@bsv/sdk 1.1.23 → 1.1.25

package/docs/primitives.md

@@ -5348,6 +5348,7 @@ export default class Point extends BasePoint {
     inf: boolean;
     static fromDER(bytes: number[]): Point 
     static fromString(str: string): Point 
+    static redSqrtOptimized(y2: BigNumber): BigNumber 
     static fromX(x: BigNumber | number | number[] | string, odd: boolean): Point 
     static fromJSON(obj: string | any[], isRed: boolean): Point 
     constructor(x: BigNumber | number | number[] | string | null, y: BigNumber | number | number[] | string | null, isRed: boolean = true) 
@@ -7902,61 +7903,241 @@ Links: [API](#api), [Interfaces](#interfaces), [Classes](#classes), [Functions](
 
 ```ts
 sign = (msg: BigNumber, key: BigNumber, forceLowS: boolean = false, customK?: BigNumber | Function): Signature => {
-    const curve = new Curve();
-    msg = truncateToN(msg);
-    const bytes = curve.n.byteLength();
-    const bkey = key.toArray("be", bytes);
-    const nonce = msg.toArray("be", bytes);
-    const drbg = new DRBG(bkey, nonce);
-    const ns1 = curve.n.subn(1);
-    for (let iter = 0;; iter++) {
-        let k = typeof customK === "function"
-            ? customK(iter)
-            : BigNumber.isBN(customK)
-                ? customK
-                : new BigNumber(drbg.generate(bytes), 16);
-        k = truncateToN(k, true);
-        if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0) {
-            if (BigNumber.isBN(customK)) {
-                throw new Error("Invalid fixed custom K value (must be more than 1 and less than N-1)");
+    if (typeof BigInt === "function") {
+        const zero = BigInt(0);
+        const one = BigInt(1);
+        const two = BigInt(2);
+        const n = BigInt("0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
+        const p = BigInt("0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
+        const Gx = BigInt("0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798");
+        const Gy = BigInt("0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8");
+        const G = { x: Gx, y: Gy };
+        const z = BigInt("0x" + msg.toString(16));
+        const d = BigInt("0x" + key.toString(16));
+        if (d <= zero || d >= n) {
+            throw new Error("Invalid private key");
+        }
+        function bigIntToBytes(value: bigint, length: number): Uint8Array {
+            const hex = value.toString(16).padStart(length * 2, "0");
+            const bytes = new Uint8Array(length);
+            for (let i = 0; i < length; i++) {
+                bytes[i] = parseInt(hex.substr(i * 2, 2), 16);
+            }
+            return bytes;
+        }
+        const bytes = 32;
+        const bkey = bigIntToBytes(d, bytes);
+        const nonce = bigIntToBytes(z, bytes);
+        const drbg = new DRBG(Array.from(bkey), Array.from(nonce));
+        const ns1 = n - one;
+        let iter = 0;
+        function truncateToN(k: bigint, n: bigint, truncOnly: boolean = true): bigint {
+            const kBitLength = k.toString(2).length;
+            const nBitLength = n.toString(2).length;
+            const delta = kBitLength - nBitLength;
+            if (delta > 0) {
+                k = k >> BigInt(delta);
+            }
+            if (!truncOnly && k >= n) {
+                return k - n;
             }
             else {
-                continue;
+                return k;
             }
         }
-        const kp = curve.g.mul(k);
-        if (kp.isInfinity()) {
-            if (BigNumber.isBN(customK)) {
-                throw new Error("Invalid fixed custom K value (must not create a point at infinity when multiplied by the generator point)");
+        function generateK(): bigint {
+            if (typeof customK === "function") {
+                const k_bn = customK(iter);
+                const k_str = k_bn.toString(16);
+                return BigInt("0x" + k_str);
+            }
+            else if (BigNumber.isBN(customK)) {
+                const k_str = customK.toString(16);
+                return BigInt("0x" + k_str);
             }
             else {
-                continue;
+                const k_hex = drbg.generate(bytes);
+                return BigInt("0x" + k_hex);
             }
         }
-        const kpX = kp.getX();
-        const r = kpX.umod(curve.n);
-        if (r.cmpn(0) === 0) {
-            if (BigNumber.isBN(customK)) {
-                throw new Error("Invalid fixed custom K value (when multiplied by G, the resulting x coordinate mod N must not be zero)");
+        function mod(a: bigint, m: bigint): bigint {
