@layerzerolabs/lz-v2-stellar-sdk 0.2.50 → 0.2.52

package/test/secp256k1.ts

@@ -0,0 +1,59 @@
+import { keccak_256 } from '@noble/hashes/sha3';
+import * as secp from '@noble/secp256k1';
+
+/**
+ * A secp256k1 key pair with private key and derived Ethereum-style address.
+ * Used for DVN multisig signing.
+ */
+export class Secp256k1KeyPair {
+    private privateKey: Uint8Array;
+    public readonly ethAddress: Buffer;
+
+    constructor(privateKey: Uint8Array | Buffer | string) {
+        if (typeof privateKey === 'string') {
+            // Remove 0x prefix if present
+            const hex = privateKey.startsWith('0x') ? privateKey.slice(2) : privateKey;
+            this.privateKey = Buffer.from(hex, 'hex');
+        } else {
+            this.privateKey = new Uint8Array(privateKey);
+        }
+        this.ethAddress = this.deriveEthAddress();
+    }
+
+    /**
+     * Generate a random key pair.
+     */
+    static generate(): Secp256k1KeyPair {
+        const privateKey = secp.utils.randomPrivateKey();
+        return new Secp256k1KeyPair(privateKey);
+    }
+
+    /**
+     * Derive Ethereum-style address from the public key.
+     * Address = last 20 bytes of keccak256(uncompressed_pubkey[1:65])
+     */
+    private deriveEthAddress(): Buffer {
+        const publicKey = secp.getPublicKey(this.privateKey, false); // uncompressed
+        const pubkeyWithoutPrefix = publicKey.slice(1); // remove 0x04 prefix
+        const hash = keccak_256(pubkeyWithoutPrefix);
+        return Buffer.from(hash.slice(12)); // last 20 bytes
+    }
+
+    /**
+     * Sign a 32-byte digest and return a 65-byte signature (r || s || v).
+     */
+    async sign(digest: Uint8Array): Promise<Buffer> {
+        const [signature, recoveryId] = await secp.sign(digest, this.privateKey, {
+            canonical: true,
+            recovered: true,
+            der: false,
+        });
+
+        const v = 27 + recoveryId;
+        const result = Buffer.alloc(65);
+        result.set(signature, 0); // r (32 bytes) + s (32 bytes)
+        result[64] = v;
+
+        return result;
+    }
+}

package/test/suites/constants.ts

@@ -1,6 +1,6 @@
 import { Asset, Keypair, Networks } from '@stellar/stellar-sdk';
 
-import { Secp256k1KeyPair } from '../utils';
+import { Secp256k1KeyPair } from '../secp256k1';
 
 const CORE_URL = 'http://localhost:8086';
 export const FRIENDBOT_URL = `${CORE_URL}/friendbot`;
@@ -17,6 +17,10 @@ export const ZRO_DISTRIBUTOR = Keypair.fromSecret(
 export const EXECUTOR_ADMIN = Keypair.fromSecret(
     'SACWJCNRT2AYRPBWW7IBRNI765EMZSWPXXAAHYN57UFQNOXMGET7HM5K',
 );
+// Separate deployer for Chain B to enable parallel contract deployment in globalSetup
+export const CHAIN_B_DEPLOYER = Keypair.fromSecret(
+    'SDLIZSTG7W4C3FZYY52WIKF7FTWAXCWC5Z4OVVF3TDA3MBOR37LMIANJ',
+);
 
 // DVN secp256k1 signer for multisig (deterministic key for testing)
 // Private key is keccak256("dvn_test_signer") truncated to 32 bytes

package/test/suites/deploy.ts

@@ -149,6 +149,7 @@ export async function deployContract<T extends { options: { contractId: string }
     deployer: Keypair,
     options: {
         salt?: Buffer;
+        wasmHash?: string;
         rpcUrl?: string;
         networkPassphrase?: string;
         allowHttp?: boolean;
@@ -165,14 +166,19 @@ export async function deployContract<T extends { options: { contractId: string }
         allowHttp: allowHttp,
     });
 
