@bsv/sdk 1.6.16 → 1.6.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/package.json +1 -1
- package/dist/cjs/src/auth/Peer.js +16 -25
- package/dist/cjs/src/auth/Peer.js.map +1 -1
- package/dist/cjs/src/auth/SessionManager.js +2 -4
- package/dist/cjs/src/auth/SessionManager.js.map +1 -1
- package/dist/cjs/src/auth/certificates/Certificate.js +2 -4
- package/dist/cjs/src/auth/certificates/Certificate.js.map +1 -1
- package/dist/cjs/src/auth/certificates/MasterCertificate.js +1 -1
- package/dist/cjs/src/auth/certificates/MasterCertificate.js.map +1 -1
- package/dist/cjs/src/auth/clients/AuthFetch.js +2 -4
- package/dist/cjs/src/auth/clients/AuthFetch.js.map +1 -1
- package/dist/cjs/src/compat/ECIES.js +1 -1
- package/dist/cjs/src/compat/ECIES.js.map +1 -1
- package/dist/cjs/src/compat/Mnemonic.js +2 -2
- package/dist/cjs/src/compat/Mnemonic.js.map +1 -1
- package/dist/cjs/src/identity/IdentityClient.js +1 -1
- package/dist/cjs/src/identity/IdentityClient.js.map +1 -1
- package/dist/cjs/src/kvstore/LocalKVStore.js +1 -2
- package/dist/cjs/src/kvstore/LocalKVStore.js.map +1 -1
- package/dist/cjs/src/overlay-tools/LookupResolver.js +6 -8
- package/dist/cjs/src/overlay-tools/LookupResolver.js.map +1 -1
- package/dist/cjs/src/overlay-tools/SHIPBroadcaster.js +9 -10
- package/dist/cjs/src/overlay-tools/SHIPBroadcaster.js.map +1 -1
- package/dist/cjs/src/primitives/AESGCM.js +1 -2
- package/dist/cjs/src/primitives/AESGCM.js.map +1 -1
- package/dist/cjs/src/primitives/BigNumber.js +2 -3
- package/dist/cjs/src/primitives/BigNumber.js.map +1 -1
- package/dist/cjs/src/primitives/Curve.js +2 -3
- package/dist/cjs/src/primitives/Curve.js.map +1 -1
- package/dist/cjs/src/primitives/ECDSA.js +174 -396
- package/dist/cjs/src/primitives/ECDSA.js.map +1 -1
- package/dist/cjs/src/primitives/JacobianPoint.js +1 -2
- package/dist/cjs/src/primitives/JacobianPoint.js.map +1 -1
- package/dist/cjs/src/primitives/Point.js +217 -181
- package/dist/cjs/src/primitives/Point.js.map +1 -1
- package/dist/cjs/src/primitives/Polynomial.js +1 -1
- package/dist/cjs/src/primitives/Polynomial.js.map +1 -1
- package/dist/cjs/src/primitives/Random.js +1 -2
- package/dist/cjs/src/primitives/Random.js.map +1 -1
- package/dist/cjs/src/primitives/TransactionSignature.js +5 -7
- package/dist/cjs/src/primitives/TransactionSignature.js.map +1 -1
- package/dist/cjs/src/primitives/utils.js +1 -2
- package/dist/cjs/src/primitives/utils.js.map +1 -1
- package/dist/cjs/src/registry/RegistryClient.js +2 -4
- package/dist/cjs/src/registry/RegistryClient.js.map +1 -1
- package/dist/cjs/src/script/Spend.js +1 -2
- package/dist/cjs/src/script/Spend.js.map +1 -1
- package/dist/cjs/src/script/templates/P2PKH.js +4 -4
- package/dist/cjs/src/script/templates/P2PKH.js.map +1 -1
- package/dist/cjs/src/script/templates/PushDrop.js +7 -8
- package/dist/cjs/src/script/templates/PushDrop.js.map +1 -1
- package/dist/cjs/src/script/templates/RPuzzle.js +7 -6
- package/dist/cjs/src/script/templates/RPuzzle.js.map +1 -1
- package/dist/cjs/src/storage/StorageDownloader.js +1 -1
- package/dist/cjs/src/storage/StorageDownloader.js.map +1 -1
- package/dist/cjs/src/storage/StorageUploader.js +6 -9
- package/dist/cjs/src/storage/StorageUploader.js.map +1 -1
- package/dist/cjs/src/transaction/Beef.js +2 -3
- package/dist/cjs/src/transaction/Beef.js.map +1 -1
- package/dist/cjs/src/transaction/MerklePath.js +9 -12
- package/dist/cjs/src/transaction/MerklePath.js.map +1 -1
- package/dist/cjs/src/transaction/Transaction.js +15 -22
- package/dist/cjs/src/transaction/Transaction.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/ARC.js +3 -3
- package/dist/cjs/src/transaction/broadcasters/ARC.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/Teranode.js +2 -3
- package/dist/cjs/src/transaction/broadcasters/Teranode.js.map +1 -1
- package/dist/cjs/src/transaction/broadcasters/WhatsOnChainBroadcaster.js +2 -3
- package/dist/cjs/src/transaction/broadcasters/WhatsOnChainBroadcaster.js.map +1 -1
- package/dist/cjs/src/transaction/chaintrackers/BlockHeadersService.js +2 -2
- package/dist/cjs/src/transaction/chaintrackers/BlockHeadersService.js.map +1 -1
- package/dist/cjs/src/transaction/chaintrackers/WhatsOnChain.js +2 -2
- package/dist/cjs/src/transaction/chaintrackers/WhatsOnChain.js.map +1 -1
- package/dist/cjs/src/transaction/http/FetchHttpClient.js +1 -2
- package/dist/cjs/src/transaction/http/FetchHttpClient.js.map +1 -1
- package/dist/cjs/src/wallet/CachedKeyDeriver.js +1 -1
- package/dist/cjs/src/wallet/CachedKeyDeriver.js.map +1 -1
- package/dist/cjs/src/wallet/KeyDeriver.js +4 -3
- package/dist/cjs/src/wallet/KeyDeriver.js.map +1 -1
- package/dist/cjs/src/wallet/ProtoWallet.js +21 -25
- package/dist/cjs/src/wallet/ProtoWallet.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletJSON.js +2 -3
- package/dist/cjs/src/wallet/substrates/HTTPWalletJSON.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletWire.js +1 -1
- package/dist/cjs/src/wallet/substrates/HTTPWalletWire.js.map +1 -1
- package/dist/cjs/src/wallet/substrates/WalletWireTransceiver.js +12 -19
- package/dist/cjs/src/wallet/substrates/WalletWireTransceiver.js.map +1 -1
- package/dist/cjs/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/esm/src/primitives/ECDSA.js +174 -395
- package/dist/esm/src/primitives/ECDSA.js.map +1 -1
- package/dist/esm/src/primitives/Point.js +192 -146
- package/dist/esm/src/primitives/Point.js.map +1 -1
- package/dist/esm/src/wallet/KeyDeriver.js +3 -1
- package/dist/esm/src/wallet/KeyDeriver.js.map +1 -1
- package/dist/esm/tsconfig.esm.tsbuildinfo +1 -1
- package/dist/types/src/primitives/ECDSA.d.ts.map +1 -1
- package/dist/types/src/primitives/Point.d.ts.map +1 -1
- package/dist/types/src/wallet/KeyDeriver.d.ts.map +1 -1
- package/dist/types/tsconfig.types.tsbuildinfo +1 -1
- package/dist/umd/bundle.js +1 -1
- package/docs/reference/primitives.md +165 -377
- package/package.json +1 -1
- package/src/primitives/ECDSA.ts +218 -488
- package/src/primitives/Point.ts +212 -162
- package/src/transaction/__tests/Transaction.test.ts +1 -1
- package/src/wallet/KeyDeriver.ts +2 -1
- package/src/wallet/__tests/ProtoWallet.test.ts +46 -1
|
@@ -104,98 +104,63 @@ class Point extends BasePoint_js_1.default {
|
|
|
104
104
|
* const point = Point.fromX(xCoordinate, true);
|
|
105
105
|
*/
|
|
106
106
|
static fromX(x, odd) {
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
result = mod(result * base, modulus);
|
|
117
|
-
}
|
|
118
|
-
exponent >>= BigInt(1);
|
|
119
|
-
base = mod(base * base, modulus);
|
|
120
|
-
}
|
|
121
|
-
return result;
|
|
122
|
-
}
|
|
123
|
-
function sqrtMod(a, p) {
|
|
124
|
-
const exponent = (p + BigInt(1)) >> BigInt(2); // Precomputed exponent
|
|
125
|
-
const sqrtCandidate = modPow(a, exponent, p);
|
|
126
|
-
if (mod(sqrtCandidate * sqrtCandidate, p) === mod(a, p)) {
|
|
127
|
-
return sqrtCandidate;
|
|
128
|
-
}
|
|
129
|
-
else {
|
|
130
|
-
// No square root exists
|
|
131
|
-
return null;
|
|
107
|
+
function mod(a, n) {
|
|
108
|
+
return ((a % n) + n) % n;
|
|
109
|
+
}
|
|
110
|
+
function modPow(base, exponent, modulus) {
|
|
111
|
+
let result = BigInt(1);
|
|
112
|
+
base = mod(base, modulus);
|
|
113
|
+
while (exponent > BigInt(0)) {
|
|
114
|
+
if ((exponent & BigInt(1)) === BigInt(1)) {
|
|
115
|
+
result = mod(result * base, modulus);
|
|
132
116
|
}
|
|
117
|
+
exponent >>= BigInt(1);
|
|
118
|
+
base = mod(base * base, modulus);
|
|
133
119
|
}
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
const
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
xBigInt = BigInt('0x' + x.toString(16));
|
|
142
|
-
}
|
|
143
|
-
else if (typeof x === 'string') {
|
|
144
|
-
xBigInt = BigInt('0x' + x);
|
|
145
|
-
}
|
|
146
|
-
else if (Array.isArray(x)) {
|
|
147
|
-
xBigInt = BigInt('0x' + (0, utils_js_1.toHex)(x).padStart(64, '0'));
|
|
148
|
-
}
|
|
149
|
-
else if (typeof x === 'number') {
|
|
150
|
-
xBigInt = BigInt(x);
|
|
120
|
+
return result;
|
|
121
|
+
}
|
|
122
|
+
function sqrtMod(a, p) {
|
|
123
|
+
const exponent = (p + BigInt(1)) >> BigInt(2);
|
|
124
|
+
const sqrtCandidate = modPow(a, exponent, p);
|
|
125
|
+
if (mod(sqrtCandidate * sqrtCandidate, p) === mod(a, p)) {
|
|
126
|
+
return sqrtCandidate;
|
|
151
127
|
}
|
|
152
128
|
else {
|
|
153
|
-
|
|
129
|
+
return null;
|
|
154
130
|
}
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
const yBN = new BigNumber_js_1.default(y.toString(16), 16);
|
|
172
|
-
return new Point(xBN, yBN);
|
|
131
|
+
}
|
|
132
|
+
// Curve parameters for secp256k1
|
|
133
|
+
const p = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
|
|
134
|
+
const b = BigInt(7);
|
|
135
|
+
let xBigInt;
|
|
136
|
+
if (x instanceof BigNumber_js_1.default) {
|
|
137
|
+
xBigInt = BigInt('0x' + x.toString(16));
|
|
138
|
+
}
|
|
139
|
+
else if (typeof x === 'string') {
|
|
140
|
+
xBigInt = BigInt('0x' + x);
|
|
141
|
+
}
|
|
142
|
+
else if (Array.isArray(x)) {
|
|
143
|
+
xBigInt = BigInt('0x' + (0, utils_js_1.toHex)(x).padStart(64, '0'));
|
|
144
|
+
}
|
|
145
|
+
else if (typeof x === 'number') {
|
|
146
|
+
xBigInt = BigInt(x);
|
|
173
147
|
}
|
|
174
148
|
else {
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
x = x;
|
|
183
|
-
if (x.red == null) {
|
|
184
|
-
x = x.toRed(red);
|
|
185
|
-
}
|
|
186
|
-
const y2 = x.redSqr().redMul(x).redIAdd(x.redMul(a)).redIAdd(b);
|
|
187
|
-
let y = y2.redSqrt();
|
|
188
|
-
if (y.redSqr().redSub(y2).cmp(zero) !== 0) {
|
|
189
|
-
throw new Error('invalid point');
|
|
190
|
-
}
|
|
191
|
-
// XXX Is there any way to tell if the number is odd without converting it
|
|
192
|
-
// to non-red form?
|
|
193
|
-
const isOdd = y.fromRed().isOdd();
|
|
194
|
-
if ((odd && !isOdd) || (!odd && isOdd)) {
|
|
195
|
-
y = y.redNeg();
|
|
196
|
-
}
|
|
197
|
-
return new Point(x, y);
|
|
149
|
+
throw new Error('Invalid x-coordinate type');
|
|
150
|
+
}
|
|
151
|
+
xBigInt = mod(xBigInt, p);
|
|
152
|
+
const y2 = mod(modPow(xBigInt, BigInt(3), p) + b, p);
|
|
153
|
+
let y = sqrtMod(y2, p);
|
|
154
|
+
if (y === null) {
|
|
155
|
+
throw new Error('Invalid point');
|
|
198
156
|
}
|
|
157
|
+
const isYOdd = y % BigInt(2) === BigInt(1);
|
|
158
|
+
if ((odd && !isYOdd) || (!odd && isYOdd)) {
|
|
159
|
+
y = p - y;
|
|
160
|
+
}
|
|
161
|
+
const xBN = new BigNumber_js_1.default(xBigInt.toString(16), 16);
|
|
162
|
+
const yBN = new BigNumber_js_1.default(y.toString(16), 16);
|
|
163
|
+
return new Point(xBN, yBN);
|
|
199
164
|
}
|
|
200
165
|
/**
|
|
201
166
|
* Generates a point from a serialized JSON object. The function accounts for different options in the JSON object,
|
|
@@ -388,14 +353,13 @@ class Point extends BasePoint_js_1.default {
|
|
|
388
353
|
* console.log(aPoint.inspect());
|
|
389
354
|
*/
|
|
390
355
|
inspect() {
|
|
391
|
-
var _a, _b, _c, _d, _e, _f;
|
|
392
356
|
if (this.isInfinity()) {
|
|
393
357
|
return '<EC Point Infinity>';
|
|
394
358
|
}
|
|
395
359
|
return ('<EC Point x: ' +
|
|
396
|
-
(
|
|
360
|
+
(this.x?.fromRed()?.toString(16, 2) ?? 'undefined') +
|
|
397
361
|
' y: ' +
|
|
398
|
-
(
|
|
362
|
+
(this.y?.fromRed()?.toString(16, 2) ?? 'undefined') +
|
|
399
363
|
'>');
|
|
400
364
|
}
|
|
401
365
|
/**
|
|
@@ -423,7 +387,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
423
387
|
* const result = p1.add(p2);
|
|
424
388
|
*/
|
|
425
389
|
add(p) {
|
|
426
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
|
|
427
390
|
// O + P = P
|
|
428
391
|
if (this.inf) {
|
|
429
392
|
return p;
|
|
@@ -441,18 +404,18 @@ class Point extends BasePoint_js_1.default {
|
|
|
441
404
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
442
405
|
}
|
|
443
406
|
// P + Q = O
|
|
444
|
-
if (
|
|
407
|
+
if (this.x?.cmp(p.x ?? new BigNumber_js_1.default(0)) === 0) {
|
|
445
408
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
446
409
|
}
|
|
447
|
-
let c =
|
|
410
|
+
let c = this.y?.redSub(p.y ?? new BigNumber_js_1.default(0)) ?? new BigNumber_js_1.default(0);
|
|
448
411
|
if (c.cmpn(0) !== 0) {
|
|
449
|
-
c = c.redMul(
|
|
412
|
+
c = c.redMul(this.x?.redSub(p.x ?? new BigNumber_js_1.default(0)).redInvm() ?? new BigNumber_js_1.default(1));
|
|
450
413
|
}
|
|
451
|
-
const nx = c
|
|
452
|
-
const ny = (c
|
|
453
|
-
.redMul((
|
|
454
|
-
.redISub(
|
|
455
|
-
return new Point(nx
|
|
414
|
+
const nx = c?.redSqr().redISub(this.x ?? new BigNumber_js_1.default(0)).redISub(p.x ?? new BigNumber_js_1.default(0));
|
|
415
|
+
const ny = (c ?? new BigNumber_js_1.default(1))
|
|
416
|
+
.redMul((this.x ?? new BigNumber_js_1.default(0)).redSub(nx ?? new BigNumber_js_1.default(0)))
|
|
417
|
+
.redISub(this.y ?? new BigNumber_js_1.default(0));
|
|
418
|
+
return new Point(nx ?? new BigNumber_js_1.default(0), ny ?? new BigNumber_js_1.default(0));
|
|
456
419
|
}
|
|
457
420
|
/**
|
|
458
421
|
* Doubles the current point.
|
|
@@ -464,21 +427,20 @@ class Point extends BasePoint_js_1.default {
|
|
|
464
427
|
* const result = P.dbl();
|
|
465
428
|
* */
|
|
466
429
|
dbl() {
|
|
467
|
-
var _a, _b, _c, _d, _e, _f, _g;
|
|
468
430
|
if (this.inf) {
|
|
469
431
|
return this;
|
|
470
432
|
}
|
|
471
433
|
// 2P = O
|
|
472
|
-
const ys1 = (
|
|
434
|
+
const ys1 = (this.y ?? new BigNumber_js_1.default(0)).redAdd(this.y ?? new BigNumber_js_1.default(0));
|
|
473
435
|
if (ys1.cmpn(0) === 0) {
|
|
474
436
|
return new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
475
437
|
}
|
|
476
438
|
const a = this.curve.a;
|
|
477
|
-
const x2 = (
|
|
439
|
+
const x2 = (this.x ?? new BigNumber_js_1.default(0)).redSqr();
|
|
478
440
|
const dyinv = ys1.redInvm();
|
|
479
441
|
const c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv);
|
|
480
|
-
const nx = c.redSqr().redISub((
|
|
481
|
-
const ny = c.redMul((
|
|
442
|
+
const nx = c.redSqr().redISub((this.x ?? new BigNumber_js_1.default(0)).redAdd(this.x ?? new BigNumber_js_1.default(0)));
|
|
443
|
+
const ny = c.redMul((this.x ?? new BigNumber_js_1.default(0)).redSub(nx)).redISub(this.y ?? new BigNumber_js_1.default(0));
|
|
482
444
|
return new Point(nx, ny);
|
|
483
445
|
}
|
|
484
446
|
/**
|
|
@@ -489,8 +451,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
489
451
|
* const x = P.getX();
|
|
490
452
|
*/
|
|
491
453
|
getX() {
|
|
492
|
-
|
|
493
|
-
return ((_a = this.x) !== null && _a !== void 0 ? _a : new BigNumber_js_1.default(0)).fromRed();
|
|
454
|
+
return (this.x ?? new BigNumber_js_1.default(0)).fromRed();
|
|
494
455
|
}
|
|
495
456
|
/**
|
|
496
457
|
* Returns X coordinate of point
|
|
@@ -500,8 +461,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
500
461
|
* const x = P.getX();
|
|
501
462
|
*/
|
|
502
463
|
getY() {
|
|
503
|
-
|
|
504
|
-
return ((_a = this.y) !== null && _a !== void 0 ? _a : new BigNumber_js_1.default(0)).fromRed();
|
|
464
|
+
return (this.y ?? new BigNumber_js_1.default(0)).fromRed();
|
|
505
465
|
}
|
|
506
466
|
/**
|
|
507
467
|
* Multiplies this Point by a scalar value, returning a new Point.
|
|
@@ -523,12 +483,8 @@ class Point extends BasePoint_js_1.default {
|
|
|
523
483
|
if (this.inf) {
|
|
524
484
|
return this;
|
|
525
485
|
}
|
|
526
|
-
const zero =
|
|
527
|
-
const one =
|
|
528
|
-
const two = BigInt(2);
|
|
529
|
-
const three = BigInt(3);
|
|
530
|
-
const four = BigInt(4);
|
|
531
|
-
const eight = BigInt(8);
|
|
486
|
+
const zero = 0n;
|
|
487
|
+
const one = 1n;
|
|
532
488
|
const p = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
|
|
533
489
|
const n = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141');
|
|
534
490
|
let kBig = BigInt('0x' + k.toString(16));
|
|
@@ -542,11 +498,18 @@ class Point extends BasePoint_js_1.default {
|
|
|
542
498
|
if (this.x === null || this.y === null) {
|
|
543
499
|
throw new Error('Point coordinates cannot be null');
|
|
544
500
|
}
|
|
545
|
-
|
|
546
|
-
|
|
501
|
+
let Px;
|
|
502
|
+
let Py;
|
|
503
|
+
if (this === this.curve.g) {
|
|
504
|
+
Px = GX_BIGINT;
|
|
505
|
+
Py = GY_BIGINT;
|
|
506
|
+
}
|
|
507
|
+
else {
|
|
508
|
+
Px = BigInt('0x' + this.x.fromRed().toString(16));
|
|
509
|
+
Py = BigInt('0x' + this.y.fromRed().toString(16));
|
|
510
|
+
}
|
|
547
511
|
const mod = (a, m) => ((a % m) + m) % m;
|
|
548
512
|
const modMul = (a, b, m) => mod(a * b, m);
|
|
549
|
-
const modSub = (a, b, m) => mod(a - b, m);
|
|
550
513
|
const modInv = (a, m) => {
|
|
551
514
|
let lm = one;
|
|
552
515
|
let hm = zero;
|
|
@@ -563,60 +526,11 @@ class Point extends BasePoint_js_1.default {
|
|
|
563
526
|
}
|
|
564
527
|
return mod(lm, m);
|
|
565
528
|
};
|
|
566
|
-
const pointDouble = (P) => {
|
|
567
|
-
const { X: X1, Y: Y1, Z: Z1 } = P;
|
|
568
|
-
if (Y1 === zero) {
|
|
569
|
-
return { X: zero, Y: one, Z: zero };
|
|
570
|
-
}
|
|
571
|
-
const Y1sq = modMul(Y1, Y1, p);
|
|
572
|
-
const S = modMul(four, modMul(X1, Y1sq, p), p);
|
|
573
|
-
const M = modMul(three, modMul(X1, X1, p), p);
|
|
574
|
-
const X3 = modSub(modMul(M, M, p), modMul(two, S, p), p);
|
|
575
|
-
const Y3 = modSub(modMul(M, modSub(S, X3, p), p), modMul(eight, modMul(Y1sq, Y1sq, p), p), p);
|
|
576
|
-
const Z3 = modMul(two, modMul(Y1, Z1, p), p);
|
|
577
|
-
return { X: X3, Y: Y3, Z: Z3 };
|
|
578
|
-
};
|
|
579
|
-
const pointAdd = (P, Q) => {
|
|
580
|
-
if (P.Z === zero)
|
|
581
|
-
return Q;
|
|
582
|
-
if (Q.Z === zero)
|
|
583
|
-
return P;
|
|
584
|
-
const Z1Z1 = modMul(P.Z, P.Z, p);
|
|
585
|
-
const Z2Z2 = modMul(Q.Z, Q.Z, p);
|
|
586
|
-
const U1 = modMul(P.X, Z2Z2, p);
|
|
587
|
-
const U2 = modMul(Q.X, Z1Z1, p);
|
|
588
|
-
const S1 = modMul(P.Y, modMul(Z2Z2, Q.Z, p), p);
|
|
589
|
-
const S2 = modMul(Q.Y, modMul(Z1Z1, P.Z, p), p);
|
|
590
|
-
const H = modSub(U2, U1, p);
|
|
591
|
-
const r = modSub(S2, S1, p);
|
|
592
|
-
if (H === zero) {
|
|
593
|
-
if (r === zero) {
|
|
594
|
-
return pointDouble(P);
|
|
595
|
-
}
|
|
596
|
-
else {
|
|
597
|
-
return { X: zero, Y: one, Z: zero };
|
|
598
|
-
}
|
|
599
|
-
}
|
|
600
|
-
const HH = modMul(H, H, p);
|
|
601
|
-
const HHH = modMul(H, HH, p);
|
|
602
|
-
const V = modMul(U1, HH, p);
|
|
603
|
-
const X3 = modSub(modSub(modMul(r, r, p), HHH, p), modMul(two, V, p), p);
|
|
604
|
-
const Y3 = modSub(modMul(r, modSub(V, X3, p), p), modMul(S1, HHH, p), p);
|
|
605
|
-
const Z3 = modMul(H, modMul(P.Z, Q.Z, p), p);
|
|
606
|
-
return { X: X3, Y: Y3, Z: Z3 };
|
|
607
|
-
};
|
|
608
529
|
const scalarMultiply = (kVal, P0) => {
|
|
609
|
-
|
|
610
|
-
|
|
611
|
-
|
|
612
|
-
|
|
613
|
-
if ((kk & one) === one) {
|
|
614
|
-
Q = pointAdd(Q, N);
|
|
615
|
-
}
|
|
616
|
-
N = pointDouble(N);
|
|
617
|
-
kk >>= one;
|
|
618
|
-
}
|
|
619
|
-
return Q;
|
|
530
|
+
// Delegate to the hoisted windowed-NAF implementation above. We
|
|
531
|
+
// keep the wrapper so that the rest of the mul() code remains
|
|
532
|
+
// untouched while providing a massive speed-up (≈4-6×).
|
|
533
|
+
return scalarMultiplyWNAF(kVal, P0);
|
|
620
534
|
};
|
|
621
535
|
const R = scalarMultiply(kBig, { x: Px, y: Py });
|
|
622
536
|
if (R.Z === zero) {
|
|
@@ -700,10 +614,9 @@ class Point extends BasePoint_js_1.default {
|
|
|
700
614
|
* const areEqual = p1.eq(p2); // returns true
|
|
701
615
|
*/
|
|
702
616
|
eq(p) {
|
|
703
|
-
var _a, _b, _c, _d;
|
|
704
617
|
return (this === p ||
|
|
705
618
|
(this.inf === p.inf &&
|
|
706
|
-
(this.inf || ((
|
|
619
|
+
(this.inf || ((this.x ?? new BigNumber_js_1.default(0)).cmp(p.x ?? new BigNumber_js_1.default(0)) === 0 && (this.y ?? new BigNumber_js_1.default(0)).cmp(p.y ?? new BigNumber_js_1.default(0)) === 0))));
|
|
707
620
|
}
|
|
708
621
|
/**
|
|
709
622
|
* Negate a point. The negation of a point P is the mirror of P about x-axis.
|
|
@@ -715,11 +628,10 @@ class Point extends BasePoint_js_1.default {
|
|
|
715
628
|
* const result = P.neg();
|
|
716
629
|
*/
|
|
717
630
|
neg(_precompute) {
|
|
718
|
-
var _a;
|
|
719
631
|
if (this.inf) {
|
|
720
632
|
return this;
|
|
721
633
|
}
|
|
722
|
-
const res = new Point(this.x, (
|
|
634
|
+
const res = new Point(this.x, (this.y ?? new BigNumber_js_1.default(0)).redNeg());
|
|
723
635
|
if (_precompute === true && this.precomputed != null) {
|
|
724
636
|
const pre = this.precomputed;
|
|
725
637
|
const negate = (p) => p.neg();
|
|
@@ -782,7 +694,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
782
694
|
return res;
|
|
783
695
|
}
|
|
784
696
|
_getBeta() {
|
|
785
|
-
var _a;
|
|
786
697
|
if (typeof this.curve.endo !== 'object') {
|
|
787
698
|
return;
|
|
788
699
|
}
|
|
@@ -793,7 +704,7 @@ class Point extends BasePoint_js_1.default {
|
|
|
793
704
|
pre.beta !== null) {
|
|
794
705
|
return pre.beta;
|
|
795
706
|
}
|
|
796
|
-
const beta = new Point((
|
|
707
|
+
const beta = new Point((this.x ?? new BigNumber_js_1.default(0)).redMul(this.curve.endo.beta), this.y);
|
|
797
708
|
if (pre != null) {
|
|
798
709
|
const curve = this.curve;
|
|
799
710
|
const endoMul = (p) => {
|
|
@@ -858,7 +769,6 @@ class Point extends BasePoint_js_1.default {
|
|
|
858
769
|
return a.toP();
|
|
859
770
|
}
|
|
860
771
|
_wnafMulAdd(defW, points, coeffs, len, jacobianResult) {
|
|
861
|
-
var _a, _b, _c, _d;
|
|
862
772
|
const wndWidth = this.curve._wnafT1.map(num => num.toNumber()); // Convert BigNumber to number
|
|
863
773
|
const wnd = this.curve._wnafT2.map(() => []); // Initialize as empty Point[][] array
|
|
864
774
|
const naf = this.curve._wnafT3.map(() => []); // Initialize as empty number[][] array
|
|
@@ -888,11 +798,11 @@ class Point extends BasePoint_js_1.default {
|
|
|
888
798
|
points[b] /* 7 */
|
|
889
799
|
];
|
|
890
800
|
// Try to avoid Projective points, if possible
|
|
891
|
-
if ((
|
|
801
|
+
if ((points[a].y ?? new BigNumber_js_1.default(0)).cmp(points[b].y ?? new BigNumber_js_1.default(0)) === 0) {
|
|
892
802
|
comb[1] = points[a].add(points[b]);
|
|
893
803
|
comb[2] = points[a].toJ().mixedAdd(points[b].neg());
|
|
894
804
|
}
|
|
895
|
-
else if ((
|
|
805
|
+
else if ((points[a].y ?? new BigNumber_js_1.default(0)).cmp((points[b].y ?? new BigNumber_js_1.default(0)).redNeg()) === 0) {
|
|
896
806
|
comb[1] = points[a].toJ().mixedAdd(points[b]);
|
|
897
807
|
comb[2] = points[a].add(points[b].neg());
|
|
898
808
|
}
|
|
@@ -976,14 +886,13 @@ class Point extends BasePoint_js_1.default {
|
|
|
976
886
|
}
|
|
977
887
|
_endoWnafMulAdd(points, coeffs, // Explicitly type coeffs
|
|
978
888
|
jacobianResult) {
|
|
979
|
-
var _a;
|
|
980
889
|
const npoints = new Array(points.length * 2);
