Merge #844: Remove context from the API

3f5c666 Remove unneeded import (Tobin C. Harding)
38a7d9e Remove context sort_pubkeys (Tobin C. Harding)
4fe0101 ellswift: Remove context (Tobin C. Harding)
70e928c musig: Remove context (Tobin C. Harding)
58c7ba2 Remove context from signing APIs (Tobin C. Harding)
403f541 Remove context from verification functions (Tobin C. Harding)
074a4ac Remove context from Keypair functions (Tobin C. Harding)
f8bf19d Remove context from tweaking functions (Tobin C. Harding)
792103b Remove context from PublicKey::from_secret_key (Tobin C. Harding)
95e2e25 Use super::* in tests (Tobin C. Harding)
b2cdc98 docs: Remove one instance of context construction (Tobin C. Harding)

Pull request description:

  Tested in rust-bitcoin/rust-bitcoin#4960
  
  ### TODO in this PR: 
  
  Remove the FIXMEs, I don't exactly understand the `rerandomize_seed` and what is ok to put in it?
  
  While trying to work this out I created #847 and #848, apoelstra can you school me on _exactly_ how random the seed needs to be please?
  
   
  ### Follow up PRs:
   
  - Do we want to remove the `SECP256K1`, `global-context` (and `global-context-less-secure`) features in this PR instead of deprecating stuff?
  - Go over the docs and fix places that mention the context


ACKs for top commit:
  apoelstra:
    ACK 3f5c666; successfully ran local tests


Tree-SHA512: ea0667fa950182ddb4cf90f0de96824bb244000cdc9f4a8fd243b29e6c5c8180b4f269d91d918fa035bfe58b48d1b7367cc2f7234e21ea4c6cc7f5a448e92594

Author: apoelstra

examples/generate_keys.rs

@@ -1,16 +1,15 @@
 extern crate secp256k1;
 
-use secp256k1::{PublicKey, Secp256k1, SecretKey};
+use secp256k1::{PublicKey, SecretKey};
 
 fn main() {
-    let secp = Secp256k1::new();
     let mut rng = rand::rng();
     // First option:
-    let (seckey, pubkey) = secp.generate_keypair(&mut rng);
+    let (seckey, pubkey) = secp256k1::generate_keypair(&mut rng);
 
-    assert_eq!(pubkey, PublicKey::from_secret_key(&secp, &seckey));
+    assert_eq!(pubkey, PublicKey::from_secret_key(&seckey));
 
     // Second option:
     let seckey = SecretKey::new(&mut rng);
-    let _pubkey = PublicKey::from_secret_key(&secp, &seckey);
+    let _pubkey = PublicKey::from_secret_key(&seckey);
 }

examples/musig.rs

@@ -4,33 +4,32 @@ use secp256k1::musig::{
     new_nonce_pair, AggregatedNonce, KeyAggCache, PartialSignature, PublicNonce, Session,
     SessionSecretRand,
 };
-use secp256k1::{Keypair, PublicKey, Scalar, Secp256k1, SecretKey};
+use secp256k1::{Keypair, PublicKey, Scalar, SecretKey};
 
 fn main() {
-    let secp = Secp256k1::new();
     let mut rng = rand::rng();
 
-    let (seckey1, pubkey1) = secp.generate_keypair(&mut rng);
+    let (seckey1, pubkey1) = secp256k1::generate_keypair(&mut rng);
 
     let seckey2 = SecretKey::new(&mut rng);
-    let pubkey2 = PublicKey::from_secret_key(&secp, &seckey2);
+    let pubkey2 = PublicKey::from_secret_key(&seckey2);
 
     let pubkeys = [pubkey1, pubkey2];
     let mut pubkeys_ref: Vec<&PublicKey> = pubkeys.iter().collect();
     let pubkeys_ref = pubkeys_ref.as_mut_slice();
 
-    secp.sort_pubkeys(pubkeys_ref);
+    secp256k1::sort_pubkeys(pubkeys_ref);
 