-    // Step 1: Read WASM file
-    console.log('📖 Reading WASM file from:', wasmFilePath);
-    const wasmBuffer = readFileSync(wasmFilePath);
-
-    // Step 2: Upload WASM and get hash
-    console.log('📤 Uploading WASM...');
-    const wasmHash = await uploadWasm(wasmBuffer, deployer, server);
-    console.log('✅ WASM uploaded, hash:', wasmHash);
+    let wasmHash = options.wasmHash;
+    if (wasmHash) {
+        console.log('📦 Using pre-uploaded WASM hash:', wasmHash);
+    } else {
+        // Step 1: Read WASM file
+        console.log('📖 Reading WASM file from:', wasmFilePath);
+        const wasmBuffer = readFileSync(wasmFilePath);
+
+        // Step 2: Upload WASM and get hash
+        console.log('📤 Uploading WASM...');
+        wasmHash = await uploadWasm(wasmBuffer, deployer, server);
+        console.log('✅ WASM uploaded, hash:', wasmHash);
+    }
 
     // Step 3: Deploy the contract
     console.log('🚀 Deploying contract...');

package/test/suites/globalSetup.ts

@@ -1,3 +1,5 @@
+import { Keypair, rpc } from '@stellar/stellar-sdk';
+import { readFileSync } from 'fs';
 import path from 'path';
 import type { GlobalSetupContext } from 'vitest/node';
 
@@ -13,7 +15,9 @@ import { Client as PriceFeedClient } from '../../src/generated/price_feed';
 import { Client as SMLClient } from '../../src/generated/sml';
 import { Client as TreasuryClient } from '../../src/generated/treasury';
 import { Client as Uln302Client } from '../../src/generated/uln302';
+import { createClient } from '../utils';
 import {
+    CHAIN_B_DEPLOYER,
     DEFAULT_DEPLOYER,
     DVN_SIGNER,
     DVN_VID,
@@ -21,9 +25,10 @@ import {
     EID_B,
     EXECUTOR_ADMIN,
     NATIVE_TOKEN_ADDRESS,
+    RPC_URL,
     ZRO_TOKEN_ADDRESS,
 } from './constants';
-import { deployContract } from './deploy';
+import { deployContract, uploadWasm } from './deploy';
 import { startStellarLocalnet, stopStellarLocalnet } from './localnet';
 
 /**
@@ -75,21 +80,59 @@ declare module 'vitest' {
     }
 }
 
+interface WasmHashes {
+    endpoint: string;
+    treasury: string;
+    uln302: string;
+    sml: string;
+    priceFeed: string;
+    executorFeeLib: string;
+    dvnFeeLib: string;
+    dvn: string;
+    executorHelper: string;
+    executor: string;
+}
+
 /**
- * Deploy all protocol contracts for a single chain
+ * Upload all protocol WASM files once and return their hashes.
  */
-async function deployChainContracts(eid: number, chainLabel: string): Promise<ChainSetup> {
-    const repoRoot = await getFullyQualifiedRepoRootPath();
-    const wasmDir = path.join(
-        repoRoot,
-        'contracts',
-        'protocol',
-        'stellar',
-        'target',
-        'wasm32v1-none',
-        'release',
-    );
+async function uploadAllWasms(wasmDir: string): Promise<WasmHashes> {
+    const server = new rpc.Server(RPC_URL, { allowHttp: true });
+
+    const wasmFiles = {
+        endpoint: 'endpoint_v2.wasm',
+        treasury: 'treasury.wasm',
+        uln302: 'uln302.wasm',
+        sml: 'simple_message_lib.wasm',
+        priceFeed: 'price_feed.wasm',
+        executorFeeLib: 'executor_fee_lib.wasm',
+        dvnFeeLib: 'dvn_fee_lib.wasm',
+        dvn: 'dvn.wasm',
+        executorHelper: 'executor_helper.wasm',
+        executor: 'executor.wasm',
+    };
 
+    const hashes: Record<string, string> = {};
+    for (const [name, file] of Object.entries(wasmFiles)) {
+        const wasmBuffer = readFileSync(path.join(wasmDir, file));
+        console.log(`📤 Uploading ${name} WASM (${(wasmBuffer.length / 1024).toFixed(1)} KB)...`);
+        hashes[name] = await uploadWasm(wasmBuffer, DEFAULT_DEPLOYER, server);
+    }
+
+    return hashes as unknown as WasmHashes;
+}
+
+/**
+ * Deploy all protocol contracts for a single chain using pre-uploaded WASM hashes.
+ * The deployer pays gas; contract ownership is always DEFAULT_DEPLOYER.
+ */
+async function deployChainContracts(
+    eid: number,
+    chainLabel: string,
+    deployer: Keypair,
+    wasmDir: string,
+    wasmHashes: WasmHashes,
+): Promise<ChainAddresses> {
     const addresses: ChainAddresses = {
         eid,
         endpointV2: '',
@@ -106,7 +149,7 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
 
