDfPDsjPP8twrCOE2R93hxMlQ=
 github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurTXGPFfiQ=
 github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2-0.20220413172512-bf64c8bdbbbf h1:x2qACX+i7TMsmaE1YPYyRISOAPKnVlOW+E+vJJz2vSo=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2-0.20220413172512-bf64c8bdbbbf/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA=
 github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg=
 github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg=

tests/fuzzers/secp256k1/secp_test.go

@@ -1,8 +1,37 @@
 package secp256k1
 
-import "testing"
+import (
+	"fmt"
+	"testing"
+
+	"github.com/CortexFoundation/CortexTheseus/crypto/secp256k1"
+	dcred_secp256k1 "github.com/decred/dcrd/dcrec/secp256k1/v4"
+)
 
 func TestFuzzer(t *testing.T) {
-	test := "00000000N0000000/R00000000000000000U0000S0000000mkhP000000000000000U"
-	Fuzz([]byte(test))
+	a, b := "00000000N0000000/R0000000000000000", "0U0000S0000000mkhP000000000000000U"
+	fuzz([]byte(a), []byte(b))
+}
+
+func Fuzz(f *testing.F) {
+	f.Fuzz(func(t *testing.T, a, b []byte) {
+		fuzz(a, b)
+	})
+}
+
+func fuzz(dataP1, dataP2 []byte) {
+	var (
+		curveA = secp256k1.S256()
+		curveB = dcred_secp256k1.S256()
+	)
+	// first point
+	x1, y1 := curveB.ScalarBaseMult(dataP1)
+	// second points
+	x2, y2 := curveB.ScalarBaseMult(dataP2)
+	resAX, resAY := curveA.Add(x1, y1, x2, y2)
+	resBX, resBY := curveB.Add(x1, y1, x2, y2)
+	if resAX.Cmp(resBX) != 0 || resAY.Cmp(resBY) != 0 {
+		fmt.Printf("%s %s %s %s\n", x1, y1, x2, y2)
+		panic(fmt.Sprintf("Addition failed: geth: %s %s btcd: %s %s", resAX, resAY, resBX, resBY))
+	}
 }