@bsv/sdk 1.6.15 → 1.6.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/package.json +1 -1
- package/dist/cjs/src/auth/Peer.js +16 -25
- package/dist/cjs/src/auth/Peer.js.map +1 -1
- package/dist/cjs/src/auth/SessionManager.js +2 -4
- package/dist/cjs/src/auth/SessionManager.js.map +1 -1
- package/dist/cjs/src/auth/certificates/Certificate.js +2 -4
- package/dist/cjs/src/auth/certificates/Certificate.js.map +1 -1
- package/dist/cjs/src/auth/certificates/MasterCertificate.js +1 -1
- package/dist/cjs/src/auth/certificates/MasterCertificate.js.map +1 -1
- package/dist/cjs/src/auth/certificates/__tests/CompletedProtoWallet.js +1 -1
- package/dist/cjs/src/auth/certificates/__tests/CompletedProtoWallet.js.map +1 -1
- package/dist/cjs/src/auth/clients/AuthFetch.js +2 -4
- package/dist/cjs/src/auth/clients/AuthFetch.js.map +1 -1
- package/dist/cjs/src/compat/ECIES.js +1 -1
- package/dist/cjs/src/compat/ECIES.js.map +1 -1
- package/dist/cjs/src/compat/Mnemonic.js +2 -2
- package/dist/cjs/src/compat/Mnemonic.js.map +1 -1
- package/dist/cjs/src/identity/IdentityClient.js +1 -1
- package/dist/cjs/src/identity/IdentityClient.js.map +1 -1
- package/dist/cjs/src/kvstore/LocalKVStore.js +1 -2
- package/dist/cjs/src/kvstore/LocalKVStore.js.map +1 -1
- package/dist/cjs/src/overlay-tools/LookupResolver.js +6 -8
- package/dist/cjs/src/overlay-tools/LookupResolver.js.map +1 -1
- package/dist/cjs/src/overlay-tools/SHIPBroadcaster.js +9 -10
- package/dist/cjs/src/overlay-tools/SHIPBroadcaster.js.map +1 -1
- package/dist/cjs/src/primitives/AESGCM.js +1 -2
- package/dist/cjs/src/primitives/AESGCM.js.map +1 -1
- package/dist/cjs/src/primitives/BigNumber.js +2 -3
- package/dist/cjs/src/primitives/BigNumber.js.map +1 -1
- package/dist/cjs/src/primitives/Curve.js +2 -3
- package/dist/cjs/src/primitives/Curve.js.map +1 -1
- package/dist/cjs/src/primitives/ECDSA.js +174 -396
- package/dist/cjs/src/primitives/ECDSA.js.map +1 -1
- package/dist/cjs/src/primitives/JacobianPoint.js +1 -2
- package/dist/cjs/src/primitives/JacobianPoint.js.map +1 -1
- package/dist/cjs/src/primitives/Point.js +279 -126
- package/dist/cjs/src/primitives/Point.js.map +1 -1
- package/dist/cjs/src/primitives/Polynomial.js +1 -1
- package/dist/cjs/src/primitives/Polynomial.js.map +1 -1
- package/dist/cjs/src/primitives/PrivateKey.js +19 -2
- package/dist/cjs/src/primitives/PrivateKey.js.map +1 -1
- package/dist/cjs/src/primitives/PublicKey.js +19 -2
- package/dist/cjs/src/primitives/PublicKey.js.map +1 -1
- package/dist/cjs/src/primitives/Random.js +1 -2
- package/dist/cjs/src/primitives/Random.js.map +1 -1
- package/dist/cjs/src/primitives/TransactionSignature.js +5 -7
- package/dist/cjs/src/primitives/TransactionSignature.js.map +1 -1
- package/dist/cjs/src/primitives/utils.js +1 -2
- package/dist/cjs/src/primitives/utils.js.map +1 -1
- package/dist/cjs/src/registry/RegistryClient.js +2 -4
- package/dist/cjs/src/registry/RegistryClient.js.map +1 -1
- package/dist/cjs/src/script/Spend.js +1 -2
- package/dist/cjs/src/script/Spend.js.map +1 -1
- package/dist/cjs/src/script/templates/P2PKH.js +4 -4
- package/dist/cjs/src/script/templates/P2PKH.js.map +1 -1
- package/dist/cjs/src/script/templates/PushDrop.js +7 -8
- package/dist/cjs/src/script/templates/PushDrop.js.map +1 -1
- package/dist/cjs/src/script/templates/RPuzzle.js +7 -6
- package/dist/cjs/src/script/templates/RPuzzle.js.map +1 -1
- package/dist/cjs/src/storage/StorageDownloader.js +1 -1
- package/dist/cjs/src/storage/StorageDownloader.js.map +1 -1
- package/dist/cjs/src/storage/StorageUploader.js +6 -9
- package/dist/cjs/src/storage/StorageUploader.js.map +1 -1
- package/dist/cjs/src/transaction/Beef.js +2 -3
- package/dist/cjs/src/transaction/Beef.js.map +1 -1
- package/dist/cjs/src/transaction/MerklePath.js +9 -12
- package/dist/cjs/src/transaction/MerklePath.js.map +1 -1
- package/dist/cjs/src/transaction/Transaction.js +15 -22
