Open will123195 opened 5 years ago
The reasons I chose the elliptic
library were that it seemed popular enough and maintained and allowed us to supply the entropy ourselves (as opposed to subtle crypto which does not).
I see that the elliptic
library's own minified version is ~132KB and it looks like they're using a fairly simple browserify then uglify process. UAPF wordlist is ~70KB unminified. So we're already about 300KB over this for some reason.
I think if we have a dependency on the bitcoinjs-lib anyway, it's suitable and we can pack a single version of it, then that would have to be the way to go.
If not then it looks like we should be able to successfully make this version a lot smaller
as opposed to subtle crypto which does not
Worth mentioning that there may be ways around that. We could possibly just generate a private key from random data ourselves, but we'd have to drop invalid keys. However I also didn't see any way of using subtle crypto to look up the public key for a given private key. My instinct is to stick with predefined function calls so we don't stumble cryptography-wise.
I think subtle crypto should be able to export the pub key. I was just looking at https://github.com/diafygi/webcrypto-examples/blob/master/README.md#ecdsa---exportkey
Also I haven't added minify yet.
The issue wasn't the exporting of the key, it was deriving the public from the private. If you import a private key into subtle it won't export a public key for you (as far as I could see).
That said, it looks like an ECDSA in jwk form (elliptic
doesn't support jwk by the way) is just the private key without the d
parameter and different key_ops
.
If that's correct then to use subtle we'd have to generate a random key, make sure the key is valid for p256, put the key into either pkcs8 or jwk and use subtle.importKey, then export the private key as jwk and delete/alter some properties on it.
I got it down to 143KB with uglify. If the jwk thing works out, I expect we'll get it down to ~10KB which would be great.
dist/DualCrypto.js
is over 500kb.This is how we're using
elliptic
:Maybe we can tree shake?
Maybe there is an alternative?