feat: noble curve replace elliptic #56
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hieu-w
force-pushed
the
feat/noble-curve-replacement
branch
from
8feec72 to
be75748
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
hieu-w
force-pushed
the
feat/noble-curve-replacement
branch
from
1ac76a6 to
c6f6dce
Compare
ieow
reviewed
Jan 29, 2026
This reverts commit 55af097.
ieow
reviewed
Jan 29, 2026
| opts?: { iv?: Buffer; ephemPrivateKey?: Buffer; padding?: boolean } | ||
| publicKeyTo: Uint8Array, | ||
| msg: Uint8Array, | ||
| opts?: { iv?: Uint8Array; ephemPrivateKey?: Uint8Array } |
Member
There was a problem hiding this comment.
why remove the option of padding?
| // that used elliptic's BN.toArray() which didn't include leading zeros. | ||
| // Use derivePadded() if you need a fixed 32-byte output. | ||
| const sharedSecret = secp256k1.getSharedSecret(privateKeyA, publicKeyB); | ||
| const Px = sharedSecret.subarray(sharedSecret.length - 32); |
Member
There was a problem hiding this comment.
sharedSecret is always 33 bytes. you can just slice the first byte to get Px.
Can u try this?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation and Context
Jira Link:
Description
How has this been tested?
Screenshots (if appropriate):
Types of changes
Checklist:
Note
High Risk
High risk because it rewrites cryptography primitives (ECDSA/ECDH/ECIES) and changes the public API’s binary types from
BuffertoUint8Array, which can break consumers and subtly alter crypto outputs if mismatched.Overview
Switches the library’s secp256k1 backend from
ellipticto@noble/curvesand standardizes all inputs/outputs (includingEcies) onUint8Arrayinstead ofBuffer, updating key validation, signing/verifying, ECDH derivation (including padded/unpadded behavior), and ECIES encrypt/decrypt plumbing.Adds a Node-only backward-compatibility test suite (via
eccrypto-old) to compare outputs acrossgetPublic*,sign/verify,derive*, andencrypt/decrypt, adjusts browser test config to exclude those tests, and refreshes README usage/API docs plus dependency/lockfile changes to dropellipticin favor of@noble/curves.Written by Cursor Bugbot for commit b3052af. This will update automatically on new commits. Configure here.