- package/dist/cjs/src/transaction/Transaction.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/ARC.js +3 -3
- package/dist/cjs/src/transaction/broadcasters/ARC.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/Teranode.js +2 -3
- package/dist/cjs/src/transaction/broadcasters/Teranode.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/WhatsOnChainBroadcaster.js +2 -3
- package/dist/cjs/src/transaction/broadcasters/WhatsOnChainBroadcaster.js.map +1 -1
- package/dist/cjs/src/transaction/chaintrackers/BlockHeadersService.js +2 -2
- package/dist/cjs/src/transaction/chaintrackers/BlockHeadersService.js.map +1 -1
- package/dist/cjs/src/transaction/chaintrackers/WhatsOnChain.js +2 -2
- package/dist/cjs/src/transaction/chaintrackers/WhatsOnChain.js.map +1 -1
- package/dist/cjs/src/transaction/http/FetchHttpClient.js +1 -2
- package/dist/cjs/src/transaction/http/FetchHttpClient.js.map +1 -1
- package/dist/cjs/src/wallet/CachedKeyDeriver.js +13 -2
- package/dist/cjs/src/wallet/CachedKeyDeriver.js.map +1 -1
- package/dist/cjs/src/wallet/KeyDeriver.js +12 -8
- package/dist/cjs/src/wallet/KeyDeriver.js.map +1 -1
- package/dist/cjs/src/wallet/ProtoWallet.js +26 -27
- package/dist/cjs/src/wallet/ProtoWallet.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletJSON.js +2 -3
- package/dist/cjs/src/wallet/substrates/HTTPWalletJSON.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletWire.js +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletWire.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/WalletWireTransceiver.js +12 -19
- package/dist/cjs/src/wallet/substrates/WalletWireTransceiver.js.map +1 -1
- package/dist/cjs/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/esm/src/auth/certificates/__tests/CompletedProtoWallet.js +2 -2
- package/dist/esm/src/auth/certificates/__tests/CompletedProtoWallet.js.map +1 -1
- package/dist/esm/src/primitives/ECDSA.js +174 -395
- package/dist/esm/src/primitives/ECDSA.js.map +1 -1
- package/dist/esm/src/primitives/Point.js +254 -91
- package/dist/esm/src/primitives/Point.js.map +1 -1
- package/dist/esm/src/primitives/PrivateKey.js +19 -2
- package/dist/esm/src/primitives/PrivateKey.js.map +1 -1
- package/dist/esm/src/primitives/PublicKey.js +19 -2
- package/dist/esm/src/primitives/PublicKey.js.map +1 -1
- package/dist/esm/src/wallet/CachedKeyDeriver.js +20 -1
- package/dist/esm/src/wallet/CachedKeyDeriver.js.map +1 -1
- package/dist/esm/src/wallet/KeyDeriver.js +14 -6
- package/dist/esm/src/wallet/KeyDeriver.js.map +1 -1
- package/dist/esm/src/wallet/ProtoWallet.js +2 -2
- package/dist/esm/src/wallet/ProtoWallet.js.map +1 -1
- package/dist/esm/tsconfig.esm.tsbuildinfo +1 -1
- package/dist/types/src/auth/certificates/__tests/CompletedProtoWallet.d.ts.map +1 -1
- package/dist/types/src/primitives/ECDSA.d.ts.map +1 -1
- package/dist/types/src/primitives/Point.d.ts.map +1 -1
- package/dist/types/src/primitives/PrivateKey.d.ts +3 -1
- package/dist/types/src/primitives/PrivateKey.d.ts.map +1 -1
- package/dist/types/src/primitives/PublicKey.d.ts +3 -1
- package/dist/types/src/primitives/PublicKey.d.ts.map +1 -1
- package/dist/types/src/wallet/CachedKeyDeriver.d.ts +10 -2
- package/dist/types/src/wallet/CachedKeyDeriver.d.ts.map +1 -1
- package/dist/types/src/wallet/KeyDeriver.d.ts +5 -2
- package/dist/types/src/wallet/KeyDeriver.d.ts.map +1 -1
- package/dist/types/src/wallet/ProtoWallet.d.ts.map +1 -1
- package/dist/types/tsconfig.types.tsbuildinfo +1 -1
- package/dist/umd/bundle.js +1 -1
- package/docs/reference/primitives.md +179 -383
- package/docs/reference/wallet.md +25 -6
- package/package.json +1 -1
- package/src/auth/certificates/__tests/CompletedProtoWallet.ts +3 -2
- package/src/primitives/ECDSA.ts +218 -488
- package/src/primitives/Point.ts +291 -94
- package/src/primitives/PrivateKey.ts +22 -2
- package/src/primitives/PublicKey.ts +22 -2
- package/src/transaction/__tests/Transaction.test.ts +1 -1
- package/src/wallet/CachedKeyDeriver.ts +32 -8
