deps: bump @noble/secp256k1 from 1.7.1 to 2.0.0

[dependabot]

Bumps @noble/secp256k1 from 1.7.1 to 2.0.0.

Release notes

Sourced from @​noble/secp256k1's releases.

2.0.0

noble-secp256k1 v2 features improved security and smaller attack surface. The goal of v2 is to provide minimum possible JS library which is safe and fast.

That means the library was reduced 4x, to just over 400 lines. Library size is now just 4KB gzipped. In order to achieve the goal, some features were moved to noble-curves, which is even safer and faster drop-in replacement library with same API. Switch to curves if you intend to keep using these features:

• DER encoding: toDERHex, toDERRawBytes, signing / verification of DER sigs
• Schnorr signatures
• Using utils.precompute() for non-base point
• Support for environments which don't support bigint literals
• Common.js support
• Support for node.js 18 and older without shim

Other changes for upgrading from @​noble/secp256k1 1.7 to 2.0:

• getPublicKey
  • now produce 33-byte compressed signatures by default
  • to use old behavior, which produced 65-byte uncompressed keys, set argument isCompressed to false: getPublicKey(priv, false)
• sign
  • is now sync; use signAsync for async version
  • now returns Signature instance with { r, s, recovery } properties
  • canonical option was renamed to lowS
  • recovered option has been removed because recovery bit is always returned now
  • der option has been removed. There are 2 options:
    1. Use compact encoding: fromCompact, toCompactRawBytes, toCompactHex. Compact encoding is simply a concatenation of 32-byte r and 32-byte s.
    2. If you must use DER encoding, switch to noble-curves (see above).
• verify
  • strict option was renamed to lowS
• getSharedSecret
  • now produce 33-byte compressed signatures by default
  • to use old behavior, which produced 65-byte uncompressed keys, set argument isCompressed to false: getSharedSecret(a, b, false)
• recoverPublicKey(msg, sig, rec) was changed to sig.recoverPublicKey(msg)
• number type for private keys have been removed: use bigint instead
• Point (2d xy) has been changed to ProjectivePoint (3d xyz)
• utils were split into utils (same api as in noble-curves) and etc (hmacSha256Sync and others)

Pull request: paulmillr/noble-secp256k1#92

Full Changelog: paulmillr/noble-secp256k1@1.7.1...2.0.0

Commits

• d38ed22 Release 2.0.0.
• fe33a30 tags
• c54803c tags
• 6deef87 wording
• 745cb34 Wording
• b1995eb README
• e566be8 8918, 431loc, 3984b. Move exports below
• e5abbd5 remove backticks
• 883a394 readme
• 82e5d6d docs
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.