+            return ((a % m) + m) % m;
+        }
+        function modInv(a: bigint, m: bigint): bigint {
+            let lm = one;
+            let hm = zero;
+            let low = mod(a, m);
+            let high = m;
+            while (low > one) {
+                const r = high / low;
+                const nm = hm - lm * r;
+                const neww = high - low * r;
+                hm = lm;
+                lm = nm;
+                high = low;
+                low = neww;
+            }
+            return mod(lm, m);
+        }
+        function pointAdd(P: {
+            x: bigint;
+            y: bigint;
+        } | null, Q: {
+            x: bigint;
+            y: bigint;
+        } | null): {
+            x: bigint;
+            y: bigint;
+        } | null {
+            if (P === null)
+                return Q;
+            if (Q === null)
+                return P;
+            if (P.x === Q.x && P.y === mod(-Q.y, p)) {
+                return null;
+            }
+            let m: bigint;
+            if (P.x === Q.x && P.y === Q.y) {
+                if (P.y === zero) {
+                    return null;
+                }
+                const numerator = mod(BigInt(3) * P.x * P.x, p);
+                const denominator = modInv(two * P.y, p);
+                m = mod(numerator * denominator, p);
             }
             else {
-                continue;
+                const numerator = mod(Q.y - P.y, p);
+                const denominator = modInv(Q.x - P.x, p);
+                m = mod(numerator * denominator, p);
             }
+            const xR = mod(m * m - P.x - Q.x, p);
+            const yR = mod(m * (P.x - xR) - P.y, p);
+            return { x: xR, y: yR };
         }
-        let s = k.invm(curve.n).mul(r.mul(key).iadd(msg));
-        s = s.umod(curve.n);
-        if (s.cmpn(0) === 0) {
-            if (BigNumber.isBN(customK)) {
-                throw new Error("Invalid fixed custom K value (when used with the key, it cannot create a zero value for S)");
+        function scalarMul(k: bigint, P: {
+            x: bigint;
+            y: bigint;
+        }): {
+            x: bigint;
+            y: bigint;
+        } | null {
+            let N = P;
+            let Q = null;
+            while (k > zero) {
+                if (k % two === one) {
+                    Q = pointAdd(Q, N);
+                }
+                N = pointAdd(N, N);
+                k >>= one;
             }
-            else {
-                continue;
+            return Q;
+        }
+        while (true) {
+            let k = generateK();
+            iter += 1;
+            k = truncateToN(k, n, true);
+            if (k <= one || k >= ns1) {
+                if (customK instanceof BigNumber) {
+                    throw new Error("Invalid fixed custom K value (must be more than 1 and less than N-1)");
+                }
+                else {
+                    continue;
+                }
+            }
+            const R = scalarMul(k, G);
+            if (R === null) {
+                if (customK instanceof BigNumber) {
+                    throw new Error("Invalid fixed custom K value (must not create a point at infinity when multiplied by the generator point)");
+                }
+                else {
+                    continue;
+                }
+            }
+            const r = mod(R.x, n);
+            if (r === zero) {
+                if (customK instanceof BigNumber) {
+                    throw new Error("Invalid fixed custom K value (when multiplied by G, the resulting x coordinate mod N must not be zero)");
+                }
+                else {
+                    continue;
+                }
+            }
+            const kInv = modInv(k, n);
+            const rd = mod(r * d, n);
+            let s = mod(kInv * (z + rd), n);
+            if (s === zero) {
+                if (customK instanceof BigNumber) {
+                    throw new Error("Invalid fixed custom K value (when used with the key, it cannot create a zero value for S)");
+                }
+                else {
+                    continue;
+                }
             }
+            if (forceLowS && s > n / two) {
+                s = n - s;
+            }
+            const r_bn = new BigNumber(r.toString(16), 16);
+            const s_bn = new BigNumber(s.toString(16), 16);
+            return new Signature(r_bn, s_bn);
         }
-        if (forceLowS && s.cmp(curve.n.ushrn(1)) > 0) {
-            s = curve.n.sub(s);
+    }