- package/src/wallet/KeyDeriver.ts +24 -7
- package/src/wallet/ProtoWallet.ts +3 -2
- package/src/wallet/__tests/ProtoWallet.test.ts +46 -1
|
@@ -104,98 +104,63 @@ class Point extends BasePoint_js_1.default {
|
|
|
104
104
|
* const point = Point.fromX(xCoordinate, true);
|
|
105
105
|
*/
|
|
106
106
|
static fromX(x, odd) {
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
result = mod(result * base, modulus);
|
|
117
|
-
}
|
|
118
|
-
exponent >>= BigInt(1);
|
|
119
|
-
base = mod(base * base, modulus);
|
|
120
|
-
}
|
|
121
|
-
return result;
|
|
122
|
-
}
|
|
123
|
-
function sqrtMod(a, p) {
|
|
124
|
-
const exponent = (p + BigInt(1)) >> BigInt(2); // Precomputed exponent
|
|
125
|
-
const sqrtCandidate = modPow(a, exponent, p);
|
|
126
|
-
if (mod(sqrtCandidate * sqrtCandidate, p) === mod(a, p)) {
|
|
127
|
-
return sqrtCandidate;
|
|
128
|
-
}
|
|
129
|
-
else {
|
|
130
|
-
// No square root exists
|
|
131
|
-
return null;
|
|
107
|
+
function mod(a, n) {
|
|
108
|
+
return ((a % n) + n) % n;
|
|
109
|
+
}
|
|
110
|
+
function modPow(base, exponent, modulus) {
|
|
111
|
+
let result = BigInt(1);
|
|
112
|
+
base = mod(base, modulus);
|
|
113
|
+
while (exponent > BigInt(0)) {
|
|
114
|
+
if ((exponent & BigInt(1)) === BigInt(1)) {
|
|
115
|
+
result = mod(result * base, modulus);
|
|
132
116
|
}
|
|
117
|
+
exponent >>= BigInt(1);
|
|
118
|
+
base = mod(base * base, modulus);
|
|
133
119
|
}
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
const
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
xBigInt = BigInt('0x' + x.toString(16));
|
|
142
|
-
}
|
|
143
|
-
else if (typeof x === 'string') {
|
|
144
|
-
xBigInt = BigInt('0x' + x);
|
|
145
|
-
}
|
|
146
|
-
else if (Array.isArray(x)) {
|
|
147
|
-
xBigInt = BigInt('0x' + (0, utils_js_1.toHex)(x).padStart(64, '0'));
|
|
148
|
-
}
|
|
149
|
-
else if (typeof x === 'number') {
|
|
150
|
-
xBigInt = BigInt(x);
|
|
120
|
+
return result;
|
|
121
|
+
}
|
|
122
|
+
function sqrtMod(a, p) {
|
|
123
|
+
const exponent = (p + BigInt(1)) >> BigInt(2);
|
|
124
|
+
const sqrtCandidate = modPow(a, exponent, p);
|
|
125
|
+
if (mod(sqrtCandidate * sqrtCandidate, p) === mod(a, p)) {
|
|
126
|
+
return sqrtCandidate;
|
|
151
127
|
}
|
|
152
128
|
else {
|
|
153
|
-
|
|
154
|
-
}
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
const yBN = new BigNumber_js_1.default(y.toString(16), 16);
|
|
172
|
-
return new Point(xBN, yBN);
|
|
129
|
+
return null;
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
// Curve parameters for secp256k1
|
|
133
|
+
const p = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
|
|
134
|
+
const b = BigInt(7);
|
|
135
|
+
let xBigInt;
|
|
136
|
+
if (x instanceof BigNumber_js_1.default) {
|
|
137
|
+
xBigInt = BigInt('0x' + x.toString(16));
|
|
138
|
+
}
|
|
139
|
+
else if (typeof x === 'string') {
|
|
140
|
+
xBigInt = BigInt('0x' + x);
|
|
141
|
+
}
|
|
142
|
+
else if (Array.isArray(x)) {
|
|
143
|
+
xBigInt = BigInt('0x' + (0, utils_js_1.toHex)(x).padStart(64, '0'));
|
|
144
|
+
}
|
|
145
|
+
else if (typeof x === 'number') {
|
|
146
|
+
xBigInt = BigInt(x);
|
|
173
147
|
}
|
|
174
148
|
else {
|
|
175
|
-
|
|
176
|
-
const a = new BigNumber_js_1.default(0).toRed(red);
|
|
177
|
-
const b = new BigNumber_js_1.default(7).toRed(red);
|
|
178
|
-
const zero = new BigNumber_js_1.default(0).toRed(red);
|
|
179
|
-
if (!BigNumber_js_1.default.isBN(x)) {
|
|
180
|
-
x = new BigNumber_js_1.default(x, 16);
|
|
181
|
-
}
|
|
182
|
-
x = x;
|
|
183
|
-
if (x.red == null) {
|
|
184
|
-
x = x.toRed(red);
|
|
185
|
-
}
|
|
186
|
-
const y2 = x.redSqr().redMul(x).redIAdd(x.redMul(a)).redIAdd(b);
|
|
187
|
-
let y = y2.redSqrt();
|
|
188
|
-
if (y.redSqr().redSub(y2).cmp(zero) !== 0) {
|
|
189
|
-
throw new Error('invalid point');
|
|
190
|
-
}
|
|
191
|
-
// XXX Is there any way to tell if the number is odd without converting it
|
|
192
|
-
// to non-red form?
|
|
193
|
-
const isOdd = y.fromRed().isOdd();
|
|
194
|
-
if ((odd && !isOdd) || (!odd && isOdd)) {
|
|
195
|
-
y = y.redNeg();
|
|
196
|
-
}
|
|
197
|
-
return new Point(x, y);
|
|
149
|
+
throw new Error('Invalid x-coordinate type');
|
|
198
150
|
}
|
|
151
|
+
xBigInt = mod(xBigInt, p);
|
|
152
|
+
const y2 = mod(modPow(xBigInt, BigInt(3), p) + b, p);
|
|
153
|
+
let y = sqrtMod(y2, p);
|
|
154
|
+
if (y === null) {
|
|
155
|
+
throw new Error('Invalid point');
|
|
156
|
+
}
|
|
157
|
+
const isYOdd = y % BigInt(2) === BigInt(1);
|
|
158
|
+
if ((odd && !isYOdd) || (!odd && isYOdd)) {
|
|
159
|
+
y = p - y;
|
|
160
|
+
}
|
|
161
|
+
const xBN = new BigNumber_js_1.default(xBigInt.toString(16), 16);
|
|
162
|
+
const yBN = new BigNumber_js_1.default(y.toString(16), 16);
|
|
163
|
+
return new Point(xBN, yBN);
|
|
199
164
|
}
|
|
200
165
|
/**
|
|
201
166
|
* Generates a point from a serialized JSON object. The function accounts for different options in the JSON object,
|
|
@@ -388,14 +353,13 @@ class Point extends BasePoint_js_1.default {
|
|
|
388
353
|
* console.log(aPoint.inspect());
|
|
389
354
|
*/
|
|
390
355
|
inspect() {
|
|
391
|
-
var _a, _b, _c, _d, _e, _f;
|
|
392
356
|
if (this.isInfinity()) {
|
|
393
357
|
return '<EC Point Infinity>';
|
|
394
358
|
}
|
|
395
359
|
return ('<EC Point x: ' +
|
|
396
|
-
(
|
|
360
|
+
(this.x?.fromRed()?.toString(16, 2) ?? 'undefined') +
|
|
397
361
|
' y: ' +
|
|
398
|
-
(
|
|
362
|
+
(this.y?.fromRed()?.toString(16, 2) ?? 'undefined') +
|
|
399
363
|
'>');
|
|
400
364
|
}
|
|
401
365
|
/**
|
|
@@ -423,7 +387,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
423
387
|
* const result = p1.add(p2);
|
|
424
388
|
*/
|
|
425
389
|
add(p) {
|
|
426
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
|
|
427
390
|
// O + P = P
|
|
428
391
|
if (this.inf) {
|
|
429
392
|
return p;
|
|
@@ -441,18 +404,18 @@ class Point extends BasePoint_js_1.default {
|
|
|
441
404
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
442
405
|
}
|
|
443
406
|
// P + Q = O
|
|
444
|
-
if (
|
|
407
|
+
if (this.x?.cmp(p.x ?? new BigNumber_js_1.default(0)) === 0) {
|
|
445
408
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
446
409
|
}
|
|
447
|
-
let c =
|
|
410
|
+
let c = this.y?.redSub(p.y ?? new BigNumber_js_1.default(0)) ?? new BigNumber_js_1.default(0);
|
|
448
411
|
if (c.cmpn(0) !== 0) {
|
|
449
|
-
c = c.redMul(
|
|
412
|
+
c = c.redMul(this.x?.redSub(p.x ?? new BigNumber_js_1.default(0)).redInvm() ?? new BigNumber_js_1.default(1));
|
|
450
413
|
}
|
|
451
|
-
const nx = c
|
|
452
|
-
const ny = (c
|
|
453
|
-
.redMul((
|
|
454
|
-
.redISub(
|
|
455
|
-
return new Point(nx
|
|
414
|
+
const nx = c?.redSqr().redISub(this.x ?? new BigNumber_js_1.default(0)).redISub(p.x ?? new BigNumber_js_1.default(0));
|
|
415
|
+
const ny = (c ?? new BigNumber_js_1.default(1))
|
|
416
|
+
.redMul((this.x ?? new BigNumber_js_1.default(0)).redSub(nx ?? new BigNumber_js_1.default(0)))
|
|
417
|
+
.redISub(this.y ?? new BigNumber_js_1.default(0));
|
|
418
|
+
return new Point(nx ?? new BigNumber_js_1.default(0), ny ?? new BigNumber_js_1.default(0));
|
|
456
419
|
}
|
|
457
420
|
/**
|
|
458
421
|
* Doubles the current point.
|
|
@@ -464,21 +427,20 @@ class Point extends BasePoint_js_1.default {
|
|
|
464
427
|
* const result = P.dbl();
|
|
465
428
|
* */
|
|
466
429
|
dbl() {
|
|
467
|
-
var _a, _b, _c, _d, _e, _f, _g;
|
|
468
430
|
if (this.inf) {
|
|
469
431
|
return this;
|
|
470
432
|
}
|
|
471
433
|
// 2P = O
|
|
472
|
-
const ys1 = (
|
|
434
|
+
const ys1 = (this.y ?? new BigNumber_js_1.default(0)).redAdd(this.y ?? new BigNumber_js_1.default(0));
|
|
473
435
|
if (ys1.cmpn(0) === 0) {
|
|
474
436
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
475
437
|
}
|
|
476
438
|
const a = this.curve.a;
|
|
477
|
-
const x2 = (
|
|
439
|
+
const x2 = (this.x ?? new BigNumber_js_1.default(0)).redSqr();
|
|
478
440
|
const dyinv = ys1.redInvm();
|
|
479
441
|
const c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv);
|
|
480
|
-
const nx = c.redSqr().redISub((
|
|
481
|
-
const ny = c.redMul((
|
|
442
|
+
const nx = c.redSqr().redISub((this.x ?? new BigNumber_js_1.default(0)).redAdd(this.x ?? new BigNumber_js_1.default(0)));
|
|
443
|
+
const ny = c.redMul((this.x ?? new BigNumber_js_1.default(0)).redSub(nx)).redISub(this.y ?? new BigNumber_js_1.default(0));
|
|
482
444
|
return new Point(nx, ny);
|
|
483
445
|
}
|
|
484
446
|
/**
|
|
@@ -489,8 +451,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
489
451
|
* const x = P.getX();
|
|
490
452
|
*/
|
|
491
453
|
getX() {
|
|
492
|
-
|
|
493
|
-
return ((_a = this.x) !== null && _a !== void 0 ? _a : new BigNumber_js_1.default(0)).fromRed();
|
|
454
|
+
return (this.x ?? new BigNumber_js_1.default(0)).fromRed();
|
|
494
455
|
}
|
|
495
456
|
/**
|
|
496
457
|
* Returns X coordinate of point
|
|
@@ -500,8 +461,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
500
461
|
* const x = P.getX();
|
|
501
462
|
*/
|
|
502
463
|
getY() {
|
|
503
|
-
|
|
504
|
-
return ((_a = this.y) !== null && _a !== void 0 ? _a : new BigNumber_js_1.default(0)).fromRed();
|
|
464
|
+
return (this.y ?? new BigNumber_js_1.default(0)).fromRed();
|
|
505
465
|
}
|
|
506
466
|
/**
|
|
507
467
|
* Multiplies this Point by a scalar value, returning a new Point.
|
|
@@ -519,14 +479,85 @@ class Point extends BasePoint_js_1.default {
|
|
|
519
479
|
k = new BigNumber_js_1.default(k, 16);
|
|
520
480
|
}
|
|
521
481
|
k = k;
|
|
522
|
-
if (
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
482
|
+
if (typeof BigInt === 'function') {
|
|
483
|
+
if (this.inf) {
|
|
484
|
+
return this;
|
|
485
|
+
}
|
|
486
|
+
const zero = 0n;
|
|
487
|
+
const one = 1n;
|
|
488
|
+
const p = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
|
|
489
|
+
const n = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141');
|
|
490
|
+
let kBig = BigInt('0x' + k.toString(16));
|
|
491
|
+
const isNeg = kBig < zero;
|
|
492
|
+
if (isNeg)
|
|
493
|
+
kBig = -kBig;
|
|
494
|
+
kBig = ((kBig % n) + n) % n;
|
|
495
|
+
if (kBig === zero) {
|
|
496
|
+
return new Point(null, null);
|
|
497
|
+
}
|
|
498
|
+
if (this.x === null || this.y === null) {
|
|
499
|
+
throw new Error('Point coordinates cannot be null');
|
|
500
|
+
}
|
|
501
|
+
let Px;
|
|
502
|
+
let Py;
|
|
503
|
+
if (this === this.curve.g) {
|
|
504
|
+
Px = GX_BIGINT;
|
|
505
|
+
Py = GY_BIGINT;
|
|
506
|
+
}
|
|
507
|
+
else {
|
|
508
|
+
Px = BigInt('0x' + this.x.fromRed().toString(16));
|
|
509
|
+
Py = BigInt('0x' + this.y.fromRed().toString(16));
|
|
510
|
+
}
|
|
511
|
+
const mod = (a, m) => ((a % m) + m) % m;
|
|
512
|
+
const modMul = (a, b, m) => mod(a * b, m);
|
|
513
|
+
const modInv = (a, m) => {
|
|
514
|
+
let lm = one;
|
|
515
|
+
let hm = zero;
|
|
516
|
+
let low = mod(a, m);
|
|
517
|
+
let high = m;
|
|
518
|
+
while (low > one) {
|
|
519
|
+
const r = high / low;
|
|
520
|
+
const nm = hm - lm * r;
|
|
521
|
+
const neww = high - low * r;
|
|
522
|
+
hm = lm;
|
|
523
|
+
lm = nm;
|
|
524
|
+
high = low;
|
|
525
|
+
low = neww;
|
|
526
|
+
}
|
|
527
|
+
return mod(lm, m);
|
|
528
|
+
};
|
|
529
|
+
const scalarMultiply = (kVal, P0) => {
|
|
530
|
+
// Delegate to the hoisted windowed-NAF implementation above. We
|
|
531
|
+
// keep the wrapper so that the rest of the mul() code remains
|
|
532
|
+
// untouched while providing a massive speed-up (≈4-6×).
