-
Notifications
You must be signed in to change notification settings - Fork 11.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ts-sdk: add secp256k1 keypair #4410
Conversation
514f882
to
d769ff9
Compare
@@ -0,0 +1,101 @@ | |||
// Copyright (c) 2022, Mysten Labs, Inc. | |||
// SPDX-License-Identifier: Apache-2.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a rename from PublicKey.ts
@@ -1,136 +1,82 @@ | |||
// Copyright (c) 2022, Mysten Labs, Inc. | |||
// SPDX-License-Identifier: Apache-2.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this file is repurposed to an interface PublicKey
implemented by Ed25519PublicKey
and Secp256k1PublicKey
import { sha3_256 } from 'js-sha3'; | ||
import { checkPublicKeyData, PublicKey, PublicKeyInitData, SIGNATURE_SCHEME_TO_FLAG, toHexString } from './publickey'; | ||
|
||
const SECP256K1_PUBLIC_KEY_SIZE = 33; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
note that the pubkey size is different for secp256k1
ED25519: 0x00, | ||
Secp256k1: 0x01, | ||
}; | ||
|
||
function isPublicKeyData(value: PublicKeyInitData): value is PublicKeyData { | ||
export function checkPublicKeyData(value: PublicKeyInitData): value is PublicKeyData { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is renamed due to name collision with index.guard.ts for another isPublicKeyData
537065b
to
c51c3e7
Compare
sdk/typescript/README.md
Outdated
@@ -174,3 +182,17 @@ const publishTxn = await signer.publish( | |||
); | |||
console.log('publishTxn', publishTxn); | |||
``` | |||
|
|||
|
|||
Alternatively, a Secp256k1 can be ininiated: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
initiated
const PUBLIC_KEY_SIZE = 32; | ||
|
||
/** | ||
* A Ed25519 public key |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An
// Copyright (c) 2022, Mysten Labs, Inc. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
import * as secp from "@noble/secp256k1"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How did we choose that particular dep? compared to other available libs? (maturity? speed? maintenance, popularity?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://www.npmjs.com/package/@noble/secp256k1
- this is a top 10 library for secp256k1
- the benchmark marks itself to be the fastest, esp signing
- I liked this one the most bc 0 dep
- the latest version is less than 6 months old
here are some other ones, https://www.npmjs.com/search?ranking=optimal&q=secp256k1
another option is https://www.npmjs.com/package/secp256k1 a native C binding to the underlying library (this may be nicer since our rust library also wraps to the same C library)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+
audited
* Return the signature for the provided data. | ||
*/ | ||
signData(data: Base64DataBuffer): Base64DataBuffer { | ||
const msgHash = sha256(data.getData()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we use sha256 or sha3?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in rust, we use sha256 (adding some more test cases against wycheproof)
let message = Message::from_hashed_data::<rust_secp256k1::hashes::sha256::Hash>(msg);
signData(data: Base64DataBuffer): Base64DataBuffer { | ||
const msgHash = sha256(data.getData()); | ||
return new Base64DataBuffer( | ||
secp.signSync(msgHash, this.keypair.secretKey) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we know if this produces deterministic signatures? If not we should ensure it is aligned with our Rust impl (+ test against test vectors)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yup! the underlying library is tested against wycheproof, would be porting them over in a follow up PR, I would like to do that for ed25519 as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this deterministic ECDSA implementation per rfc6979?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving, but please get the green light from @666lcz or @pchrysochoidis as well to ensure no breaking change elsewhere (ie wallet)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm - tested wallet and explorer locally didn't find any issues
to follow up: