v0.12.0 release (#242)

Author: LLFourn

CHANGELOG.md

@@ -2,12 +2,20 @@
 
 ## UNRELEASED
 
+## v0.12.0
+
+- **SECURITY FIX**: Fix `from_bytes_uncompressed` to validate points are on curve
 - Add `SharedKey::from_non_zero_poly`
-- Change `poly::scalar::to_point_poly` to make it less opinionated 
+- Add `SharedKey::grind_fingerprint` method
+- Add `ShareImage` type
+- Add FROST_V0_FINGERPRINT export
+- Change `poly::scalar::to_point_poly` to make it less opinionated
 - Add From/TryFrom conversions for `Scalar` to all unsigned integer types
+- Add Shamir secret sharing helpers for scalar polynomials
 - Upgrade to bincode v2
 - MSRV 1.63 -> 1.85
-- **BREAKING**: Refactor `CompactProof` in `sigma_fun` to use two type parameters `CompactProof<R, L>` instead of `CompactProof<S: Sigma>` to enable serde support
+- Refactor `CompactProof` in `sigma_fun` to use two type parameters `CompactProof<R, L>` instead of `CompactProof<S: Sigma>` to enable serde support
+- Update `secp256kfun_arithmetic_macros` to use generic `NonZero<T>` type instead of `NonZeroU32`
 - Add hash-to-curve methods to `Point`:
   - `hash_to_curve` - Simple try-and-increment with uniform distribution (recommended)
   - `hash_to_curve_sswu` - RFC 9380 compliant constant-time hashing
@@ -16,6 +24,12 @@
 - Deprecate `Message::plain` which uses non-standard 64-byte prefix
 - Remove type parameters from `Message` and `Signature` types (always public now)
 - Remove unused `Slice` type from secp256kfun
+- `SharedKey::check_fingerprint` now returns `Option<usize>` instead of `bool`, indicating number of bits verified
+- Rename `PartyIndex` to `ShareIndex`
+- Add `vrf_fun` crate
+- `Point<_, _, Zero>` implements `Hash`
+- Add VRF-based certification for certpedpop
+- Make certpedpop signature scheme configurable
 
 ## v0.11.0
 

Cargo.toml

@@ -16,8 +16,8 @@ bincode = { version = "2", default-features = false, features = ["derive"] }
 rand_chacha = { version = "0.3", default-features = false }
 
 # Local crates
-secp256kfun = { path = "./secp256kfun", version = "0.11", default-features = false }
-schnorr_fun = { path = "./schnorr_fun", version = "0.11", default-features = false }
-ecdsa_fun = { path = "./ecdsa_fun", version = "0.11", default-features = false }
-sigma_fun = { path = "./sigma_fun", version = "0.8", default-features = false }
-vrf_fun = { path = "./vrf_fun", version = "0.11", default-features = false }
+secp256kfun = { path = "./secp256kfun", version = "0.12", default-features = false }
+schnorr_fun = { path = "./schnorr_fun", version = "0.12", default-features = false }
+ecdsa_fun = { path = "./ecdsa_fun", version = "0.12", default-features = false }
+sigma_fun = { path = "./sigma_fun", version = "0.9", default-features = false }
+vrf_fun = { path = "./vrf_fun", version = "0.12", default-features = false }

arithmetic_macros/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "secp256kfun_arithmetic_macros"
-version = "0.1.0"
+version = "0.2.0"
 documentation = "https://docs.rs/secp256kfun_arithmetic_macros"
 description = "Helper macros for secp256kfun's aritmetic macros"
 license = "0BSD"

ecdsa_fun/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ecdsa_fun"
-version = "0.11.0"
+version = "0.12.0"
 authors = ["LLFourn <lloyd.fourn@gmail.com>"]
 edition = "2024"
 rust-version = "1.85.0"

