Closed MicahZoltu closed 1 year ago
MicahZoltu
commented
1 year ago What is the release process like for this project? I know it was audited, and I'm not sure if changes to type info would require a new audit or if this can be done as a patch release before the next major release?
paulmillr
commented
1 year ago release schedule is limited once per 1-2 months unless urgent. that's mostly it. 2.0.1 will follow.
paulmillr
commented
1 year ago also 2.0 wasn't audited, noble-curves were
The only place that
privis used insignAsyncandsignis when it is passed toprepSig. The only placeprivis used inprepSigis when it is passed totoPriv.toPrivtakes aPrivKey, so that meansprepSig,sign, andsignAsynccan also take aPrivKey.Functionally, this means that
bigintis now allowed as a private key. This will make it so users who are storing private keys in memory as bigints will not have to first convert to hex.Node: Currently if you naively convert your bigint private key to hex using
0x${privateKey.toString(16)}this library will throw an error complaining about the hex for the private key being the wrong length. Arguably this library should accept an odd length hex value for the private key, but in my case just accepting bigints directly would fix the issue and allowing odd length hex strings would require an actual code change rather than just a type change.