Open Akamig opened 1 year ago
there is no need to use asn.1. You should switch to noble-curves. They have been audited. In comparison, last audit of secp was almost 2 years ago.
@paulmillr Oh, I thought it could be too big using whole curves
library when I was writing this issue, but then I just found out your library is tree-shaking friendly! that just seems to fit the bill then.
last audit of secp was almost 2 years ago.
AH
This issue has been automatically marked as stale because it has not had recent activity. Thank you for your contributions.
https://github.com/paulmillr/noble-secp256k1/pull/92 The recently merged PR on @noble/secp256k1 seems dropping all DER related methods, including
fromDER()
,toDERRawBytes()
.toDERHex()
.So we may need some action about this part, @paulmillr suggested using
noble-curves
which is including secp256k1 'and' DER processing logic, Or, we might be able to cover this with asn.1.js I guess?Also, High-S detection / S normalization now seems to be integrated as part of
prepSig()
https://github.com/paulmillr/noble-secp256k1/blob/ec7b5731808538c7cc32cba3234822a003958345/index.ts#L249 so yous might want to look into._Originally posted by @Akamig in https://github.com/planetarium/libplanet/pull/2962#discussion_r1141582842_