|
|
981
890
|
const ncoeffs = new Array(points.length * 2);
|
|
982
891
|
let i;
|
|
983
892
|
for (i = 0; i < points.length; i++) {
|
|
984
893
|
const split = this.curve._endoSplit(coeffs[i]);
|
|
985
894
|
let p = points[i];
|
|
986
|
-
let beta =
|
|
895
|
+
let beta = p._getBeta() ?? new Point(new BigNumber_js_1.default(0), new BigNumber_js_1.default(0));
|
|
987
896
|
if (split.k1.negative !== 0) {
|
|
988
897
|
split.k1.ineg();
|
|
989
898
|
p = p.neg(true);
|
|
@@ -1025,14 +934,14 @@ class Point extends BasePoint_js_1.default {
|
|
|
1025
934
|
const doubles = [this];
|
|
1026
935
|
/* eslint-disable @typescript-eslint/no-this-alias */
|
|
1027
936
|
let acc = this;
|
|
1028
|
-
for (let i = 0; i < (power
|
|
1029
|
-
for (let j = 0; j < (step
|
|
937
|
+
for (let i = 0; i < (power ?? 0); i += (step ?? 1)) {
|
|
938
|
+
for (let j = 0; j < (step ?? 1); j++) {
|
|
1030
939
|
acc = acc.dbl();
|
|
1031
940
|
}
|
|
1032
941
|
doubles.push(acc);
|
|
1033
942
|
}
|
|
1034
943
|
return {
|
|
1035
|
-
step: step
|
|
944
|
+
step: step ?? 1,
|
|
1036
945
|
points: doubles
|
|
1037
946
|
};
|
|
1038
947
|
}
|
|
@@ -1062,4 +971,131 @@ Point.a = new BigNumber_js_1.default(0).toRed(Point.red);
|
|
|
1062
971
|
Point.b = new BigNumber_js_1.default(7).toRed(Point.red);
|
|
1063
972
|
Point.zero = new BigNumber_js_1.default(0).toRed(Point.red);
|
|
1064
973
|
exports.default = Point;
|
|
974
|
+
// -----------------------------------------------------------------------------
|
|
975
|
+
// BigInt helpers & constants (secp256k1) – hoisted so we don't recreate them on
|
|
976
|
+
// every Point.mul() call.
|
|
977
|
+
// -----------------------------------------------------------------------------
|
|
978
|
+
const BI_ZERO = 0n;
|
|
979
|
+
const BI_ONE = 1n;
|
|
980
|
+
const BI_TWO = 2n;
|
|
981
|
+
const BI_THREE = 3n;
|
|
982
|
+
const BI_FOUR = 4n;
|
|
983
|
+
const BI_EIGHT = 8n;
|
|
984
|
+
const P_BIGINT = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2fn;
|
|
985
|
+
const MASK_256 = (1n << 256n) - 1n; // 0xffff…ffff (256 sones)
|
|
986
|
+
function red(x) {
|
|
987
|
+
// first fold
|
|
988
|
+
let hi = x >> 256n;
|
|
989
|
+
x = (x & MASK_256) + (hi << 32n) + hi * 977n;
|
|
990
|
+
// second fold (hi ≤ 2³² + 977 here, so one more pass is enough)
|
|
991
|
+
hi = x >> 256n;
|
|
992
|
+
x = (x & MASK_256) + (hi << 32n) + hi * 977n;
|
|
993
|
+
// final conditional subtraction
|
|
994
|
+
if (x >= P_BIGINT)
|
|
995
|
+
x -= P_BIGINT;
|
|
996
|
+
return x;
|
|
997
|
+
}
|
|
998
|
+
const biModSub = (a, b) => (a >= b ? a - b : P_BIGINT - (b - a));
|
|
999
|
+
const biModMul = (a, b) => red(a * b);
|
|
1000
|
+
// Generator point coordinates as bigint constants
|
|
1001
|
+
const GX_BIGINT = BigInt('0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798');
|
|
1002
|
+
const GY_BIGINT = BigInt('0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8');
|
|
1003
|
+
// Cache for precomputed windowed tables keyed by 'window:x:y'
|
|
1004
|
+
const WNAF_TABLE_CACHE = new Map();
|
|
1005
|
+
const jpDouble = (P) => {
|
|
1006
|
+
const { X: X1, Y: Y1, Z: Z1 } = P;
|
|
1007
|
+
if (Y1 === BI_ZERO)
|
|
1008
|
+
return { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO };
|
|
1009
|
+
const Y1sq = biModMul(Y1, Y1);
|
|
1010
|
+
const S = biModMul(BI_FOUR, biModMul(X1, Y1sq));
|
|
1011
|
+
const M = biModMul(BI_THREE, biModMul(X1, X1));
|
|
1012
|
+
const X3 = biModSub(biModMul(M, M), biModMul(BI_TWO, S));
|
|
1013
|
+
const Y3 = biModSub(biModMul(M, biModSub(S, X3)), biModMul(BI_EIGHT, biModMul(Y1sq, Y1sq)));