-    let mut musig_key_agg_cache = KeyAggCache::new(&secp, pubkeys_ref);
+    let mut musig_key_agg_cache = KeyAggCache::new(pubkeys_ref);
 
     let plain_tweak: [u8; 32] = *b"this could be a BIP32 tweak....\0";
     let xonly_tweak: [u8; 32] = *b"this could be a Taproot tweak..\0";
 
     let plain_tweak = Scalar::from_be_bytes(plain_tweak).unwrap();
-    musig_key_agg_cache.pubkey_ec_tweak_add(&secp, &plain_tweak).unwrap();
+    musig_key_agg_cache.pubkey_ec_tweak_add(&plain_tweak).unwrap();
 
     let xonly_tweak = Scalar::from_be_bytes(xonly_tweak).unwrap();
-    let tweaked_agg_pk = musig_key_agg_cache.pubkey_xonly_tweak_add(&secp, &xonly_tweak).unwrap();
+    let tweaked_agg_pk = musig_key_agg_cache.pubkey_xonly_tweak_add(&xonly_tweak).unwrap();
 
     let agg_pk = musig_key_agg_cache.agg_pk();
 
@@ -41,7 +40,6 @@ fn main() {
     let musig_session_sec_rand1 = SessionSecretRand::from_rng(&mut rng);
 
     let nonce_pair1 = new_nonce_pair(
-        &secp,
         musig_session_sec_rand1,
         Some(&musig_key_agg_cache),
         Some(seckey1),
@@ -53,7 +51,6 @@ fn main() {
     let musig_session_sec_rand2 = SessionSecretRand::from_rng(&mut rng);
 
     let nonce_pair2 = new_nonce_pair(
-        &secp,
         musig_session_sec_rand2,
         Some(&musig_key_agg_cache),
         Some(seckey2),
@@ -72,22 +69,22 @@ fn main() {
     let nonces_ref: Vec<&PublicNonce> = nonces.iter().collect();
     let nonces_ref = nonces_ref.as_slice();
 
-    let agg_nonce = AggregatedNonce::new(&secp, nonces_ref);
+    let agg_nonce = AggregatedNonce::new(nonces_ref);
 
-    let session = Session::new(&secp, &musig_key_agg_cache, agg_nonce, msg);
+    let session = Session::new(&musig_key_agg_cache, agg_nonce, msg);
 
-    let keypair1 = Keypair::from_secret_key(&secp, &seckey1);
-    let partial_sign1 = session.partial_sign(&secp, sec_nonce1, &keypair1, &musig_key_agg_cache);
+    let keypair1 = Keypair::from_secret_key(&seckey1);
+    let partial_sign1 = session.partial_sign(sec_nonce1, &keypair1, &musig_key_agg_cache);
 
-    let keypair2 = Keypair::from_secret_key(&secp, &seckey2);
-    let partial_sign2 = session.partial_sign(&secp, sec_nonce2, &keypair2, &musig_key_agg_cache);
+    let keypair2 = Keypair::from_secret_key(&seckey2);
+    let partial_sign2 = session.partial_sign(sec_nonce2, &keypair2, &musig_key_agg_cache);
 
     let is_partial_signature_valid =
-        session.partial_verify(&secp, &musig_key_agg_cache, &partial_sign1, &pub_nonce1, pubkey1);
+        session.partial_verify(&musig_key_agg_cache, &partial_sign1, &pub_nonce1, pubkey1);
     assert!(is_partial_signature_valid);
 
     let is_partial_signature_valid =
-        session.partial_verify(&secp, &musig_key_agg_cache, &partial_sign2, &pub_nonce2, pubkey2);
+        session.partial_verify(&musig_key_agg_cache, &partial_sign2, &pub_nonce2, pubkey2);
     assert!(is_partial_signature_valid);
 
     let partial_sigs = [partial_sign1, partial_sign2];
@@ -96,5 +93,5 @@ fn main() {
 
     let aggregated_signature = session.partial_sig_agg(partial_sigs_ref);
 
