UNPKG

ecash-lib

Version:

Library for eCash transaction building

github.com/Bitcoin-ABC/bitcoin-abc

Bitcoin-ABC/bitcoin-abc

170 lines (134 loc) 5.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
// Copyright (c) 2024 The Bitcoin developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. /** Interface to abstract over Elliptic Curve Cryptography */ // eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging export interface Ecc { /** Derive a public key from secret key. */ derivePubkey(seckey: Uint8Array): Uint8Array; /** Sign an ECDSA signature. msg needs to be a 32-byte hash */ ecdsaSign(seckey: Uint8Array, msg: Uint8Array): Uint8Array; /** * Verify an ECDSA signature. msg needs to be a 32-byte hash. * Throws an exception if the signature is invalid. **/ ecdsaVerify(sig: Uint8Array, msg: Uint8Array, pk: Uint8Array): void; /** Sign a Schnorr signature. msg needs to be a 32-byte hash */ schnorrSign(seckey: Uint8Array, msg: Uint8Array): Uint8Array; /** * Verify a Schnorr signature. msg needs to be a 32-byte hash. * Throws an exception if the signature is invalid. **/ schnorrVerify(sig: Uint8Array, msg: Uint8Array, pk: Uint8Array): void; /** * Return whether the given secret key is valid, i.e. whether is of correct * length (32 bytes) and is on the curve. */ isValidSeckey(seckey: Uint8Array): boolean; /** Add a scalar to a secret key */ seckeyAdd(a: Uint8Array, b: Uint8Array): Uint8Array; /** Add a scalar to a public key (adding G*b) */ pubkeyAdd(a: Uint8Array, b: Uint8Array): Uint8Array; /** Sign a ECDSA recoverable signature, includes the recovery ID */ signRecoverable(seckey: Uint8Array, msg: Uint8Array): Uint8Array; /** Recover the public key of an ECDSA signed signature (with recovery ID) */ recoverSig(sig: Uint8Array, msg: Uint8Array): Uint8Array; /** Compress an uncompressed public key (must start with 0x04) */ compressPk(pk: Uint8Array): Uint8Array; } /** Dummy Ecc impl that always returns 0, useful for measuring tx size */ export class EccDummy implements Ecc { derivePubkey(_seckey: Uint8Array): Uint8Array { return new Uint8Array(33); } ecdsaSign(_seckey: Uint8Array, _msg: Uint8Array): Uint8Array { return new Uint8Array(73); } ecdsaVerify(_sig: Uint8Array, _msg: Uint8Array, _pk: Uint8Array): void {} schnorrSign(_seckey: Uint8Array, _msg: Uint8Array): Uint8Array { return new Uint8Array(64); } schnorrVerify(_sig: Uint8Array, _msg: Uint8Array, _pk: Uint8Array): void {} isValidSeckey(_seckey: Uint8Array): boolean { return false; } seckeyAdd(_a: Uint8Array, _b: Uint8Array): Uint8Array { return new Uint8Array(32); } pubkeyAdd(_a: Uint8Array, _b: Uint8Array): Uint8Array { return new Uint8Array(32); } signRecoverable(_seckey: Uint8Array, _msg: Uint8Array): Uint8Array { return new Uint8Array(65); } recoverSig(_sig: Uint8Array, _msg: Uint8Array): Uint8Array { return new Uint8Array(33); } compressPk(_pk: Uint8Array): Uint8Array { return new Uint8Array(33); } } type FfiEcc = Omit<Ecc, 'compressPk'>; const ECC: { ecc?: FfiEcc } = {}; export function __setEcc(ecc: FfiEcc) { ECC.ecc = ecc; } // eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging export class Ecc implements Ecc { /** Derive a public key from secret key. */ derivePubkey(seckey: Uint8Array): Uint8Array { return ECC.ecc!.derivePubkey(seckey); } /** Sign an ECDSA signature. msg needs to be a 32-byte hash */ ecdsaSign(seckey: Uint8Array, msg: Uint8Array): Uint8Array { return ECC.ecc!.ecdsaSign(seckey, msg); } /** * Verify an ECDSA signature. msg needs to be a 32-byte hash. * Throws an exception if the signature is invalid. **/ ecdsaVerify(sig: Uint8Array, msg: Uint8Array, pk: Uint8Array): void { ECC.ecc?.ecdsaVerify(sig, msg, pk); } /** Sign a Schnorr signature. msg needs to be a 32-byte hash */ schnorrSign(seckey: Uint8Array, msg: Uint8Array): Uint8Array { return ECC.ecc!.schnorrSign(seckey, msg); } /** * Verify a Schnorr signature. msg needs to be a 32-byte hash. * Throws an exception if the signature is invalid. **/ schnorrVerify(sig: Uint8Array, msg: Uint8Array, pk: Uint8Array): void { ECC.ecc?.schnorrVerify(sig, msg, pk); } /** * Return whether the given secret key is valid, i.e. whether is of correct * length (32 bytes) and is on the curve. */ isValidSeckey(seckey: Uint8Array): boolean { return ECC.ecc!.isValidSeckey(seckey); } /** Add a scalar to a secret key */ seckeyAdd(a: Uint8Array, b: Uint8Array): Uint8Array { return ECC.ecc!.seckeyAdd(a, b); } /** Add a scalar to a public key (adding G*b) */ pubkeyAdd(a: Uint8Array, b: Uint8Array): Uint8Array { return ECC.ecc!.pubkeyAdd(a, b); } signRecoverable(seckey: Uint8Array, msg: Uint8Array): Uint8Array { return ECC.ecc!.signRecoverable(seckey, msg); } recoverSig(sig: Uint8Array, msg: Uint8Array): Uint8Array { return ECC.ecc!.recoverSig(sig, msg); } compressPk(pk: Uint8Array): Uint8Array { if (pk[0] != 0x04) { throw new Error('Uncompressed pubkey must start with 0x04'); } const compressedPk = new Uint8Array(33); compressedPk[0] = 0x02 | (pk[64] & 0x01); compressedPk.set(pk.slice(1, 33), 1); return compressedPk; } }