     // 1. Deploy Endpoint
     console.log(`🚀 [${chainLabel}] Deploying Endpoint (EID: ${eid})...`);
-    const endpointClient = await deployContract<EndpointClient>(
+    const deployedEndpoint = await deployContract<EndpointClient>(
         EndpointClient,
         path.join(wasmDir, 'endpoint_v2.wasm'),
         {
@@ -114,25 +157,27 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
             owner: DEFAULT_DEPLOYER.publicKey(),
             native_token: NATIVE_TOKEN_ADDRESS,
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.endpoint },
     );
-    addresses.endpointV2 = endpointClient.options.contractId;
+    addresses.endpointV2 = deployedEndpoint.options.contractId;
     console.log(`✅ [${chainLabel}] Endpoint deployed:`, addresses.endpointV2);
 
     // 2. Deploy Treasury
     console.log(`🚀 [${chainLabel}] Deploying Treasury...`);
-    const treasuryClient = await deployContract<TreasuryClient>(
+    const deployedTreasury = await deployContract<TreasuryClient>(
         TreasuryClient,
         path.join(wasmDir, 'treasury.wasm'),
         { owner: DEFAULT_DEPLOYER.publicKey() },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.treasury },
     );
-    addresses.treasury = treasuryClient.options.contractId;
+    addresses.treasury = deployedTreasury.options.contractId;
     console.log(`✅ [${chainLabel}] Treasury deployed:`, addresses.treasury);
 
     // 3. Deploy ULN302
     console.log(`🚀 [${chainLabel}] Deploying ULN302...`);
-    const uln302Client = await deployContract<Uln302Client>(
+    const deployedUln302 = await deployContract<Uln302Client>(
         Uln302Client,
         path.join(wasmDir, 'uln302.wasm'),
         {
@@ -140,14 +185,15 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
             endpoint: addresses.endpointV2,
             treasury: addresses.treasury,
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.uln302 },
     );
-    addresses.uln302 = uln302Client.options.contractId;
+    addresses.uln302 = deployedUln302.options.contractId;
     console.log(`✅ [${chainLabel}] ULN302 deployed:`, addresses.uln302);
 
     // 4. Deploy SML (SimpleMessageLib)
     console.log(`🚀 [${chainLabel}] Deploying SimpleMessageLib...`);
-    const smlClient = await deployContract<SMLClient>(
+    const deployedSml = await deployContract<SMLClient>(
         SMLClient,
         path.join(wasmDir, 'simple_message_lib.wasm'),
         {
@@ -155,50 +201,54 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
             endpoint: addresses.endpointV2,
             fee_recipient: DEFAULT_DEPLOYER.publicKey(),
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.sml },
     );
-    addresses.sml = smlClient.options.contractId;
+    addresses.sml = deployedSml.options.contractId;
     console.log(`✅ [${chainLabel}] SimpleMessageLib deployed:`, addresses.sml);
 
     // 5. Deploy Price Feed
     console.log(`🚀 [${chainLabel}] Deploying Price Feed...`);
-    const priceFeedClient = await deployContract<PriceFeedClient>(
+    const deployedPriceFeed = await deployContract<PriceFeedClient>(
         PriceFeedClient,
         path.join(wasmDir, 'price_feed.wasm'),
         {
             owner: DEFAULT_DEPLOYER.publicKey(),
             price_updater: DEFAULT_DEPLOYER.publicKey(),
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.priceFeed },
     );
-    addresses.priceFeed = priceFeedClient.options.contractId;
+    addresses.priceFeed = deployedPriceFeed.options.contractId;
     console.log(`✅ [${chainLabel}] Price Feed deployed:`, addresses.priceFeed);
 
