@alephium/web3 0.5.0-rc.8 → 0.5.0-rc.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -43,8 +43,20 @@ Object.defineProperty(exports, "__esModule", { value: true });
43
43
  exports.verifySignature = exports.sign = void 0;
44
44
  const elliptic_1 = require("elliptic");
45
45
  const __1 = require("..");
46
- const secp = __importStar(require("tiny-secp256k1"));
46
+ const necc = __importStar(require("@noble/secp256k1"));
47
+ const crypto_1 = require("crypto");
47
48
  const ec = new elliptic_1.ec('secp256k1');
49
+ necc.utils.sha256Sync = (...messages) => {
50
+ const sha256 = (0, crypto_1.createHash)('sha256');
51
+ for (const message of messages)
52
+ sha256.update(message);
53
+ return sha256.digest();
54
+ };
55
+ necc.utils.hmacSha256Sync = (key, ...messages) => {
56
+ const hash = (0, crypto_1.createHmac)('sha256', Buffer.from(key));
57
+ messages.forEach((m) => hash.update(m));
58
+ return Uint8Array.from(hash.digest());
59
+ };
48
60
  // hash has to be 32 bytes
49
61
  function sign(hash, privateKey, _keyType) {
50
62
  const keyType = _keyType ?? 'default';
@@ -54,7 +66,7 @@ function sign(hash, privateKey, _keyType) {
54
66
  return (0, __1.encodeSignature)(signature);
55
67
  }
56
68
  else {
57
- const signature = secp.signSchnorr((0, __1.hexToBinUnsafe)(hash), (0, __1.hexToBinUnsafe)(privateKey));
69
+ const signature = necc.schnorr.signSync((0, __1.hexToBinUnsafe)(hash), (0, __1.hexToBinUnsafe)(privateKey));
58
70
  return (0, __1.binToHex)(signature);
59
71
  }
60
72
  }
@@ -67,7 +79,7 @@ function verifySignature(hash, publicKey, signature, _keyType) {
67
79
  return key.verify(hash, (0, __1.signatureDecode)(ec, signature));
68
80
  }
69
81
  else {
70
- return secp.verifySchnorr((0, __1.hexToBinUnsafe)(hash), (0, __1.hexToBinUnsafe)(publicKey), (0, __1.hexToBinUnsafe)(signature));
82
+ return necc.schnorr.verifySync((0, __1.hexToBinUnsafe)(signature), (0, __1.hexToBinUnsafe)(hash), (0, __1.hexToBinUnsafe)(publicKey));
71
83
  }
72
84
  }
73
85
  catch (error) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@alephium/web3",
3
- "version": "0.5.0-rc.8",
3
+ "version": "0.5.0-rc.9",
4
4
  "description": "A JS/TS library to interact with the Alephium platform",
5
5
  "license": "GPL",
6
6
  "main": "dist/src/index.js",
@@ -40,6 +40,7 @@
40
40
  },
41
41
  "type": "commonjs",
42
42
  "dependencies": {
43
+ "@noble/secp256k1": "1.7.1",
43
44
  "base-x": "4.0.0",
44
45
  "blakejs": "1.2.1",
45
46
  "buffer": "^6.0.3",
package/src/utils/sign.ts CHANGED
@@ -19,10 +19,23 @@ along with the library. If not, see <http://www.gnu.org/licenses/>.
19
19
  import { ec as EC } from 'elliptic'
20
20
  import { binToHex, encodeSignature, hexToBinUnsafe, signatureDecode } from '..'
21
21
  import { KeyType } from '../signer'
22
- import * as secp from 'tiny-secp256k1'
22
+ import * as necc from '@noble/secp256k1'
23
+ import { createHash, createHmac } from 'crypto'
23
24
 
24
25
  const ec = new EC('secp256k1')
25
26
 
27
+ necc.utils.sha256Sync = (...messages: Uint8Array[]): Uint8Array => {
28
+ const sha256 = createHash('sha256')
29
+ for (const message of messages) sha256.update(message)
30
+ return sha256.digest()
31
+ }
32
+
33
+ necc.utils.hmacSha256Sync = (key: Uint8Array, ...messages: Uint8Array[]): Uint8Array => {
34
+ const hash = createHmac('sha256', Buffer.from(key))
35
+ messages.forEach((m) => hash.update(m))
36
+ return Uint8Array.from(hash.digest())
37
+ }
38
+
26
39
  // hash has to be 32 bytes
27
40
  export function sign(hash: string, privateKey: string, _keyType?: KeyType): string {
28
41
  const keyType = _keyType ?? 'default'
@@ -32,7 +45,7 @@ export function sign(hash: string, privateKey: string, _keyType?: KeyType): stri
32
45
  const signature = key.sign(hash)
33
46
  return encodeSignature(signature)
34
47
  } else {
35
- const signature = secp.signSchnorr(hexToBinUnsafe(hash), hexToBinUnsafe(privateKey))
48
+ const signature = necc.schnorr.signSync(hexToBinUnsafe(hash), hexToBinUnsafe(privateKey))
36
49
  return binToHex(signature)
37
50
  }
38
51
  }
@@ -45,7 +58,7 @@ export function verifySignature(hash: string, publicKey: string, signature: stri
45
58
  const key = ec.keyFromPublic(publicKey, 'hex')
46
59
  return key.verify(hash, signatureDecode(ec, signature))
47
60
  } else {
48
- return secp.verifySchnorr(hexToBinUnsafe(hash), hexToBinUnsafe(publicKey), hexToBinUnsafe(signature))
61
+ return necc.schnorr.verifySync(hexToBinUnsafe(signature), hexToBinUnsafe(hash), hexToBinUnsafe(publicKey))
49
62
  }
50
63
  } catch (error) {
51
64
  return false