+    else {
+        const curve = new Curve();
+        msg = truncateToN(msg);
+        const bytes = curve.n.byteLength();
+        const bkey = key.toArray("be", bytes);
+        const nonce = msg.toArray("be", bytes);
+        const drbg = new DRBG(bkey, nonce);
+        const ns1 = curve.n.subn(1);
+        for (let iter = 0;; iter++) {
+            let k = typeof customK === "function"
+                ? customK(iter)
+                : BigNumber.isBN(customK)
+                    ? customK
+                    : new BigNumber(drbg.generate(bytes), 16);
+            k = truncateToN(k, true);
+            if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0) {
+                if (BigNumber.isBN(customK)) {
+                    throw new Error("Invalid fixed custom K value (must be more than 1 and less than N-1)");
+                }
+                else {
+                    continue;
+                }
+            }
+            const kp = curve.g.mul(k);
+            if (kp.isInfinity()) {
+                if (BigNumber.isBN(customK)) {
+                    throw new Error("Invalid fixed custom K value (must not create a point at infinity when multiplied by the generator point)");
+                }
+                else {
+                    continue;
+                }
+            }
+            const kpX = kp.getX();
+            const r = kpX.umod(curve.n);
+            if (r.cmpn(0) === 0) {
+                if (BigNumber.isBN(customK)) {
+                    throw new Error("Invalid fixed custom K value (when multiplied by G, the resulting x coordinate mod N must not be zero)");
+                }
+                else {
+                    continue;
+                }
+            }
+            let s = k.invm(curve.n).mul(r.mul(key).iadd(msg));
+            s = s.umod(curve.n);
+            if (s.cmpn(0) === 0) {
+                if (BigNumber.isBN(customK)) {
+                    throw new Error("Invalid fixed custom K value (when used with the key, it cannot create a zero value for S)");
+                }
+                else {
+                    continue;
+                }
+            }
+            if (forceLowS && s.cmp(curve.n.ushrn(1)) > 0) {
+                s = curve.n.sub(s);
+            }
+            return new Signature(r, s);
         }
-        return new Signature(r, s);
     }
 }
 ```
@@ -7968,24 +8149,161 @@ Links: [API](#api), [Interfaces](#interfaces), [Classes](#classes), [Functions](
 
 ```ts
 verify = (msg: BigNumber, sig: Signature, key: Point): boolean => {
-    const curve = new Curve();
-    msg = truncateToN(msg);
-    const r = sig.r;
-    const s = sig.s;
-    if (r.cmpn(1) < 0 || r.cmp(curve.n) >= 0) {
-        return false;
-    }
-    if (s.cmpn(1) < 0 || s.cmp(curve.n) >= 0) {
-        return false;
+    if (typeof BigInt === "function") {
+        const zero = BigInt(0);
+        const one = BigInt(1);
+        const two = BigInt(2);
+        const three = BigInt(3);
+        const p = BigInt("0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
+        const n = BigInt("0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
+        const G = {
+            x: BigInt("0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"),
+            y: BigInt("0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8")
+        };
+        const mod = (a: bigint, m: bigint): bigint => ((a % m) + m) % m;
+        const modInv = (a: bigint, m: bigint): bigint => {
+            let [old_r, r] = [a, m];
+            let [old_s, s] = [BigInt(1), BigInt(0)];
+            while (r !== zero) {
+                const q = old_r / r;
+                [old_r, r] = [r, old_r - q * r];
+                [old_s, s] = [s, old_s - q * s];
+            }
+            if (old_r > one)
+                return zero;
+            return mod(old_s, m);
+        };
+        const modMul = (a: bigint, b: bigint, m: bigint): bigint => mod(a * b, m);
+        const modSub = (a: bigint, b: bigint, m: bigint): bigint => mod(a - b, m);
+        const modAdd = (a: bigint, b: bigint, m: bigint): bigint => mod(a + b, m);
+        const four = BigInt(4);
+        const eight = BigInt(8);
+        interface JacobianPoint {
+            X: bigint;
+            Y: bigint;
+            Z: bigint;
+        }
+        const pointDouble = (P: JacobianPoint): JacobianPoint => {
+            const { X: X1, Y: Y1, Z: Z1 } = P;
+            if (Y1 === zero) {
+                return { X: zero, Y: one, Z: zero };
+            }
+            const Y1_sq = modMul(Y1, Y1, p);
