feat: replace elliptic with @noble/curves (#1601)

FuelLabs · Jan 5, 2024 · 6c82640 · 6c82640
1 parent f698256
commit 6c82640
Show file tree

Hide file tree

Showing 6 changed files with 56 additions and 65 deletions.
diff --git a/.changeset/warm-poems-swim.md b/.changeset/warm-poems-swim.md
@@ -0,0 +1,6 @@
+---
+"@fuel-ts/signer": minor
+---
+
+- Stopped exporting `getCurve()` / secp256k1
+- Replaced `elliptic` with `@noble/curves`
diff --git a/packages/signer/package.json b/packages/signer/package.json
@@ -29,10 +29,7 @@
     "@fuel-ts/crypto": "workspace:*",
     "@fuel-ts/hasher": "workspace:*",
     "@fuel-ts/math": "workspace:*",
-    "elliptic": "^6.5.4",
-    "ethers": "^6.7.1"
-  },
-  "devDependencies": {
-    "@types/elliptic": "^6.4.14"
+    "ethers": "^6.7.1",
+    "@noble/curves": "^1.3.0"
   }
 }
diff --git a/packages/signer/src/index.ts b/packages/signer/src/index.ts
@@ -1,2 +1 @@
-export { default as Signer } from './signer';
 export * from './signer';
diff --git a/packages/signer/src/signer.test.ts b/packages/signer/src/signer.test.ts
@@ -1,6 +1,6 @@
 import { getBytesCopy, sha256 } from 'ethers';
 
-import Signer from './signer';
+import { Signer } from './signer';
 
 /**
  * @group node

diff --git a/packages/signer/src/signer.ts b/packages/signer/src/signer.ts
@@ -2,24 +2,11 @@ import { Address } from '@fuel-ts/address';
 import { randomBytes } from '@fuel-ts/crypto';
 import { hash } from '@fuel-ts/hasher';
 import { toBytes } from '@fuel-ts/math';
-import * as elliptic from 'elliptic';
-import { hexlify, concat, getBytesCopy } from 'ethers';
+import { secp256k1 } from '@noble/curves/secp256k1';
 import type { BytesLike } from 'ethers';
+import { hexlify, concat, getBytesCopy } from 'ethers';
 
-/* Importing `ec` like this to avoid the 'Requested module is a CommonJS module,
- * which may not support all module.exports as named exports' error
- * @see https://github.com/FuelLabs/fuels-ts/issues/841
- */
-const { ec: EC } = elliptic;
-
-/**
- * Return elliptic instance with curve secp256k1
- */
-export function getCurve() {
-  return new EC('secp256k1');
-}
-
-class Signer {
+export class Signer {
   readonly address: Address;
 
   readonly publicKey: string;
@@ -42,16 +29,15 @@ class Signer {
         privateKey = `0x${privateKey}`;
       }
     }
-
     // Convert to byte array, normalize private key input allowing it to be BytesLike
     // like remove 0x prefix and accept array of bytes
-    const privateKeyBytes = getBytesCopy(privateKey);
-    const keyPair = getCurve().keyFromPrivate(privateKeyBytes, 'hex');
+    const privateKeyBytes = toBytes(privateKey, 32);
 
-    // Slice(1) removes the encoding scheme from the public key
-    this.compressedPublicKey = hexlify(Uint8Array.from(keyPair.getPublic(true, 'array')));
-    this.publicKey = hexlify(Uint8Array.from(keyPair.getPublic(false, 'array').slice(1)));
     this.privateKey = hexlify(privateKeyBytes);
+
+    // Slice(1) removes the encoding scheme from the public key
+    this.publicKey = hexlify(secp256k1.getPublicKey(privateKeyBytes, false).slice(1));
+    this.compressedPublicKey = hexlify(secp256k1.getPublicKey(privateKeyBytes, true));
     this.address = Address.fromPublicKey(this.publicKey);
   }
 
@@ -64,15 +50,13 @@ class Signer {
    * @returns hashed signature
    */
   sign(data: BytesLike) {
-    const keyPair = getCurve().keyFromPrivate(getBytesCopy(this.privateKey), 'hex');
-    const signature = keyPair.sign(getBytesCopy(data), {
-      canonical: true,
-    });
-    const r = toBytes(signature.r, 32);
-    const s = toBytes(signature.s, 32);
+    const signature = secp256k1.sign(getBytesCopy(data), getBytesCopy(this.privateKey));
+
+    const r = toBytes(`0x${signature.r.toString(16)}`, 32);
+    const s = toBytes(`0x${signature.s.toString(16)}`, 32);
 
     // add recoveryParam to first s byte
-    s[0] |= (signature.recoveryParam || 0) << 7;
+    s[0] |= (signature.recovery || 0) << 7;
 
     return concat([r, s]);
   }
@@ -84,11 +68,10 @@ class Signer {
    * @returns compressed point on the curve
    */
   addPoint(point: BytesLike) {
-    const p0 = getCurve().keyFromPublic(getBytesCopy(this.compressedPublicKey));
-    const p1 = getCurve().keyFromPublic(getBytesCopy(point));
-    const result = p0.getPublic().add(p1.getPublic());
-
-    return hexlify(Uint8Array.from(result.encode('array', true)));
+    const p0 = secp256k1.ProjectivePoint.fromHex(getBytesCopy(this.compressedPublicKey));
+    const p1 = secp256k1.ProjectivePoint.fromHex(getBytesCopy(point));
+    const result = p0.add(p1);
+    return `0x${result.toHex(true)}`;
   }
 
   /**
@@ -107,12 +90,12 @@ class Signer {
     // remove recoveryParam from s first byte
     s[0] &= 0x7f;
 
-    const publicKey = getCurve()
-      .recoverPubKey(getBytesCopy(data), { r, s }, recoveryParam)
-      .encode('array', false)
-      .slice(1);
+    const sig = new secp256k1.Signature(BigInt(hexlify(r)), BigInt(hexlify(s))).addRecoveryBit(
+      recoveryParam
+    );
 
-    return hexlify(Uint8Array.from(publicKey));
+    const publicKey = sig.recoverPublicKey(getBytesCopy(data)).toRawBytes(false).slice(1);
+    return hexlify(publicKey);
   }
 
   /**
@@ -143,9 +126,7 @@ class Signer {
    * @returns extended publicKey
    */
   static extendPublicKey(publicKey: BytesLike) {
-    const keyPair = getCurve().keyFromPublic(getBytesCopy(publicKey));
-    return hexlify(Uint8Array.from(keyPair.getPublic(false, 'array').slice(1)));
+    const point = secp256k1.ProjectivePoint.fromHex(getBytesCopy(publicKey));
+    return hexlify(point.toRawBytes(false).slice(1));
   }
 }
-
-export default Signer;
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
Original file line number	Diff line number	Diff line change
		@@ -1,2 +1 @@
		export { default as Signer } from './signer';
		export * from './signer';