Skip to content

Releases: paulmillr/noble-secp256k1

2.2.3

07 Jan 21:40
2.2.3
65c1cab
Compare
Choose a tag to compare

Revert requirement for crypto.subtle, introduced in 2.2.0 #123. This ensures synchronous environments work correctly without it.

Full Changelog: 2.2.2...2.2.3

2.2.2

02 Jan 19:08
2.2.2
22fe33f
Compare
Choose a tag to compare
  • Improve documentation for public methods. This ensures efficient auto-generated docs on JSR.

Full Changelog: 2.2.1...2.2.2

2.2.1

02 Jan 01:23
2.2.1
c6a8520
Compare
Choose a tag to compare

Same as 2.2.0, but now publishing to JSR without slow-types option.

Full Changelog: 2.2.0...2.2.1

2.2.0

02 Jan 01:11
2.2.0
dbd5d6f
Compare
Choose a tag to compare

What's Changed

  • Allow any size of opts.extraEntropy when signing
  • Improve hex and bytes conversion
  • Feature detect to avoid self.crypto if subtle isn't available by @gre in #123
  • Improve types: use isolatedDeclarations option

New Contributors

Full Changelog: 2.1.0...2.2.0

2.1.0

24 Mar 11:07
2.1.0
29e0cf1
Compare
Choose a tag to compare

This release comes one year after v2.0.0, following rare update schedule for easy auditability.

  • Point.fromAffine: convert ZERO points properly
  • au8: improve Uint8Array check to work in extension context
  • Signature: add normalizeS method
  • Signature: addRecoveryBit should return more precise type, SignatureWithRecovery
  • randomPrivateKey: fetch 48 bytes from CSPRNG instead of 40, to reduce bias

New Contributors

Full Changelog: 2.0.0...2.1.0

2.0.0

24 Mar 10:01
2.0.0
d38ed22
Compare
Choose a tag to compare

noble-secp256k1 v2 features improved security and smaller attack surface.
The goal of v2 is to provide minimum possible JS library which is safe and fast.

That means the library was reduced 4x, to just over 400 lines. Library size is now just 4KB gzipped.
In order to achieve the goal, some features were moved to noble-curves, which is
even safer and faster drop-in replacement library with same API.
Switch to curves if you intend to keep using these features:

  • DER encoding: toDERHex, toDERRawBytes, signing / verification of DER sigs
  • Schnorr signatures
  • Using utils.precompute() for non-base point
  • Support for environments which don't support bigint literals
  • Common.js support
  • Support for node.js 18 and older without shim

Other changes for upgrading from @noble/secp256k1 1.7 to 2.0:

  • getPublicKey
    • now produce 33-byte compressed signatures by default
    • to use old behavior, which produced 65-byte uncompressed keys, set
      argument isCompressed to false: getPublicKey(priv, false)
  • sign
    • is now sync; use signAsync for async version
    • now returns Signature instance with { r, s, recovery } properties
    • canonical option was renamed to lowS
    • recovered option has been removed because recovery bit is always returned now
    • der option has been removed. There are 2 options:
      1. Use compact encoding: fromCompact, toCompactRawBytes, toCompactHex.
        Compact encoding is simply a concatenation of 32-byte r and 32-byte s.
      2. If you must use DER encoding, switch to noble-curves (see above).
  • verify
    • strict option was renamed to lowS
  • getSharedSecret
    • now produce 33-byte compressed signatures by default
    • to use old behavior, which produced 65-byte uncompressed keys, set
      argument isCompressed to false: getSharedSecret(a, b, false)
  • recoverPublicKey(msg, sig, rec) was changed to sig.recoverPublicKey(msg)
  • number type for private keys have been removed: use bigint instead
  • Point (2d xy) has been changed to ProjectivePoint (3d xyz)
  • utils were split into utils (same api as in noble-curves) and
    etc (hmacSha256Sync and others)

Pull request: #92

Full Changelog: 1.7.1...2.0.0

1.7.1

08 Jan 19:53
1.7.1
fd51da0
Compare
Choose a tag to compare
  • Add support for recovery_bit=2, 3
  • JacobianPoint#fromAffine bugfix
  • P.subtract(P) and JacobianPoint.ZERO.toAffine() no longer throw errors
  • Refactoring backported from noble-curves

Full Changelog: 1.7.0...1.7.1

1.7.0

11 Sep 16:46
1.7.0
37e6684
Compare
Choose a tag to compare

The library now works with React Native 0.70. Remove all bigint ** pow operators to improve compact w bad parsers.

  • Expose Point#hasEvenY()
  • Utils sha256Sync and hmacSha256Sync redefinitions cannot be re-defined after the first time
  • Add experimental utils._normalizePrivateKey()
  • Remove experimental utils: privateAdd, privateNegate, pointAddScalar, pointMultiply. We consider their API not optimal. If you want to keep using them, copy-paste their definition from test directory.
  • Refactor schnorr

Full Changelog: 1.6.3...1.7.0

1.6.3

14 Jul 09:27
1.6.3
c564ad7
Compare
Choose a tag to compare

Allow 0000... hash in recoverPublicKey

1.6.2

13 Jul 14:25
1.6.2
e9bd343
Compare
Choose a tag to compare

Fixes tests for 0000... hash in verify()