|
|
533
|
+
return scalarMultiplyWNAF(kVal, P0);
|
|
534
|
+
};
|
|
535
|
+
const R = scalarMultiply(kBig, { x: Px, y: Py });
|
|
536
|
+
if (R.Z === zero) {
|
|
537
|
+
return new Point(null, null);
|
|
538
|
+
}
|
|
539
|
+
const zInv = modInv(R.Z, p);
|
|
540
|
+
const zInv2 = modMul(zInv, zInv, p);
|
|
541
|
+
const xRes = modMul(R.X, zInv2, p);
|
|
542
|
+
const yRes = modMul(R.Y, modMul(zInv2, zInv, p), p);
|
|
543
|
+
const xBN = new BigNumber_js_1.default(xRes.toString(16), 16);
|
|
544
|
+
const yBN = new BigNumber_js_1.default(yRes.toString(16), 16);
|
|
545
|
+
const result = new Point(xBN, yBN);
|
|
546
|
+
if (isNeg) {
|
|
547
|
+
return result.neg();
|
|
548
|
+
}
|
|
549
|
+
return result;
|
|
527
550
|
}
|
|
528
551
|
else {
|
|
529
|
-
|
|
552
|
+
if (this.isInfinity()) {
|
|
553
|
+
return this;
|
|
554
|
+
}
|
|
555
|
+
else if (this._hasDoubles(k)) {
|
|
556
|
+
return this._fixedNafMul(k);
|
|
557
|
+
}
|
|
558
|
+
else {
|
|
559
|
+
return this._endoWnafMulAdd([this], [k]);
|
|
560
|
+
}
|
|
530
561
|
}
|
|
531
562
|
}
|
|
532
563
|
/**
|
|
@@ -583,10 +614,9 @@ class Point extends BasePoint_js_1.default {
|
|
|
583
614
|
* const areEqual = p1.eq(p2); // returns true
|
|
584
615
|
*/
|
|
585
616
|
eq(p) {
|
|
586
|
-
var _a, _b, _c, _d;
|
|
587
617
|
return (this === p ||
|
|
588
618
|
(this.inf === p.inf &&
|
|
589
|
-
(this.inf || ((
|
|
619
|
+
(this.inf || ((this.x ?? new BigNumber_js_1.default(0)).cmp(p.x ?? new BigNumber_js_1.default(0)) === 0 && (this.y ?? new BigNumber_js_1.default(0)).cmp(p.y ?? new BigNumber_js_1.default(0)) === 0))));
|
|
590
620
|
}
|
|
591
621
|
/**
|
|
592
622
|
* Negate a point. The negation of a point P is the mirror of P about x-axis.
|
|
@@ -598,11 +628,10 @@ class Point extends BasePoint_js_1.default {
|
|
|
598
628
|
* const result = P.neg();
|
|
599
629
|
*/
|
|
600
630
|
neg(_precompute) {
|
|
601
|
-
var _a;
|
|
602
631
|
if (this.inf) {
|
|
603
632
|
return this;
|
|
604
633
|
}
|
|
605
|
-
const res = new Point(this.x, (
|
|
634
|
+
const res = new Point(this.x, (this.y ?? new BigNumber_js_1.default(0)).redNeg());
|
|
606
635
|
if (_precompute === true && this.precomputed != null) {
|
|
607
636
|
const pre = this.precomputed;
|
|
608
637
|
const negate = (p) => p.neg();
|
|
@@ -665,7 +694,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
665
694
|
return res;
|
|
666
695
|
}
|
|
667
696
|
_getBeta() {
|
|
668
|
-
var _a;
|
|
669
697
|
if (typeof this.curve.endo !== 'object') {
|
|
670
698
|
return;
|
|
671
699
|
}
|
|
@@ -676,7 +704,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
676
704
|
pre.beta !== null) {
|
|
677
705
|
return pre.beta;
|
|
678
706
|
}
|
|
679
|
-
const beta = new Point((
|
|
707
|
+
const beta = new Point((this.x ?? new BigNumber_js_1.default(0)).redMul(this.curve.endo.beta), this.y);
|
|
680
708
|
if (pre != null) {
|
|
681
709
|
const curve = this.curve;
|
|
682
710
|
const endoMul = (p) => {
|
|
@@ -741,7 +769,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
741
769
|
return a.toP();
|
|
742
770
|
}
|
|
743
771
|
_wnafMulAdd(defW, points, coeffs, len, jacobianResult) {
|
|
744
|
-
var _a, _b, _c, _d;
|
|
745
772
|
const wndWidth = this.curve._wnafT1.map(num => num.toNumber()); // Convert BigNumber to number
|
|
746
773
|
const wnd = this.curve._wnafT2.map(() => []); // Initialize as empty Point[][] array
|
|
747
774
|
const naf = this.curve._wnafT3.map(() => []); // Initialize as empty number[][] array
|
|
@@ -771,11 +798,11 @@ class Point extends BasePoint_js_1.default {
|
|
|
771
798
|
points[b] /* 7 */
|
|
772
799
|
];
|
|
773
800
|
// Try to avoid Projective points, if possible
|
|
774
|
-
if ((
|
|
801
|
+
if ((points[a].y ?? new BigNumber_js_1.default(0)).cmp(points[b].y ?? new BigNumber_js_1.default(0)) === 0) {
|
|
775
802
|
comb[1] = points[a].add(points[b]);
|
|
776
803
|