ecdsa_fun/README.md

@@ -12,7 +12,7 @@ Built on [secp256kfun].
 
 ``` toml
 [dependencies]
-ecdsa_fun = "0.11"
+ecdsa_fun = "0.12"
 sha2 = "0.10" # You need a hash function for nonce derivation
 ```
 

publish.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+set -e
+
+# Publish crates in dependency order
+# Each publish waits for the previous to be indexed on crates.io
+
+# Format: "directory:crate_name"
+CRATES=(
+    "arithmetic_macros:secp256kfun_arithmetic_macros"
+    "secp256kfun:secp256kfun"
+    "sigma_fun:sigma_fun"
+    "vrf_fun:vrf_fun"
+    "ecdsa_fun:ecdsa_fun"
+    "schnorr_fun:schnorr_fun"
+)
+
+# Time to wait between publishes (in seconds)
+WAIT_TIME=30
+
+# Check if a version exists on crates.io
+check_version_exists() {
+    local crate_name=$1
+    local version=$2
+
+    echo "🔍 Checking if $crate_name $version exists on crates.io..."
+    if cargo search "$crate_name" --limit 1 | grep -q "\"$version\""; then
+        return 0  # exists
+    else
+        return 1  # doesn't exist
+    fi
+}
+
+# Get version from Cargo.toml
+get_version() {
+    local dir=$1
+    grep '^version = ' "$dir/Cargo.toml" | head -1 | sed 's/version = "\(.*\)"/\1/'
+}
+
+echo "Publishing secp256kfun v0.12.0 crates..."
+echo ""
+
+for entry in "${CRATES[@]}"; do
+    IFS=':' read -r dir crate_name <<< "$entry"
+    version=$(get_version "$dir")
+
+    if check_version_exists "$crate_name" "$version"; then
+        echo "⏭️  Skipping $crate_name $version (already published)"
+        echo ""
+        continue
+    fi
+
+    echo "📦 Publishing $crate_name $version..."
+    cd "$dir"
+    cargo publish
+    cd ..
+
+    echo "⏳ Waiting ${WAIT_TIME}s for crates.io to index $crate_name..."
+    sleep $WAIT_TIME
+    echo ""
+done
+
+echo ""
+echo "✅ All crates published successfully!"

schnorr_fun/Cargo.toml

@@ -1,7 +1,7 @@
 
 [package]
 name = "schnorr_fun"
-version = "0.11.0"
+version = "0.12.0"
 authors = ["LLFourn <lloyd.fourn@gmail.com>"]
 edition = "2024"
 rust-version = "1.85.0"

schnorr_fun/README.md

@@ -15,7 +15,7 @@ This implementation is based on the [BIP-340] specification, but is flexible eno
 
 ``` toml
 [dependencies]
-schnorr_fun = "0.11"
+schnorr_fun = "0.12"
 sha2 = "0.10"
 ```
 

secp256kfun/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "secp256kfun"
-version = "0.11.0"
+version = "0.12.0"
 authors = ["LLFourn <lloyd.fourn@gmail.com>"]
 license = "0BSD"
 homepage = "https://github.com/LLFourn/secp256kfun"
@@ -18,7 +18,7 @@ keywords = ["bitcoin", "secp256k1"]
 digest = { version = "0.10", default-features = false }
 subtle = { package = "subtle-ng", version = "2", default-features = false }
 rand_core = { version = "0.6", default-features = false }
-secp256kfun_arithmetic_macros = { version = "0.1.0", path = "../arithmetic_macros" }
+secp256kfun_arithmetic_macros = { version = "0.2.0", path = "../arithmetic_macros" }
 
 # optional
 serde = { version = "1.0",  optional = true, default-features = false, features = ["derive"] }

secp256kfun/README.md

@@ -28,7 +28,7 @@ _Low-level_ libraries like [parity/libsecp256k1][4] make it possible but the res
 
 ```toml
 [dependencies]
-secp256kfun = "0.11"
+secp256kfun = "0.12"
 ```
 
 ### Should use?