-    assert!(aggregated_signature.verify(&secp, &agg_pk, msg).is_ok());
+    assert!(aggregated_signature.verify(&agg_pk, msg).is_ok());
 }

examples/sign_verify.rs

@@ -15,34 +15,23 @@
 
 extern crate secp256k1;
 
-use secp256k1::{ecdsa, Error, Message, PublicKey, Secp256k1, SecretKey, Signing, Verification};
-
-fn verify<C: Verification>(
-    secp: &Secp256k1<C>,
-    msg_digest: [u8; 32],
-    sig: [u8; 64],
-    pubkey: [u8; 33],
-) -> Result<bool, Error> {
+use secp256k1::{ecdsa, Error, Message, PublicKey, SecretKey};
+
+fn verify(sig: [u8; 64], msg_digest: [u8; 32], pubkey: [u8; 33]) -> Result<bool, Error> {
     let msg = Message::from_digest(msg_digest);
     let sig = ecdsa::Signature::from_compact(&sig)?;
     let pubkey = PublicKey::from_slice(&pubkey)?;
 
-    Ok(secp.verify_ecdsa(&sig, msg, &pubkey).is_ok())
+    Ok(ecdsa::verify(&sig, msg, &pubkey).is_ok())
 }
 
-fn sign<C: Signing>(
-    secp: &Secp256k1<C>,
-    msg_digest: [u8; 32],
-    seckey: [u8; 32],
-) -> Result<ecdsa::Signature, Error> {
+fn sign(msg_digest: [u8; 32], seckey: [u8; 32]) -> Result<ecdsa::Signature, Error> {
     let msg = Message::from_digest(msg_digest);
     let seckey = SecretKey::from_secret_bytes(seckey)?;
-    Ok(secp.sign_ecdsa(msg, &seckey))
+    Ok(ecdsa::sign(msg, &seckey))
 }
 
 fn main() {
-    let secp = Secp256k1::new();
-
     let seckey = [
         59, 148, 11, 85, 134, 130, 61, 253, 2, 174, 59, 70, 27, 180, 51, 107, 94, 203, 174, 253,
         102, 39, 170, 146, 46, 252, 4, 143, 236, 12, 136, 28,
@@ -53,9 +42,9 @@ fn main() {
     ];
     let msg_digest = *b"this must be secure hash output.";
 
-    let signature = sign(&secp, msg_digest, seckey).unwrap();
+    let signature = sign(msg_digest, seckey).unwrap();
 
     let serialize_sig = signature.serialize_compact();
 
-    assert!(verify(&secp, msg_digest, serialize_sig, pubkey).unwrap());
+    assert!(verify(serialize_sig, msg_digest, pubkey).unwrap());
 }

no_std_test/src/main.rs

@@ -79,14 +79,14 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
     let mut secp = Secp256k1::preallocated_new(&mut buf).unwrap();
     secp.randomize(&mut FakeRng);
     let secret_key = SecretKey::new(&mut FakeRng);
-    let public_key = PublicKey::from_secret_key(&secp, &secret_key);
+    let public_key = PublicKey::from_secret_key(&secret_key);
     let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
 
-    let sig = secp.sign_ecdsa(message, &secret_key);
-    assert!(secp.verify_ecdsa(&sig, message, &public_key).is_ok());
+    let sig = ecdsa::sign(message, &secret_key);
+    assert!(ecdsa::verify(&sig, message, &public_key).is_ok());
 
     let rec_sig = ecdsa::RecoverableSignature::sign_ecdsa_recoverable(message, &secret_key);
-    assert!(secp.verify_ecdsa(&rec_sig.to_standard(), message, &public_key).is_ok());
+    assert!(ecdsa::verify(&rec_sig.to_standard(), message, &public_key).is_ok());
     assert_eq!(public_key, rec_sig.recover_ecdsa(message).unwrap());
     let (rec_id, data) = rec_sig.serialize_compact();
     let new_rec_sig = ecdsa::RecoverableSignature::from_compact(&data, rec_id).unwrap();
@@ -106,11 +106,11 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
     #[cfg(feature = "alloc")]
     {
         let secp_alloc = Secp256k1::new();
-        let public_key = PublicKey::from_secret_key(&secp_alloc, &secret_key);
+        let public_key = PublicKey::from_secret_key(&secret_key);
         let message = Message::from_digest_slice(&[0xab; 32]).expect("32 bytes");
 