comb[2] = points[a].toJ().mixedAdd(points[b].neg());
|
|
777
804
|
}
|
|
778
|
-
else if ((
|
|
805
|
+
else if ((points[a].y ?? new BigNumber_js_1.default(0)).cmp((points[b].y ?? new BigNumber_js_1.default(0)).redNeg()) === 0) {
|
|
779
806
|
comb[1] = points[a].toJ().mixedAdd(points[b]);
|
|
780
807
|
comb[2] = points[a].add(points[b].neg());
|
|
781
808
|
}
|
|
@@ -859,14 +886,13 @@ class Point extends BasePoint_js_1.default {
|
|
|
859
886
|
}
|
|
860
887
|
_endoWnafMulAdd(points, coeffs, // Explicitly type coeffs
|
|
861
888
|
jacobianResult) {
|
|
862
|
-
var _a;
|
|
863
889
|
const npoints = new Array(points.length * 2);
|
|
864
890
|
const ncoeffs = new Array(points.length * 2);
|
|
865
891
|
let i;
|
|
866
892
|
for (i = 0; i < points.length; i++) {
|
|
867
893
|
const split = this.curve._endoSplit(coeffs[i]);
|
|
868
894
|
let p = points[i];
|
|
869
|
-
let beta =
|
|
895
|
+
let beta = p._getBeta() ?? new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
870
896
|
if (split.k1.negative !== 0) {
|
|
871
897
|
split.k1.ineg();
|
|
872
898
|
p = p.neg(true);
|
|
@@ -908,14 +934,14 @@ class Point extends BasePoint_js_1.default {
|
|
|
908
934
|
const doubles = [this];
|
|
909
935
|
/* eslint-disable @typescript-eslint/no-this-alias */
|
|
910
936
|
let acc = this;
|
|
911
|
-
for (let i = 0; i < (power
|
|
912
|
-
for (let j = 0; j < (step
|
|
937
|
+
for (let i = 0; i < (power ?? 0); i += (step ?? 1)) {
|
|
938
|
+
for (let j = 0; j < (step ?? 1); j++) {
|
|
913
939
|
acc = acc.dbl();
|
|
914
940
|
}
|
|
915
941
|
doubles.push(acc);
|
|
916
942
|
}
|
|
917
943
|
return {
|
|
918
|
-
step: step
|
|
944
|
+
step: step ?? 1,
|
|
919
945
|
points: doubles
|
|
920
946
|
};
|
|
921
947
|
}
|
|
@@ -945,4 +971,131 @@ Point.a = new BigNumber_js_1.default(0).toRed(Point.red);
|
|
|
945
971
|
Point.b = new BigNumber_js_1.default(7).toRed(Point.red);
|
|
946
972
|
Point.zero = new BigNumber_js_1.default(0).toRed(Point.red);
|
|
947
973
|
exports.default = Point;
|
|
974
|
+
// -----------------------------------------------------------------------------
|
|
975
|
+
// BigInt helpers & constants (secp256k1) – hoisted so we don't recreate them on
|
|
976
|
+
// every Point.mul() call.
|
|
977
|
+
// -----------------------------------------------------------------------------
|
|
978
|
+
const BI_ZERO = 0n;
|
|
979
|
+
const BI_ONE = 1n;
|
|
980
|
+
const BI_TWO = 2n;
|
|
981
|
+
const BI_THREE = 3n;
|
|
982
|
+
const BI_FOUR = 4n;
|
|
983
|
+
const BI_EIGHT = 8n;
|
|
984
|
+
const P_BIGINT = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2fn;
|
|
985
|
+
const MASK_256 = (1n << 256n) - 1n; // 0xffff…ffff (256 sones)
|
|
986
|
+
function red(x) {
|
|
987
|
+
// first fold
|
|
988
|
+
let hi = x >> 256n;
|
|
989
|
+
x = (x & MASK_256) + (hi << 32n) + hi * 977n;
|
|
990
|
+
// second fold (hi ≤ 2³² + 977 here, so one more pass is enough)
|
|
991
|
+
hi = x >> 256n;
|
|
992
|
+
x = (x & MASK_256) + (hi << 32n) + hi * 977n;
|
|
993
|
+
// final conditional subtraction
|
|
994
|
+
if (x >= P_BIGINT)
|
|
995
|
+
x -= P_BIGINT;
|
|
996
|
+
return x;
|
|
997
|
+
}
|
|
998
|
+
const biModSub = (a, b) => (a >= b ? a - b : P_BIGINT - (b - a));
|
|
999
|
+
const biModMul = (a, b) => red(a * b);
|
|
1000
|
+
// Generator point coordinates as bigint constants
|
|
1001
|
+
const GX_BIGINT = BigInt('0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798');
|
|
1002
|
+
const GY_BIGINT = BigInt('0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8');
|
|
1003
|
+
// Cache for precomputed windowed tables keyed by 'window:x:y'
|
|
1004
|
+
const WNAF_TABLE_CACHE = new Map();
|
|
1005
|
+
const jpDouble = (P) => {
|
|
1006
|
+
const { X: X1, Y: Y1, Z: Z1 } = P;
|
|
1007
|
+
if (Y1 === BI_ZERO)
|
|
1008
|
+
return { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO };
|
|
1009
|
+
const Y1sq = biModMul(Y1, Y1);
|
|
1010
|
+