     // 6. Deploy Executor Fee Lib
     console.log(`🚀 [${chainLabel}] Deploying Executor Fee Lib...`);
-    const executorFeeLibClient = await deployContract<ExecutorFeeLibClient>(
+    const deployedExecutorFeeLib = await deployContract<ExecutorFeeLibClient>(
         ExecutorFeeLibClient,
         path.join(wasmDir, 'executor_fee_lib.wasm'),
         { owner: DEFAULT_DEPLOYER.publicKey() },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.executorFeeLib },
     );
-    addresses.executorFeeLib = executorFeeLibClient.options.contractId;
+    addresses.executorFeeLib = deployedExecutorFeeLib.options.contractId;
     console.log(`✅ [${chainLabel}] Executor Fee Lib deployed:`, addresses.executorFeeLib);
 
     // 7. Deploy DVN Fee Lib
     console.log(`🚀 [${chainLabel}] Deploying DVN Fee Lib...`);
-    const dvnFeeLibClient = await deployContract<DvnFeeLibClient>(
+    const deployedDvnFeeLib = await deployContract<DvnFeeLibClient>(
         DvnFeeLibClient,
         path.join(wasmDir, 'dvn_fee_lib.wasm'),
         { owner: DEFAULT_DEPLOYER.publicKey() },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.dvnFeeLib },
     );
-    addresses.dvnFeeLib = dvnFeeLibClient.options.contractId;
+    addresses.dvnFeeLib = deployedDvnFeeLib.options.contractId;
     console.log(`✅ [${chainLabel}] DVN Fee Lib deployed:`, addresses.dvnFeeLib);
 
     // 8. Deploy DVN (same signer for both chains)
     console.log(`🚀 [${chainLabel}] Deploying DVN...`);
-    const dvnClient = await deployContract<DvnClient>(
+    const deployedDvn = await deployContract<DvnClient>(
         DvnClient,
         path.join(wasmDir, 'dvn.wasm'),
         {
@@ -212,25 +262,27 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
             worker_fee_lib: addresses.dvnFeeLib,
             deposit_address: DEFAULT_DEPLOYER.publicKey(),
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.dvn },
     );
-    addresses.dvn = dvnClient.options.contractId;
+    addresses.dvn = deployedDvn.options.contractId;
     console.log(`✅ [${chainLabel}] DVN deployed:`, addresses.dvn);
 
     // 9. Deploy Executor Helper
     console.log(`🚀 [${chainLabel}] Deploying Executor Helper...`);
-    const executorHelperClient = await deployContract<ExecutorHelperClient>(
+    const deployedExecutorHelper = await deployContract<ExecutorHelperClient>(
         ExecutorHelperClient,
         path.join(wasmDir, 'executor_helper.wasm'),
         undefined,
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.executorHelper },
     );
-    addresses.executorHelper = executorHelperClient.options.contractId;
+    addresses.executorHelper = deployedExecutorHelper.options.contractId;
     console.log(`✅ [${chainLabel}] Executor Helper deployed:`, addresses.executorHelper);
 
     // 10. Deploy Executor (supports both ULN302 and SML)
     console.log(`🚀 [${chainLabel}] Deploying Executor...`);
-    const executorClient = await deployContract<ExecutorClient>(
+    const deployedExecutor = await deployContract<ExecutorClient>(
         ExecutorClient,
         path.join(wasmDir, 'executor.wasm'),
         {
@@ -243,13 +295,26 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
             worker_fee_lib: addresses.executorFeeLib,
             deposit_address: DEFAULT_DEPLOYER.publicKey(),
         },
-        DEFAULT_DEPLOYER,
+        deployer,
+        { wasmHash: wasmHashes.executor },
     );
-    addresses.executor = executorClient.options.contractId;
+    addresses.executor = deployedExecutor.options.contractId;
     console.log(`✅ [${chainLabel}] Executor deployed:`, addresses.executor);
 
-    // 11. Register Executor Helper with Executor
+    return addresses;
+}
+
+/**
+ * Register executor helper and create owner-signed clients for a chain.
+ * Must be called sequentially (uses DEFAULT_DEPLOYER for signing).
+ */
+async function initChainClients(
+    addresses: ChainAddresses,
+    chainLabel: string,
+): Promise<ChainSetup> {
+    // Register Executor Helper with Executor (needs owner-signed client)
     console.log(`🚀 [${chainLabel}] Registering Executor Helper with Executor...`);
+    const executorClient = createClient(ExecutorClient, addresses.executor);
     await (
         await executorClient.set_executor_helper({
             admin: DEFAULT_DEPLOYER.publicKey(),
@@ -260,16 +325,16 @@ async function deployChainContracts(eid: number, chainLabel: string): Promise<Ch
     console.log(`✅ [${chainLabel}] Executor Helper registered`);
 