-        let sig = secp_alloc.sign_ecdsa(message, &secret_key);
-        assert!(secp_alloc.verify_ecdsa(&sig, message, &public_key).is_ok());
+        let sig = ecdsa::sign(message, &secret_key);
+        assert!(ecdsa::verify(&sig, message, &public_key).is_ok());
         unsafe { libc::printf("Verified alloc Successfully!\n\0".as_ptr() as _) };
     }
 

src/context/mod.rs

@@ -38,13 +38,6 @@ pub mod global {
     ///
     /// If `rand` and `std` feature is enabled, context will have been randomized using
     /// `rng`.
-    ///
-    /// ```
-    /// # #[cfg(all(feature = "global-context", feature = "rand", feature = "std"))] {
-    /// use secp256k1::{PublicKey, SECP256K1};
-    /// let _ = SECP256K1.generate_keypair(&mut rand::rng());
-    /// # }
-    /// ```
     pub static SECP256K1: &GlobalContext = &GlobalContext { __private: () };
 
     impl Deref for GlobalContext {

src/ecdh.rs

@@ -21,11 +21,9 @@ const SHARED_SECRET_SIZE: usize = constants::SECRET_KEY_SIZE;
 ///
 /// ```
 /// # #[cfg(all(feature = "rand", feature = "std"))] {
-/// # use secp256k1::{rand, Secp256k1};
-/// # use secp256k1::ecdh::SharedSecret;
-/// let s = Secp256k1::new();
-/// let (sk1, pk1) = s.generate_keypair(&mut rand::rng());
-/// let (sk2, pk2) = s.generate_keypair(&mut rand::rng());
+/// # use secp256k1::{rand, ecdh::SharedSecret};
+/// let (sk1, pk1) = secp256k1::generate_keypair(&mut rand::rng());
+/// let (sk2, pk2) = secp256k1::generate_keypair(&mut rand::rng());
 /// let sec1 = SharedSecret::new(&pk2, &sk1);
 /// let sec2 = SharedSecret::new(&pk1, &sk2);
 /// assert_eq!(sec1, sec2);
@@ -112,11 +110,10 @@ impl AsRef<[u8]> for SharedSecret {
 /// # Examples
 /// ```ignore
 /// use bitcoin_hashes::{Hash, sha512};
-/// use secp256k1::{ecdh, rand, Secp256k1, PublicKey, SecretKey};
+/// use secp256k1::{ecdh, rand, PublicKey, SecretKey};
 ///
-/// let s = Secp256k1::new();
-/// let (sk1, pk1) = s.generate_keypair(&mut rand::rng());
-/// let (sk2, pk2) = s.generate_keypair(&mut rand::rng());
+/// let (sk1, pk1) = crate::generate_keypair(&mut rand::rng());
+/// let (sk2, pk2) = crate::generate_keypair(&mut rand::rng());
 ///
 /// let point1 = ecdh::shared_secret_point(&pk2, &sk1);
 /// let secret1 = sha512::Hash::hash(&point1);
@@ -189,7 +186,6 @@ mod tests {
     use wasm_bindgen_test::wasm_bindgen_test as test;
 
     use super::SharedSecret;
-    use crate::Secp256k1;
 
     #[test]
     fn ecdh() {
@@ -251,11 +247,9 @@ mod benches {
     use test::{black_box, Bencher};
 
     use super::SharedSecret;
-    use crate::Secp256k1;
 
     #[bench]
     pub fn bench_ecdh(bh: &mut Bencher) {
-        let s = Secp256k1::signing_only();
         let (sk, pk) = s.generate_keypair(&mut rand::rng());
 
         bh.iter(|| {