Update to latest noble crypto libraries (#3975).

Author: ricmoo

package.json

@@ -9,9 +9,9 @@
     "./lib.esm/wordlists/wordlists.js": "./lib.esm/wordlists/wordlists-browser.js"
   },
   "dependencies": {
-    "@adraffy/ens-normalize": "1.9.2",
-    "@noble/hashes": "1.1.2",
-    "@noble/secp256k1": "1.7.1",
+    "@adraffy/ens-normalize": "1.9.4",
+    "@noble/curves": "1.2.0",
+    "@noble/hashes": "1.3.2",
     "@types/node": "18.15.13",
     "aes-js": "4.0.0-beta.5",
     "tslib": "2.4.0",
@@ -93,7 +93,7 @@
       "url": "https://www.buymeacoffee.com/ricmoo"
     }
   ],
-  "gitHead": "7d4173049edc3b4ff2de1971c3ecca3b08588651",
+  "gitHead": "9541f2f70cd7f5c6f3caf93f5a3d5e34eae5281a",
   "homepage": "https://ethers.org",
   "keywords": [
     "ethereum",
@@ -131,5 +131,5 @@
     "test-esm": "mocha --reporter ./reporter.cjs ./lib.esm/_tests/test-*.js"
   },
   "sideEffects": false,
-  "version": "6.7.1"
+  "version": "6.8.0"
 }

src.ts/crypto/signing-key.ts

@@ -4,28 +4,20 @@
  *  @_subsection: api/crypto:Signing  [about-signing]
  */
 
-import * as secp256k1 from "@noble/secp256k1";
+import { secp256k1 } from "@noble/curves/secp256k1";
 
 import {
     concat, dataLength, getBytes, getBytesCopy, hexlify, toBeHex,
     assertArgument
 } from "../utils/index.js";
 
-import { computeHmac } from "./hmac.js";
 import { Signature } from "./signature.js";
 
 import type { BytesLike } from "../utils/index.js";
 
 import type { SignatureLike } from "./index.js";
 
 
-//const N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
-
-// Make noble-secp256k1 sync
-secp256k1.utils.hmacSha256Sync = function(key: Uint8Array, ...messages: Array<Uint8Array>): Uint8Array {
-    return getBytes(computeHmac("sha256", key, concat(messages)));
-}
-
 /**
  *  A **SigningKey** provides high-level access to the elliptic curve
  *  cryptography (ECC) operations and key management.
@@ -69,16 +61,14 @@ export class SigningKey {
     sign(digest: BytesLike): Signature {
         assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest);
 
-        const [ sigDer, recid ] = secp256k1.signSync(getBytesCopy(digest), getBytesCopy(this.#privateKey), {
-            recovered: true,
-            canonical: true
+        const sig = secp256k1.sign(getBytesCopy(digest), getBytesCopy(this.#privateKey), {
+            lowS: true
         });
 
-        const sig = secp256k1.Signature.fromHex(sigDer);
         return Signature.from({
-            r: toBeHex("0x" + sig.r.toString(16), 32),
-            s: toBeHex("0x" + sig.s.toString(16), 32),
-            v: (recid ? 0x1c: 0x1b)
+            r: toBeHex(sig.r, 32),
+            s: toBeHex(sig.s, 32),
+            v: (sig.recovery ? 0x1c: 0x1b)
         });
     }
 
@@ -106,7 +96,7 @@ export class SigningKey {
      */
     computeSharedSecret(other: BytesLike): string {
         const pubKey = SigningKey.computePublicKey(other);
-        return hexlify(secp256k1.getSharedSecret(getBytesCopy(this.#privateKey), getBytes(pubKey)));
+        return hexlify(secp256k1.getSharedSecret(getBytesCopy(this.#privateKey), getBytes(pubKey), false));
     }
 
     /**
@@ -151,7 +141,7 @@ export class SigningKey {
             bytes = pub;
         }
 
-        const point = secp256k1.Point.fromHex(bytes);
+        const point = secp256k1.ProjectivePoint.fromHex(bytes);
         return hexlify(point.toRawBytes(compressed));
     }
 
@@ -177,12 +167,14 @@ export class SigningKey {
         assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest);
 
         const sig = Signature.from(signature);
-        const der = secp256k1.Signature.fromCompact(getBytesCopy(concat([ sig.r, sig.s ]))).toDERRawBytes();
 
-        const pubKey = secp256k1.recoverPublicKey(getBytesCopy(digest), der, sig.yParity);
-        assertArgument(pubKey != null, "invalid signature for digest", "signature", signature);
+        let secpSig = secp256k1.Signature.fromCompact(getBytesCopy(concat([ sig.r, sig.s ])));
+        secpSig = secpSig.addRecoveryBit(sig.yParity);
+
+        const pubKey = secpSig.recoverPublicKey(getBytesCopy(digest));
+        assertArgument(pubKey != null, "invalid signautre for digest", "signature", signature);
 
-        return hexlify(pubKey);
+        return "0x" + pubKey.toHex(false);
     }
 
     /**
@@ -196,8 +188,8 @@ export class SigningKey {
      *  addresses from parent public keys and chain codes.
      */
     static addPoints(p0: BytesLike, p1: BytesLike, compressed?: boolean): string {
-        const pub0 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p0).substring(2));
-        const pub1 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p1).substring(2));
+        const pub0 = secp256k1.ProjectivePoint.fromHex(SigningKey.computePublicKey(p0).substring(2));
+        const pub1 = secp256k1.ProjectivePoint.fromHex(SigningKey.computePublicKey(p1).substring(2));
         return "0x" + pub0.add(pub1).toHex(!!compressed)
     }
 }