+            const S = modMul(four, modMul(X1, Y1_sq, p), p);
+            const M = modMul(three, modMul(X1, X1, p), p);
+            const X3 = modSub(modMul(M, M, p), modMul(two, S, p), p);
+            const Y3 = modSub(modMul(M, modSub(S, X3, p), p), modMul(eight, modMul(Y1_sq, Y1_sq, p), p), p);
+            const Z3 = modMul(two, modMul(Y1, Z1, p), p);
+            return { X: X3, Y: Y3, Z: Z3 };
+        };
+        const pointAdd = (P: JacobianPoint, Q: JacobianPoint): JacobianPoint => {
+            if (P.Z === zero)
+                return Q;
+            if (Q.Z === zero)
+                return P;
+            const Z1Z1 = modMul(P.Z, P.Z, p);
+            const Z2Z2 = modMul(Q.Z, Q.Z, p);
+            const U1 = modMul(P.X, Z2Z2, p);
+            const U2 = modMul(Q.X, Z1Z1, p);
+            const S1 = modMul(P.Y, modMul(Z2Z2, Q.Z, p), p);
+            const S2 = modMul(Q.Y, modMul(Z1Z1, P.Z, p), p);
+            const H = modSub(U2, U1, p);
+            const r = modSub(S2, S1, p);
+            if (H === zero) {
+                if (r === zero) {
+                    return pointDouble(P);
+                }
+                else {
+                    return { X: zero, Y: one, Z: zero };
+                }
+            }
+            const HH = modMul(H, H, p);
+            const HHH = modMul(H, HH, p);
+            const V = modMul(U1, HH, p);
+            const X3 = modSub(modSub(modMul(r, r, p), HHH, p), modMul(two, V, p), p);
+            const Y3 = modSub(modMul(r, modSub(V, X3, p), p), modMul(S1, HHH, p), p);
+            const Z3 = modMul(H, modMul(P.Z, Q.Z, p), p);
+            return { X: X3, Y: Y3, Z: Z3 };
+        };
+        const scalarMultiply = (k: bigint, P: {
+            x: bigint;
+            y: bigint;
+        }): JacobianPoint => {
+            const N: JacobianPoint = { X: P.x, Y: P.y, Z: one };
+            let Q: JacobianPoint = { X: zero, Y: one, Z: zero };
+            const kBin = k.toString(2);
+            for (let i = 0; i < kBin.length; i++) {
+                Q = pointDouble(Q);
+                if (kBin[i] === "1") {
+                    Q = pointAdd(Q, N);
+                }
+            }
+            return Q;
+        };
+        const verifyECDSA = (hash: bigint, publicKey: {
+            x: bigint;
+            y: bigint;
+        }, signature: {
+            r: bigint;
+            s: bigint;
+        }): boolean => {
+            const { r, s } = signature;
+            const z = hash;
+            if (r <= zero || r >= n || s <= zero || s >= n) {
+                return false;
+            }
+            const w = modInv(s, n);
+            if (w === zero) {
+                return false;
+            }
+            const u1 = modMul(z, w, n);
+            const u2 = modMul(r, w, n);
+            const RG = scalarMultiply(u1, G);
+            const RQ = scalarMultiply(u2, publicKey);
+            const R = pointAdd(RG, RQ);
+            if (R.Z === zero) {
+                return false;
+            }
+            const ZInv = modInv(R.Z, p);
+            if (ZInv === zero) {
+                return false;
+            }
+            const ZInv2 = modMul(ZInv, ZInv, p);
+            const x1_affine = modMul(R.X, ZInv2, p);
+            const v = mod(x1_affine, n);
+            return v === r;
+        };
+        const hash = BigInt("0x" + msg.toString(16));
+        const publicKey = {
+            x: BigInt("0x" + key.x.toString(16)),
+            y: BigInt("0x" + key.y.toString(16))
+        };
+        const signature = {
+            r: BigInt("0x" + sig.r.toString(16)),
+            s: BigInt("0x" + sig.s.toString(16))
+        };
+        return verifyECDSA(hash, publicKey, signature);
     }
-    const sinv = s.invm(curve.n);
-    const u1 = sinv.mul(msg).umod(curve.n);
-    const u2 = sinv.mul(r).umod(curve.n);
-    const p = curve.g.jmulAdd(u1, key, u2);
-    if (p.isInfinity()) {
-        return false;
+    else {
+        const curve = new Curve();
+        msg = truncateToN(msg);
+        const r = sig.r;
+        const s = sig.s;
+        if (r.cmpn(1) < 0 || r.cmp(curve.n) >= 0) {
+            return false;
+        }
+        if (s.cmpn(1) < 0 || s.cmp(curve.n) >= 0) {
+            return false;
+        }
+        const sinv = s.invm(curve.n);
+        const u1 = sinv.mul(msg).umod(curve.n);
+        const u2 = sinv.mul(r).umod(curve.n);
+        const p = curve.g.jmulAdd(u1, key, u2);
+        if (p.isInfinity()) {
+            return false;
+        }
+        return p.eqXToP(r);
     }
-    return p.eqXToP(r);
 }
 ```