|
|
1014
|
+
const Z3 = biModMul(BI_TWO, biModMul(Y1, Z1));
|
|
1015
|
+
return { X: X3, Y: Y3, Z: Z3 };
|
|
1016
|
+
};
|
|
1017
|
+
const jpAdd = (P, Q) => {
|
|
1018
|
+
if (P.Z === BI_ZERO)
|
|
1019
|
+
return Q;
|
|
1020
|
+
if (Q.Z === BI_ZERO)
|
|
1021
|
+
return P;
|
|
1022
|
+
const Z1Z1 = biModMul(P.Z, P.Z);
|
|
1023
|
+
const Z2Z2 = biModMul(Q.Z, Q.Z);
|
|
1024
|
+
const U1 = biModMul(P.X, Z2Z2);
|
|
1025
|
+
const U2 = biModMul(Q.X, Z1Z1);
|
|
1026
|
+
const S1 = biModMul(P.Y, biModMul(Z2Z2, Q.Z));
|
|
1027
|
+
const S2 = biModMul(Q.Y, biModMul(Z1Z1, P.Z));
|
|
1028
|
+
const H = biModSub(U2, U1);
|
|
1029
|
+
const r = biModSub(S2, S1);
|
|
1030
|
+
if (H === BI_ZERO) {
|
|
1031
|
+
if (r === BI_ZERO)
|
|
1032
|
+
return jpDouble(P);
|
|
1033
|
+
return { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO }; // Infinity
|
|
1034
|
+
}
|
|
1035
|
+
const HH = biModMul(H, H);
|
|
1036
|
+
const HHH = biModMul(H, HH);
|
|
1037
|
+
const V = biModMul(U1, HH);
|
|
1038
|
+
const X3 = biModSub(biModSub(biModMul(r, r), HHH), biModMul(BI_TWO, V));
|
|
1039
|
+
const Y3 = biModSub(biModMul(r, biModSub(V, X3)), biModMul(S1, HHH));
|
|
1040
|
+
const Z3 = biModMul(H, biModMul(P.Z, Q.Z));
|
|
1041
|
+
return { X: X3, Y: Y3, Z: Z3 };
|
|
1042
|
+
};
|
|
1043
|
+
const jpNeg = (P) => {
|
|
1044
|
+
if (P.Z === BI_ZERO)
|
|
1045
|
+
return P;
|
|
1046
|
+
return { X: P.X, Y: P_BIGINT - P.Y, Z: P.Z };
|
|
1047
|
+
};
|
|
1048
|
+
// Fast windowed-NAF scalar multiplication (default window = 5) in Jacobian
|
|
1049
|
+
// coordinates. Returns Q = k * P0 as a JacobianPoint.
|
|
1050
|
+
const scalarMultiplyWNAF = (k, P0, window = 5) => {
|
|
1051
|
+
const key = `${window}:${P0.x.toString(16)}:${P0.y.toString(16)}`;
|
|
1052
|
+
let tbl = WNAF_TABLE_CACHE.get(key);
|
|
1053
|
+
let P;
|
|
1054
|
+
if (tbl === undefined) {
|
|
1055
|
+
// Convert affine to Jacobian and pre-compute odd multiples
|
|
1056
|
+
const tblSize = 1 << (window - 1); // e.g. w=5 → 16 entries
|
|
1057
|
+
tbl = new Array(tblSize);
|
|
1058
|
+
P = { X: P0.x, Y: P0.y, Z: BI_ONE };
|
|
1059
|
+
tbl[0] = P;
|
|
1060
|
+
const twoP = jpDouble(P);
|
|
1061
|
+
for (let i = 1; i < tblSize; i++) {
|
|
1062
|
+
tbl[i] = jpAdd(tbl[i - 1], twoP);
|
|
1063
|
+
}
|
|
1064
|
+
WNAF_TABLE_CACHE.set(key, tbl);
|
|
1065
|
+
}
|
|
1066
|
+
else {
|
|
1067
|
+
P = tbl[0];
|
|
1068
|
+
}
|
|
1069
|
+
// Build wNAF representation of k
|
|
1070
|
+
const wnaf = [];
|
|
1071
|
+
const wBig = 1n << BigInt(window);
|
|
1072
|
+
const wHalf = wBig >> 1n;
|
|
1073
|
+
let kTmp = k;
|
|
1074
|
+
while (kTmp > 0n) {
|
|
1075
|
+
if ((kTmp & BI_ONE) === BI_ZERO) {
|
|
1076
|
+
wnaf.push(0);
|
|
1077
|
+
kTmp >>= BI_ONE;
|
|
1078
|
+
}
|
|
1079
|
+
else {
|
|
1080
|
+
let z = kTmp & (wBig - 1n); // kTmp mod 2^w
|
|
1081
|
+
if (z > wHalf)
|
|
1082
|
+
z -= wBig; // make it odd & within (-2^{w-1}, 2^{w-1})
|
|
1083
|
+
wnaf.push(Number(z));
|
|
1084
|
+
kTmp -= z;
|
|
1085
|
+
kTmp >>= BI_ONE;
|
|
1086
|
+
}
|
|
1087
|
+
}
|
|
1088
|
+
// Accumulate from MSB to LSB
|
|
1089
|
+
let Q = { X: BI_ZERO, Y: BI_ONE, Z: BI_ZERO }; // infinity
|
|
1090
|
+
for (let i = wnaf.length - 1; i >= 0; i--) {
|
|
1091
|
+
Q = jpDouble(Q);
|
|
1092
|
+
const di = wnaf[i];
|
|
1093
|
+
if (di !== 0) {
|
|
1094
|
+
const idx = Math.abs(di) >> 1; // (|di|-1)/2 because di is odd
|
|
1095
|
+
const addend = di > 0 ? tbl[idx] : jpNeg(tbl[idx]);
|
|
1096
|
+
Q = jpAdd(Q, addend);
|
|
1097
|
+
}
|
|
1098
|
+
}
|
|
1099
|
+
return Q;
|
|
1100
|
+
};
|
|
1065
1101
|
//# sourceMappingURL=Point.js.map
|