     const clients: ChainClients = {
-        endpointClient,
-        uln302Client,
-        smlClient,
-        treasuryClient,
+        endpointClient: createClient(EndpointClient, addresses.endpointV2),
+        uln302Client: createClient(Uln302Client, addresses.uln302),
+        smlClient: createClient(SMLClient, addresses.sml),
+        treasuryClient: createClient(TreasuryClient, addresses.treasury),
         executorClient,
-        executorHelperClient,
-        executorFeeLibClient,
-        priceFeedClient,
-        dvnFeeLibClient,
-        dvnClient,
+        executorHelperClient: createClient(ExecutorHelperClient, addresses.executorHelper),
+        executorFeeLibClient: createClient(ExecutorFeeLibClient, addresses.executorFeeLib),
+        priceFeedClient: createClient(PriceFeedClient, addresses.priceFeed),
+        dvnFeeLibClient: createClient(DvnFeeLibClient, addresses.dvnFeeLib),
+        dvnClient: createClient(DvnClient, addresses.dvn),
     };
 
     return { addresses, clients };
@@ -477,17 +542,36 @@ export default async function globalSetup({
 
     await startStellarLocalnet();
 
+    const repoRoot = await getFullyQualifiedRepoRootPath();
+    const wasmDir = path.join(
+        repoRoot,
+        'contracts',
+        'protocol',
+        'stellar',
+        'target',
+        'wasm32v1-none',
+        'release',
+    );
+
+    console.log('\n========================================');
+    console.log('📤 GLOBAL SETUP: Uploading WASM (once)');
+    console.log('========================================\n');
+
+    const wasmHashes = await uploadAllWasms(wasmDir);
+
     console.log('\n========================================');
-    console.log('📦 GLOBAL SETUP: Deploying Protocol Contracts (Two Chains)');
+    console.log('📦 GLOBAL SETUP: Deploying Protocol Contracts (Two Chains in Parallel)');
     console.log('========================================\n');
 
-    // Deploy Chain A
-    console.log('\n--- CHAIN A (EID: ' + EID_A + ') ---');
-    const chainA = await deployChainContracts(EID_A, 'Chain A');
+    // Deploy both chains in parallel (each uses its own deployer key)
+    const [addressesA, addressesB] = await Promise.all([
+        deployChainContracts(EID_A, 'Chain A', DEFAULT_DEPLOYER, wasmDir, wasmHashes),
+        deployChainContracts(EID_B, 'Chain B', CHAIN_B_DEPLOYER, wasmDir, wasmHashes),
+    ]);
 
-    // Deploy Chain B
-    console.log('\n--- CHAIN B (EID: ' + EID_B + ') ---');
-    const chainB = await deployChainContracts(EID_B, 'Chain B');
+    // Register executor helpers and create clients sequentially (uses DEFAULT_DEPLOYER)
+    const chainA = await initChainClients(addressesA, 'Chain A');
+    const chainB = await initChainClients(addressesB, 'Chain B');
 
     console.log('\n========================================');
     console.log('🔗 GLOBAL SETUP: Wiring Protocol Contracts (Cross-Chain)');

package/test/suites/localnet.ts

@@ -2,6 +2,7 @@ import axios from 'axios';
 import { $, sleep } from 'zx';
 
 import {
+    CHAIN_B_DEPLOYER,
     DEFAULT_DEPLOYER,
     EXECUTOR_ADMIN,
     FRIENDBOT_URL,
@@ -74,33 +75,27 @@ async function waitForRpcHealth(startTime: number): Promise<void> {
 }
 
