feat: noble curve replace elliptic #56
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hieu-w
force-pushed
the
feat/noble-curve-replacement
branch
from
8feec72 to
be75748
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
hieu-w
force-pushed
the
feat/noble-curve-replacement
branch
from
1ac76a6 to
c6f6dce
Compare
ieow
reviewed
Jan 29, 2026
This reverts commit 55af097.
ieow
reviewed
Jan 29, 2026
| opts?: { iv?: Buffer; ephemPrivateKey?: Buffer; padding?: boolean } | ||
| publicKeyTo: Uint8Array, | ||
| msg: Uint8Array, | ||
| opts?: { iv?: Uint8Array; ephemPrivateKey?: Uint8Array } |
Member
There was a problem hiding this comment.
why remove the option of padding?
Contributor
Author
There was a problem hiding this comment.
as @ieow confirm we dont need the encryption with padded, the standard is unpadded
There was a problem hiding this comment.
We should follow the standard for asymmetric encryption here
we have the fallback to unpadded in the decryption.
we also need to double check the server have the similar fallback
src/index.ts
Outdated
| // that used elliptic's BN.toArray() which didn't include leading zeros. | ||
| // Use derivePadded() if you need a fixed 32-byte output. | ||
| const sharedSecret = secp256k1.getSharedSecret(privateKeyA, publicKeyB); | ||
| const Px = sharedSecret.subarray(sharedSecret.length - 32); |
Member
There was a problem hiding this comment.
sharedSecret is always 33 bytes. you can just slice the first byte to get Px.
Can u try this?
Contributor
Author
There was a problem hiding this comment.
I updated, use subArray instead slice, for better performance, slice need one copy.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation and Context
Jira Link:
Description
How has this been tested?
Screenshots (if appropriate):
Types of changes
Checklist:
Note
High Risk
Replaces the core ECC implementation used for ECDSA/ECDH/ECIES and changes binary types from
BuffertoUint8Array, which can affect cryptographic correctness and downstream integrations despite added compatibility tests.Overview
Migrates the cryptography backend from
ellipticto@noble/curves(secp256k1) and switches the public API to useUint8Arrayend-to-end (includingEciesfields), removing Buffer-centric helpers.Updates ECDSA/ECDH/ECIES implementations and validation:
sign/verifynow use noble DER signatures,derivenow returns an unpadded shared secret with leading zeros stripped (withderivePaddedpreserved for fixed 32-byte output), anddecryptretries MAC verification using the padded derivation for backward compatibility.Refreshes docs and tests accordingly, adds a node-only
backward_compatibility.spec.tsthat compares outputs against an aliased old package (eccrypto-old), removes browser Buffer setup, and adjusts browser test config to exclude the compatibility suite. Dependencies are updated to add@noble/curvesand removeellipticfrom runtime deps.Written by Cursor Bugbot for commit 30804ed. This will update automatically on new commits. Configure here.