const S = biModMul(BI_FOUR, biModMul(X1, Y1sq));
|
|
1011
|
+
const M = biModMul(BI_THREE, biModMul(X1, X1));
|
|
1012
|
+
const X3 = biModSub(biModMul(M, M), biModMul(BI_TWO, S));
|
|
1013
|
+
const Y3 = biModSub(biModMul(M, biModSub(S, X3)), biModMul(BI_EIGHT, biModMul(Y1sq, Y1sq)));
|
|
1014
|
+
const Z3 = biModMul(BI_TWO, biModMul(Y1, Z1));
|
|
1015
|
+
return { X: X3, Y: Y3, Z: Z3 };
|
|
1016
|
+
};
|
|
1017
|
+
const jpAdd = (P, Q) => {
|
|
1018
|
+
if (P.Z === BI_ZERO)
|
|
1019
|
+
return Q;
|
|
1020
|
+
if (Q.Z === BI_ZERO)
|
|
1021
|
+
return P;
|
|
1022
|
+
const Z1Z1 = biModMul(P.Z, P.Z);
|
|
1023
|
+
const Z2Z2 = biModMul(Q.Z, Q.Z);
|
|
1024
|
+
const U1 = biModMul(P.X, Z2Z2);
|
|
1025
|
+
const U2 = biModMul(Q.X, Z1Z1);
|
|
1026
|
+
const S1 = biModMul(P.Y, biModMul(Z2Z2, Q.Z));
|
|
1027
|
+
const S2 = biModMul(Q.Y, biModMul(Z1Z1, P.Z));
|
|
1028
|
+
const H = biModSub(U2, U1);
|
|
1029
|
+
const r = biModSub(S2, S1);
|
|
1030
|
+
if (H === BI_ZERO) {
|
|
1031
|
+
if (r === BI_ZERO)
|
|
1032
|
+
return jpDouble(P);
|
|
1033
|
+
return { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO }; // Infinity
|
|
1034
|
+
}
|
|
1035
|
+
const HH = biModMul(H, H);
|
|
1036
|
+
const HHH = biModMul(H, HH);
|
|
1037
|
+
const V = biModMul(U1, HH);
|
|
1038
|
+
const X3 = biModSub(biModSub(biModMul(r, r), HHH), biModMul(BI_TWO, V));
|
|
1039
|
+
const Y3 = biModSub(biModMul(r, biModSub(V, X3)), biModMul(S1, HHH));
|
|
1040
|
+
const Z3 = biModMul(H, biModMul(P.Z, Q.Z));
|
|
1041
|
+
return { X: X3, Y: Y3, Z: Z3 };
|
|
1042
|
+
};
|
|
1043
|
+
const jpNeg = (P) => {
|
|
1044
|
+
if (P.Z === BI_ZERO)
|
|
1045
|
+
return P;
|
|
1046
|
+
return { X: P.X, Y: P_BIGINT - P.Y, Z: P.Z };
|
|
1047
|
+
};
|
|
1048
|
+
// Fast windowed-NAF scalar multiplication (default window = 5) in Jacobian
|
|
1049
|
+
// coordinates. Returns Q = k * P0 as a JacobianPoint.
|
|
1050
|
+
const scalarMultiplyWNAF = (k, P0, window = 5) => {
|
|
1051
|
+
const key = `${window}:${P0.x.toString(16)}:${P0.y.toString(16)}`;
|
|
1052
|
+
let tbl = WNAF_TABLE_CACHE.get(key);
|
|
1053
|
+
let P;
|
|
1054
|
+
if (tbl === undefined) {
|
|
1055
|
+
// Convert affine to Jacobian and pre-compute odd multiples
|
|
1056
|
+
const tblSize = 1 << (window - 1); // e.g. w=5 → 16 entries
|
|
1057
|
+
tbl = new Array(tblSize);
|
|
1058
|
+
P = { X: P0.x, Y: P0.y, Z: BI_ONE };
|
|
1059
|
+
tbl[0] = P;
|
|
1060
|
+
const twoP = jpDouble(P);
|
|
1061
|
+
for (let i = 1; i < tblSize; i++) {
|
|
1062
|
+
tbl[i] = jpAdd(tbl[i - 1], twoP);
|
|
1063
|
+
}
|
|
1064
|
+
WNAF_TABLE_CACHE.set(key, tbl);
|
|
1065
|
+
}
|
|
1066
|
+
else {
|
|
1067
|
+
P = tbl[0];
|
|
1068
|
+
}
|
|
1069
|
+
// Build wNAF representation of k
|
|
1070
|
+
const wnaf = [];
|
|
1071
|
+
const wBig = 1n << BigInt(window);
|
|
1072
|
+
const wHalf = wBig >> 1n;
|
|
1073
|
+
let kTmp = k;
|
|
1074
|
+
while (kTmp > 0n) {
|
|
1075
|
+
if ((kTmp & BI_ONE) === BI_ZERO) {
|
|
1076
|
+
wnaf.push(0);
|
|
1077
|
+
kTmp >>= BI_ONE;
|
|
1078
|
+
}
|
|
1079
|
+
else {
|
|
1080
|
+
let z = kTmp & (wBig - 1n); // kTmp mod 2^w
|
|
1081
|
+
if (z > wHalf)
|
|
1082
|
+
z -= wBig; // make it odd & within (-2^{w-1}, 2^{w-1})
|
|
1083
|
+
wnaf.push(Number(z));
|
|
1084
|
+
kTmp -= z;
|
|
1085
|
+
kTmp >>= BI_ONE;
|
|
1086
|
+
}
|
|
1087
|
+
}
|
|
1088
|
+
// Accumulate from MSB to LSB
|
|
1089
|
+
let Q = { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO }; // infinity
|
|
1090
|
+
for (let i = wnaf.length - 1; i >= 0; i--) {
|
|
1091
|
+
Q = jpDouble(Q);
|
|
1092
|
+
const di = wnaf[i];
|
|
1093
|
+
if (di !== 0) {
|
|
1094
|
+
const idx = Math.abs(di) >> 1; // (|di|-1)/2 because di is odd
|
|
1095
|
+
const addend = di > 0 ? tbl[idx] : jpNeg(tbl[idx]);
|
|
1096
|
+
Q = jpAdd(Q, addend);
|
|
1097
|
+
}
|
|
1098
|
+
}
|
|
1099
|
+
return Q;
|
|
1100
|
+
};
|
|
948
1101
|
//# sourceMappingURL=Point.js.map
|