 async function waitForFriendbotAndFundAccounts(startTime: number): Promise<void> {
-    const accountsToFund = [
-        { keypair: DEFAULT_DEPLOYER, name: 'DEFAULT_DEPLOYER' },
-        { keypair: ZRO_DISTRIBUTOR, name: 'ZRO_DISTRIBUTOR' },
-        { keypair: EXECUTOR_ADMIN, name: 'EXECUTOR_ADMIN' },
-    ];
-
-    for (const { keypair, name } of accountsToFund) {
-        let funded = false;
-        while (Date.now() - startTime < STARTUP_TIMEOUT_MS) {
-            try {
-                await fundAccount(keypair.publicKey());
-                console.log(`✅ Account ${name} (${keypair.publicKey()}) funded`);
-                funded = true;
-                break;
-            } catch (_error) {
-                const elapsed = Math.round((Date.now() - startTime) / 1000);
-                console.log(`⏳ [${elapsed}s] Waiting for friendbot to fund ${name}...`);
-                await sleep(RETRY_INTERVAL_MS);
-            }
-        }
-        if (!funded) {
-            throw new Error(
-                `Failed to fund account ${name} within ${STARTUP_TIMEOUT_MS / 1000} seconds`,
-            );
+    while (Date.now() - startTime < STARTUP_TIMEOUT_MS) {
+        try {
+            // Fund DEFAULT_DEPLOYER first (doubles as friendbot readiness check)
+            await fundAccount(DEFAULT_DEPLOYER.publicKey());
+            console.log('✅ Friendbot ready, DEFAULT_DEPLOYER funded');
+
+            // Fund remaining accounts in parallel
+            await Promise.all([
+                fundAccount(ZRO_DISTRIBUTOR.publicKey()),
+                fundAccount(EXECUTOR_ADMIN.publicKey()),
+                fundAccount(CHAIN_B_DEPLOYER.publicKey()),
+            ]);
+            console.log('✅ All accounts funded');
+            return;
+        } catch {
+            const elapsed = Math.round((Date.now() - startTime) / 1000);
+            console.log(`⏳ [${elapsed}s] Waiting for friendbot...`);
+            await sleep(RETRY_INTERVAL_MS);
         }
     }
-    console.log('✅ Stellar localnet started');
+    throw new Error(`Friendbot not ready within ${STARTUP_TIMEOUT_MS / 1000} seconds`);
 }
 
 export async function fundAccount(publicKey: string): Promise<void> {

package/test/utils.ts

@@ -1,5 +1,4 @@
 import { keccak_256 } from '@noble/hashes/sha3';
-import * as secp from '@noble/secp256k1';
 import {
     Account,
     Address,
@@ -153,66 +152,7 @@ export async function getTokenAuthorized(
     return false;
 }
 
-// ============================================================================
-// Secp256k1 Key Pair for DVN Multisig
-// ============================================================================
-
-/**
- * A secp256k1 key pair with private key and derived Ethereum-style address.
- * Used for DVN multisig signing.
- */
-export class Secp256k1KeyPair {
-    private privateKey: Uint8Array;
-    public readonly ethAddress: Buffer;
-
-    constructor(privateKey: Uint8Array | Buffer | string) {
-        if (typeof privateKey === 'string') {
-            // Remove 0x prefix if present
-            const hex = privateKey.startsWith('0x') ? privateKey.slice(2) : privateKey;
-            this.privateKey = Buffer.from(hex, 'hex');
-        } else {
-            this.privateKey = new Uint8Array(privateKey);
-        }
-        this.ethAddress = this.deriveEthAddress();
-    }
-
-    /**
-     * Generate a random key pair.
-     */
-    static generate(): Secp256k1KeyPair {
-        const privateKey = secp.utils.randomPrivateKey();
-        return new Secp256k1KeyPair(privateKey);
-    }
-
-    /**
-     * Derive Ethereum-style address from the public key.
-     * Address = last 20 bytes of keccak256(uncompressed_pubkey[1:65])
-     */
-    private deriveEthAddress(): Buffer {
-        const publicKey = secp.getPublicKey(this.privateKey, false); // uncompressed
-        const pubkeyWithoutPrefix = publicKey.slice(1); // remove 0x04 prefix
-        const hash = keccak_256(pubkeyWithoutPrefix);
-        return Buffer.from(hash.slice(12)); // last 20 bytes
-    }
-
-    /**
-     * Sign a 32-byte digest and return a 65-byte signature (r || s || v).
-     */
-    async sign(digest: Uint8Array): Promise<Buffer> {
-        const [signature, recoveryId] = await secp.sign(digest, this.privateKey, {
-            canonical: true,
-            recovered: true,
-            der: false,
-        });
-
-        const v = 27 + recoveryId;
-        const result = Buffer.alloc(65);
-        result.set(signature, 0); // r (32 bytes) + s (32 bytes)
-        result[64] = v;
-
-        return result;
-    }
-}
+import { Secp256k1KeyPair } from './secp256k1';
 
 // ============================================================================
 // DVN Abstract Account Auth Signing